Ok. Denis, So we've to return back in the task. Until we can get the appropriate authorization, we cannot publish any personal data. We need not to stop people to write into the database, even if this is not safe, but we do_need to stop people to read from the database what (any data) not properly authorized. cheers Manfredo
I agree that this is not safe from a data protection point of view. But this is not a 'hole'. This is fundamental to the way the RIPE Database was designed. It was built as an open, public database. Anyone can read it, anyone can write to it. To change that would require a major re-design.
A work around will be in a later proposal on the regular cleanup process. We can't stop anyone from entering data into the database, but we can remove inappropriate data. My idea is to look for clusters of objects (person, role, mntner, key-cert, organisation) which form a self referencing group and have no connection to any operational data (like inetnum, route, etc). When such a cluster is recognised, delete the whole cluster of objects. This is possible, but also technically very difficult. It is outside the scope of the current set of proposals, but we do need to consider this as a follow on.
cheers denis
We have no contract with such a
student. In that case a clause in the database T&C requiring consent would cover it.
We also have lots of PI space holders who have no contract with the RIPE
Yes, correct. This is another issue. We should obtain the
authorization
from the owner of the space. Or what else ?
cheers Manfredo
Si precisa che le informazioni contenute in questo messaggio sono riservate e ad uso esclusivo del destinatario. Qualora il presente messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo ed a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie.
You are hereby informed that this message contains confidential informations intended for the addressee's use only. If yu're not the addressee and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you.
Si precisa che le informazioni contenute in questo messaggio sono riservate e ad uso esclusivo del destinatario. Qualora il presente messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo ed a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. You are hereby informed that this message contains confidential informations intended for the addressee's use only. If yu're not the addressee and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you.