This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] call for application authorisation ideas
- Previous message (by thread): [db-wg] call for application authorisation ideas
- Next message (by thread): [db-wg] call for application authorisation ideas
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Job Snijders
job at instituut.net
Fri Aug 21 02:32:38 CEST 2015
On Fri, Aug 21, 2015 at 01:58:46AM +0200, denis wrote: > On 20/08/2015 14:40, Job Snijders wrote: > >I think all in the group agree that it would be very nice if you can > >perform 100% of all operations without the need for any MD5-PW. I'll > >even go as far as stating that we should not be looking at successors > >such as SHA3-PW, let's leap forward and make the PW auth concept > >entirely obsolete. :-) > > Why? I have never understood this almost religious obsession to get > rid of passwords in the RIPE Database. Most of you life online > involves passwords. https://www.google.nl/webhp?#safe=on&q=passwords+suck :-) I personally prefer asymmetric forms of authentication: should there be an incident or we at some point realise we should not have exposed certain aspects, there is nothing of value in the internal DB except public components of asymmetric methods. > Including lots of financial, legal and government interactions. What > makes the RIPE Database so much more important that it should not use > passwords? Their function in society does not automatically designate them as proper thought leaders ;-) > When it was suggested to hide the password hash I thought that was a > mistake. We should have hidden the whole MNTNER object from public > view. Why does anyone outside of my organisation need to see anything > in my MNTNER object? Why should you know if I use a password or PGP or > whatever? This is my business not yours. This seems to play into another thread, where someone had trouble retrieving the proper value of some "auth:" lines. It would be worth exploring how we can hide all "auth:" lines yet make them easily accessible to the owner. Kind regards, Job
- Previous message (by thread): [db-wg] call for application authorisation ideas
- Next message (by thread): [db-wg] call for application authorisation ideas
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]