No subject
Sat Jan 26 15:46:28 EST 2008
there are situations where the md5 calculation will actually reduce the
number of bytes of "randomness" (entropy). And since we're talking about a
WebApp here... not a high speed wireless encryption scheme, why not just use
sha256 all the way through? Same for the salt, if it contains a sufficient
amount of entropy.
And to clairify what I said about the salt before... simply adding a salt
will defeat rainbow attacks as Reto has already said, the added complexity
of using a "hash function", of any kind, on the salt, does not significantly
impact a dedicated attacker. Because in the situation of a database
compromise the salt (which is assumably stored in the database, per user,
and of sufficient entropy) has already been revealed, and the hash of it
simply needs to be calculated once for the brute force attack on the
password.
Either way, the salt is a good addition. I'm pleased you guys are so
proactive about security.
However, if you are wishing to increase the security (time to brute force)
of the password/salt entry it may be worthwhile to follow the following
algorithm instead.
sha2($salt + sha2($password + $salt))
you can repeat that ad-naseum increasing the complexity of the brute force
by forcing the attacker to follow the chained hash algorithm in their brute
forcing attempts. You can even add multiple salts... Just don't store the
final hash in the HTTP cookie like some of these other blogging platforms...
On Tue, Mar 11, 2008 at 12:04 AM, Mark Wu <markplace at gmail.com> wrote:
That's why I use (MD5($password)+MD5($salt)) to keep it easy to upgrade.
And use sha256() to enhence the security level.
Mark
_____
From: plog-svn-bounces at devel.lifetype.net
[mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Matt Wood
Sent: Tuesday, March 11, 2008 3:23 AM
To: LifeType Developer List
Subject: Re: [pLog-svn] Salted MD5
The only reason you would salt passwords in a database means your concerned
that the password db table has been compromised... if you fear that has
happened then the salt that your storing in the database is available to the
attacker. Thus adding md5 or sha1 or sha256 of that salt to the password is
no more secure than just appending the salt in plaintext. The same number of
computations will be required to "crack" the password hash.
-Matt
PS. md5/sha1 are not cryptographically secure hash algorithms anymore
(however probably are ok for this situation). any sha2 algorithm (sha256,
sha512) is suposedly.
On Mon, Mar 10, 2008 at 11:32 AM, Mark Wu <markplace at gmail.com> wrote:
>
> How much more secure is than simply:
>
> md5($password . $private_key)
Actually, it's no difference for normal people, but much secure for those
hackers...
BTW, VBB and IPB use:
md5(md5($password).md5($private_key))
>
> And are there any downsides of the new method - ie. will it
> fail on upgrades, or fail for certain servers, etc?
>
mmm .... for lifetype 2.0 . The minimal requirement is php 5.1.x ...
so, It won't be a problem.
mhash become "hash" in pecl in php5, if there is no hash installed, it will
use the pure php implementation...
>
> On Mon, 10 Mar 2008, Mark Wu wrote:
>
> > Here comes more secure algorithm:
> >
> > sha256(md5($password)+md5($your_provide_private_key));
> >
> > I use sha256 here.
> >
> > Here also comes the pure php sha256 implementation:
> >
> > http://nanolink.ca/pub/sha256/
> >
> > If the server has "hash" pecl, it will use it instead of
> the pure one.
> >
> > Mark
> >
> >> -----Original Message-----
> >> From: plog-svn-bounces at devel.lifetype.net
> >> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Reto Hugi
> >> Sent: Monday, March 10, 2008 7:25 PM
> >> To: LifeType Developer List
> >> Subject: Re: [pLog-svn] Salted MD5
> >>
> >> Hi Mark
> >>
> >> I welcome your suggestion and think that this is valuable
> >> protection against rainbow table attacks.
> >>
> >> We already had an issue with the revealed admin password
> >> hash. This would have been less severe with the saltet md5.
> >>
> >> Thanks for suggesting!
