This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
Modifying 'person:' objects
- Previous message (by thread): Modifying 'person:' objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carsten Schiefner
carsten.schiefner at tcpip-gmbh.de
Wed Jan 31 11:37:41 CET 2001
Hi Engin, Engin Gunduz wrote: > My main concern here is security: If a person object is > unprotected, you can change all information in it, > except the name, currently. If we allow to change the name too, > then the identity of the person object can totally be changed > by anybody. This is probably not appropriate, since > there are many unprotected person objects referenced from > inetnums, aut-nums etc... exactly that I tried to point out here: > On Mon, 29 Jan 2001, Carsten Schiefner wrote: > > [...] > > Where I haven't made up my mind yet is the question whether this > > always should apply or only in thoses cases when a person object > > is maintainer protected. There might be further cases I have not > > in mind at all at the moment - so... > > I explained my concern above: even if we decide to allow the name > modifications, AFAIK we must exclude unprotected person objects. Even > the "protected" person objects whose "protecter" maintainers have > "NONE" and "MAIL-FROM" authorisation schemes, possibly. Fully right. Question ist, wether or not it is easily possible to check if the object is maintained (should be easy) and then if the maintainer uses "strong" protection, i.e. "password" or "PGP". Best regards, Carsten
- Previous message (by thread): Modifying 'person:' objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]