So, how to proceed here now? Can we agree on the follwoing: A 'force:' attribute for changing the 'person:' attribute itself shall be allowed if and only if the person or role object is maintained and the maintainer uses "strong" protection, such as 'password' or 'PGP'. Already appreciating your comments, Carsten -------- Original Message -------- Subject: Modifying 'person:' objects Date: Mon, 29 Jan 2001 14:02:47 +0100 From: Carsten Schiefner <carsten.schiefner@tcpip-gmbh.de> To: db-wg@ripe.net Colleagues, as a follow-up of the short discussion we have had last week during RIPE 38 I'd like to continue this discussion in the appropriate forum, the db-wg mailing list. What from time to time really annoys me is the fact that you cannot change a person's name (necessary due to misspellings etc.) that is already referenced because the person's name together with the NIC handle is the primary key. You cannot delete and re-enter it either because it's already referenced. The only way to go is to send an email to the human db processor ;-) 'ripe-dbm@ripe.net' to get the data changed manually. I consider this as not very efficient. During the meeting we were told by Joao and/or Andrej that basically there is no further need to have person's name _AND_ NIC handle as the primary key, only the NIC handle would be enough. Anyhow, I wouldn't like to touch this pragma. What I would like to propose is a second "pseudo" attribute in addition to 'delete:' - having no documentation purpose but functionality: the "I really know what I am doing right at the moment" attribute ('irkwiadratm:' ;-). This second "pseudo" attribute overruns the above mentioned db pragma and forces a change in a person's name (so 'force:' migt be better...). Where I haven't made up my mind yet is the question whether this always should apply or only in thoses cases when a person object is maintainer protected. There might be further cases I have not in mind at all at the moment - so... Any comments will be appreciated. Best regards, -C.