[DBWG] DBWG-2: proposal to auto-generate contents of the mandatory "changed" field in db objects.

Ben Maddison benm at workonline.africa
Wed Aug 5 11:34:06 UTC 2020

Thanks for the feedback Michel.

On 08/05, Frank Habicht wrote:

> Hi all,


> I'm not wearing a hat.


> On 05/08/2020 12:08, Michel ODOU wrote:

> > Hi Ben,

> >

> > On 04/08/2020 23:38, Ben Maddison wrote:

> >>

> >> Couple of questions, so help me formulate how we might do that:

> >>

> >> - Are there currently any objects of types other than role or person

> >> that have no mnt-by:?

> >

> > We have 1,106 domain objects that do not have a mnt-by attribute.


> my personal (non-chair) opinion is that this is dangerous.

> Can we get consensus that this should not be allowed?


Err, yeah!

> I believe all creations and updates of domain objects should enforce

> that there is a mnt-by.

I wouldn't limit this only to domain objects.

> I volunteer to demonstrate to holders of these objects that it is a BAD

> idea to not have a mnt-by. [and i guess i'm not alone ;-)]


I don't believe it is up to you (us) to demonstrate this.
What we need is agreement that this should be fixed, and a
minimally-breaking plan to do so.


> >> - Are there any person objects with my.afrinic access that have no

> >> mnt-by?

> >

> > Yes, we have 4 person objects without any mnt-by attribute that have

> > access to MyAfrinic. 3 of them are related to existing and active

> > organisations with various roles (general, admin, tech, billing and abuse).

> >

> > A small note: when we released the WHOIS 2.3 in September 2017 (and not

> > beginning of 2017, which was wrong), we used a script that created a

> > maintainer for all the existing person and role objects that had no mnt-by.

> >

> > This means that following that migration procedure, all the person and

> > role objects in our WHOIS database had a maintainer.


> From below I understand that there was no enforcement that later

> creations/updates also had maintainers for these objects, correct?


This seems weird to me.
Why go to the trouble of back-filling those attributes, if they were not
going to become mandatory?
Just an oversight?

> > Today, we have a total of 9 person objects in the WHOIS database without

> > a mnt-by attribute. After a quick look at the logs, I can confirm that

> > all these objects had a mnt-by attribute at some point in the past

> > (either a "normal" maintainer or an automatically generated one). These

> > objects are not protected because their owners removed the mnt-by on

> > purpose.


> I don't seem to understand possible reasons for that.

> Is anyone able to share reasoning for removing maintainers from person

> objects (or role objects)?


My guess would be accident: people submit updates omitting mnt-by: and
the auto-dbm happily gobbles them up.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.afrinic.net/pipermail/dbwg/attachments/20200805/3b5ba4ae/attachment.sig>

More information about the DBWG mailing list