[db-wg] Release 1.80.1 deployed: warning users on failed update/delete, if maintainers had passwords removed

16 Jul 2015

      Dear working group,

We have just deployed whois release 1.80.1 to production.

We have seen some cases where users were not aware that passwords had been removed from their maintainer, and they would only get an "authorisation failed" error. To help these users debug this issue better we now also include the following warning in case one or more of the maintainers had any passwords removed:

"MD5 passwords older than November 2011 were removed for one or more maintainers of this object, see: https://www.ripe.net/removed2011pw"

Example case (used by us for testing):
...
The following object(s) were found to have ERRORS:
---
Create FAILED: [person] AP1-TEST   Another Person
person:         Another Person
address:        Some Address
phone:          +12 345 678 90
nic-hdl:        AP1-TEST
mnt-by:         OWNER-MNT
source:         TEST
***Error:   Authorisation for [person] AP1-TEST failed
           using "mnt-by:"
           not authenticated by: OWNER-MNT
***Warning: MD5 passwords older than November 2011 were removed for one or more
           maintainers of this object, see: https://www.ripe.net/removed2011pw
Kind regards,

Tim Bruijnzeels

Assistant Manager Software Engineering
RIPE NCC Database Team