Hi Engin, Engin Gunduz wrote:
My main concern here is security: If a person object is unprotected, you can change all information in it, except the name, currently. If we allow to change the name too, then the identity of the person object can totally be changed by anybody. This is probably not appropriate, since there are many unprotected person objects referenced from inetnums, aut-nums etc...
exactly that I tried to point out here:
On Mon, 29 Jan 2001, Carsten Schiefner wrote:
[...] Where I haven't made up my mind yet is the question whether this always should apply or only in thoses cases when a person object is maintainer protected. There might be further cases I have not in mind at all at the moment - so...
I explained my concern above: even if we decide to allow the name modifications, AFAIK we must exclude unprotected person objects. Even the "protected" person objects whose "protecter" maintainers have "NONE" and "MAIL-FROM" authorisation schemes, possibly.
Fully right. Question ist, wether or not it is easily possible to check if the object is maintained (should be easy) and then if the maintainer uses "strong" protection, i.e. "password" or "PGP". Best regards, Carsten