Reply to comment:

Kaveh Ranjbar
Hello, Thank you for your comment, the issue is already discussed in details in the RIPE NCC Database Working Group Mailing list, In short based on current adoption of PGP and X.509 by maintainers ( and limitations of using these methods over web it is not practical nor realistic to force all users to use any of those methods, but obviously it is a better choice and if a user is comfortable using PGP, implementing this change will not effect them, they can choose to authenticate their objects solely by PGP for example. The issue of changing hash flavors was also brought up, but in general most community members as well as security advisors are against publishing any type of hash publicly, that might be secure enough today but in a few years time we might again be in the same situation, that said, as mentioned in the article we will look for a more comprehensive solution after this immediate issue is resolved. We prefer to use a centralized authentication method handled by a dedicated auth. provider which might store passwords internally in a way much more secure than MD5 hashes. Kaveh Ranjbar, Database Group Manager, RIPE NCC