[address-policy-wg] Cleaning up Unused AS Numbers

Hi,

So why don't do some "hidden" flag part of asnum object?

Let say that, end user (MNT) would be able to indicate that ASN should be 
hidden from the BGP and provide remarks for a reason (IXP or whatever) - 
mandatory. If such ASN would be observed in the BGP, the hidden flag would be 
unset and LIR/holder would be notified.

When there would be the ASN which would not be seen for more that 3 months and 
would have the "hidden" flag unset, the deregistation process (as in proposal - 
ask, wait, deregister) could be started.

The holders of "hidden" ASNs could be then asked about their need of such ASN 
with longer period and also be notified when the ASN emerges somewhere when it 
shouldn't.

This would address issues of:
- Inactive holder: Requires action to set ASN as hidden
- Hijack: When so, holder would get notified (after hijack ends the ASN would 
expire if holder doesn't exist anymore)
- Provides mandatory feedback by remarks of reason why it is not announced
- Provide a way how to prolongate period of asking if the ASN is needed by 
adding other means then pooling
- Maybe provide yet another way of filtering of BGP path (hidden ASN should not 
be present there), however for such use it would had to become some kind of 
standard across RIRs

It might bring issue of intentional attack on such flag by announcing such ASN 
and trigger the timer. There should be some period for which the ASN should be 
observed in BGP to trigger the process to partially mitigate such vector of 
attack and possible mishaps.

Best Regards
Martin Hunek


Dne čtvrtek 23. března 2017 17:35:19 CET, Gert Doering napsal(a):
> Hi,
> 
> On Thu, Mar 23, 2017 at 02:53:27PM +0000, fransossen at yahoo.com wrote:
> > In the internal processing side, will the RIPE NCC flag the ASNs that are
> > justifiably not publicly visible. So that they don't get asked the same
> > question every couple of months?
> Well, if they keep being not publically visible, maybe they *should*
> be asked regularily if they are *still* in use?
> 
> For the same reason we're asking today - setups have changed, people
> and companies cease to exist, stuff starts being no longer used.
> 
> (I wouldn't ask "every couple of months", though, maybe "every few
> years" - but that's for the community to decide, in the end)
> 
> Gert Doering
>         -- APWG chair

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: </ripe/mail/archives/address-policy-wg/attachments/20170323/85e53a17/attachment.sig>