[db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
- Previous message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
- Next message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
David Freedman
david.freedman at uk.clara.net
Tue Nov 8 13:27:47 CET 2011
I think the safest thing to do without angering existing maintainers is simply to: - email campaign by NCC asking people to self-deprecate their use of MD5 (warning phase) - Hide the hashes from the database - Support MD5 use only through encrypted means - Ask people who really want to continue using it to change theirs in case old copies of hashes are lying around - Finally deprecate MD5 for good some years from now Dave. On 08/11/2011 12:22, "Daniel Stolpe" <stolpe at resilans.se> wrote: > >I agree. > >And maybe someone should set up john the ripper to crack some passwords >and contact the holders of the weakest ones. > >On Tue, 8 Nov 2011, David Freedman wrote: > >> I don't mind it continuing to be used over encrypted channels, >> as long as the hashes are not available to the general public (as per >>your >> previous mail) >> >> I would support a warning phase >> >> Dave. >> >> >> >> On 08/11/2011 11:56, "Shane Kerr" <shane at time-travellers.org> wrote: >> >>> David, >>> >>> On Tue, 2011-11-08 at 09:38 +0000, David Freedman wrote: >>>> I'd like to see auth: MD5-PW deprecated , even though it seems to be >>>> widely used (for various reasons) >>>> according to the report by DB presented to us. >>> >>> I propose that we deprecate passwords over unencrypted channels. AFAIK >>> this just means e-mail today, although the web API stuff may also >>> provide an non-TLS option (I don't know). >>> >>> Unlike hiding MD5, this is a major change for users, and would need to >>> be done with the same caution and preparation as similar large changes >>> in the past. We could have a warning phase, where anyone using a >>> password in email would get a scary warning in the reply telling them >>>to >>> use a more secure scheme (PGP, X.509, webupdates, or database web API). >>> The RIPE NCC could identify heavy users and help them convert their >>> tools. And eventually we could flip the switch and turn off plain text >>> passwords. >>> >>> -- >>> Shane >>> >>> >> >> >> > > >Daniel > >__________________________________________________________________________ >_______ >Daniel Stolpe Tel: 08 - 688 11 81 >stolpe at resilans.se >Resilans AB Fax: 08 - 55 00 21 63 >http://www.resilans.se/ >Box 13 054 556741-1193 >103 02 Stockholm >
- Previous message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
- Next message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]