From 7c8d2a918679e6fccf229cef1c702e9855b132f3 Mon Sep 17 00:00:00 2001 From: Andrey Bienkowski Date: Mon, 21 Mar 2022 19:49:54 +0000 Subject: [PATCH] README: link to RFC9106 Your README links to the pdf which provides **outdated recommendations**: it recommends argon2i for password based key derivation while the RFC recommends argon2id. --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 91fc3fd..28df46a 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,9 @@ Argon2i, Argon2d, and Argon2id are parametrized by: * A **memory** cost, which defines the memory usage, given in kibibytes * A **parallelism** degree, which defines the number of parallel threads +[RFC9106](https://www.rfc-editor.org/rfc/rfc9106.html) gives recommendations +for implementations and users. + The [Argon2 document](argon2-specs.pdf) gives detailed specs and design rationale.