Hi, "> No "operational changes"? In the day-to-day operation ("sending in mails to change objects to the RIPE DB") going from CRYPT-PW to MD5-PW *will* *not* *change* *anything*. The mail will still contain a "password: <something>" block, just the way this password is hashed in the maintainer object is different." Then it is NOT improve security much. Using your allegory: Let's put huge lock on our cardboard door? In security ALL parts are essential. BEFORE I can use "the day-to-day" operation I should change CRYPT-PW to MD5-PW. And PERSONALLY I don't need the enhanced in some way but weak in the other "security". "> Let's look at the plan to get an image that it's not so "problemless". So where exactly *do* you see "problems"?" It's simple: the big amount of people and resources involved. "In your mail you speak about "crypto" - which is NOT involved here (except hashing the password) - this proposal is not forcing anybody to go to PGP, just to a different password storing scheme." It's not the only point I spoke about. Please reread once more. Please get a reality check on what is proposed, and what is proposed as replacement. It was my idea initially. I do not see much sense in the proposal, because you can use "better security" without ANY CHANGES AT ALL. *Good* security is fixing problems *before* they happen. Like "lock your front door when you leave your house, even if you have never been burglared yet". If you speak about your home for $1000000 - it's true. And if we speak about cabin for $10? How much sense is a lock for $1000 then? Vladislav Potapov Ru.iiat