> >>
> >> reto
> >>
> >> Mark Wu wrote:
> >>> Hi All:
> >>>
> >>> I plan to upgrade our password algorithm to salted MD5, take the
> >>> following for eaxample:
> >>>
> >>> sha1(md5($password) + user_defined_private_key);
> >>>
> >>> I will also remain an option in lifetype admin panel for
> >> user to use
> >>> the old MD5 way to keep compatability.
> >>>
> >>> If we use the algorithm above, It is also possible to
> >> convert the old
> >>> hashed password to new hased password.
> >>>
> >>> How do you think?
> >>>
> >>>
> >>
> http://kuza55.blogspot.com/2006/10/online-reverse-lookup-tables-for.ht
> >>> ml
> >>>
> >>> These kind of online reverse lookup table sites making
> the MD5 only
> >>> algorithm more dangerous.
> >>>
> >>> Mark
> >>>
> >>>
> >>>
> >>>
> >>>
> >>
> ----------------------------------------------------------------------
> >>> --
> >>>
> >>> _______________________________________________
> >>> pLog-svn mailing list
> >>> pLog-svn at devel.lifetype.net
> >>> http://limedaley.com/mailman/listinfo/plog-svn
> >>
> >> _______________________________________________
> >> pLog-svn mailing list
> >> pLog-svn at devel.lifetype.net
> >> http://limedaley.com/mailman/listinfo/plog-svn
> >
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.lifetype.net
> > http://limedaley.com/mailman/listinfo/plog-svn
> >
>
> --
> Jon Daley
> http://jon.limedaley.com/
>
> We are all made different, but we are all sinners.
> -- Jim Herron
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
_______________________________________________
pLog-svn mailing list
pLog-svn at devel.lifetype.net
http://limedaley.com/mailman/listinfo/plog-svn
_______________________________________________
pLog-svn mailing list
pLog-svn at devel.lifetype.net
http://limedaley.com/mailman/listinfo/plog-svn
_______________________________________________
pLog-svn mailing list
pLog-svn at devel.lifetype.net
http://limedaley.com/mailman/listinfo/plog-svn
------=_NextPart_000_004A_01C88423.596481E0
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<META content=3D"MSHTML 6.00.6000.16608" name=3DGENERATOR></HEAD>
<BODY>
<DIV dir=3Dltr align=3Dleft><SPAN class=3D776082501-12032008><FONT =
face=3D新細明體=20
color=3D#0000ff size=3D2>mmm .... , it is an good option,=20
too.</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><SPAN class=3D776082501-12032008><FONT =
face=3D新細明體=20
color=3D#0000ff size=3D2></FONT></SPAN> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN class=3D776082501-12032008><FONT =
face=3D新細明體=20
color=3D#0000ff size=3D2>Mark</FONT></SPAN></DIV><BR>
<BLOCKQUOTE=20
style=3D"PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px =
solid; MARGIN-RIGHT: 0px">
<DIV class=3DOutlookMessageHeader lang=3Dzh-tw dir=3Dltr align=3Dleft>
<HR tabIndex=3D-1>
<FONT face=3DTahoma size=3D2><B>From:</B> =
plog-svn-bounces at devel.lifetype.net=20
[mailto:plog-svn-bounces at devel.lifetype.net] <B>On Behalf Of </B>Matt=20
Wood<BR><B>Sent:</B> Wednesday, March 12, 2008 4:37 AM<BR><B>To:</B> =
LifeType=20
Developer List<BR><B>Subject:</B> Re: [pLog-svn] Salted=20
MD5<BR></FONT><BR></DIV>
<DIV></DIV>At the login page you could do a check on the length of the =
database field returned (md5 is shorter than sha256), and since you =
have the=20
cleartext password at that point you can recompute the new hash after=20
