This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] Security of MD5 hashes in the RIPE Database
- Previous message (by thread): [db-wg] DB email robot response and Precedence header
- Next message (by thread): [db-wg] MD5 Password Security Update Deployed
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Denis Walker
denis at ripe.net
Tue Jan 10 14:43:34 CET 2012
Dear Colleagues, The RIPE NCC Database Group is pleased to announce that the implementation of the MD5 password security change is now ready for deployment. This was discussed recently on the DB WG mailing list. The Database Group was asked to implement the technical change as outlined in this RIPE Labs article: https://labs.ripe.net/Members/denis/securing-md5-hashes-in-the-ripe-database The Database Group will now: - Fully deploy these changes on Thursday 12 January 2012 - Send emails to contact addresses in all MNTNER objects containing MD5 passwords recommending a password change and suggesting that a strong password be used - Perform a small MNTNER clean-up by preparing a list of unreferenced MNTNER objects and deleting those that are still unreferenced one month later. If you have not followed this discussion, we recommend that you read the RIPE Labs article to ensure that you understand the new process for maintaining MNTNER objects in the RIPE Database. A new version of Webupdates has already been deployed that asks for a password before allowing a MNTNER object with a password to be updated. But querying MNTNER objects from the RIPE Database will not change until Thursday. The full new software has been deployed on the TEST Database. So it is no longer possible to query a full MNTNER object that contains a password authentication token from the TEST Database, except by entering the password in Webupdates. Regards, Denis Walker Business Analyst RIPE NCC Database Group
- Previous message (by thread): [db-wg] DB email robot response and Precedence header
- Next message (by thread): [db-wg] MD5 Password Security Update Deployed
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]