Database development plans
- Previous message (by thread): Database development plans
- Next message (by thread): Database development plans
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Larry J. Blunk
ljb at merit.edu
Tue Jan 29 23:31:30 CET 2002
> > 5. Improve database security > > These ideas were discussed at the RIPE-41, the detailed proposals will follow > - Deprecate MAIL-FROM as a weak auth scheme that doesn't serve todays's > security requirements. This will be done in several phases starting form > not allowing updating mntner objects containing this scheme, and ending > with not allowing updates to be authorised with MAIL-FROM. > - Implement authentication scheme using MD5 as a more secure mechanism > compared to crypt. Passphrases can be used instead of 8 character > passwords and MD5 fingerprint will be presented in the auth value. > - Implement inverse queries on auth, encryption, signature for PGP keys only > (key-cert's). > > As an alternative to deprecating MAIL-FROM, have you considered sending a response to updates with a random cookie in it and requiring a confirmation message with the cookie? In regards to the MD5 fingerprint, would this be a straight MD5 hash, or something like the FreeBSD MD5-based password hash (which I believe supports passwords longer than 8 chars)? Also, would the hash continue to be openly published? It would seem you would still have to deal with potential dictionary attacks. I understand the Perl-based RIPE server would use a "*" in place of the actual crypt-pw and I've been considering adding support for this in IRRd. Also, I would suggest reading the following paper regarding the strength of traditional Unix crypt, FreeBSD's MD5-based crypt, and OpenBSD's Blowfish- based bcrypt -- http://www.usenix.org/events/usenix99/provos.html Regards, Larry Blunk Merit
- Previous message (by thread): Database development plans
- Next message (by thread): Database development plans
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]