Ronald, On 30/01/2021 05.42, Ronald F. Guilmette via db-wg wrote:
https://www.ripe.net/ripe/mail/archives/db-wg/2020-December/006736.html
When you refer to the two question that were ignored, I guess you mean:
True...historical versions of these objects are not available in any form for privacy and security reasons.
Ok, so, two questions:
1) Is that based on community policy, or on internal RIPE NCC policy?
2) What are these "privacy and security reasons", exactly?
Keep in mind that my participation in this was between 20 and 15 years ago, and my memory is likely imperfect and I invite other people involved to clarify or correct if they desire. As far as I know the ability to keep historical data was introduced with the implementation of the database deployed in 2000. I started working at the RIPE NCC a few months before the deployment and helped with the it, although I was not in a decision-making position at the time. Lack of historical data before that was not a matter of policy, but a limitation of the technology; the database before that did not keep older versions. During this era many ccTLD within the RIPE region (which at that time included Europe, the Middle East, and northern Africa) used the RIPE Database either as a primary or backup record of their domain delegations. This was a service provided by the RIPE NCC to help encourage the growth of the Internet within its service region; I believe that this fits in well with the stated purpose of the RIPE NCC, and was partially responsible for the success of ccTLD. The ccTLD data started to become a problem as various ccTLD became wildly popular, and domain objects and the associated objects (person, role, maintainer) consumed a large amount of storage, compute, and network resources. The large amount of personal data also highlighted the privacy problems associated with keeping such contact data, as there were lots of private information stored and published. When I mention "privacy problems", in 2000 the biggest concern of people was spam. Anti-spam techniques (both technical and legal) were in early days and the spammers were basically winning the arms race. There were no social platforms so e-mail was too important to ignore, but also becoming increasingly flooded. Given this, people were understandably very sensitive to having their e-mail address published. Given these issues, I do not think we ever considered providing access to historical data about person or role objects. I do not think it was removed, rather never provided. There were other ways that database data was available. The RIPE NCC was already providing daily dumps of the database on the FTP site for years before this, but I'm pretty sure the person and role objects were not available for download due to privacy concerns. At one point the dumps of other data types were modified to filter out references to person & role objects, to prevent people from getting a complete list of "active" persons or roles that they could then query. Additional filtering was added in the early 2000's such as removing CRYPT-PW and MD5-PW attributes to prevent dictionary attacks against maintainer passwords. The RIPE NCC also provided NRTM (near-real-time mirrors), which provided full information, although getting access to such a feed required a contract limiting how the information could be used or distributed. I believe such a full feed was eventually removed or more severely restricted as well. The RIPE NCC during that era worked closely with the community, and always presented such changes to the community beforehand and reported when they were complete. There was generally a presumption of good faith, which I think was deserved and I think the RIPE NCC still deserves. I'm not going to search through decades-old mailing list archives or review PowerPoint presentations from that time to garner the details; I leave that to historians, or to folks interested in litigating decisions made long ago. Cheers, -- Shane