comparing it to the md5($cleartext) to see if it matched.<BR><BR>
<DIV class=3Dgmail_quote>On Tue, Mar 11, 2008 at 2:04 AM, Mark Wu =
<<A=20
href=3D"mailto:markplace at gmail.com">markplace at gmail.com</A>> =
wrote:<BR>
<BLOCKQUOTE class=3Dgmail_quote=20
style=3D"PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: =
#ccc 1px solid">
<DIV>
<DIV dir=3Dltr align=3Dleft><FONT =
face=3D"$B?7:YL at qs(B"><FONT=20
color=3D#0000ff><FONT size=3D2><SPAN>** </SPAN>sha2($salt + =
sha2($password +=20
$salt))</FONT></FONT></FONT></DIV>
<DIV dir=3Dltr align=3Dleft><FONT face=3D"$B?7:YL at qs(B" =
color=3D#0000ff=20
size=3D2></FONT> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>I consider this before, the problem is I =
have to keep=20
the compatibility.</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2></FONT></SPAN> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>In lieftype 1.2.x and before, the $password =
is stored=20
in database with md5($password)...</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2></FONT></SPAN> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>So, any algorithm have to based on this,=20
like</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2></FONT></SPAN> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>sha2($salt + md5($password) + =
sha2($salt)) =20
or</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2></FONT></SPAN> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>sha2(md5($password) + =
$private_key)</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2></FONT></SPAN> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>Or, there is no way for us to upgrade.... =
since we can=20
not get the original plain text password</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2></FONT></SPAN> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>Unless we leave an option for user(=20
administrator) to use the old algorithm.</FONT></SPAN></DIV>
<DIV><SPAN><FONT face=3D"$B?7:YL at qs(B" color=3D#0000ff=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN><FONT face=3D"$B?7:YL at qs(B" color=3D#0000ff=20
size=3D2>Mark</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><BR></DIV>
<BLOCKQUOTE=20
style=3D"PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff =
2px solid; MARGIN-RIGHT: 0px">
<DIV lang=3Dzh-tw dir=3Dltr align=3Dleft>
<HR>
<FONT face=3DTahoma size=3D2>
<DIV class=3DIh2E3d><B>From:</B> <A=20
href=3D"mailto:plog-svn-bounces at devel.lifetype.net"=20
target=3D_blank>plog-svn-bounces at devel.lifetype.net</A> [mailto:<A =
href=3D"mailto:plog-svn-bounces at devel.lifetype.net"=20
target=3D_blank>plog-svn-bounces at devel.lifetype.net</A>] <B>On =
Behalf Of=20
</B>Matt Wood<BR></DIV><B>Sent:</B> Tuesday, March 11, 2008 1:49 =
PM=20
<DIV>
<DIV></DIV>
<DIV class=3DWj3C7c><BR><B>To:</B> LifeType Developer=20
List<BR><B>Subject:</B> Re: [pLog-svn] Salted=20
MD5<BR></DIV></DIV></FONT><BR></DIV>
<DIV>
<DIV></DIV>
<DIV class=3DWj3C7c>
<DIV></DIV>
<DIV>From a cryptographic standpoint, since sha256 has a larger =
byte=20
output, there are situations where the md5 calculation will =
actually=20
reduce the number of bytes of "randomness" (entropy). And =
since we're=20
talking about a WebApp here... not a high speed wireless =
encryption=20
scheme, why not just use sha256 all the way through? Same for the =
salt, if=20
it contains a sufficient amount of entropy.</DIV>
