Database development plans
Wilfried Woeber, UniVie/ACOnet woeber at cc.univie.ac.at
Wed Jan 30 15:10:31 CET 2002
> In regards to the MD5 fingerprint, would this be a straight MD5 hash, or >something like the FreeBSD MD5-based password hash (which I believe supports >passwords longer than 8 chars)? I would certainly expect support for more than 8 characters, like in newer versions of Linux. >Also, would the hash continue to be openly published? I guess so. Hiding something in the response (by default) has the potential of confusing people while trying to update and/or delete objects. We've been through that already ;-) >It would seem you would still have to deal with potential dictionary attacks. Correct. >I understand the Perl-based RIPE server would use a "*" in place of >the actual crypt-pw and I've been considering adding support for this in IRRd. >Also, I would suggest reading the following paper regarding the strength >of traditional Unix crypt, FreeBSD's MD5-based crypt, and OpenBSD's Blowfish- >based bcrypt -- http://www.usenix.org/events/usenix99/provos.html Thanks for the pointer! > Regards, > Larry Blunk > Merit Regards, Wilfried.
[ db-wg Archives ]