Hi Sascha On 04/11/2015 19:42, Sascha Luck [ml] wrote:
On Wed, Nov 04, 2015 at 06:17:10PM +0100, denis wrote:
My main point was the chain of trust for resource holders and resource managers. Also being contactable does not mean personal contact data must be displayed to the public. There are many ways to be contactable. But few people are even willing to discuss possibilities when it comes to changing the data model.
Maybe because it has served us reasonably well over the years, it's a massive effort to completely change it and it's still a damn sight better than most other RIRs' databases.
OK lets cut to the main point as all other issues hang off this one. "Reasonably" and "massive effort" are the key phrases here. Yes it is a massive effort for a major change to the data model, but maybe once every 15 years is worth the effort. The last time the data model was significantly changed was the implementation of RPSL in 2001. It has served very well over the years but it does have limitations now. This is a database. You put stuff in and get stuff out. When you need a full day course to learn the basics of putting stuff in, it shouts there is a problem. You talk about privacy and this whole thread is about making lots of personal data public and how many over engineered processes can be put in place to the detriment of all the good folk to trip up a few of the bad folk. This again shouts it is time for a step back and rethink the way contact data is used, by whom and for what reason and who can be trusted for what. Personalised auth was just one of my many ideas for a rethink of the data model and the only one that made it to the mainstream agenda, albeit watered down. You mentioned privacy and protection of personal data in the database. Lets add to that security of data. Why does anyone need to see your MNTNER object. Why does anyone need to know who maintains your data, who can create your customer data, who gets notified of changes, etc. Another of my ignored proposals was to completely separate the operational data from the data needed to maintain the operational data. In other words the MNTNER objects and related PERSON and ROLE objects and all details of notifications and references to "mnt-by:", "mnt-lower:", etc. All this maintenance data is your business and no one elses. If they are separated all the maintenance info can be private and only available to you from your user account. Now to do this also depends on another of my ignored ideas to use inheritance in the database to massively reduce the amount of duplicated data and rely more on the organisation centric model (another ignored idea) with more fixed, inherited data contained in, or linked to, the ORGANISATION object. As with the "abuse-c:". Almost 4 million INETNUM objects with tens of thousands containing identical data except for prefix and description. That is just crazy. But the original design did not consider this amount of growth. Seriously, with a review of the data model we can end up with: -a lot less personal data in the database -contact data more relevant to the purpose -relevant contacts only visible to the groups of people who need it -chain of trust in organisations who manage the data -verification done closer to the data source -more accurate and more trusted and better protected contact data In terms of the way this discussion thread has gone this must be a win, win, win situation. All I am suggesting is this discussion hits the mainstream agenda for the RIPE Database and lets see what possibilities exist. cheers denis
rgds, Sascha Luck