This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
- Previous message (by thread): [db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
- Next message (by thread): [db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Peter Koch
pk at DENIC.DE
Fri Apr 8 13:09:36 CEST 2016
On Thu, Apr 07, 2016 at 10:23:16AM +0200, Trudy Prins wrote: > The RIPE NCC Executive Board (EB) endorsed a proposal on how to deal with a vulnerability for RIPE Database users. Following their advice, the RIPE NCC proactively locked 848,986 unmaintained PERSON objects and 1,206 unmaintained ROLE objects on 6 April 2016. this sounds like a very sensible move to me. Of these ~850.000 objects, how many are referenced by objects from more than a single maintainer? > 2) Furthermore, the RIPE NCC modifies the existing warning about referencing unmaintained persons/roles to a similar warning about referencing locked persons/roles. Assuming that unmaintained objects ought to disappear and at the same time understanding that an immediate hard failure might interfere badly with established running code on the side of an LIR, there should be incentives to migrate. As a start, new references to unmaintained objects could be avoided. > 3a) The locked objects can remain as they are. In time, all locked PERSON or ROLE objects no longer referenced by other objects could be automatically deleted: the current thinking is a 180-day deletion timeout for these locked, unreferenced objects. >From a data protection perspective, this cool down phase appears rather long, especially given that even after following (3b) there's no proposed way to actively delete the locked (and re-instantiated) object. What's the perceived drawback of few days only? -Peter
- Previous message (by thread): [db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
- Next message (by thread): [db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]