draft minutes, DB-WG meeting, RIPE-23, Jan.96, Amsterdam
David.Kessens at ripe.net David.Kessens at ripe.net
Mon Mar 4 22:44:14 CET 1996
Dear Kurt, Wilfried, Thanks for producing the minutes. I have a minor note: > Wilfried Woeber, UniVie/ACOnet writes : > > - other changes include > . support for the BSD DB package > . better security for "network updates" I think you mixed up (or I was not clear in my presentation) two points: - We have now implemented a password controlled mechanism to overrule all security mechanisms (For adding maintainers and the like). We previously used a 'security by obscurity' mechanism. - 'Network updates' are now fully supported by the RIPE database software. Fully supported means here: If your IP address is in our access list. This mechanism is a very fast and efficient update mechanism and so far only intended for use by the registry itself. We could decide to make this mechanism available for everybody by adding a accesslist protection to the maintainer object but that will only work for objects that are protected by maintainers. We currently have the feeling that this mechanism is not providing enough data for our logfiles to track down problems... (Note: not all objects are protected by maintainers and can thus be updated by anybody *without* providing us with some useful information in our log files) [ Personal opinion mode - ON ] We probably need another authentication mechanism to make this secure enough, the mechanism is just too powerful for the old authentication methods. [ Personal opinion mode - OFF] Kind regards, David K.
[ db-wg Archives ]