Hello All, At the first place it is a good Idea to removed MD5-Hashes from public view. But there a some stuff that should be though of. - At the moment you have to supply the hole object if you delete an object. -> So you have to store the origin object locally. -> Is it a good Idea to remove an object when someone submitting it without the crypted pw's ? - How can you remove password in this case? -> Simply by submitting the object without the auth attributes that contain MD5-PW's is IMHO error prone. I decided (in 2005) to remove the MD5-PW at all. We just use pgp keys andfor fallback the X509 cert from the LIR Portal. The lir Portal account uses also PKI login and has as fallback a password. And if the worse case happens, you could ask the hostmaster@ripe.net to unlock the maintainer for you. But IMHO the worse case doesn't happen all to often. Anyway the RIPE-NCC should considere to bill cases if somebody ask twice a day:-) IMHO you should not remove the PGP-Keys and the X509 Cert from public view. It see no sercurity reasons for this. with kind regards || Mit freundlichen Gruessen i.A. Markus Werner -- WOBCOM GmbH - IP-Services (W8) phone: +49.5361.189-473 Hesslinger Str. 1-5, D-38440 Wolfsburg faxno: +49.5361.189-199