[db-wg] MD5 and Password Security in the RIPE DB, Fwd: Wonder if you can help - re: PDP
- Previous message (by thread): [db-wg] MD5 and Password Security in the RIPE DB, Fwd: Wonder if you can help - re: PDP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
David Kessens
david.kessens at nsn.com
Tue Dec 13 20:22:54 CET 2011
Peter, On Tue, Dec 13, 2011 at 03:04:47PM +0100, Peter Koch wrote: > > first off, the various proposals really are not PDP issues, so thanks for getting > the procedural question sorted. However, what is 'this' in the request above? I hope the 'this' is two implementation plans for the two proposals with enough detail that people understand the pros and cons and brief enough that we don't make this a giant bureaucratic exercize that eats up valuable time that can be used to actually implement the plan. I even don't mind if the plan for option 1 gets implemented right away as long as the working group gets a chance to roll back/tune things if they are slightly different from what we hoped for. > while I agree that concealing the hashes actually sound like a reasonable approach, > it sacrifices a DB invariant, which is: every object will be displayed as-is > (-B and other options non-withstanding). I fully agree that it should not go unnoticed that we are sacrificing this feature. I don't like it myself but I don't see how this can be avoided if we want to have a short/medium term fix before real accidents happen and without major overhauls of the security functionality. David Kessens ---
- Previous message (by thread): [db-wg] MD5 and Password Security in the RIPE DB, Fwd: Wonder if you can help - re: PDP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]