[db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Previous message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Next message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Max Tulyev
president at ukraine.su
Thu Oct 5 13:01:11 CEST 2006
Peter Koch wrote: > > IIRC, the reason for not hiding the password was that fetch-submit should be > idempotent, or, to elaborate a bit more, no information should be lost in a > fetch-edit-submit cycle. This is especially important in those cases where > there's another auth scheme in use besides MD5-PW, so not submitting the > respective attribute with the object would actually change the mntner to > only use the remaining auth scheme. Any 'workarounds' to me appear a bit > like rearranging those deckchairs once again. If MD5 is weak and there's > enough concern in the community to get rid of it, let's just do it. But > at the same time, let's take the first step first and get the CRYPT-PW > deprecation and phase-out plan out of the door. > > Not MD5 (CRYPT/SHA/...) is weak, but some sort a people using stupid passwords ;) Also, moving out encrypted password to another separated hidden object (as PGP key is now) don't break the fetch-edit-submit schema. -- WBR, Max Tulyev (MT6561-RIPE, 2:463/253 at FIDO)
- Previous message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Next message (by thread): [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]