Re: [db-wg] restoring person object
-
To: Database WG db-wg@localhost
-
From: Piotr Strzyzewski <Piotr.Strzyzewski@localhost
-
Date: Tue, 22 Sep 2009 20:01:25 +0200
-
Organization: Silesian University of Technology, Computer Center
On Tue, Sep 22, 2009 at 04:24:28PM +0200, Denis Walker wrote:
Hi
> The member
> would reference what he believes to be his PERSON object based on the
> information in his own database, but in fact a completely different
> person would be referenced. As no authorisation is required to reference
> a PERSON object and no notification is sent when such a reference is
> made, no one will know a mistake has been made.
I see potential problem here. In my opinion this lack of authorisation
could lead to situation in which some person/role objects are referenced
on purpose without asking its owners. There could be at least two
reasons for such behaviour:
- lazy customer reference upstream's contacts,
- nasty person reference some objects to mislead users who are looking
for abuse contact.
Moreover, it is hard to convince such a person to change his/her objects
to not reference those person/role objects.
Maybe we should think about some additions to person, role and/or mntner
objects? My raw proposal is:
1. Add "ref-nfy" field to person/role, which stores email address which
is notified about such reference.
2. Add boolean "mnt-per" field to mntner object. This field could
indicate if person/role objects protected by this mntner should be
authorised when they are referenced. Both upd-to and mnt-nfy fields
should be used accordingly.
Regards,
Piotr Strzyzewski
--
gucio -> Piotr Strzyżewski
E-mail: Piotr.Strzyzewski@localhost
|
you are here: RIPE -> RIPE Maillists > Archives
