password encryption for storage and login

Is there a knop code example available for:

(1)  when a user creates an account and password, their password is stored as a one-way encrypted hash, and
(2)  when a user returns to login, the value entered by the user gets encrypted and checked against their username?

I saw that there was a something for the knop_user type, but nothing for the knop_form type.  I assume I would have to do something within an _action file, yes?

--steve

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy               Web Site Builder               Soquel, CA
<web@...>                  <http://www.StevePiercy.com/>

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

22 jun 2009 kl. 17.54 skrev Steve Piercy - Web Site Builder:

I use the knop_user for this. Let me dig into my code and see if it's  
something shareable.

HDB
Jolle

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

Knop doesn't offer automated creation of a user (with encrypted password), but you can use knop_user->encrypt to make sure it gets encrypted in the right way when storing the user's password. Always something....

At 08.54 -0700 2009-06-22, Steve Piercy - Web Site Builder wrote:
>Is there a knop code example available for:
>
>(1)  when a user creates an account and password, their password is stored as a one-way encrypted hash, and
>(2)  when a user returns to login, the value entered by the user gets encrypted and checked against their username?
>
>I saw that there was a something for the knop_user type, but nothing for the knop_form type.  I assume I would have to do something within an _action file, yes?


--
     Johan Sölve    [FSA Member, Lasso Partner]
     Web Application/Lasso/FileMaker Developer
     MONTANIA SOFTWARE & SOLUTIONS
http://www.montania.se   mailto:joh-n@...
 (spam-safe email address, replace '-' with 'a')

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

Okay, so is this (roughly) the correct way to store a username and encrypted password in Knop?

    var(
        'encpw' = null, // the encrypted password variable
        'salt'  = 'some-salty-method'
    );
    $f->loadfields;
    // encrypt the password with a salt
    $encpw = cipher_digest(($salt + $f->getvalue('password')), -digest='RIPEMD160'); // no -hex because Knop uses bytes comparision in user.inc
    inline($cnxn,-table='user','username'='username','password'=$encpw,-add);
    /inline;

Then on login, do this?

    $f->loadfields;
    $s_user->encrypt(   // s_user created in cfg__global.inc, and stored in session
        -data=$f->getvalue('password'),
        -cipher='RIPEMD160',
        -salt=$f->getvalue('saltfield')); // the saltfield value corresponding to the username
   
    if($s_user -> auth);
        // you're in.  giggity.
    else;
        // go away
    /if;

--steve


On Monday, June 22, 2009, inbox_js@... (Johan Solve) pronounced:

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy               Web Site Builder               Soquel, CA
<web@...>                  <http://www.StevePiercy.com/>

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

Naa, more like this

    var(
        'encpw' = null // the encrypted password variable
    );
    $f->loadfields;
    // encrypt the password with a salt
    $encpw = $s_user -> encrypt(   // s_user created in cfg__global.inc with -encrypt, defaults to RIPEMD160
        -data=$f->getvalue('password'),
        -salt=$f->getvalue('username'); // the saltfield value corresponding to the username
    inline($cnxn,-table='user','username'=$f->getvalue('username'),'password'=$encpw,-add);
    /inline;


Then on login ()

    $f->loadfields;
    $s_user->login(   // s_user created in cfg__global.inc, and stored in session.
                                        // -saltfield has been specified when creating $s_user.
        -username=$f->username, // shorthand to ->getvalue
        -password=$f->password);
    if($s_user -> auth);
        // you're in.  giggity.
    else;
        // go away
    /if;


Btw just fixed and committed a minor issue in user->encrypt, it used the wrong default cipher.

At 01.39 -0700 2009-06-23, Steve Piercy - Web Site Builder wrote:

--
     Johan Sölve    [FSA Member, Lasso Partner]
     Web Application/Lasso/FileMaker Developer
     MONTANIA SOFTWARE & SOLUTIONS
http://www.montania.se   mailto:joh-n@...
 (spam-safe email address, replace '-' with 'a')

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

Aww yeah baby.  That works fine.  Thank you!

A question on the ->encrypt method in regards to security: I assume it is not a good idea to use the username as a salt, correct?  If so, I would probably use Bil's lp_string_random.

http://tagswap.net/lp_string_random

Thinking out loud, here: The salt needs to be stored somewhere in the database, so I wonder if I should store it in the user table (if someone gets my db, that might be a bad idea) or in another table for obscurity?  In the former case, the knop_user type can easily deal with it, but for the latter, the knop_user type can only reference a single table.  That in turn brings up the broader question of how one would handle relationships between multiple tables in Knop?  Would you create a single temporary table with a JOIN and reference the temp table?

Back to security matters, I saved this post from Bil Corry from almost 2 years ago.  It adds in the concept of a "cost", which I did not see in the knop_user type.

