[db-wg] Proposal about personalised authorisation

Hello,

I support this proposal in general. I have a few questions below.

On 04/08/2015 11:07 AM, Tim Bruijnzeels wrote:
> The RIPE NCC has discussed the concept of personalised authorisation
> on various occasions, most recently at the DB WG session at RIPE 69.
> Following discussions and input from the working group we would now
> like to propose the following additions to the RIPE Database:
>
> = Extend the person object template with "auth:" as an optional,
> multiple attribute, with all current authentication methods.
> = Extend the mntner object "auth:" attribute with a new method that
> allows a reference to a person object that has at least one "auth:"
> attribute.

What happens if the all auth: attributes are later removed from a 
referenced person object? I foresee a potential security default.

> Allowing "auth:" attributes on person objects also allows us to make
> it easier for users to manage their person object in the RIPE
> Database in combination with their Single Sign-On (SSO) account on
> RIPE NCC Access as a single identity.

I find this idea very convenient. However, I've noticed that some people 
or some companies prefer to maintain several separate person objects for 
a single person in different roles. I can't say I approve of this 
practise entirely, but I suppose we should still have a stated policy of 
how these cases should be handled. Examples:

  * one SSO account can be coupled with multiple person objects
  * a person with multiple person objects should create multiple SSO 
accounts, if they all need to be coupled

Yours,
-- 
	Aleksi Suhonen

	() ascii ribbon campaign
	/\ support plain text e-mail

-- 
	Aleksi Suhonen

	() ascii ribbon campaign
	/\ support plain text e-mail