This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
Database development plans
- Previous message (by thread): Database development plans
- Next message (by thread): Database development plans
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Wilfried Woeber, UniVie/ACOnet
woeber at cc.univie.ac.at
Wed Jan 30 15:10:31 CET 2002
> In regards to the MD5 fingerprint, would this be a straight MD5 hash, or >something like the FreeBSD MD5-based password hash (which I believe supports >passwords longer than 8 chars)? I would certainly expect support for more than 8 characters, like in newer versions of Linux. >Also, would the hash continue to be openly published? I guess so. Hiding something in the response (by default) has the potential of confusing people while trying to update and/or delete objects. We've been through that already ;-) >It would seem you would still have to deal with potential dictionary attacks. Correct. >I understand the Perl-based RIPE server would use a "*" in place of >the actual crypt-pw and I've been considering adding support for this in IRRd. >Also, I would suggest reading the following paper regarding the strength >of traditional Unix crypt, FreeBSD's MD5-based crypt, and OpenBSD's Blowfish- >based bcrypt -- http://www.usenix.org/events/usenix99/provos.html Thanks for the pointer! > Regards, > Larry Blunk > Merit Regards, Wilfried.
- Previous message (by thread): Database development plans
- Next message (by thread): Database development plans
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]