[db-wg] Updating maintainer objects with filtered auth lines
- Previous message (by thread): [db-wg] Updating maintainer objects with filtered auth lines
- Next message (by thread): [db-wg] Updating maintainer objects with filtered auth lines
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Daniel Stolpe
stolpe at resilans.se
Thu Aug 20 14:20:22 CEST 2015
Hi Elvis, Yes I know. But in this case I did not know the password. Maybe that is an anomaly but we see it now and then, usually when there are more than one party "sharing" a maintainer. One could argue that if you hire external people to maintain your RIPE data you should add their maintainer but that means a whole lot of updating. It is much easier to add an extra auth line to the current maintainer. Cheers, Daniel On Thu, 20 Aug 2015, Elvis Daniel Velea wrote: > Hi Daniel, > > if you know the password or authenticate with the SSO, you can find the full > object in webupdates: > https://apps.db.ripe.net/webupdates/enter-password.html > > cheers, > elvis > > On 20/08/15 14:43, Daniel Stolpe wrote: >> >> I just had a very specific experience but this is a general problem. >> >> What I wanted to do was update a maintainer object in the database. No >> problems since I was authorized via a PGP key. The problem was that one of >> the lines looked like: >> >> auth: MD5-PW # Filtered >> >> And although I have no personal use for the md5 hash I did not want to >> disturb users who might have. I asked the NCC for advice and the answers >> were like "if you have an access account" (yes) you can add a line "auth: >> SSO xxxx at xxxx.xx" (yes). Still not a solution to my problem since adding >> the SSO line would just break the md5 anyway. >> >> The solution this time was that I eventually found a local copy of the >> object with the md5 hash unfiltered. >> >> I know the md5 hashes are a security problem and I do not recommend anyone >> using them but as long as they are there the filtering causes trouble. And >> by the way, we now see a lot of >> >> auth: SSO # Filtered >> >> What I am looking for is a way to retrieve the whole unfiltered object for >> anyone authorized, or, at least, a possibility to updated the object >> without touching the filtered lines. >> >> >> Maybe you could send a PGP signed request, not for updating but just for >> viewing the complete object? >> >> >> Best Regards, >> >> Daniel Stolpe _________________________________________________________________________________ Daniel Stolpe Tel: 08 - 688 11 81 stolpe at resilans.se Resilans AB Fax: 08 - 55 00 21 63 http://www.resilans.se/ Box 45 094 556741-1193 104 30 Stockholm
- Previous message (by thread): [db-wg] Updating maintainer objects with filtered auth lines
- Next message (by thread): [db-wg] Updating maintainer objects with filtered auth lines
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]