* Aleksi Suhonen > On 03/12/2018 10:35, Tore Anderson via db-wg wrote: >> So I was thinking: is this mandatory and error-prone duplication of work >> really necessary? Wouldn't it be possible to instead have some kind of >> magic mntner object that is is kept automatically up to date with «auth: >> SSO»-attributes for all the LIR user accounts? > > I second this idea. Perhaps this should be a different object type tho, to > make it clear that editing the magic maintainer by hand will have undesired > results. It should be interchangeable with normal maintainers of course, a > bit like person objects and role objects are.
Or maybe just expand the existing SSO attribute to accept a RegID. For example: mntner: FOOBAR-MNT auth: SSO no.foobar Which would allow maintenance by all registered user accounts in LIR no.foobar (except for accounts with the «billing» privilege level). > Do you want someone to co-author a PDP on this? I was hoping that a PDP wouldn't be necessary, to be honest. That is, if the NCC thought it was a good idea they could just go ahead and implement it. (If I recall correctly, the «auth: SSO» functionality was added without there being a community policy demanding it.) That said, if you want to write a proposal to this effect I'd be happy to put my name on it. Tore
