This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[db-wg] Updating maintainer objects with filtered auth lines

Previous message (by thread): [db-wg] Updating maintainer objects with filtered auth lines
Next message (by thread): [db-wg] Updating maintainer objects with filtered auth lines

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Daniel Stolpe stolpe at resilans.se
Thu Aug 20 14:20:22 CEST 2015

Hi Elvis,

Yes I know. But in this case I did not know the password. Maybe that is an 
anomaly but we see it now and then, usually when there are more than one 
party "sharing" a maintainer. One could argue that if you hire external 
people to maintain your RIPE data you should add their maintainer but that 
means a whole lot of updating. It is much easier to add an extra auth line 
to the current maintainer.

Cheers,

Daniel

On Thu, 20 Aug 2015, Elvis Daniel Velea wrote:

> Hi Daniel,
>
> if you know the password or authenticate with the SSO, you can find the full 
> object in webupdates:
> https://apps.db.ripe.net/webupdates/enter-password.html
>
> cheers,
> elvis
>
> On 20/08/15 14:43, Daniel Stolpe wrote:
>>
>>  I just had a very specific experience but this is a general problem.
>>
>>  What I wanted to do was update a maintainer object in the database. No
>>  problems since I was authorized via a PGP key. The problem was that one of
>>  the lines looked like:
>> 
>> auth:            MD5-PW # Filtered
>>
>>  And although I have no personal use for the md5 hash I did not want to
>>  disturb users who might have. I asked the NCC for advice and the answers
>>  were like "if you have an access account" (yes) you can add a line "auth:
>>  SSO xxxx at xxxx.xx" (yes). Still not a solution to my problem since adding
>>  the SSO line would just break the md5 anyway.
>>
>>  The solution this time was that I eventually found a local copy of the
>>  object with the md5 hash unfiltered.
>>
>>  I know the md5 hashes are a security problem and I do not recommend anyone
>>  using them but as long as they are there the filtering causes trouble. And
>>  by the way, we now see a lot of
>> 
>> auth:            SSO # Filtered
>>
>>  What I am looking for is a way to retrieve the whole unfiltered object for
>>  anyone authorized, or, at least, a possibility to updated the object
>>  without touching the filtered lines.
>> 
>>
>>  Maybe you could send a PGP signed request, not for updating but just for
>>  viewing the complete object?
>> 
>>
>>  Best Regards,
>>
>>  Daniel Stolpe

_________________________________________________________________________________
Daniel Stolpe           Tel:  08 - 688 11 81                   stolpe at resilans.se
Resilans AB             Fax:  08 - 55 00 21 63            http://www.resilans.se/
Box 45 094							      556741-1193
104 30 Stockholm

Previous message (by thread): [db-wg] Updating maintainer objects with filtered auth lines
Next message (by thread): [db-wg] Updating maintainer objects with filtered auth lines

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]