In message <CAKw1M3O2SmQLFQtnD=y+cypFjzV2G=OagAszRuysbXsV987k9w@mail.gmail.com>, =?UTF-8?Q?Cynthia_Revstr=C3=B6m?= <me@cynthia.re> wrote:
I mainly wanted to give my initial take on the AS origin status part which is in short: I don't think we should clean up based on origin AS. This is as you do not need any technical authorization from the AS holder
I'm not sure what "technical authorization from the AS holder" has to do with this. BY DEFINITION, a route object that exists currently in the data base and that makes reference to a bogon AS number -does not- have any kind of authorization from the "AS holder" because -nobody- has been assigned that ASN.
Additionally, I don't think this is validated in RIPE AUTH, but I could be wrong on that part.
It is clear to me, based on my analysis so far, that nobody has -ever- been verifying that any of the AS numbers mentioned in *any* route(6) objects are non-bogus. This seems to be true in the case of -both- the regular data base and also within the NONAUTH data base.
I might have a different opinion if it is a huge amount of objects that could be cleaned up...
As I previously noted, there currently exist on the order of about 80+ route objects within the regular data base that make reference to bogon AS numbers. Within the NONAUTH data base, there are on the order of over 1,500+ of these. So far, in my limited inspection of these, the vast majority of all of these objects appear to be long-abandoned relics of an earlier age. Some were even likely abandoned 20+ years ago, and they have just been sitting and languishing in the data base, just waiting for some clever miscreant to come along and start making massive mischief with them.
Summary: I don't think it is a good idea unless it is either a very large amount of objects...
It is a substantial amount of objects, and it can be easily verified that the overwheling majority of these rout objects DO NOT correspond to any actual routing that is actually occurring on the Internet here in the year 2021. (I believe that some of the route(6) object in question even refer to AS numbers that are, and that always have been, "reserved" AS numbers, based upon long-established RFCs.)
... or there is another good reason to do so.
It has been my long experience, especially over that past 20 years, that there is essentially nothing that exists on or in relation to the Internet that creative miscreants will not find a way to treat as if it were an unattended bicycle. They routinely squat on stolen and/or unassigned "bogon" IP address space, and also and likewise, they routinely make use of stolen and/or abandoned AS numbers. The existance, in the data base, of route objects that refer to bogon AS numbers represents a kind of invitation to such miscreants... enticing them to engage in untoward funny business and in a way that could not then easily be attributed (since nobody "owns" the AS numbers in question). The bottom line is that if it was wise to remove route(6) objects from the data base that made reference to unassigned IP address blocks... and I believe that it most certainly was... then buy the exact same logic it is also wise to remove from the data base all route(6) objecct that refer to bogon ASNs. The reasoning, the rationale, and the logic is the same in both cases. Regards, rfg