Hello, On 8/5/24 3:32 PM, Edward Shryane wrote:
The current system is a compromise between allowing queries containing personal data, and complying with the Acceptable Use Policy: https://www.ripe.net/manage-ips-and-asns/db/support/documentation/ripe-datab...
The current system is a design bug, not a compromise. Acceptable Use Policy clearly defines limits per IP address (without distinguishing whether IPv4 or IPv6). Your implementation at this time blocks whole /64 subnet in case of IPv6, not only single address violating AUP.
The limit is 1,000 objects that could contain personal data, which is not normally reached by most users (< 0.02%), and it is clear what can be done if this is exceeded.
The limit value isn't problem as well as limiting the number of queries per IP address. But the developers probably wanted to make their life easier and implemented the AUP incorrectly. Blocking entire subnets as an initial reaction simply isn't the spirit of AUP. IPv6 address has 128 bits, not only 64 you're using - whatever the "reason" is.
Rather than re-write the accounting code, can the community review why objects containing personal data is returned by default? Can we make "-r" the default?
If code contains bug (and that's now quite clear), it needs to be fixed regardless of the data returned with the default settings. I personally don't consider as a bad idea not to display personal data at all (have "-r" as default), it's important that the abuse contact is always displayed (and it is, even with "-r"). But that's different topic. - Daniel