From that point this handle must be included in any updates made to
Folks, Please find below the draft document to implement RIPE handles in the RIPE database. Please read it carefully, since it will impact registration of people. Current timescales: from draft to official document: Dec 13th (1 week from now) implementation: Dec 20th (2 weeks from now) Comments please. -Marten Internet Handles and the RIPE Database Daniel Karrenberg Marten Terpstra Document ID: ripe-nh ABSTRACT This document describes the need for unique iden- tifiers for Persons and the way they are assigned and used in the RIPE database. Why Internet Handles Like other registry databases the RIPE Network Management Database [ripe-013] stores information about contact persons for various other object types stored in the database such as network numbers, DNS domains and autonomous systems. Data about each contact person is stored in a "person" object which in turn is referenced by the other objects. This way data about a real person is stored only in one place, the person object. This has the advantage that any necessary changes need to be done only in one place rather than in each object the person is a contact for. Originally each person was uniquely identified by their full name and references were implemented by storing the full person name in the contact attributes of other objects. A side effect of this was that the database could not store more than one person with the same full name. When this ("John Smith") problem became an issue another attribute was needed to disambiguate persons with the same name. Since the InterNIC was already using a "NIC Handle" scheme and it was hoped to unify the registry databases quickly these handles were used. NIC handles are unique identifiers consisting of two or three aphabetic cahracters and a serial number. A "nic-hdl" attribute was added to the person object. If present this "nic-hdl" is now used together with the "person" attribute to uniquely identify a person. The value of nic-hdl is a search key for the database and can be used to reference a contact person in the contact attributes of other objects. A side effect of this is that all persons needing a handle to ripe-nh.txt - 2 - disambiguate them from another person need to be in the InterNIC database in order to obtain a NIC handle. This was not considered a problem because quick unification of the databases was expected quickly. As it turns out the assignment of globally unique handles from a single number space is not likely to be feasible. Therefore there is a need for more local assignment of unique handles. These handles will also be used in the database exchange between regional regis- tries. The regional registries agreed to create separate handle spaces by appending a suffix identifying the registry to handles creating a unique Internet handle. This document describes the procedures to implement this in the European Regional Internet Registry. RIPE Handle Internet handles issued by the RIPE NCC are called RIPE handles. The purpose of a RIPE handle is to uniquely identify a person in the RIPE network management database and other related databases that choose to use it. A RIPE handle is a string of 2-3 letters immediately followed by a serial number without leading 0s followd by the string "-RIPE". Legal RIPE handles are: AB1-RIPE AXA123-RIPE XYZ99-RIPE Normally the letters are chosen to be the initials of the person. The -RIPE suffix is used to disctinguish RIPE-handles from Internet handles issued by other registries. Internet handles issued by the InterNIC in the RIPE database will be suffixed by the string "-INIC" to distinguish them from other handles. All persons in the RIPE database must have an Internet handle. Every person in any of the databases keeping contact information should only use Internet handle. Assignment RIPE handles are assigned by sending a person object to the normal update address <auto-dbm@ripe.net> with "nic-hdl" value of "assign". The update process will then generate a unique handle, insert the person object with the new handle in the database and report back the handle. In case there already are persons with the same full name in the database the update process will include them in the ripe-nh.txt - 3 - report so that the user can check whether he inadvertently created a duplicate person object. Users wishing to obtain a specific RIPE handle (vanity handle) can request that by specifying it after the "assign" string, e.g. "assign JB007-RIPE". If the handle in question is available it will be assigned. It should be noted that the RIPE NCC only issues RIPE handles and not other Internet handles. Usage The primary use of RIPE handles is to reference a specific person in the RIPE database, either in another object or a database query. Contact attributes can have the following types of values: John E. Doe full name not recommended AXA123-RIPE Internet Handle John E. Doe (JED12) full name (handle) recommended Wherever possible the use of full names on their own should be dis- continued. These references can become ambiguous unnoticedly at any time by another person with the same name being registered. The handle plus full name syntax is recommended because it makes it possible to detect typing errors in handles. Handles can also be used when querying the RIPE whois server. Matches will occur for either the full handle (AXA123-RIPE) or just the part before the suffix (AXA123). In the latter case all persons in the queried databases with a handle starting in AXA123 will match. Transition For the database exchange with the InterNIC it is neccessary for each person in the RIPE database to have a unique Internet handle. Therefore the NCC will assign a RIPE handle to each person without a NIC handle in the database on the 20th of December 1993. that person entry. The handle should be used in all references to a person in other database object. For the conversion of local databases the RIPE NCC will provide local registries and other interested parties with a tool which adds ripe-nh.txt - 4 - RIPE handles to persons in database objects. The tool will accept RIPE database formatted input files without syntax checking and will output the file unchanged but with handles added. The tool queries the RIPE database and can thus be run only after handles have been added to the RIPE database. Becuause there is no syntax checking the tool should work for databases with local attributes or objects as long as they adhere to the general RIPE database format. ripe-nh.txt
Please find below the draft document to implement RIPE handles in the RIPE database. Please read it carefully, since it will impact registration of people. Current timescales: from draft to official document: Dec 13th (1 week from now) implementation: Dec 20th (2 weeks from now) The latter is fine IFF it doesn't imply that from Dec 20 on the RIPE handle field is mandatory. Otherwise it's the worst time for introducing such a change and you should really postpone it to early January. Piet
Marten and Daniel thanks for the draft of ripe-nh. The document is, as usual, well written and easy to understand - even by me ;-) The assignment and transition procedures also look good - well done! I've spotted a few typos and suggested some minor textual changes as follows: ---------------------------------------8<---------------------------
Why Internet Handles
Like other registry databases the RIPE Network Management Database
add a comma ----> ,
[ripe-013] stores information about contact persons for various other object types stored in the database such as network numbers, DNS domains and autonomous systems.
