Alexander Demenshin
Alexander Demenshin
When using "Burn after reading", you are forced to do something with the paste before you close the link - and this is exactly what I want to avoid. Sometimes,...
Good idea, actually. Probably, configurable redirection method would be a better option - so someone could use external redirectors too.
@elrido Probably it does not belong here - but what is wrong with [SRP](https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol)? It is zero-knowledge and standardized, would fit perfectly to verify that password and key are known.
It seems that problem is getting more annoying - more and more services, firewalls and antiviruses are peeking into URLs so burn-after-reading pastes are lost. After some thinking and reading...
If we run HMAC on top of derived key, then probably this is sufficient, we could even cut it in half (probability of collision is very low anyway). PBKDF2 is...
Verifpal is nice tool but there is nothing new to model here. Just look at this (simplified) protocol: 1. vt = HMACorPBKDF2(password, derived-key) 2. Now we have two options: a....
Do we really have to store on the server salt and iv values? Both could be derived from the key, so server does not have to be aware of them.
I understand that storing iv/salt is not a threat, but if we can avoid this - why not? Deriving both from the key+password is as safe as producing random values,...
I second that, though I would prefer to specify the _retention period_ and not the number of points (as it depends on the interval). Something like `dbengine max retention period...
So... I tried `privileged: no`, and while there is an improvement, it is no match to fping anyway (the elevated usage for go.d.plugin is when I configured ping probe): ...