This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
- Previous message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
- Next message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Job Snijders
job at sobornost.net
Sun Nov 20 14:07:37 CET 2022
Dear Denis, others, (still talking in person capacity) On Sat, Nov 19, 2022 at 04:00:23PM +0100, denis walker wrote: > To assist the RIPE NCC with their impact analysis can we be clear on > how you want to change the syntax. My understanding is you want rules > along these lines: > > -An AS-SET name must be hierarchical > -There must be at least one colon (:) character in the name > -The first element of the name must be an ASN Yes to the above. > -The second element of the name must be an AS-SET name starting with 'AS-' The rules for what constitute valid AS-SET names are specified in RFC2622 section 5: https://www.rfc-editor.org/rfc/rfc2622#section-5 """ Set names can also be hierarchical. A hierarchical set name is a sequence of set names and AS numbers separated by colons ":". At least one component of such a name must be an actual set name (i.e. start with one of the prefixes above). All the set name components of an hierarchical name has to be of the same type. For example, the following names are valid: AS1:AS-CUSTOMERS, AS1:RS-EXPORT:AS2, RS- EXCEPTIONS:RS-BOGUS. """ I'd argue that the rules for what constitute valid hierarchical names should not be changed; so the second component of the name doesn't need to start with 'AS-'. > -Any further elements can be either ASNs or AS-SET names > -Any other existing syntax rules that don't conflict with this change > -These rules to only apply to creating new AS-SET objects > -Existing non-hierarchical AS-SET objects can still be updated Aye. > This discussion has focused on the AS-SET object and the authorisation > problems they can cause. Should we make this change to all set object > types? To avoid scope creep I'd exclusively focus on AS-SET objects for now, because that's the object type for which operational issues were reported in recent weeks. Kind regards, Job
- Previous message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
- Next message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]