This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] MD5 and Password Security in the RIPE DB, Fwd: Wonder if you can help - re: PDP
- Previous message (by thread): [db-wg] MD5 and Password Security in the RIPE DB, Fwd: Wonder if you can help - re: PDP
- Next message (by thread): [db-wg] MD5 and Password Security in the RIPE DB, Fwd: Wonder if you can help - re: PDP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
David Freedman
david.freedman at uk.clara.net
Tue Dec 13 18:36:52 CET 2011
On 13/12/2011 15:04, "Peter Koch" <pk at DENIC.DE> wrote: > >while I agree that concealing the hashes actually sound like a reasonable >approach, >it sacrifices a DB invariant, which is: every object will be displayed >as-is >(-B and other options non-withstanding). I guess yes, it does, MNTNER can't be displayed as-is if it is going to leak information like that (unless anybody can think of a better idea?, and yes, deprecating MD5 would be a lot simpler, but this is the approach which had supposedly the least pain). I'm sure also the FTP dumps will be tidied up and people will be advised to change these passwords to prevent an attack based off archived data? Dave.
- Previous message (by thread): [db-wg] MD5 and Password Security in the RIPE DB, Fwd: Wonder if you can help - re: PDP
- Next message (by thread): [db-wg] MD5 and Password Security in the RIPE DB, Fwd: Wonder if you can help - re: PDP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]