This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] call for application authorisation ideas
- Previous message (by thread): [db-wg] call for application authorisation ideas
- Next message (by thread): [db-wg] [training] RIPE NCC Training Courses October-December 2015
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Daniel Stolpe
stolpe at resilans.se
Fri Aug 21 13:54:05 CEST 2015
On Fri, 21 Aug 2015, denis wrote: > Hi job > > On 21/08/2015 02:32, Job Snijders wrote: >> On Fri, Aug 21, 2015 at 01:58:46AM +0200, denis wrote: >> > When it was suggested to hide the password hash I thought that was a >> > mistake. We should have hidden the whole MNTNER object from public >> > view. Why does anyone outside of my organisation need to see anything >> > in my MNTNER object? Why should you know if I use a password or PGP or >> > whatever? This is my business not yours. >> >> This seems to play into another thread, where someone had trouble >> retrieving the proper value of some "auth:" lines. It would be worth >> exploring how we can hide all "auth:" lines yet make them easily >> accessible to the owner. > > Bear in mind that I have spent years thinking about some of these issues from > many angles :) Sometimes a simple, quick fix is considered to be the > appropriate course of action. I guess that is why we hid the password hashes. > But in the end that proved to be not simple. Sometimes it is worth taking a > step back and looking at a wider picture. > > If you hide anything there has to be some method for the right people to see > what is hidden. Once you start trying to hide significant parts of an object > it may be easier to hide the whole object. And there can be additional > benefits in that. Notifications are part of the security system within the > database. Just as with the security tokens, there is no justifiable reason > why the public should have any knowledge of who gets notified within my > organisation when data is changed or some attempt is made. > > If the whole MNTNER object is hidden it can be shown to authenticated users > by an update with a pseudo attribute. Just as with a "dryrun:", if we have > another pseudo attribute "show:" then instead of doing an update the full, > current object is returned if the authorisation is valid. This will work with > any of the authorisation tokens in the object. Somethin like that, yes. I agree that i might not be necessary for the whole world to know the exact persons listed in a maintainer object, as long as it is not hidden for those authorized. Cheers, Daniel _________________________________________________________________________________ Daniel Stolpe Tel: 08 - 688 11 81 stolpe at resilans.se Resilans AB Fax: 08 - 55 00 21 63 http://www.resilans.se/ Box 45 094 556741-1193 104 30 Stockholm
- Previous message (by thread): [db-wg] call for application authorisation ideas
- Next message (by thread): [db-wg] [training] RIPE NCC Training Courses October-December 2015
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]