<DIV> </DIV>
<DIV>And to clairify what I said about the salt before... simply =
adding a=20
salt will defeat rainbow attacks as Reto has already said, the =
added=20
complexity of using a "hash function", of any kind, on the salt, =
does not=20
significantly impact a dedicated attacker. Because in the =
situation of a=20
database compromise the salt (which is assumably stored in the =
database,=20
per user, and of sufficient entropy) has already been revealed, =
and the=20
hash of it simply needs to be calculated once for the brute force =
attack=20
on the password.</DIV>
<DIV> </DIV>
<DIV>Either way, the salt is a good addition. I'm pleased you guys =
are so=20
proactive about security.</DIV>
<DIV> </DIV>
<DIV>However, if you are wishing to increase the security (time=20
to brute force) of the password/salt entry it may be =
worthwhile=20
to follow the following algorithm instead.</DIV>
<DIV> </DIV>
<DIV>sha2($salt + sha2($password + $salt))</DIV>
<DIV> </DIV>
<DIV>you can repeat that ad-naseum increasing the complexity of =
the brute=20
force by forcing the attacker to follow the chained hash =
algorithm in=20
their brute forcing attempts. You can even add multiple salts... =
Just=20
don't store the final hash in the HTTP cookie like some of these =
other=20
blogging platforms...<BR></DIV>
<DIV class=3Dgmail_quote>On Tue, Mar 11, 2008 at 12:04 AM, Mark Wu =
<<A=20
href=3D"mailto:markplace at gmail.com"=20
target=3D_blank>markplace at gmail.com</A>> wrote:<BR>
<BLOCKQUOTE class=3Dgmail_quote=20
style=3D"PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; =
BORDER-LEFT: #ccc 1px solid">
<DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>That's why I use =
(MD5($password)+MD5($salt)) to=20
keep it easy to upgrade.</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2></FONT></SPAN> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>And use sha256() to enhence the =
security=20
level.</FONT></SPAN></DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2></FONT></SPAN> </DIV>
<DIV dir=3Dltr align=3Dleft><SPAN><FONT =
face=3D"$B?7:YL at qs(B"=20
color=3D#0000ff size=3D2>Mark</FONT></SPAN></DIV><BR>
<BLOCKQUOTE=20
style=3D"PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: =
#0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV lang=3Dzh-tw dir=3Dltr align=3Dleft>
<HR>
<FONT face=3DTahoma size=3D2><B>From:</B> <A=20
href=3D"mailto:plog-svn-bounces at devel.lifetype.net"=20
target=3D_blank>plog-svn-bounces at devel.lifetype.net</A> =
[mailto:<A=20
href=3D"mailto:plog-svn-bounces at devel.lifetype.net"=20
target=3D_blank>plog-svn-bounces at devel.lifetype.net</A>] <B>On =
Behalf Of=20
</B>Matt Wood<BR><B>Sent:</B> Tuesday, March 11, 2008 3:23 AM=20
<DIV>
<DIV></DIV>
<DIV><BR><B>To:</B> LifeType Developer List<BR><B>Subject:</B> =
Re:=20
[pLog-svn] Salted MD5<BR></DIV></DIV></FONT><BR></DIV>
<DIV>
<DIV></DIV>
<DIV>
<DIV></DIV>The only reason you would salt passwords in a =
database=20
means your concerned that the password db table has been=20
compromised... if you fear that has happened then the salt =
that your=20
storing in the database is available to the attacker. Thus =
adding md5=20
or sha1 or sha256 of that salt to the password is no more =
secure than=20
just appending the salt in plaintext. The same number of =
computations=20
will be required to "crack" the password =
