Hello *, Since no one commented on that yet, i'd like to ask your opinion on something i 'sneaked' into my proposal, which is not directly related to the abuse-c problem, but more of Security in the Database itself: It is the reference protection in person/role/mnt.
person: [mandatory] [single] [lookup key] [...] ref-nfy: [optional] [multiple] [inverse key] <-- mnt-ref: [optional] [multiple] [ ] <--
Is it useful for someone else than me, to protect this objects from unsolicited reference in an other object? This behavior currently only exists for mnt-irt and org (with slightly different implementations though). I'd like to at leas know, or moreover have to acknoledge, when someone wants to put me in as admin-c/tech-c/.... somewhere (esp. when I denote something of security relevance in there). Currently this is only possible by regularly searhing the database (afaik). any opinions on that? lG uk -- Ulrich Kiermayr Zentraler Informatikdienst der Universitaet Wien Network - Security - ACOnet-CERT Universitaetsstrasse 7, 1010 Wien, AT eMail: ulrich.kiermayr@univie.ac.at Tel: (+43 1) 4277 / 14104 PGP Key-ID: 0xA8D764D8 Fax: (+43 1) 4277 / 9140