[db-wg] Deprecation of CRYPT-PW authentication method from the RIPE Database
-
From: Agoston Horvath <>
-
Date: Wed, 21 Feb 2007 18:00:16 +0100
[Apologies for duplicate mails]
Dear Colleagues,
The CRYPT-PW deprecation project ends today, Wednesday, 21 February 2007. From today, the following changes will apply:
* CRYPT-PW passwords will be disabled in the syntax
* CRYPT-PW passwords will be disabled in authorisation
* CRYPT-PW passwords will be removed from existing maintainer objects
If a maintainer object contained CRYPT-PW passwords only, the passwords were replaced with a randomly generated MD5-PW password.
If a maintainer object used an authentication method that was not CRYPT-PW, the CRYPT-PW auth: lines have been removed. To retrieve the removed CRYPT-PW passwords, please visit:
https://www.ripe.net/cgi-bin/crypt2md5.cgi
The RIPE NCC has recently upgraded its mail servers to support TLS/SSL. If you are updating the RIPE Database by email, please use an SMTP server that supports TLS/SSL. This will protect your data where possible.
The use of an SMTP server that supports TLS/SSL is particularly important if you use cleartext password (MD5-PW) for authentication instead of PGP or X509. More information is available at:
http://ripe.net/news/tls.html
Notification e-mails will be sent today to over 5100 e-mail addresses. A total of 2337 objects had CRYPT-PW authentication only. Another 179 objects had other authentication methods in addition to CRYPT-PW.
More information about the project is available at:
http://www.ripe.net/db/support/security/crypt-pw_deprecation/
If you have any questions, contact: ripe-dbm@localhost.
Regards,
Agoston Horvath
Database Group
RIPE NCC
|
you are here: RIPE -> RIPE Maillists > Archives