hash.<BR><BR>-Matt<BR><BR>PS.=20
md5/sha1 are not cryptographically secure hash algorithms =
anymore=20
(however probably are ok for this situation). any sha2 =
algorithm=20
(sha256, sha512) is suposedly.<BR><BR>
<DIV class=3Dgmail_quote>On Mon, Mar 10, 2008 at 11:32 AM, =
Mark Wu=20
<<A href=3D"mailto:markplace at gmail.com"=20
target=3D_blank>markplace at gmail.com</A>> wrote:<BR>
<BLOCKQUOTE class=3Dgmail_quote=20
style=3D"PADDING-LEFT: 1ex; MARGIN: 0pt 0pt 0pt 0.8ex; =
BORDER-LEFT: rgb(204,204,204) 1px solid">
<DIV>><BR>> How much more secure =
is than=20
simply:<BR>><BR>> md5($password .=20
$private_key)<BR><BR></DIV>Actually, it's no difference for =
normal=20
people, but much secure for those<BR>hackers...<BR><BR>BTW, =
VBB and=20
IPB use:<BR><BR>md5(md5($password).md5($private_key))<BR>
<DIV><BR>><BR>> And are there any downsides of the new =
method=20
- ie. will it<BR>> fail on upgrades, or fail for certain =
servers,=20
etc?<BR>><BR><BR></DIV>mmm .... for lifetype 2.0 . The =
minimal=20
requirement is php 5.1.x ...<BR><BR>so, It won't be a=20
problem.<BR><BR>mhash become "hash" in pecl in php5, if =
there is no=20
hash installed, it will<BR>use the pure php=20
implementation...<BR>
<DIV>
<DIV></DIV>
<DIV><BR>><BR>> On Mon, 10 Mar 2008, Mark Wu=20
wrote:<BR>><BR>> > Here comes more secure=20
algorithm:<BR>> ><BR>> >=20
=
sha256(md5($password)+md5($your_provide_private_key));<BR>>=20
><BR>> > I use sha256 here.<BR>> ><BR>> =
> Here=20
also comes the pure php sha256 implementation:<BR>> =
><BR>>=20
> <A href=3D"http://nanolink.ca/pub/sha256/"=20
target=3D_blank>http://nanolink.ca/pub/sha256/</A><BR>>=20
><BR>> > If the server has "hash" pecl, it will use =
it=20
instead of<BR>> the pure one.<BR>> ><BR>> >=20
Mark<BR>> ><BR>> >> -----Original=20
Message-----<BR>> >> From: <A=20
href=3D"mailto:plog-svn-bounces at devel.lifetype.net"=20
=
target=3D_blank>plog-svn-bounces at devel.lifetype.net</A><BR>>=20
>> [mailto:<A=20
href=3D"mailto:plog-svn-bounces at devel.lifetype.net"=20
target=3D_blank>plog-svn-bounces at devel.lifetype.net</A>] On =
Behalf Of=20
Reto Hugi<BR>> >> Sent: Monday, March 10, 2008 7:25 =
PM<BR>> >> To: LifeType Developer List<BR>> =
>>=20
Subject: Re: [pLog-svn] Salted MD5<BR>> >><BR>> =
>>=20
Hi Mark<BR>> >><BR>> >> I welcome your =
suggestion=20
and think that this is valuable<BR>> >> protection =
against=20
rainbow table attacks.<BR>> >><BR>> >> We =
already=20
had an issue with the revealed admin password<BR>> =
>> hash.=20
This would have been less severe with the saltet =
md5.<BR>>=20
>><BR>> >> Thanks for suggesting!<BR>>=20
>><BR>> >> reto<BR>> >><BR>> =
>>=20
Mark Wu wrote:<BR>> >>> Hi All:<BR>>=20
>>><BR>> >>> I plan to upgrade our =
password=20
algorithm to salted MD5, take the<BR>> >>> =
following for=20
eaxample:<BR>> >>><BR>> >>>=20
sha1(md5($password) + user_defined_private_key);<BR>>=20
>>><BR>> >>> I will also remain an =
option in=20
lifetype admin panel for<BR>> >> user to =
use<BR>>=20
>>> the old MD5 way to keep compatability.<BR>>=20
>>><BR>> >>> If we use the algorithm =
above, It=20
is also possible to<BR>> >> convert the old<BR>> =
>>> hashed password to new hased password.<BR>>=20
>>><BR>> >>> How do you think?<BR>>=20
>>><BR>> >>><BR>> >><BR>> =
<A=20
=
href=3D"http://kuza55.blogspot.com/2006/10/online-reverse-lookup-tables-f=
