This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] Personalised authorisation
- Previous message (by thread): [db-wg] Personalised authorisation
- Next message (by thread): [db-wg] Personalised authorisation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Shane Kerr
shane at time-travellers.org
Mon May 18 14:43:37 CEST 2015
Tim, Denis, other database folks, On Sat, 16 May 2015 16:46:44 +0200 Tim Bruijnzeels <tim at ripe.net> wrote: > > The basic idea was to allow authorisation tokens in PERSON objects, > > Yes, the important point here is that the credentials are on PERSONs, > rather than in one anonymous blob that is today's MNTNER. Basically, I think of PERSON objects as reflecting contact information about someone in the real world. This has nothing to do with database administration. ROLE objects are a handy layer of indirection so that you can substitute a job function any place you need contact information. Again, nothing to do with database administration. MNTNER objects are the equivalent of a website login. They are a way to authenticate yourself to the database as a database user. They have nothing to do with contact information. ---- This seems pretty straightforward, but it does seem to confuse everyone. Possibly the confusion comes from the name? "Maintainer" doesn't really scream "this is how I authenticate myself, and what authorizations are attached to". I guess I'm fine with adding new authorization mechanisms to the database... compared to our existing mechanisms it doesn't make anything less secure. I do worry about it increasing the confusion rather than making things more straightforward though. :( Cheers, -- Shane
- Previous message (by thread): [db-wg] Personalised authorisation
- Next message (by thread): [db-wg] Personalised authorisation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]