This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
- Previous message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
- Next message (by thread): [db-wg] [training] RIPE NCC Webinars - new dates
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sascha Luck [ml]
dbwg at c4inet.net
Wed Jun 17 17:59:54 CEST 2015
Sorry for breaking the thread already, wasn't subscribed to this before. IMO there is a lot of work to be done before deprecating passwords. Right now this seems more than a little half-baked: 1) There should most definitely be SSO support for syncupdates. Webupdates, I'm sure, is fine for some but to me it's the most awkward and time-consuming way to make any db change. As far as email is concerned, deprecate that for all I care. I have never used that method in 15 years. 2) There are many issues with using PGP. As someone who makes DB changes for up to 5 LIRs at a time and who does not have a desk with a PC from which all work is done, what am I supposed to do? (On a side note, SSO has made that job so very much easier. If it can be used to authenticate mntners, by all means, please make that possible!) -Use the same privkey for all mntners? Hardly. -put all the privkeys on a USB stick? What if that is lost or stolen? All mntners are now compromised and have to be changed. Hopefully there is a copy of each privkey in some secure location... So, I wouldn't deprecate passwords until there is another option that is as flexible as a simple password. rgds, Sascha Luck
- Previous message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
- Next message (by thread): [db-wg] [training] RIPE NCC Webinars - new dates
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]