This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] Personalised authorisation
- Previous message (by thread): [db-wg] Personalised authorisation
- Next message (by thread): [db-wg] Publishing Deleted Objects - Legal Analysis
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sascha Luck [ml]
dbwg at c4inet.net
Fri Jun 19 16:19:04 CEST 2015
On Thu, Jun 18, 2015 at 03:38:17PM +0200, Tim Bruijnzeels wrote: >No, our idea was that the "auth:" attributes referencing persons >would be filtered for unauthorised users. Just like we filter >SSO emails and MD5 hashes today. >Only *authorised* users would be able to see this, i.e. a user >who is logged into web updates and who is authorised for this >maintainer (i.e. has their SSO on this maintainer, or on a >person object authorised for this maintainer). >Similarly we would filter "auth:" attributes for person objects, >unless the user looking at this is authorised. Typically that >would be a user looking at their own credentials. Thanks, Tim, for this clarification. Certainly something I can live with. rgds, Sascha Luck
- Previous message (by thread): [db-wg] Personalised authorisation
- Next message (by thread): [db-wg] Publishing Deleted Objects - Legal Analysis
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]