[db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
- Previous message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
- Next message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
David Kessens
david.kessens at nsn.com
Thu Nov 10 04:47:41 CET 2011
On Wed, Nov 09, 2011 at 09:38:37AM +0000, Nigel Titley wrote: > On Tue, 2011-11-08 at 15:01 +0100, virtu virtualabs wrote: > > That would mean RIPE NCC did not do anything while people has been > > aware of this fact since 2 years ? > > This problem is well known, both by the RIPE DB working group (which is > what makes the policy, not the RIPE NCC) and also the RIPE NCC itself. > It's been discussed for many years (not just 2) and the use of better > authentication methods has been recommended (and have also been > available for many years). To put this into some more precisely defined historical perspective, see this presentation (page 11) from 1995: ftp://ftp.ripe.net/ripe/presentations/ripe-m22-david-DB-REPORT.ps.gz We are now 16 years later. Maybe the time has come to address this issue ... David Kessens ---
- Previous message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
- Next message (by thread): [db-wg] Disallowing MD5 passwords in e-mail updates, was MD5 Hashes in the database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]