Dear Database Working Group Members, By public information, I mean, MNTER names with associated MD5 Hashes (without plaintext strings). -- Pierre Kim pierre.kim.sec@gmail.com @PierreKimSec https://pierrekim.github.io/ On 5/5/15, Job Snijders <job@ntt.net> wrote:
Dear Pierre,
On Tue, May 05, 2015 at 05:12:15AM +0900, Pierre Kim wrote:
I am contacting you to share the thoughts on the usage of MD5 in the RIPE database.
Thank you for reaching out.
By reading https://labs.ripe.net/Members/kranjbar/password-management-in-ripe-database
When I discussed it with RIPE NCC Security, I gave a 90 day disclosure policy about this "public" information, starting from the 16 Apr 2015.
For clarification: does this mean you will make publically available a list of all hashes + mntner names you retrieved in 2011 combined with a plaintext string which fits the hash?
Kind regards,
Job