I fully agree with Cynthia here, we use the maintainer STACLAR for example.

I have looked through the database files and there seem to be exactly 26 maintainer objects that are named as an ASN (without any prefixes or suffixes). I think the best solution would be to just block the creation of new objects like this and manually check through the existing ones to find potentially fraudulent ones.

Matthias Merkel

Vice President

Staclar, Inc.
+1-302-291-1141 | +49 15678 585608
matthias.merkel@staclar.com
staclar.com
Munich, Germany
linkedin

From: db-wg <db-wg-bounces@ripe.net> on behalf of Cynthia Revström via db-wg <db-wg@ripe.net>
Sent: Wednesday, July 1, 2020 7:36 PM
To: Job Snijders <job@instituut.net>
Cc: DB-WG <db-wg@ripe.net>
Subject: Re: [db-wg] mntner with misleading primary key
 
I am not sure how feasible the mandatory "-mnt" would be at this point tbh.
I can easily think of at least 2 maintainers that are actually used that I see quite often that wouldn't fit that pattern.
There are probably a considerable amount of maintainers that do not follow this pattern in fact...

$ grep -P 'mntner:\s+(?:(?!mnt\-|MNT\-|MAINT\-|maint\-).(?!\-MNT|\-mnt|\-maint|\-MAINT))+$' ripe.db.mntner | wc -l
6990

$ grep -P 'mntner:\s+' ripe.db.mntner | wc -l
56524

I don't think we can make 12% of people change their maintainer for this purpose.

- Cynthia

On Wed, Jul 1, 2020 at 6:28 PM Job Snijders via db-wg <db-wg@ripe.net> wrote:
Dear Tom,

On Wed, Jul 1, 2020, at 16:16, Tom Hill via db-wg wrote:
> Unless of course, parsing/filtering before insertion (thus augmenting
> the database's table natural design restrictions) is not something Good
> To Do. Database design definitely isn't my primary skill.
>
> Saying that, I have long been idly frustrated by the way that mntners
> seemingly have a reversible, unwritten standard of 'MNT-[random]' or
> '[random]-MNT'. I can't be the only one.

It is possible to change this, but it'll take some time: extensive research to figure out a path which causes the least disruption to the fewest amount of people. Ideally only a handful of people have to change their "mntner:" primary key.

I think a mandatory "-MNT" or "MNT-" or "-MAINT" is helpful because the maintainers primary key string does pop up from time to time without any context, and this can lead to confusion. See https://seclists.org/nanog/2020/Jan/650 for a fun story about how one person's email error code is another person's BGP autonomous system reference. :-)

It starts with a volunteer who does some digging in the data to see if a migration path can be constructed or not. A conclusion may be that it is too hard, but we don't know yet. Are you up for it? :)

Kind regards,

Job