On Wed, 11 Oct 2017 at 16:52, Sascha Luck [ml] via db-wg <
db-wg@ripe.net> wrote:
On Wed, Oct 11, 2017 at 11:30:06AM -0300, Carlos M. Martinez wrote:
>IMHO, any idea that starts with “Let´s create a central X” is doomed from the start.
>
>We must think along other lines.
Maybe "central" was the wrong word to use. Think a DB that every
RIR provides a copy of and authenticates the bits that "belong"
to it. This would even be necessary to avoid compromise.
One could pick the copy to use for filter generation or even
query them all and implement a majority decision if there are
discrepancies.
Of course it would require all RIRs to use the same RPSL format
but that appears more of a political than a technical problem.
We already have that “central IRR” in the form of the likes of the RADB Whois server. RIPE’s data is the odd one out here.
RIPE is the _only_ IRR source where we cannot differentiate between authenticated data and non-authenticated data.
For all other sources we know that either the route objects have been authenticated against the inetnum’s specified maintainer (APNIC, AFRINIC, JPIRR) or is entirely without such verification (ARIN, NTTCOM, ALTDB, RADB itself, etc).
The value of the data in the RIPE DB would significantly increase if this difference is shown.
Kind regards,
Job