Hi again, I just realised that this will have an impact on LIM-MNT. What's the plan for future auth there?
-Cynthia On Tue, 2 Dec 2025, 17:17 Edward Shryane, <[email protected]> wrote: > Dear colleagues, > > The RIPE NCC database team published an updated plan in January to > deprecate MD5 hashed passwords by the end of 2025: > > https://mailman.ripe.net/archives/list/[email protected]/thread/NGCRQWJPF7MT24V2MVJWIHVKHLEPMBOQ/ > > Since then, we have been working towards this deadline: > * Added support for API key and OAuth 2.0 authentication > * Notified maintainers and removed inactive passwords in June (including > any passwords not used since January 2024) > * Notified maintainers by email who are actively using passwords in July, > September, October and November > * Added a warning to the database web query page that passwords are > deprecated > * Added a warning to Whois update responses that passwords are deprecated > > I presented at the DB-WG session at RIPE 91 that use of password > authentication is still very high: 32% of all updates used password > authentication, by about 150 maintainers. By last week, this has decreased > to 17% of all updates by about 105 maintainers. There is still a risk that > the database community may not be ready for the end of year deadline. > > Taking this into consideration, I propose the following updated plan for > the end of year deadline: > * At the beginning of January (e.g. Monday January 5th at midday CET), > remove all passwords from the RIPE database, after notifying maintainers > and the working group. > * Allow maintainers to add a password back to their maintainer if they > still really need to use one (e.g. for operational reasons). > * In the following Whois release, around the end of January, remove > support for passwords altogether, again after notifying maintainers and > working group. > > This gives us a rollback plan in case there are maintainers that need some > extra time, and still allows us to follow through with deprecating > passwords. > > In the meantime, we will continue to monitor use of password > authentication. We also want to hear from any maintainers who need > assistance with the migration, we are happy to help. > > Please let us know your questions or comments. > > Regards > Ed Shryane > RIPE NCC > > > ----- > To unsubscribe from this mailing list or change your subscription options, > please visit: https://mailman.ripe.net/mailman3/lists/db-wg.ripe.net/ > As we have migrated to Mailman 3, you will need to create an account with > the email matching your subscription before you can change your settings. > More details at: https://www.ripe.net/membership/mail/mailman-3-migration/ >
----- To unsubscribe from this mailing list or change your subscription options, please visit: https://mailman.ripe.net/mailman3/lists/db-wg.ripe.net/ As we have migrated to Mailman 3, you will need to create an account with the email matching your subscription before you can change your settings. More details at: https://www.ripe.net/membership/mail/mailman-3-migration/
