[db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Previous message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Next message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Wilfried Woeber, UniVie/ACOnet
Woeber at CC.UniVie.ac.at
Wed Oct 4 18:19:21 CEST 2006
Hi Denis, Denis Walker wrote: [...] > Why does it matter if people don't have a local copy of the hash? If you > want to modify the mntner object (maybe add a new admin-c) and you can't > remember the hash value, you can just encrypt your plain text password > again and enter a new hash value to the update. Technically, you are right. > It may be a little bit inconvenient, ... for any definition of *little* :-) > but not a major problem. I don't think even the password > owner 'needs' to see the hash. I think we should think this through to the very end :-) Starting with modifying all the documentation, the training material, the LIR portal, how to manage removal of e.g. 1 out of 2 or 3 hashes. Not talking about the fact that this is a pretty fundamental change to the DB architecture and behaviour. Not from a software development point of view - your view. But there are people out there who do not use commandline tools, but scripts, or applications... > regards > Denis Walker > RIPE NCC But if we change stuff, why don't we simply do away with it, instead of plastering around the cracks? Wilfried.
- Previous message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Next message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]