[db-wg] MD5 and Password Security in the RIPE DB, Fwd: Wonder if you can help - re: PDP
David Freedman david.freedman at uk.clara.net
Tue Dec 13 18:36:52 CET 2011
On 13/12/2011 15:04, "Peter Koch" <pk at DENIC.DE> wrote: > >while I agree that concealing the hashes actually sound like a reasonable >approach, >it sacrifices a DB invariant, which is: every object will be displayed >as-is >(-B and other options non-withstanding). I guess yes, it does, MNTNER can't be displayed as-is if it is going to leak information like that (unless anybody can think of a better idea?, and yes, deprecating MD5 would be a lot simpler, but this is the approach which had supposedly the least pain). I'm sure also the FTP dumps will be tidied up and people will be advised to change these passwords to prevent an attack based off archived data? Dave.
[ db-wg Archives ]