On Wed, Oct 04, 2006 at 06:05:10PM +0200, Denis Walker wrote:
want to modify the mntner object (maybe add a new admin-c) and you can't remember the hash value, you can just encrypt your plain text password again and enter a new hash value to the update. It may be a little bit inconvenient, but not a major problem. I don't think even the password owner 'needs' to see the hash.
I guess this is the n-th iteration of this text and Max is correct in pointing out that the results of the previous discussion should be made available on the "FAQ page" that is going to support this migration effort. IIRC, the reason for not hiding the password was that fetch-submit should be idempotent, or, to elaborate a bit more, no information should be lost in a fetch-edit-submit cycle. This is especially important in those cases where there's another auth scheme in use besides MD5-PW, so not submitting the respective attribute with the object would actually change the mntner to only use the remaining auth scheme. Any 'workarounds' to me appear a bit like rearranging those deckchairs once again. If MD5 is weak and there's enough concern in the community to get rid of it, let's just do it. But at the same time, let's take the first step first and get the CRYPT-PW deprecation and phase-out plan out of the door. -Peter PS: One additional migration caveat is that LIRs that substitute MD5 for CRYPT-PW should be _urged_ not to just change the 'encryption' scheme, but also need to generate a new and better password.