* Aleksi Suhonen
On 03/12/2018 10:35, Tore Anderson via db-wg wrote:
So I was thinking: is this mandatory and error-prone duplication of work really necessary? Wouldn't it be possible to instead have some kind of magic mntner object that is is kept automatically up to date with «auth: SSO»-attributes for all the LIR user accounts?
I second this idea. Perhaps this should be a different object type tho, to make it clear that editing the magic maintainer by hand will have undesired results. It should be interchangeable with normal maintainers of course, a bit like person objects and role objects are.
Or maybe just expand the existing SSO attribute to accept a RegID. For example: mntner: FOOBAR-MNT auth: SSO no.foobar Which would allow maintenance by all registered user accounts in LIR no.foobar (except for accounts with the «billing» privilege level).
Do you want someone to co-author a PDP on this?
I was hoping that a PDP wouldn't be necessary, to be honest. That is, if the NCC thought it was a good idea they could just go ahead and implement it. (If I recall correctly, the «auth: SSO» functionality was added without there being a community policy demanding it.) That said, if you want to write a proposal to this effect I'd be happy to put my name on it. Tore