Data about each contact person is stored in a "person" object which in turn is referenced by the other objects. This way data about a real person is stored only in one place, the person object. This ... is stored in only one place ... has the advantage that any necessary changes need to be done only in one place rather than in each object the person is a contact for.
... in each object for which the person is a contact.
Originally each person was uniquely identified by their full name
... by his full name ...
and references were implemented by storing the full person name in the contact attributes of other objects. A side effect of this was *********** not really a side effect, more a consequence.
that the database could not store more than one person with the same full name.
When this ("John Smith") problem became an issue another attribute was needed to disambiguate persons with the same name. Since the
The word "disambiguate is not in my dictionary. Even if it was, it would not be le mot juste, as the root "ambi" means "both" and you really mean "more than one". I suggest "correctly to identify" or some such.
InterNIC was already using a "NIC Handle" scheme and it was hoped to unify the registry databases quickly these handles were used. NIC handles are unique identifiers consisting of two or three aphabetic cahracters and a serial number. A "nic-hdl" attribute was added to the person object. If present this "nic-hdl" is now used together with the "person" attribute to uniquely identify a person. The
... to identify a person uniquely.
value of nic-hdl is a search key for the database and can be used to reference a contact person in the contact attributes of other objects.
A side effect of this is that all persons needing a handle to
Again, is it a side effect or a direct consequence?
disambiguate them from another person need to be in the InterNIC database in order to obtain a NIC handle. This was not considered a problem because quick unification of the databases was expected
delete ---> *****
quickly.
As it turns out the assignment of globally unique handles from a single number space is not likely to be feasible. Therefore there is a need for more local assignment of unique handles. These handles will also be used in the database exchange between regional regis- tries.
The regional registries agreed to create separate handle spaces by appending a suffix identifying the registry to handles creating a unique Internet handle.
This document describes the procedures to implement this in the European Regional Internet Registry.
RIPE Handle
Internet handles issued by the RIPE NCC are called RIPE handles. The purpose of a RIPE handle is to uniquely identify a person in the
Again, a split infinitive; try "to identify a person uniquely."
RIPE network management database and other related databases that choose to use it.
A RIPE handle is a string of 2-3 letters immediately followed by a serial number without leading 0s followd by the string "-RIPE". Legal RIPE handles are:
AB1-RIPE AXA123-RIPE XYZ99-RIPE
Normally the letters are chosen to be the initials of the person. The -RIPE suffix is used to disctinguish RIPE-handles from Internet
spelling ---> ************
handles issued by other registries. Internet handles issued by the InterNIC in the RIPE database will be suffixed by the string "-INIC" to distinguish them from other handles.
All persons in the RIPE database must have an Internet handle.
Every person in any of the databases keeping contact information should only use Internet handle.
Assignment
RIPE handles are assigned by sending a person object to the normal update address <auto-dbm@ripe.net> with "nic-hdl" value of "assign". The update process will then generate a unique handle, insert the person object with the new handle in the database and report back the handle. In case there already are persons with the same full name in the database the update process will include them in the report so that the user can check whether he inadvertently created a duplicate person object.
Users wishing to obtain a specific RIPE handle (vanity handle) can request that by specifying it after the "assign" string, e.g. "assign JB007-RIPE". If the handle in question is available it will
** I thought leading zeroes were to be stripped (see under Ripe Handle above)
be assigned.
