action item AP-42.3 - problems of multiple hashed passwords
This is an update on AP-42.3 regarding identifying users of multiple hashed passwords (CRYPT-PW or MD5-CRYPT) in a mntner. Merit has implemented an option in it's web-based update form to include an "id" in the comment field of an "auth:" attribute. Additionally, the date and time of creation of the hashed password is included (should one want to keep track of the age of a particular password). Below is an example -- auth: CRYPT-PW Fa1QDrka0aOOM #Id:billg Created:20030514 09:42:45(UTC) As a further note, we have implemented (but not deployed) support for hashed password hiding. When this is deployed, the hash value of a CRYPT-PW will be replaced with the string "HIDDENCRYPTPW" when a mntner object is queried or mirrored. I'm not sure how much of this is of interest to the RIPE community (particularly with the PKI support on the horizon), but I thought I would throw it out for consideration. Regards, Larry Blunk Merit Network
participants (1)
-
Larry J. Blunk