This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
- Previous message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
- Next message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
denis walker
ripedenis at gmail.com
Sat Nov 19 16:00:23 CET 2022
Colleagues I know it is a weekend but there does seem to be some urgency on this matter. The chairs have been following this discussion and have a couple of questions before we move on. The chairs believe we can consider this to be a feature request for the RIPE Database and handle it through the Numbered Work Item (NWI) mechanism. This will address the matter much faster, unless anyone believes it should be based on a formal policy. To assist the RIPE NCC with their impact analysis can we be clear on how you want to change the syntax. My understanding is you want rules along these lines: -An AS-SET name must be hierarchical -There must be at least one colon (:) character in the name -The first element of the name must be an ASN -The second element of the name must be an AS-SET name starting with 'AS-' -Any further elements can be either ASNs or AS-SET names -Any other existing syntax rules that don't conflict with this change -These rules to only apply to creating new AS-SET objects -Existing non-hierarchical AS-SET objects can still be updated This discussion has focused on the AS-SET object and the authorisation problems they can cause. Should we make this change to all set object types? The benefits of doing this include: -Consistent rules applied to all set object types -Accountability for all (new) set objects in the database -Close the one exception where anyone can create a cluster of objects in the database and link them to a (operationally empty) set object to protect them from automated deletion -Objects can then only be created in the database by holders of Internet resources or more specifics If we apply it to all set objects then my original question still stands, is there any legitimate reason for someone to create any set object if they don't hold an ASN resource? If we can address these issues then the chairs can move this process on quickly at the start of next week. cheers denis co-chair DB-WG
- Previous message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
- Next message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]