This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
- Previous message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
- Next message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Micha Borrmann
ripe at syss.de
Thu Nov 10 11:31:40 CET 2011
Am 10.11.2011 04:47, schrieb David Kessens: > > On Wed, Nov 09, 2011 at 09:38:37AM +0000, Nigel Titley wrote: >> On Tue, 2011-11-08 at 15:01 +0100, virtu virtualabs wrote: >>> That would mean RIPE NCC did not do anything while people has been >>> aware of this fact since 2 years ? >> >> This problem is well known, both by the RIPE DB working group (which is >> what makes the policy, not the RIPE NCC) and also the RIPE NCC itself. >> It's been discussed for many years (not just 2) and the use of better >> authentication methods has been recommended (and have also been >> available for many years). > > To put this into some more precisely defined historical perspective, see > this presentation (page 11) from 1995: > > ftp://ftp.ripe.net/ripe/presentations/ripe-m22-david-DB-REPORT.ps.gz > > We are now 16 years later. Maybe the time has come to address this issue ... it is not well known, but the MNT objects can also be secured using X.509 (S/MIME).
- Previous message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
- Next message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]