My Favourites
opensubscriber
   Find in this group all groups
Home     Log In     Sign Up     FAQ    
 
Unknown more information…
d : db-wg@ripe.net 23 February 2012 • 12:03AM -0500

Re: [db-wg] Plain text passwords in email updates
by Denis Walker

REPLY TO AUTHOR
 
REPLY TO GROUP



HI Shane

I pulled out some more stats along the lines of what you asked for
below. They are published on RIPE Labs:
https://labs.ripe.net/Members/denis/update-statistics-for-the-ripe-database

cheers
denis


On 15/02/12:8 7:29 PM, Shane Kerr wrote:
> Denis,
>
> On Wednesday, 2012-02-15 15:28:24 +0100,
> Denis Walker <denis@ripe...> wrote:
>>
>>
>> On 15/02/12:8 2:29 PM, Nick Hilliard wrote:
>>> On 15/02/2012 13:15, Denis Walker wrote:
>>>> Some ideas that have been suggested during discussions in the past
>>>> are to disallow the use of passwords in email updates and also the
>>>> option to drop email updates completely.
>>>
>>> Denis,
>>>
>>> Do you have statistics on approx. how many objects are updated per
>>> day using each methods: web interface, email, syncupdates and the
>>> RESTful API?
>>>
>>> Nick
>>>
>>>
>>
>> Hi Nick
>>
>> Here are some quick stats for this year showing the ration of mail to
>> other from the update logs. To identify the difference between
>> Webupdates, Syncupdates and API would take quite a bit more work
>> digging into all the apache web logs.
>
> So, to summarize the table, 85.4% of updates come through syncupdates,
> and the rest come through mail.
>
> That's an interesting statistic, but doesn't give us a full picture. We
> expect that heavy database users will prefer syncupdates, so the heavy
> preference for syncupdates is hardly surprising.
>
> I think what is important is to know how many maintainers use each type
> of authentication.
>
> So, of the 470k or so updates in a month, how many maintainers does
> that represent, and which authentication methods are used? For example,
> it could be that 5 big ISPs are responsible for 370k updates per month
> (who use syncupdates), but that the remaining 100k updates are made by
> 4000 different maintainers, most of which use email and passwords.
>
> Of course we can equally find that only a very few maintainers use
> e-mail (perhaps big ISPs which automated their setup many years ago and
> have just kept it because it works).
>
> My €0,02...
>
> --
> Shane
>

Bookmark with:

Delicious   Digg   reddit   Facebook   StumbleUpon

Related Messages

opensubscriber is not affiliated with the authors of this message nor responsible for its content.
© opensubscriber 2010
All rights reserved.

Alternate link - Alternate link