Re: FW: [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
-
From: Max Tulyev president@localhost
-
Date: Thu, 05 Oct 2006 22:31:51 +0400
Hi!
In Russia ALL uncertified by goverment cryptographic system is illegal.
So SSL (lirportal) is illegal. But PGP/MD5/CRYPT is NOT illegal, because
it don't do encryption and not interfere with SORM (SORM - a mandatory
part of any ISP in Russia, that do hidden analysis and mirroring some of
traffic to FSB), but only do signatures.
Also, unlike PGP, lirportal can't do safr multiply persons authorization
(i.e. owner of PI space creates route object with his upstream's AS,
signs it, sent to upstream, upstream signs it too and send to RIPE).
Potapov Vladislav wrote:
> Hi!
>
>> Vladislav! If you wish to be really constructive - do policy
>> proposal for shutting down MD5-PW - personally I will vote
>> for that too.
>>
> Max, I'm not a reactionary as you may think. I'm not against changes to
> the better. But it should be adequate, effective and universal for the
> region it serves. I don't know why you start to think on behalf (and
> propose against) of the 3500 other members using the scheme.
> If we got to the stage of a new proposal then maybe we should drop
> e-mail as a way to change the objects in the DB? It will be more
> constructive than shutting down both "password" ways. At least this way
> solves the "crypting mail prohibited" problem together with crypting ALL
> conversation (not only password part) and many more (and much more
> productive that the halved currently proposed "step"). The mechanism for
> that is already here - lirportal.
>
> Vladislav Potapov
> Ru.iiat
>
>
>> -----Original Message-----
>> From: db-wg-admin@localhost [ ] On
>> Behalf Of Max Tulyev
>> Sent: Thursday, October 05, 2006 9:13 PM
>>> Subject: Re: FW: [db-wg] Proposal to deprecate CRYPT-PW
>> authorisation in the RIPE Database
>>
>>
>> Hi!
>>
>> My official +1. We need to shut it out as mail-from was.
>>
>> Vladislav! If you wish to be really constructive - do policy
>> proposal for shutting down MD5-PW - personally I will vote
>> for that too.
>>
>> Sascha Lenz wrote:
>>
>>> Hi,
>>>
>>> Potapov Vladislav wrote:
>>>
>>>
>>>> Hi,
>>>> -Hank
>>>>
>>>>
>>>>> I think a number of people have pointed out why they wish to
>>>>> deprecate
>>>>>
>>>>>
>>>> crypt-pw.
>>>> No, I'm not convinced. And a number of people - only Gert Doering?
>>>> The point of view they propagate - it should increase security (in
>>>> reality - not). But, we all know: false sense of security is worse
>>>> than knowledge of a problem.
>>>>
>>>>
>>> actually i don't care much about this issue, but since you
>>>
>> raise the
>>
>>> question - i have show my support for Gert/the proposal in general
>>> here, that is, i'm IN FAVOR of the depreciation of CRYPT-PW.
>>>
>>> It's not needed, it's more than a litte more insecure than
>>>
>> MD5-PW, it
>>
>>> doesn't change anything operational.
>>>
>>> ..and no i'm not going to comment any other side-arguments
>>>
>> here, gets
>>
>>> too personal.
>>>
>>> I support the original proposal - full stop.
>>>
>>>
>>>
>> --
>> WBR,
>> Max Tulyev (MT6561-RIPE, 2:463/253@localhost)
>>
>>
>>
>
>
--
WBR,
Max Tulyev (MT6561-RIPE, 2:463/253@localhost)
|
you are here: RIPE -> RIPE Maillists > Archives