-----------------------------------------

define_tag:'lp_crypt_hash',
    -required='string',-copy, // text to hash, or check hash against
    -optional='cost',-copy, // default is 20, can be any number between 1 and ????
    -optional='saltLength', // default is a random length between 10 and 20, you can set it to a static size
    -optional='hash',-type='string',-copy, // known hash to compare unknown hash against
    -optional='salt', // salt to use for hash
    -optional='map'; // this causes the tag to return a map of the hash, salt and cost.  default is to return a single string with them all embedded

/*
    based on code from Greg Willits and ideas from
        http://www.matasano.com/log/958/enough-with-the-rainbow-tables-what-you-need-to-know-about-secure-password-schemes/

    as configured, the largest size the hash returned will be 87 characters
*/

    // get hash, if possible
    if: (local_defined:'hash') && !(local_defined:'salt');
            (fail_if: #hash->size < 14, -1, 'hash size too small');
            local:'lassoVersion' = #hash->(substring: 1, 6);
            local:'costLength' = (integer: #hash->(substring: 7,1));
            local:'cost' = (integer: #hash->(substring: 8, #costLength));
            local:'saltLength' = (lp_math_hextodec: #hash->(substring: 8 + #costLength,4));
            local:'salt' = #hash->(substring: 12 + #costLength, #saltLength);
            #hash = #hash->(substring: 12 + #costLength + #saltLength);
    else: !(local_defined:'salt');
        if: (local_defined:'saltLength');
            local:'salt' = (lp_string_random: (integer:#saltLength));
        else;
            local:'salt' = (lp_string_random: (math_random: -min=10, -max=20));
        /if;
    /if;

    if: !(local_defined:'cost');
        local:'cost' = 20;
    else;
        #cost = (integer: #cost);
    /if;
    if: #cost < 1;
        #cost == 1;
    /if;

    loop: #cost;
        #string = (string: (cipher_digest: (#salt + #string), -digest='RIPEMD160', -hex));
    /loop;

    if: (local_defined:'hash');
        if: #hash == #string;
            return: true;
        else;
            return: false;
        /if;
    /if;

    if: (local_defined:'map');
        return: (map:'hash' = #string, 'salt' = #salt, 'cost' = #cost);
    /if;

    return: (lp_lasso_version:-compact) + (string:#cost)->size + #cost + (lp_string_pad: (lp_math_dectohex: #salt->size), 4) + #salt + #string;

/define_tag;

-----------------------------------------

--steve


On Tuesday, June 23, 2009, inbox_js@... (Johan Solve) pronounced:

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy               Web Site Builder               Soquel, CA
<web@...>                  <http://www.StevePiercy.com/>

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

23 jun 2009 kl. 18.11 skrev Steve Piercy - Web Site Builder:

Don't know if it's relevant. But in one solution I had some user data  
stored in another table. It was no trouble to add that to the user  
object by an additional search and populating the user object like
        $session_user -> setdata( 'fname' = field('CNTPRSN_firstname'));
        $session_user -> setdata( 'lname' = field('CNTPRSN_lastname'));
etc

Since I only needed to do this at login the extra work for the server  
was minor.

This is only relevant for a knop_user object.

In any other case I create needed sql queries and send them to the  
knop_database object.

> Back to security matters, I saved this post from Bil Corry from  
> almost 2 years ago.  It adds in the concept of a "cost", which I did  
> not see in the knop_user type.

What's the benefit of using a cost?

HDB
Jolle

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

One big reason why the encrypt member tag exists in the user type is to easily be able to subclass the user type and overload encrypt with your own version to be able to add any kind of encryption scheme you want.


At 09.11 -0700 2009-06-23, Steve Piercy - Web Site Builder wrote:
>Back to security matters, I saved this post from Bil Corry from almost 2 years ago.  It adds in the concept of a "cost", which I did not see in the knop_user type.

--
     Johan Sölve    [FSA Member, Lasso Partner]
     Web Application/Lasso/FileMaker Developer
     MONTANIA SOFTWARE & SOLUTIONS
http://www.montania.se   mailto:joh-n@...
 (spam-safe email address, replace '-' with 'a')

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

list@... wrote on 6/23/2009 12:55 PM:
>> Back to security matters, I saved this post from Bil Corry from almost
>> 2 years ago.  It adds in the concept of a "cost", which I did not see
>> in the knop_user type.
>
> What's the benefit of using a cost?

The idea is you want the hash function you're using to take a long time -- if an attacker is creating a rainbow table to break your hash, you want it to take them a very long time to create it.

