[db-wg] Security of MD5 hashes in the RIPE Database

Dear Colleagues,

The RIPE NCC Database Group is pleased to announce that the
implementation of the MD5 password security change is now ready for
deployment. This was discussed recently on the DB WG mailing list.

The Database Group was asked to implement the technical change as
outlined in this RIPE Labs article:
https://labs.ripe.net/Members/denis/securing-md5-hashes-in-the-ripe-database

The Database Group will now:
- Fully deploy these changes on Thursday 12 January 2012
- Send emails to contact addresses in all MNTNER objects containing MD5
passwords recommending a password change and suggesting that a strong
password be used
- Perform a small MNTNER clean-up by preparing a list of unreferenced
MNTNER objects and deleting those that are still unreferenced one month
later.

If you have not followed this discussion, we recommend that you read the
RIPE Labs article to ensure that you understand the new process for
maintaining MNTNER objects in the RIPE Database.

A new version of Webupdates has already been deployed that asks for a
password before allowing a MNTNER object with a password to be updated.
But querying MNTNER objects from the RIPE Database will not change until
Thursday.

The full new software has been deployed on the TEST Database. So it is
no longer possible to query a full MNTNER object that contains a
password authentication token from the TEST Database, except by entering
the password in Webupdates.

Regards,
Denis Walker
Business Analyst
RIPE NCC Database Group