Re: [db-wg] Foreign ROUTE objects in RIPE Database - final decision?
On Wed, 11 Oct 2017 at 16:52, Sascha Luck [ml] via db-wg <db-wg@ripe.net> wrote:
IMHO, any idea that starts with “Let´s create a central X” is doomed from
On Wed, Oct 11, 2017 at 11:30:06AM -0300, Carlos M. Martinez wrote: the start.
We must think along other lines.
Maybe "central" was the wrong word to use. Think a DB that every RIR provides a copy of and authenticates the bits that "belong" to it. This would even be necessary to avoid compromise. One could pick the copy to use for filter generation or even query them all and implement a majority decision if there are discrepancies. Of course it would require all RIRs to use the same RPSL format but that appears more of a political than a technical problem.
We already have that “central IRR” in the form of the likes of the RADB Whois server. RIPE’s data is the odd one out here. RIPE is the _only_ IRR source where we cannot differentiate between authenticated data and non-authenticated data. For all other sources we know that either the route objects have been authenticated against the inetnum’s specified maintainer (APNIC, AFRINIC, JPIRR) or is entirely without such verification (ARIN, NTTCOM, ALTDB, RADB itself, etc). The value of the data in the RIPE DB would significantly increase if this difference is shown. Kind regards, Job
participants (1)
-
Job Snijders