This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] crypted password
- Previous message (by thread): [db-wg] crypted password
- Next message (by thread): [db-wg] crypted password
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Markus Werner
markus.werner at wobcom.de
Tue Jul 25 11:08:01 CEST 2006
Hello All, At the first place it is a good Idea to removed MD5-Hashes from public view. But there a some stuff that should be though of. - At the moment you have to supply the hole object if you delete an object. -> So you have to store the origin object locally. -> Is it a good Idea to remove an object when someone submitting it without the crypted pw's ? - How can you remove password in this case? -> Simply by submitting the object without the auth attributes that contain MD5-PW's is IMHO error prone. I decided (in 2005) to remove the MD5-PW at all. We just use pgp keys andfor fallback the X509 cert from the LIR Portal. The lir Portal account uses also PKI login and has as fallback a password. And if the worse case happens, you could ask the hostmaster at ripe.net to unlock the maintainer for you. But IMHO the worse case doesn't happen all to often. Anyway the RIPE-NCC should considere to bill cases if somebody ask twice a day:-) IMHO you should not remove the PGP-Keys and the X509 Cert from public view. It see no sercurity reasons for this. with kind regards || Mit freundlichen Gruessen i.A. Markus Werner -- WOBCOM GmbH - IP-Services (W8) phone: +49.5361.189-473 Hesslinger Str. 1-5, D-38440 Wolfsburg faxno: +49.5361.189-199 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature URL: </ripe/mail/archives/db-wg/attachments/20060725/04b2e031/attachment.sig>
- Previous message (by thread): [db-wg] crypted password
- Next message (by thread): [db-wg] crypted password
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]