[db-wg] Foreign ROUTE objects in RIPE Database - final decision?
Job Snijders job at instituut.net
Wed Oct 11 12:17:48 CEST 2017
On Tue, Oct 10, 2017 at 4:17 PM, Nick Hilliard via db-wg <db-wg at ripe.net> wrote: > ---------- Forwarded message ---------- > From: Nick Hilliard <nick at foobar.org> > To: Randy Bush <randy at psg.com> > Cc: Database WG <db-wg at ripe.net> > Date: Tue, 10 Oct 2017 15:16:41 +0100 > Subject: Re: [db-wg] Foreign ROUTE objects in RIPE Database - final decision? > Randy Bush via db-wg wrote: >>> > Question - Should the RIPE Database allow creation of ROUTE objects >>> > for non RIPE resources? >> >> yes > > then how can we use the traditional irrdb to distinguish between address > blocks which have been authenticated by the ripe ncc and those which > have not. > > Nick I think this touches upon an incredibly important question: how do we distinguish between garbage and properly authenticated "route:" objects covering RIPE-managed space? It seems it would be low hanging fruit to use the "source:" tag to distinguish between objects that are authenticated and non-authenticated by using "source: RIPE" and "source: RIPE-NONAUTH". The above described small step bridges the needs to many who expressed opposing views in this thread: some want to be able to register anything in the RIPE DB and some want it to be pristine and purge all non-RIPE-managed space from the IRR DB. By decorating the two types of data with the appropriate "source:" attribute I think we are meeting in the middle. By using a different "source:" attribute for RIPE vs non-RIPE space it becomes easier for operators to cherry pick which data they want to use in the creation of their routing security filters. Should the group decide to proceed with option A or C (between which I don't see a difference), at the very least it should be visible to my tooling which objects represent what type of data. Kind regards, Job
[ db-wg Archives ]