Chairs, According to the process document linked to by Piotr, you are supposed to respond to NWI requests with either «yes» or «no». More than a month has elapsed since I requested the NWI and the last message was posted to this thread. When should I expect your answer? Tore * Tore Anderson via db-wg
* Piotr Strzyzewski via db-wg
Look at this page https://www.ripe.net/manage-ips-and-asns/db/numbered-work-items and start new NWI.
Thanks for the pointer!
Chairs (cc-ed), could we have an NWI for this?
Rough problem statement for the kickstart phase follows:
There is currently no way to automatically sync the «auth: SSO x@y» attributes for a maintainer object with the list of (non-billing) users associated with an LIR.
This leads to duplication of work (adding/removing newly hired/departed LIR administrators in two places).
Additionally, this increases the risk of unauthorised access, e.g., if an administrator has left an LIR but was only removed from the LIR portal, he might inappropriately retain access to manage database objects for the LIR in question.
It is therefore desirable to have a method to protect RIPE database objects so that they can be maintained by the list of (non-billing) user accounts currently associated with a specific LIR at any given time. That is, when a RIPE NCC Access account is removed from the LIR's user list, the database maintainer access should be automatically revoked for that account as well.
Tore