This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] Proposed change 2003.1: notification for more-specific
- Previous message (by thread): [db-wg] Proposed change 2003.1: notification for more-specific
- Next message (by thread): [db-wg] Proposed change 2003.1: notification for more-specific
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Shane Kerr
shane at ripe.net
Mon Mar 10 16:20:28 CET 2003
On 2003-03-07 17:56:46 -0500, Larry J. Blunk wrote: > > My comment is not specifically related to this proposal, but I > have long been concerned about the optional status of the > mnt-nfy: attribute. This means if someone cracks a mntner > password and begins submitting updates (which naturally will be > successful since they have the password), no notification will > be sent to the mntner. > > I'm not sure of the best way to handle this. I suppose there > are some people who don't want to be bothered by notification > of successful updates and if they're using PGP that might be > okay. It also seems the upd-to attribute name was very poorly > chosen as it is difficult to differentiate it's function from > that of mnt-nfy (I often get the two confused and I deal with > this stuff every day). I personally feel that the mnt-nfy > should be mandated in RPSL and those mntner's who do not have > one should have it replicated from their upd-to attribute > value. For those who really don't care to see the results of > successful updates, they could simply direct the email address > to /dev/null. I am personally agnostic on the issue, but do not think there would be a problem making "mnt-nfy:" mandatory. As a data point, of the 8808 maintainers in the RIPE Database, there are 2322 that use password-based authentication (CRYPT-PW or MD5-PW) and have no "mnt-nfy:" attribute. -- Shane Kerr RIPE NCC p.s. I also think that "upd-to:" and "mnt-nfy:" are probably not the best names. But what can we expect of a standard with things like "mntner:" and "aggr-mtd:"? (These names can't be to shorten them, or we wouldn't have "peering-set:" and "mbrs-by-ref:")? Would it make sense to make an alias for "upd-to:" of something reasonable, e.g. "auth-fail-nfy:"?
- Previous message (by thread): [db-wg] Proposed change 2003.1: notification for more-specific
- Next message (by thread): [db-wg] Proposed change 2003.1: notification for more-specific
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]