It should be noted that the RIPE NCC only issues RIPE handles and not other Internet handles.
Usage
The primary use of RIPE handles is to reference a specific person in the RIPE database, either in another object or a database query.
Contact attributes can have the following types of values:
John E. Doe full name not recommended AXA123-RIPE Internet Handle John E. Doe (JED12) full name (handle) recommended
Wherever possible the use of full names on their own should be dis- continued. These references can become ambiguous unnoticedly at any time by another person with the same name being registered.
The handle plus full name syntax is recommended because it makes it possible to detect typing errors in handles.
Handles can also be used when querying the RIPE whois server. Matches will occur for either the full handle (AXA123-RIPE) or just the part before the suffix (AXA123). In the latter case all persons in the queried databases with a handle starting in AXA123 will match.
Transition
For the database exchange with the InterNIC it is neccessary for each person in the RIPE database to have a unique Internet handle. Therefore the NCC will assign a RIPE handle to each person without a NIC handle in the database on the 20th of December 1993.
Will the suffix -INIC be appended to all existing non-null handles at the same time? If so, perhaps say so.
From that point this handle must be included in any updates made to
*
that person entry. The handle should be used in all references to a person in other database object.
For the conversion of local databases the RIPE NCC will provide local registries and other interested parties with a tool which adds RIPE handles to persons in database objects. The tool will accept RIPE database formatted input files without syntax checking and will output the file unchanged but with handles added. The tool queries the RIPE database and can thus be run only after handles have been added to the RIPE database. Becuause there is no syntax checking
spelling ---> ********
the tool should work for databases with local attributes or objects as long as they adhere to the general RIPE database format.
Cheers. Mike
Marten writes:
Please find below the draft document to implement RIPE handles in the RIPE database. Please read it carefully, since it will impact registration of people.
Current timescales:
from draft to official document: Dec 13th (1 week from now) implementation: Dec 20th (2 weeks from now)
Comments please.
I think that starting from this reasoning:
The regional registries agreed to create separate handle spaces by appending a suffix identifying the registry to handles creating a unique Internet handle.
A method should be proposed: - either to further delegate the creation of Internet handles to local registries, in particular to national registries (registry of last resort is the actual name?) - or to differentiate the database management software when it treats actual RIPE database or local registry database. This is needed because local registries often use the RIPE-NCC database software package. Otherwise local registries have two choises: 1- use (develop?) another database software 2- define some trick to postpone the actual registration of a person entry in their local database after they have received the new RIPE handle from RIPE-NCC I think it would be easier and better to define other suffixes which could be used (and accepted by the software). The local registry then simply send person entries which already contain unique handles to the NCC. BTW: Tomorrow is an holiday in Italy, so don't be surprised if I will not comment further until thursday. ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito@nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ----------
- either to further delegate the creation of Internet handles to local registries, in particular to national registries (registry of last resort is the actual name?) To what purpose? What advantage would there be in having to go to a "regional" registry instead of the central RIPE registry? It would probably only add delay. Note that the object we're talking about (Person entries) is linked to several objects (networks, domains, whatever) that are all in the RIPE database. So whereas e.g. a domain or a network number can be registered/assigned uniquely by a "regional" registry, a "binding tag" (which the RIPE handle in fact is) should be assigned by the central body, i.e. RIPE. Otherwise the registration of handles would have to be split up even further, with domain registrars, networks registrars, AS registrars, etc. all assigning their own unique handle, which within seconds would lead to conflicts. - or to differentiate the database management software when it treats actual RIPE database or local registry database. What is "actual RIPE database"? Lots of the info therein is coming from local registries, in whatever format the latter maintain their info/database. This is needed because local registries often use the RIPE-NCC database software package. I fail to see what this has to do with the case. And I don't even know whether your statement is correct: some registries may maintain their database in a "RIPE-like" format without using the RIPE-NCC database software package. Otherwise local registries have two choises: 1- use (develop?) another database software 2- define some trick to postpone the actual registration of a person entry in their local database after they have received the new RIPE handle from RIPE-NCC True, but this looks inevitable to me and it won't be solved by delegating the handle registration to "regional" registries, given the correlation with other objects, as mentioned above. I think it would be easier and better to define other suffixes which could be used (and accepted by the software). The local registry then simply send person entries which already contain unique handles to the NCC. See above: a local registry may generate unique handles, but they don't serve the purpose of uniqueness in the context where that uniqueness is required. Piet
Piet,
What is "actual RIPE database"? Lots of the info therein is coming from local registries, in whatever format the latter maintain their info/database. The actual database is that one with source: RIPE in its etries.
