This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
- Previous message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
- Next message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
denis walker
ripedenis at gmail.com
Tue Nov 29 14:00:38 CET 2022
Colleagues Any thoughts on these 'RIPE-NONAUTH' objects? On Tue, 22 Nov 2022 at 21:17, denis walker <ripedenis at gmail.com> wrote: > > Hi Nick > > On Tue, 22 Nov 2022 at 20:11, Nick Hilliard <nick at foobar.org> wrote: > > > > denis walker via db-wg wrote on 22/11/2022 19:00: > > > Any thoughts on this? There are 2128 AUT-NUM objects with source > > > RIPE-NONAUTH. Do we want these to be able to authorise the creation of > > > hierarchical AS-SET objects when we don't know who maintains the > > > AUT-NUM objects? > > > > I don't see a particular reason to prevent holders of existing NON-AUTH > > ASNs from defining a hierarchical AS-SET object associated with their > > ASN. The as-set object would be no more or less authoritative than the > > aut-num object. > > Then another option could be to only allow such objects to also have > the source NONAUTH > > > These ASNs have 'source: RIPE-NONAUTH' because we don't know who created the AUT-NUM objects or who now maintains them in the RIPE Database. They were created when anyone could create an AUT-NUM object in the RIPE Database for non RIPE issued ASNs. Authorisation was bypassed to allow them to be created. The 'NONAUTH' tag makes it clear they are not authoritative. Consumers of this data can then make an informed decision about whether or not they trust these objects. If we allow these objects to authorise hierarchical AS-SET objects with 'source: RIPE' we have in effect turned non authoritative data back into authoritative data. If we give the related AS-SET objects 'source: RIPE-NONAUTH' we make it clear that these objects are also not authoritative. Consumers of the data should make their own informed decisions about the content of these AS-SET objects. cheers denis co-chair DB-WG -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/db-wg/attachments/20221129/4fc5d143/attachment.html>
- Previous message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
- Next message (by thread): [db-wg] proposal: disallow creation of new non-hierarchically named AS-SET objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]