Dear Colleagues, On 8/03/12:11 8:52 AM, Gert Doering wrote:
Hi,
On Wed, Mar 07, 2012 at 09:52:48PM +0000, Nick Hilliard wrote:
Uhhh, I think POLA[*] applies here, in bucketloads. The query results that are returned are what should be accounted for, not other objects which are filtered out in-between.
+1
This issue is already addressed in the latest production release. As mentioned at RIPE 63 we are re-developing the whole query service to the RIPE Database step by step. We changed the work flow so that accounting is done as the last step before returning the data to the user. So the new ACL only accounts for the data that is returned to the user. In terms of the question we asked about changing the default behaviour, this is not the main issue. The majority of queries for address space do not apply filtering using the '-T' flag. Currently, if users do not know and remember to use the '-r' flag when they do NOT want to return personal data, they will be blocked after receiving 5000 personal data objects. With the current ACL a blocked user cannot access any data in the RIPE Database until they are unblocked the next day. We are proposing two changes: 1) We think it is more intuitive to have to ask to receive the personal data, rather than be given it by default. 2) Regardless of default behaviour, we think when they hit the limit, they should not get completely blocked. Instead, a user should still be able to access the RIPE Database, but without receiving any personal data in their query results. We typically block about 50 IP addresses per day for excessive querying of personal data. Most people who contact ripe-dbm with questions about blocking did not realise they should use '-r' if they do not want personal data. Regards, Denis Walker Business Analyst RIPE NCC Database Group