This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[db-wg] NWIs update

Previous message (by thread): [db-wg] NWIs update
Next message (by thread): [db-wg] NWIs update

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Tore Anderson tore at fud.no
Wed Apr 10 12:41:31 CEST 2019

* Nick Hilliard via db-wg
> Gert Doering wrote on 10/04/2019 11:08:
>> The attack vector against unsalted hashes is "rainbow tables"... make the
>> API key something like 80 characters long, and no machine in the world
>> can do anything but brute force.
> 
> which will work until the DB ends up on https://haveibeenpwned.com/

Guys,

JFYI - https://lirportal.ripe.net/api/ already exists and the API keys it
issues can apparently be used to maintain your RPKI data.

It doesn't seem to me like adding the possibility for database maintenance
via an API key make things any worse from a security standpoint.

Tore

Previous message (by thread): [db-wg] NWIs update
Next message (by thread): [db-wg] NWIs update

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]