or.ht"=20
=
target=3D_blank>http://kuza55.blogspot.com/2006/10/online-reverse-lookup-=
tables-for.ht</A><BR>>=20
>>> ml<BR>> >>><BR>> >>> =
These kind=20
of online reverse lookup table sites making<BR>> the MD5=20
only<BR>> >>> algorithm more dangerous.<BR>>=20
>>><BR>> >>> Mark<BR>> =
>>><BR>>=20
>>><BR>> >>><BR>> =
>>><BR>>=20
>>><BR>> >><BR>>=20
=
----------------------------------------------------------------------<BR=
>>=20
>>> --<BR>> >>><BR>> >>>=20
_______________________________________________<BR>> =
>>>=20
pLog-svn mailing list<BR>> >>> <A=20
href=3D"mailto:pLog-svn at devel.lifetype.net"=20
target=3D_blank>pLog-svn at devel.lifetype.net</A><BR>> =
>>>=20
<A href=3D"http://limedaley.com/mailman/listinfo/plog-svn"=20
=
target=3D_blank>http://limedaley.com/mailman/listinfo/plog-svn</A><BR>>=
;=20
>><BR>> >>=20
_______________________________________________<BR>> =
>>=20
pLog-svn mailing list<BR>> >> <A=20
href=3D"mailto:pLog-svn at devel.lifetype.net"=20
target=3D_blank>pLog-svn at devel.lifetype.net</A><BR>> =
>> <A=20
href=3D"http://limedaley.com/mailman/listinfo/plog-svn"=20
=
target=3D_blank>http://limedaley.com/mailman/listinfo/plog-svn</A><BR>>=
;=20
><BR>> >=20
_______________________________________________<BR>> > =
pLog-svn mailing list<BR>> > <A=20
href=3D"mailto:pLog-svn at devel.lifetype.net"=20
target=3D_blank>pLog-svn at devel.lifetype.net</A><BR>> > =
<A=20
href=3D"http://limedaley.com/mailman/listinfo/plog-svn"=20
=
target=3D_blank>http://limedaley.com/mailman/listinfo/plog-svn</A><BR>>=
;=20
><BR>><BR>> --<BR>> Jon Daley<BR>> <A=20
href=3D"http://jon.limedaley.com/"=20
=
target=3D_blank>http://jon.limedaley.com/</A><BR>><BR>> We are=20
all made different, but we are all sinners.<BR>> -- Jim=20
Herron<BR>>=20
_______________________________________________<BR>> =
pLog-svn=20
mailing list<BR>> <A =
href=3D"mailto:pLog-svn at devel.lifetype.net"=20
target=3D_blank>pLog-svn at devel.lifetype.net</A><BR>> <A=20
href=3D"http://limedaley.com/mailman/listinfo/plog-svn"=20
=
target=3D_blank>http://limedaley.com/mailman/listinfo/plog-svn</A><BR><BR=
>_______________________________________________<BR>pLog-svn=20
mailing list<BR><A =
href=3D"mailto:pLog-svn at devel.lifetype.net"=20
target=3D_blank>pLog-svn at devel.lifetype.net</A><BR><A=20
href=3D"http://limedaley.com/mailman/listinfo/plog-svn"=20
=
target=3D_blank>http://limedaley.com/mailman/listinfo/plog-svn</A><BR></D=
IV></DIV></BLOCKQUOTE></DIV><BR></DIV></DIV></BLOCKQUOTE></DIV><BR>______=
_________________________________________<BR>pLog-svn=20
mailing list<BR><A href=3D"mailto:pLog-svn at devel.lifetype.net"=20
target=3D_blank>pLog-svn at devel.lifetype.net</A><BR><A=20
href=3D"http://limedaley.com/mailman/listinfo/plog-svn"=20
=
target=3D_blank>http://limedaley.com/mailman/listinfo/plog-svn</A><BR></B=
LOCKQUOTE></DIV><BR></DIV></DIV></BLOCKQUOTE></DIV><BR>__________________=
_____________________________<BR>pLog-svn=20
mailing list<BR><A=20
=
href=3D"mailto:pLog-svn at devel.lifetype.net">pLog-svn at devel.lifetype.net</=
A><BR><A=20
href=3D"http://limedaley.com/mailman/listinfo/plog-svn"=20
=
target=3D_blank>http://limedaley.com/mailman/listinfo/plog-svn</A><BR></B=
LOCKQUOTE></DIV><BR></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_004A_01C88423.596481E0--
More information about the pLog-svn
mailing list