<html> <head> <meta content="text/html; charset=windows-1252" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <br> <br> <div class="moz-cite-prefix">On 15/05/15 09:27, Tim Bruijnzeels wrote:<br> </div> <blockquote cite="mid:66A34212-F666-4C9A-8C3E-546032855D7A@ripe.net" type="cite"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> Dear working group, <div class=""><br class=""> </div> <div class="">Yesterday during the WG session we presented a proposal for implementing personalised authorisation:</div> <div class=""><a moz-do-not-send="true" href="https://ripe70.ripe.net/wp-content/uploads/presentations/165-ripe70-pers-auth.pdf" class="">https://ripe70.ripe.net/wp-content/uploads/presentations/165-ripe70-pers-auth.pdf</a></div> <div class=""><a moz-do-not-send="true" href="https://ripe70.ripe.net/archives/video/123" class="">https://ripe70.ripe.net/archives/video/123</a></div> <div class=""><br class=""> </div> <div class="">As recorded in the first cut of the minutes:</div> <blockquote type="cite" class=""> <div class=""> <div class="">D. Personalised authentication (Tim Bruijnzeels, RIPE NCC)</div> <div class="">� (See presentation)</div> <div class="">� This will allow one click creation of person objects</div> <div class="">� Maintain credentials in one place.</div> <div class="">� Allow better auditing.</div> <div class="">� Done by extending person object to have multiple optional auth: attribute</div> <div class="">� This will ultimately allow existing auth: sso references to be cleaned up</div> <div class="">� Last auth: attribute should not be removed from a person object that is used in an authorisation context.</div> </div> </blockquote> <div class=""><br class=""> </div> <br> </blockquote> Of course, those of us with long memories remember the move of authentication from persons to maintainers. Plus ca change....<br> <br> Nigel<br> </body> </html>