[DBWG] Deprecation of CRYPT and MD5 authentication on AFRINIC WHOIS

Simon Seruyinda simon at afrinic.net
Fri Nov 20 06:56:27 UTC 2020


Dear DBWG

Following our discussions during the online DBWG on 30th September 2020, we have the pleasure to announce that we have taken your inputs and have decided to proceed with the following database changes

1. Stop accepting updates to objects if CRYPT or MD5 authentication is used.
Effective 12th December 2020, the users will only be able to make changes to their maintainer objects to move to a more secure password hashing algorithm such as BCRYPT , PGP Key or
X-509.
2. Also going forward the key-cert object will be immutable and its mnt-by optional. This is to make it easy for members to use PGP without first creating the maintainer with password based
authentication method such as BCRYPT.
3. Any unreferenced KEY-CERT,MNTNER,IRT,ORGANISATION objects older than 90 days will be cleaned up using a monthly scheduled job.
We shall add person/role object types to this list in a future release.
Our Member Services department is currently testing the developments and will keep you updated as we progress.
We have already sent communication to members who still have maintainer objects using MD5 and CRYPT authentication.
We are also working with our communications department to have this announced on the afrinic website as well.


Regards;
Simon


More information about the DBWG mailing list