This talks more about it:

        http://www.matasano.com/log/958/enough-with-the-rainbow-tables-what-you-need-to-know-about-secure-password-schemes/


- Bil


--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

Steve Piercy - Web Site Builder wrote on 6/23/2009 11:11 AM:
> Thinking out loud, here: The salt needs to be stored somewhere in the
> database, so I wonder if I should store it in the user table (if
> someone gets my db, that might be a bad idea) or in another table for
> obscurity?

That ctag you posted has two options, one is to output a single string that includes everything, and the other is to output a map where they're broken out so you can store the pieces separately.  E.g.:

        Single string: SW8560220000AW7QuDxXvsubc93eb24f260c660ef1d37f1deaad2284ab4468a
        Map:           map: (cost)=(20), (hash)=(5ce8d2c7b801a25db9f3f3115de824769341da12), (salt)=(wvsQQ4ql08fmHsEx72c)

The single string also includes the Lasso edition, platform and version for those cases where a newer version of Lasso isn't compatible with an older version -- you can decide what to do programmically...

Storing the hash separately from the salt and cost is a bit more secure, but even if I tell you the hash and the cost, you still have to build a rainbow table to brute-force the password, and you have to do it for EVERY password as the salt is different for each one.  Thinking about it now, might be good to randomize the cost too within a range.

So I wouldn't worry about it too much, just store the hash, salt and cost as single string.


- Bil



--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

On Tuesday, June 23, 2009, list@... pronounced:

Yeah, that is my fallback position: perform an additional inline search and add pairs of field/values to the user object.

>Since I only needed to do this at login the extra work for the server  
>was minor.

True.  And after I think about it, it would be very seldom in this particular application for a user to update their information.

>In any other case I create needed sql queries and send them to the  
>knop_database object.

Not sure I understand this.  Here is my guess:

    var('mydb'  = knop_database(
        $cnxn,          // $cnxn is an array of pairs commonly used in inlines
        -sql    = $sql  // $sql is the SQL statement, using a JOIN
        )
    );

Assuming that is correct, that's all fine and dandy for searching a database, but I don't see how one would be able to UPDATE the Knop database object $mydb, unless there is some black magic going on in the type.  How would you do that?  $mydb->saverecord?  Separate inlines?

--steve

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy               Web Site Builder               Soquel, CA
<web@...>                  <http://www.StevePiercy.com/>

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

Indeed.  As computers continue to gain speed and power, we will need to evolve encryption methods.

--steve


On Tuesday, June 23, 2009, inbox_js@... (Johan Solve) pronounced:

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy               Web Site Builder               Soquel, CA
<web@...>                  <http://www.StevePiercy.com/>

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

At 02.36 -0700 2009-06-24, Steve Piercy - Web Site Builder wrote:
Waitaminute, back to square one in basic Knop understanding. You don't supply a pair array or -sql when creating the database object. See the examples and documentation from LDC 2008.
http://code.google.com/p/knop/downloads/list

The basic Knop database operations are select, getrecord, addrecord, saverecord and deleterecord.



Excerpt from the LDC 2008 manual:
// initiate the database object (normally in a config file)
var: 'db_news'=(knop_database: -database='acme', -table='news',
 -username='*****', -password='*****',
 -keyfield='id');

// perform a database search to grab the record (normally in a lib file)
$db_news -> (getrecord: -keyvalue=185);
// show some fields from the database record (normally in a content file)
<h3>[$db_news -> (field: 'title')] </h3>
<p>
[encode_break: ($db_news -> (field: 'text'))]
</p>
----
// The getrecord statement can be simplified slightly since the first parameter
// is the keyvalue
$db_news -> (getrecord: 185);
// The field calls can be simplified using a shortcut that maps unknown
// member tags to field names
<h3>[$db_news -> title] </h3>
<p>
[encode_break: ($db_news -> text)]
</p>
// If a more complex query is needed to get the record, an SQL statement can be used.
$db_news -> (getrecord: -sql='SELECT * FROM news LEFT JOIN ...');
// A general select can be used as well.
// The data from the first found record will be available as ->field.
$db_news -> (select: -sql='SELECT * FROM news LEFT JOIN ...');



--
     Johan Sölve    [FSA Member, Lasso Partner]
     Web Application/Lasso/FileMaker Developer
     MONTANIA SOFTWARE & SOLUTIONS
http://www.montania.se   mailto:joh-n@...
 (spam-safe email address, replace '-' with 'a')

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

On Wednesday, June 24, 2009, inbox_js@... (Johan Solve) pronounced:

>At 02.36 -0700 2009-06-24, Steve Piercy - Web Site Builder wrote:

>Waitaminute, back to square one in basic Knop understanding. You don't supply a pair
>array or -sql when creating the database object. See the examples and documentation
>from LDC 2008.
>http://code.google.com/p/knop/downloads/list
>
>The basic Knop database operations are select, getrecord, addrecord, saverecord and
>deleterecord.

