Re: abusive changes of person handles (protect your maintainer!)
- Date: Fri, 19 Nov 1999 11:34:03 +0100
Hi,
maintainer abuse as described in Petra Zeidler's mail is something that is
becoming increasingly frequent.
There are two issues here:
- The use of very weak protection methods (NONE and MAIL-FROM) (see *).
Some people like these because all they are looking for is a notification
mechanism, not a protection mechanism. The use of weak protection methods
makes it easy for someone, intentionally or by accident, to override the
maintainer protection.
- The initial attachment of a maintainer to an object without one.
In the current database, dating from more quiet days in the internet,
anyone can attach any maintainer to an object that does not have a mnt-by
field because that maintainer's authentication is not checked when the
object does not have a mnt-by attribute. In the new database, currently in
development, we are already thinking about doing the corresponding check
before adding the maintainer (requiring proper authentication to add it,
hopefully from the maintainer's owner).
Would the community see this change in behaviour as a good thing?
Best regards,
Joao
* Some people think otherwise. (eg see http://www.providerfrage.de/mnt.htm)
=====================================================
| Joao Luis Silva Damas http://www.ripe.net |
| RIPE DB Group Manager email: joao@localhost |
| RIPE NCC |
| Amsterdam |
=====================================================