This is needed because local registries often use the RIPE-NCC database software package. I fail to see what this has to do with the case. And I don't even know whether your statement is correct: some registries may maintain their database in a "RIPE-like" format without using the RIPE-NCC database software package.
In this case they do not have problems with the RIPE handle.
I think it would be easier and better to define other suffixes which could be used (and accepted by the software). The local registry then simply send person entries which already contain unique handles to the NCC. See above: a local registry may generate unique handles, but they don't serve the purpose of uniqueness in the context where that uniqueness is required.
If an handle is unique it could be used in many different contexts, i.e. database with source: RIPE and source: SOMETHINGELSE ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito@nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ----------
See above: a local registry may generate unique handles, but they don't serve the purpose of uniqueness in the context where that uniqueness is required. If an handle is unique it could be used in many different contexts, i.e. database with source: RIPE and source: SOMETHINGELSE True, but that would only make the problem worse: then you could have e.g. 10 Person objects which are each unique in their own [source] context but which actually refer to one and the same person. In such a case I'd still prefer to have a specific tag (like a handle) assigned centrally by RIPE even when the source of the object is not RIPE. The problem of delay in registrations by "regional" registries could perhaps be overcome by an automated "handle assignment" service by RIPE, where a handle could be obtained interactively by authorised persons. Piet
bonito@nis.garr.it (Antonio_Blasco Bonito) writes * Marten writes: * > Please find below the draft document to implement RIPE handles in the RIPE * > database. Please read it carefully, since it will impact registration of * > people. * > * > Current timescales: * > * > from draft to official document: Dec 13th (1 week from now) * > implementation: Dec 20th (2 weeks from now) * > * > Comments please. * * I think that starting from this reasoning: * > The regional registries agreed to create separate handle spaces by * > appending a suffix identifying the registry to handles creating a * > unique Internet handle. * * A method should be proposed: * - either to further delegate the creation of Internet handles to local * registries, in particular to national registries (registry of last resort * is the actual name?) Well, we decided NOT to go for this model, since it would probably create more confusion than it would solve. The tricky but here was that we wanted to make things more distributed, without confusing people with regard to nic handles. If there is only a limited set of registries handing out handles, things can be overseen. Having each and every registry assign their own handles with different postfixes is a major pain for us, since we are already dealing with 50+ registries. Try and tell them all to do things right ... We will be the ones chasing after duplicate nic handles, duplicate persons, and more of these .... * - or to differentiate the database management software when it treats * actual RIPE database or local registry database. Well, that is implementation. What I have done in the software to cater for the RIPE handle creation, if added some configuration commands, and the nic handle creation and checks will ONLY be performed if certain variables are defined. In general, none of the local registries using the software will have to do nic handle creation, so by simply not configuring it, they will not see that part of the software .... * This is needed because local registries often use the RIPE-NCC database * software package. * * Otherwise local registries have two choises: * 1- use (develop?) another database software * 2- define some trick to postpone the actual registration of a person entry * in their local database after they have received the new RIPE handle * from RIPE-NCC * * I think it would be easier and better to define other suffixes which * could be used (and accepted by the software). The local registry then * simply send person entries which already contain unique handles to the NCC. It is not that difficult. If the software at the NCC assigns a RIPE handle on request, it will of course report back with the full object, including the newly assigned nic handle. It is not difficult to then forward that to your own software. Therefore I think step 2 is not that difficult ... * * BTW: Tomorrow is an holiday in Italy, so don't be surprised if I will not * comment further until thursday.
Marten wrote:
Well, we decided NOT to go for this model, since it would probably create more confusion than it would solve. The tricky but here was that we wanted to make things more distributed, without confusing people with regard to nic handles. If there is only a limited set of registries handing out handles, things can be overseen. Having each and every registry assign their own handles with different postfixes is a major pain for us, since we are already dealing with 50+ registries. Try and tell them all to do things right ... We will be the ones chasing after duplicate nic handles, duplicate persons, and more of these ....
I can understand these problems, however I'd also like to raise a vote for distributed assignment, preferably by assigned number ranges (with attendant guards on the RIPE DB to automatically check the ranges ?) rather than an ever expanding list of authority prefixes/suffixes. However my reasons are somewhat selfish, as I think it will difficult to fit the process of obtaining a RIPE handle from the NCC (with a possibly quite long delay depending on the network and how well the relevant mail systems are working) into the exisitng automation system I use for the UK registry ! Kevin Hoadley, JIPS NOSC.
participants (5)
-
bonito@nis.garr.it
-
Kevin Hoadley
-
Marten Terpstra
-
Mike Norris
-
Piet Beertema