Re: [db-wg] Foreign ROUTE objects in RIPE Database - final decision?
IMHO, any idea that starts with “Let´s create a central X” is doomed from the start. We must think along other lines. /Carlos On 11 Oct 2017, at 11:21, Sascha Luck [ml] via db-wg wrote:
From: Sascha Luck [ml] <dbwg@c4inet.net>
To: denis walker <ripedenis@yahoo.co.uk>
Cc: Database WG <db-wg@ripe.net>
Subject: Re: [db-wg] Foreign ROUTE objects in RIPE Database - final decision?
Date: October 11, 2017 at 11:21 AM
On Mon, Oct 09, 2017 at 02:49:39PM +0100, denis walker via db-wg wrote:
Question - Should the RIPE Database allow creation of ROUTE objects for non RIPE resources?
Is an option D: create a central IRRDB with authentication hooks into all RIRs completely out of the question? It certainly sounds like the technologically most elegant answer. Modulo legacy resources, no unauthenticated irrdb objects should then have to exist. The trust root could be shared between the RIRs as is seemingly done with RPKI these days...
cheers, Sascha Luck
On Wed, Oct 11, 2017 at 11:30:06AM -0300, Carlos M. Martinez wrote:
IMHO, any idea that starts with “Let´s create a central X” is doomed from the start.
We must think along other lines.
Maybe "central" was the wrong word to use. Think a DB that every RIR provides a copy of and authenticates the bits that "belong" to it. This would even be necessary to avoid compromise. One could pick the copy to use for filter generation or even query them all and implement a majority decision if there are discrepancies. Of course it would require all RIRs to use the same RPSL format but that appears more of a political than a technical problem. cheers, Sascha Luck
participants (2)
-
Carlos M. Martinez -
Sascha Luck [ml]