This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
- Previous message (by thread): [db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
- Next message (by thread): [db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
denis
ripedenis at yahoo.co.uk
Thu Apr 14 13:31:20 CEST 2016
Hi Piotr On 14/04/2016 08:41, Piotr Strzyzewski wrote: > On Thu, Apr 14, 2016 at 01:07:01AM +0200, denis wrote: > > Denis > >> You really are barking up the wrong tree here. > > Nice try, but you misinterpret my intentions. This is a very condescending remark. > >> On 14/04/2016 00:31, Piotr Strzyzewski wrote: >>> On Thu, Apr 14, 2016 at 12:00:45AM +0200, denis wrote: >>> >>> Denis >>> >>>>> Taking your arguments stated above, I once again (this time more clear) >>>>> say that rolling back the change to allow changes to the PERSON object >>>>> name would _not_ have fixed the problem. >>>> >>>> Maybe not, but it would have been a harmless change. Your action has >>> >>> This change has been discussed and expected in this community at least >>> from the year 2000. >> >> For a start this database with this (broken) data model did not exist in >> 2000. It was released to production in April 2001. > > Which do not proof that there was no desire/discussion/need for change > of the person name even earlier: > > https://www.ripe.net/ripe/mail/archives/db-wg/2001-January/001512.html > >> And has been checked by You in 2014 with RIPE NCC's >>> legal team. I haven't seen any technical, legal, procedural (nor any >>> other) objections raised by You under issue 221 >>> (https://github.com/RIPE-NCC/whois/issues/221). >>> What has changed during last 1.5 year? >> >> Issue 221 was about changing the PERSON object name. It was agreed by the >> RIPE NCC legal team that they saw no problems at that time. What has >> changed is that you have now identified a hijacking issue. Rolling back >> that change would have prevented 'easy' hijacking by simply changing the >> name of an unmaintained PERSON object to your name. By locking the objects >> they now have to 'get' ID in that name. As you pointed out that seems to be >> easy, although I have no idea how to do something like that. > > The hijacking issue was there for years. I'm just surprised that it was > not raised by you during the discussion of issue 221. Again this is another condescending remark. You imply that I should know everything at all times. If you knew about this hijacking issue that you say has been around for years, then as a co-chair of this working group why did you not mention it at the time? > >> You seem to be determined to 'prove' I am wrong suggesting rolling back the >> name change would fix this issue. But you don't seem to accept that the >> action you have taken has also NOT fixed the problem but caused many more >> serious problems. > > Please refrain from suggesting that I have done something. The whole tone of this thread is one of attack and aggression towards me. You are not discussing the issues but you are discussing me. You are relentlessly pursuing my comments and looking back in history to prove me wrong, instead of trying to move forward. You are doing exactly what you accuse me of. > > Moreover, keep saying the mantra about causing many more serious > problems is neither the proof of this thesis nor the solution to > anything. If you know/see something which could seriously improve the > quality of the data, security model, business rules, etc, just bring it > on the table. Sorry but you are missing the point here. It is not a thesis and I have stated the serious problem. I was part of the Data Protection Task Force many years ago. I spent a lot of time with the RIPE NCC's lawyers discussing the data protection issues around the RIPE Database. The action you have taken HAS already created a data protection issue. There are now about a million personal data sets in the database that the data subjects cannot change. The RIPE NCC has stated it will not unlock any of these objects as they cannot be sure who they refer to. The RIPE NCC, as Data Controller of this database has a million personal data sets in their database that they cannot assert contain accurate data and they have prevented the data subjects from updating their personal data. The RIPE NCC also, even as Data Controller, cannot do anything to fix or replace these personal data sets. Now I will bring some suggestions to the table to fix this issue. First I would like the RIPE NCC legal team to review this situation and publish to this list their considerations. Secondly I suggest the RIPE NCC unlocks these objects, as it makes no difference to the hijacking situation that you say has been around for years anyway. Third I suggest the RIPE NCC aggressively pursues the members who reference these unmaintained personal objects and pushes them to either maintain them or replace them. Finally I would say that for an issue that the DB WG co-chairs have known to have been around for many years, I don't see why it needed a secret, back room discussion and a sudden announcement that the RIPE NCC has locked a million objects without any community discussion. As I am not receiving the emails in this discussion from the DB WG mailing list, I think you may have already blocked them. So I have cc'd Athina directly for a legal comment. cheers denis > > Piotr >
- Previous message (by thread): [db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
- Next message (by thread): [db-wg] Locking unmaintained PERSON and ROLE objects in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]