This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[db-wg] MD5 Hashes in the RIPE Database

Previous message (by thread): [db-wg] MD5 Hashes in the RIPE Database
Next message (by thread): [db-wg] MD5 Hashes in the RIPE Database

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Gert Doering gert at space.net
Fri Apr 27 10:50:55 CEST 2012

Hi,

On Thu, Apr 26, 2012 at 11:25:32AM +0200, Denis Walker wrote:
> It was clear from the discussions at RIPE 64 that we need to change the
> initial implementation of hiding the hashes for MD5 passwords in MNTNER
> objects. A suggestion was made to keep the "auth:" attributes in place.
> If the authentication token is an MD5 password we will remove the hash
> value. All PGP and X.509 values will remain unchanged.

I like this - for mntners with PGP-only, it means the "classic" edit
cycle ("whois, save to file, edit, send back") will work again.  

For mntners with MD5, the MD5 hash *is* protected - and security is always
a trade-off against convenience, so I see this as acceptable compromise.

Gert Doering
        -- no hats
-- 
have you enabled IPv6 on something today...?

SpaceNet AG                        Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14          Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen                   HRB: 136055 (AG Muenchen)
Tel: +49 (89) 32356-444            USt-IdNr.: DE813185279

Previous message (by thread): [db-wg] MD5 Hashes in the RIPE Database
Next message (by thread): [db-wg] MD5 Hashes in the RIPE Database

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]