[ncc-services-wg] Securing MD5 Hashes in the RIPE Database
- Previous message (by thread): [ncc-services-wg] Securing MD5 Hashes in the RIPE Database
- Next message (by thread): [ncc-services-wg] Securing MD5 Hashes in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alexander Zubkov
green at msu.ru
Fri Nov 11 16:30:28 CET 2011
On 11/11/2011 06:24 PM, Denis Walker wrote: > [Apologies for duplicate emails] > > Dear colleagues, > > The RIPE NCC has formed a technical solution for the issue of > publicly displaying MD5 password hashes in the RIPE Database. The > solution includes: > > * Filtering out of all "auth:" attributes from all query results of > MNTNER objects Why filter all auth attributes? What if someone will want to use public key to send encrypted mail? :) Also what about implementing stronger schemes for plain passwords like SHA-256,512? > * Displaying MNTNER objects with "auth:" attributes only in > Webupdates after password authentication > > We published an article on RIPE Labs describing the details, including a > mockup of the password authentication required by Webupdates: > https://labs.ripe.net/Members/denis/securing-md5-hashes-in-the-ripe-database > > Additionally, we added a basic strength indicator to the password > generator: > https://apps.db.ripe.net/crypt/crypt.html > > We look forward to your comments and feedback, either on the Database > Working Group mailing list or below the article itself. > > Kind regards, > > Denis Walker > Business Analyst > RIPE NCC Database Group > >
- Previous message (by thread): [ncc-services-wg] Securing MD5 Hashes in the RIPE Database
- Next message (by thread): [ncc-services-wg] Securing MD5 Hashes in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]