This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
FW: FW: [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Previous message (by thread): FW: FW: [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Next message (by thread): FW: FW: [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Gert Doering
gert at space.net
Thu Oct 5 12:24:09 CEST 2006
Hi,
On Thu, Oct 05, 2006 at 02:21:53PM +0400, Potapov Vladislav wrote:
> The mail will still contain a "password: <something>" block,
> just the
> way this password is hashed in the maintainer object is
> different."
>
> Then it is NOT improve security much.
It does. It takes away the attack angle of breaking CRYPT-PW hash.
> Using your allegory: Let's put
> huge lock on our cardboard door? In security ALL parts are essential.
> BEFORE I can use "the day-to-day" operation I should change CRYPT-PW to
> MD5-PW. And PERSONALLY I don't need the enhanced in some way but weak in
> the other "security".
As our members tell us that "crypto is hard!!!!" we can not enforce PGP
(which would be a big step) - so security is increased in small steps.
Gert Doering
-- NetMaster
--
Total number of prefixes smaller than registry allocations: 98999
SpaceNet AG Mail: netmaster at Space.Net
Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0
D- 80807 Muenchen Fax : +49-89-32356-234
- Previous message (by thread): FW: FW: [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
- Next message (by thread): FW: FW: [db-wg] Proposal to deprecate CRYPT-PW authorisation in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]