This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] NWIs update
- Previous message (by thread): [db-wg] NWIs update
- Next message (by thread): [db-wg] NWIs update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Tore Anderson
tore at fud.no
Tue Apr 9 16:26:12 CEST 2019
* Cynthia Revström via db-wg > Hello, > > On 2019-04-09 12:58, Tore Anderson via db-wg wrote: >> «This authentication group can be referenced directly in mnt-*: >> attributes in database objects, or if that is not feasible, as a >> new authentication method in MNTNER objects.» > > AFAIK, mnt-* (mnt-by, lower, etc) defines what you are authorized to do, not how you are authorized. Authentication mechanisms defines how you are authorized. So to me a new auth method would make more sense. Hi Cynthia, The point here is simply to get rid of the need to always create «proxy» MNTNER objects. That is, instead of needing this: ###### inet6num: 2001:db8::/32 mnt-lower: MNT-MYLIR mnt-routes: MNT-MYLIR-ROUTES --> mntner: MNT-MYLIR auth: LIRPORTAL eu.mylir + mntner: MNT-MYLIR-ROUTES auth: LIRPORTAL eu.mylir/routes --> http://lirportal.ripe.net user: alice at mylir.eu user: bob at mylir.eu (member of group «routes») ###### The LIR could make do with something like this: ###### inet6num: 2001:db8::/32 mnt-lower: LIRPORTAL-eu.mylir mnt-routes: LIRPORTAL-eu.mylir/routes --> http://lirportal.ripe.net user: alice at mylir.eu user: bob at mylir.eu (member of group «routes») ###### The two mntner objects in the first example serve no real purpose, except to cause extra work and require LIR hostmasters to learn a concept they have no need for. Tore
- Previous message (by thread): [db-wg] NWIs update
- Next message (by thread): [db-wg] NWIs update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]