Oh, I see where I got confused.  In the example config:

/_config/cfg__global.inc
--------------------------
    // Configure databases
    // One database object for each table that we are using in the solution
    var('d'=knop_database(-database='d', -table='t',
        -username='u', -password='p', // examples only
        -keyfield='keyfield', -lockfield='lockfield'));

Those parameters happened to match the names of the db, table and columns, so I assumed it was like an inline!  D'oh!

>// If a more complex query is needed to get the record, an SQL statement can be
>used.
>$db_news -> (getrecord: -sql='SELECT * FROM news LEFT JOIN ...');
>// A general select can be used as well.
>// The data from the first found record will be available as ->field.
>$db_news -> (select: -sql='SELECT * FROM news LEFT JOIN ...');

So to update, would be this, correct?

$db_news -> select(-sql='UPDATE table SET column='value' WHERE ...');

I was looking at ->saverecord for an UPDATE, but I don't know wheter it has the necessary built-in black magic for a more complex SQL query.  And I didn't look at ->select because its name does not imply UDPATE.

Boy, I need to work on my reading comprehension.

--steve

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy               Web Site Builder               Soquel, CA
<web@...>                  <http://www.StevePiercy.com/>

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

At 04.31 -0700 2009-06-24, Steve Piercy - Web Site Builder wrote:
It's not coincidence that the oncreate params look like a normal inline, but the similarities end there. The constructor (oncreate) does not execute any inlines (except if you ask it to -verify, where it will attempt to perform a -show on the db IIRC).

Ideally Knop should handle reuse of db connections somehow but it doesn't currently, so you have to supply a connection wrapper yourself if you want to reuse connections (which you should).
Hmm, can multiple connections to different db hosts be held open by nesting wrapper inlines?

>So to update, would be this, correct?
>
>$db_news -> select(-sql='UPDATE table SET column='value' WHERE ...');
>
>I was looking at ->saverecord for an UPDATE, but I don't know wheter it has the necessary built-in black magic for a more complex SQL query.  And I didn't look at ->select because its name does not imply UDPATE.

Actually I think I would prefer to do a getrecord using -sql to get a record pointer, then do saverecord on the "current" record. One more db roundtrip but nicer code.


>Boy, I need to work on my reading comprehension.

"Piercynism"? ;-)

(Oooh, the -cynism part of that word didn't look good)
--
     Johan Sölve    [FSA Member, Lasso Partner]
     Web Application/Lasso/FileMaker Developer
     MONTANIA SOFTWARE & SOLUTIONS
http://www.montania.se   mailto:joh-n@...
 (spam-safe email address, replace '-' with 'a')

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

On Wednesday, June 24, 2009, inbox_js@... (Johan Solve) pronounced:

>Hmm, can multiple connections to different db hosts be held open by nesting wrapper
>inlines?

You mean like this?

inline(-host1);
    inline(-host2);
        inline(-host1);
        /inline;
        inline(-host2);
        /inline;
    /inline;
/inline;

Would that be something to test with netstat?

Can ->saverecord work on multiple tables?  For instance:

update t1, t2 set t1.c1='foo', t2.c2='bar' where t1.id=123

I would assume that ->saverecord may operate on only a single table.  If that is the case, then $db_news->select would do the job.

>>Boy, I need to work on my reading comprehension.
>
>"Piercynism"? ;-)
>
>(Oooh, the -cynism part of that word didn't look good)

If the name fits...  ;)

--steve

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Steve Piercy               Web Site Builder               Soquel, CA
<web@...>                  <http://www.StevePiercy.com/>

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/

At 05.01 -0700 2009-06-24, Steve Piercy - Web Site Builder wrote:
That's what I mean yes. Not sure how to verify it but you're probably right.

Or a sleep in lasso code before closing the wrapper inline so you have time to check with "show processlist" on each host, looking for the connection help open.

Ah, yes for a multi table update you better use ->select.

> >>Boy, I need to work on my reading comprehension.
>>
>>"Piercynism"? ;-)
>>
>>(Oooh, the -cynism part of that word didn't look good)
>
>If the name fits...  ;)

Pier Cynism ... ? hmm...


--
     Johan Sölve    [FSA Member, Lasso Partner]
     Web Application/Lasso/FileMaker Developer
     MONTANIA SOFTWARE & SOLUTIONS
http://www.montania.se   mailto:joh-n@...
 (spam-safe email address, replace '-' with 'a')

--
#############################################################
This message is sent to you because you are subscribed to
the mailing list <knop@...>.
To unsubscribe, E-mail to: <knop-off@...>
Send administrative queries to  <knop-request@...>
List archive http://www.nabble.com/Knop-Framework-Discussion-f29076.html
Project homepage http://montania.se/projects/knop/
Google Code has the latest downloads at http://code.google.com/p/knop/