<<< Chronological Index >>>    <<< Thread Index >>>

Re: Access to RIPE-TT data from third parties (fwd)


Elo.

> From our side, there is one other requirement: the scheme 
> must still be
> maintainable, we do not want to spend our days adding and resetting
> passwords.  Ana, our new network engineer, is currently looking at the
> best way to implement this.

OK. I met with Mal this afternoon to see what he's done about a similar
thing (secure web stuff where LIRs can log in and add new contacts etc..).
We'd have a bit more to keep in mind than he does as there are those 
ttxy directories.

He's done something very similar. The only difference being that he's
storing crypt passwords in plain text files, which is not as efficient
in perl (as storing them in dbm files) (code efficient). 

Another thing he suggested was to put all functions into one file (e.g.
add, modify, delete) rather than having them separately. But I originally
had that in mind anyway. It just means less duplicated code. 

Of course, I can think of more secure ways of doing this, but it doesn't
seem necessary, according to what was said in earlier discussions.

This seems sufficient, but I'm open for criticism and comments. Does 
anyone have any or should we give this a go? 


ana.

-- 
~
~ Oh hello, Mr. Soul, I dropped by to pick up a reason; 
~ NY





<<< Chronological Index >>>    <<< Thread Index >>>