Hi Denis,
[snip]
It may be a bit of an overkill to add mnt-ref: to the mntner: as in most cases people would probably make it refer to itself, although it would be consistent. Another option to prevent un-authorised use (malicious or accidental) of a mntner is to require the mntner's own authorisation to be provided whenever it is added to an object.
I agree, that it looks like an overkill, but I'd prefer to see a consistent behaviour among all the objects. [I cold also imagine cases, where they might as well differ]. On the other hand i could also imagine a fallback-scheme like in the mnt-lower: if no mnt-ref, them use the mntner itself or so.... One thing i have not checked: Is a ref-nfy in a mntner redundant informaiton (e.g already coverd by notify there)? lG uk -- Ulrich Kiermayr Zentraler Informatikdienst der Universitaet Wien Network/Security Universitaetsstrasse 7, 1010 Wien, Austria eMail: ulrich.kiermayr@univie.ac.at Tel: (+43 1) 4277 / 14104 Fax: (+43 1) 4277 / 9140