On 14/11/14 20:21, Job Snijders wrote:
If we implement such a RIPE-NONAUTH source, I'd expect a query structered like this:
$ whois -h whois.ripe.net -- "-K -s RIPE -Troute 210.57.192.0/20"
to return "%ERROR:101: no entries found".
Maybe another way of phrasing the feature request: anything created due to authorisation against the RIPE-NCC-RPSL-MNT object will have "source: RIPE-NONAUTH" set, instead "source: RIPE”.? Job, the query you have outlined is very similar to the queries that IRRToolset sends. Doing that will basically result in a much smaller filter list which some providers might not even notice (depending on filtering strategy). This eventually might result in a less “secure” (for a lack of better word) routing table. I'm sorry, I don't understand what you mean with less "secure" routing
On Fri, Nov 14, 2014 at 10:10:58AM -1000, Kaveh Ranjbar wrote: table in this context. Can you elaborate? Or maybe give an (hypothetical) example?
I'm not sure but this sounds like Kaveh thinks that ISPs perform negative filtering whereas, at least in my experience they perform positive filtering, which will be made *more* secure. Of course I may be completely off beam Nigel