This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Previous message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Next message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Max Tulyev
president at ukraine.su
Thu Oct 5 13:01:11 CEST 2006
Peter Koch wrote: > > IIRC, the reason for not hiding the password was that fetch-submit should be > idempotent, or, to elaborate a bit more, no information should be lost in a > fetch-edit-submit cycle. This is especially important in those cases where > there's another auth scheme in use besides MD5-PW, so not submitting the > respective attribute with the object would actually change the mntner to > only use the remaining auth scheme. Any 'workarounds' to me appear a bit > like rearranging those deckchairs once again. If MD5 is weak and there's > enough concern in the community to get rid of it, let's just do it. But > at the same time, let's take the first step first and get the CRYPT-PW > deprecation and phase-out plan out of the door. > > Not MD5 (CRYPT/SHA/...) is weak, but some sort a people using stupid passwords ;) Also, moving out encrypted password to another separated hidden object (as PGP key is now) don't break the fetch-edit-submit schema. -- WBR, Max Tulyev (MT6561-RIPE, 2:463/253 at FIDO)
- Previous message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Next message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]