[db-wg] crypted password

Hello All,

At the first place it is a good Idea to removed MD5-Hashes from public view.
But there a some stuff that should be though of.

- At the moment you have to supply the hole object if you delete an object.
 -> So you have to store the origin object locally.
 -> Is it a good Idea to remove an object when someone submitting it
without the crypted pw's ?

- How can you remove password in this case?
  -> Simply by submitting the object without the auth attributes that
contain MD5-PW's is IMHO error prone.


I decided (in 2005) to remove the MD5-PW at all. We just use pgp keys
andfor fallback the X509 cert from the LIR Portal. The lir Portal
account uses also PKI login and has as fallback a password.

And if the worse case happens, you could ask the hostmaster at ripe.net to
unlock the maintainer for you.
But IMHO the worse case doesn't happen all to often. Anyway the RIPE-NCC
should considere to bill cases if somebody ask twice a day:-)

IMHO you should not remove the PGP-Keys and the X509 Cert from public
view. It see no sercurity reasons for this.



with kind regards || Mit freundlichen Gruessen

i.A. Markus Werner

-- 
WOBCOM GmbH - IP-Services (W8)          phone: +49.5361.189-473
Hesslinger Str. 1-5, D-38440 Wolfsburg  faxno: +49.5361.189-199


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: </ripe/mail/archives/db-wg/attachments/20060725/04b2e031/attachment.sig>