This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ncc-services-wg@ripe.net/
[ncc-services-wg] Proposal to Introduce SHA2 Passwords in the RIPE Database
- Previous message (by thread): [ncc-services-wg] Re: [routing-wg] Analysis of the ‘Maximum Length’ Option in Certification ROAs
- Next message (by thread): [ncc-services-wg] On RIPE Labs: Mobile Application to access RIPE DB
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Denis Walker
denis at ripe.net
Wed Apr 20 16:24:49 CEST 2011
[Apologies for duplicate emails] Dear Colleagues, What follows is a short proposal to introduce SHA2 passwords as an authentication method in MNTNER objects in the RIPE Database. Regards, Denis Walker Business Analyst RIPE NCC Database Group Proposal to Introduce SHA2 Passwords in the RIPE Database The RIPE NCC has looked at the possibility of introducing SHA2 as a password algorithm, as requested by AP61.2. >From a technical point of view this is certainly possible. There are C and Java libraries available for generating SHA2 algorithms. We can provide SHA2 as an additional password option alongside MD5. In addition we would also provide a web service to generate SHA2 passwords similar to the one provided for MD5. If the community requires MD5 to be deprecated we would suggest fixing a time period for users to update their MNTNER objects. From the start of that period no MD5 passwords can be added to a MNTNER, but existing ones will remain valid. At the end of that period the RIPE NCC can replace/remove all remaining MD5 passwords. As with the crypt-pw deprecation, we would provide an automated web service to reinstate access to a MNTNER object if you can validate against one of the original MD5 passwords. The time limits used for the crypt-pw deprecation were a 6 month period for users to update their MNTNER objects and a 3 year period to reinstate user access via the web service.
- Previous message (by thread): [ncc-services-wg] Re: [routing-wg] Analysis of the ‘Maximum Length’ Option in Certification ROAs
- Next message (by thread): [ncc-services-wg] On RIPE Labs: Mobile Application to access RIPE DB
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]