[db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods

All,

> On 07 May 2015, at 17:29, Shane Kerr <shane at time-travellers.org> wrote:
> 
> Pierre,
> 
> In the case of other resources... it's tricker. Luckily since the
> passwords are no longer published, I think all we really need to ask is
> that people change their password. Perhaps we should indeed set a flag
> date to lock those maintainers that have not updated passwords?
> Experience shows us that long transition times don't really make much
> difference, so I'd advocate 60 or 90 days or something like that,
> during which time we include information about how to fix your
> credentials in WHOIS output and update replies.
> 

I agree, but does somebody see what impact it has to lock the maintainers that don’t update their passwords? How do we get them out of the locked state again?

— chris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: </ripe/mail/archives/db-wg/attachments/20150520/14aa89d6/attachment.sig>