[db-wg] Announcement on "mnt-lower" changes in the RIPE Whois Database
- Date: Mon, 17 Nov 2003 12:39:17 +0100
[ Apologies for duplicate e-mails ]
Dear colleagues,
The following changes will become effective in the RIPE Whois Database starting
from November 26, 2003. These changes are intended to make the database work
more consistently, as well as provide an increased level of security and
control to users.
1. When creating an inetnum, inet6num or domain object, the "mnt-lower:"
attribute in the parent object must authorise the creation. If it is not
present, the "mnt-by:" attribute must authorise the creation.
This behaviour will allow a more secure hierarchical authorisation scheme in
the RIPE Whois Database (similar to RPSS) for those object types. This change
is implemented according to the following proposal:
Proposed change 2003.0: default to protected inetnum/inet6num/domain
http://www.ripe.net/ripe/mail-archives/db-wg/2003/msg00478.html
RIPE NCC allocations that don't have "mnt-lower:" attribute will be affected
by this change as they are maintained by the RIPE NCC. To prevent this,
affected inetnum objects have been updated to include a "mnt-lower:" attribute.
More details about this project are available at:
http://www.ripe.net/db/allocations_mnt-lower_update.html
2. The "mnt-lower:" attribute will become optional for all set object types
(as-set, filter-set, peering-set, route-set, and rtr-set).
The "mnt-lower:" of the parent object attribute must authorise creation when
hierarchical names are used. If it is not present, the "mnt-by:" of the parent
object must authorise the creation. This change is implemented according
to the following proposal:
Proposed change 2003.4: "mnt-lower:" on set objects
http://www.ripe.net/ripe/mail-archives/db-wg/2003/msg00482.html
--
Katie Petrusha
Software Engineering Department
RIPE NCC
|
you are here: RIPE -> RIPE Maillists > Archives
