it wouldn't really work for maintainers, as it becomes a recursive loop. mnt-1 wants to edit mnt-2's object, mnt-2 can't add mnt-1 and mnt-1 can't add mnt-2 to mnt-ref... - Cynthia On Fri, May 31, 2019, 15:05 Sebastian Wiesinger via db-wg <db-wg@ripe.net> wrote:
Dear Working Group,
as mentioned at last week's DB-WG meeting, I'd like to propose extending authenticating references to other objects.
Currently, only references to organisation objects can be protected with
* Edward Shryane via db-wg <db-wg@ripe.net> [2019-05-27 11:43]: the mnt-ref attribute.
However, we could extend this protection to other types of objects:
- Abuse-c role - Technical contact, admin contact, zone contact etc. (person/role) - Organisation maintainer(s)
This would prevent unauthorised references to an organisation's objects
(e.g. to impersonate a third party or mis-direct abuse email).
Sounds good, on the premise that this is done to the generic object type and not dependent on the usage of them.
Meaning that if I put mnt-ref on a person/role you cannot reference it *anywhere* unless your maintainer is listed in mnt-ref. Same for maintainers.
Regards
Sebastian
-- GPG Key: 0x58A2D94A93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE) 'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE SCYTHE. -- Terry Pratchett, The Fifth Elephant