I have a trivial little Perl program called "dupcount" that does exactly what its name implies. I ran it on a fresh copy of the database, as part of a command pipeline as follows: % gzcat ripe.db.gz | grep '^org-type:' | dupcount Results were as follows: 99651 org-type: OTHER 24055 org-type: LIR 1131 org-type: Other 1034 org-type: other 3 org-type: OTher 1 org-type: RIR 1 org-type: IANA 1 org-type: WHITEPAGES 1 org-type: OTHEr I gather from this that case should generally be ignored when parsing this field value. Would it also be appropriate to assume that LEGACY number resources have generally been associated with ORG records of type OTHER? Have any or all of those ORGs ever been vetted in any way? And what about number resources that are presently associated with no ORG whatsoever, for example, the following ones? I am having a bit of trouble understanding how a <<void>> organization gets (or got) vetted by NCC. (I should perhaps clarify that of the following 120 ASNs, fully 108 of them are listed as status: LEGACY, however that leaves another 12 wih status: ASSIGNED, and for those, and also the LEGACY ones, the vetting, if any, that has been applied seems to me to be a at least a bit ambiguous.) AS248 AS249 AS250 AS528 AS529 AS544 AS590 AS593 AS697 AS709 AS710 AS712 AS761 AS764 AS777 AS1110 AS1112 AS1114 AS1115 AS1116 AS1118 AS1119 AS1121 AS1122 AS1123 AS1124 AS1126 AS1135 AS1137 AS1203 AS1234 AS1241 AS1253 AS1257 AS1270 AS1271 AS1272 AS1273 AS1274 AS1279 AS1290 AS1304 AS1318 AS1342 AS1352 AS1353 AS1653 AS1654 AS1663 AS1732 AS1739 AS1748 AS1752 AS1774 AS1780 AS1833 AS1835 AS1837 AS1889 AS1893 AS1903 AS1921 AS1922 AS1923 AS1960 AS1961 AS1962 AS1967 AS2004 AS2012 AS2016 AS2017 AS2026 AS2028 AS2029 AS2036 AS2045 AS2049 AS2147 AS2148 AS2481 AS2487 AS2494 AS2529 AS2530 AS2578 AS2609 AS2643 AS2921 AS3151 AS3843 AS3917 AS3918 AS4148 AS4457 AS4458 AS4524 AS4588 AS4589 AS4974 AS6067 AS6168 AS6412 AS8093 AS8346 AS8452 AS11341 AS11660 AS15808 AS18732 AS19376 AS20598 AS21042 AS21174 AS21491 AS22627 AS24691 AS25429 AS29032 AS29039
Hi Ronald I am sure the more searching you do you may find more cases like this. But you are still making the same point. We hear you. Can you suggest any improvements to the process that will address any of the cases you have already highlighted? cheersdenis co-chair DB-WG (I apologise for not addressing the reply directly to you as it seems you blacklist yahoo mail.) On Thursday, 1 August 2019, 06:58:50 CEST, Ronald F. Guilmette via db-wg <db-wg@ripe.net> wrote: I have a trivial little Perl program called "dupcount" that does exactly what its name implies. I ran it on a fresh copy of the database, as part of a command pipeline as follows: % gzcat ripe.db.gz | grep '^org-type:' | dupcount Results were as follows: 99651 org-type: OTHER 24055 org-type: LIR 1131 org-type: Other 1034 org-type: other 3 org-type: OTher 1 org-type: RIR 1 org-type: IANA 1 org-type: WHITEPAGES 1 org-type: OTHEr I gather from this that case should generally be ignored when parsing this field value. Would it also be appropriate to assume that LEGACY number resources have generally been associated with ORG records of type OTHER? Have any or all of those ORGs ever been vetted in any way? And what about number resources that are presently associated with no ORG whatsoever, for example, the following ones? I am having a bit of trouble understanding how a <<void>> organization gets (or got) vetted by NCC. (I should perhaps clarify that of the following 120 ASNs, fully 108 of them are listed as status: LEGACY, however that leaves another 12 wih status: ASSIGNED, and for those, and also the LEGACY ones, the vetting, if any, that has been applied seems to me to be a at least a bit ambiguous.) AS248 AS249 AS250 AS528 AS529 AS544 AS590 AS593 AS697 AS709 AS710 AS712 AS761 AS764 AS777 AS1110 AS1112 AS1114 AS1115 AS1116 AS1118 AS1119 AS1121 AS1122 AS1123 AS1124 AS1126 AS1135 AS1137 AS1203 AS1234 AS1241 AS1253 AS1257 AS1270 AS1271 AS1272 AS1273 AS1274 AS1279 AS1290 AS1304 AS1318 AS1342 AS1352 AS1353 AS1653 AS1654 AS1663 AS1732 AS1739 AS1748 AS1752 AS1774 AS1780 AS1833 AS1835 AS1837 AS1889 AS1893 AS1903 AS1921 AS1922 AS1923 AS1960 AS1961 AS1962 AS1967 AS2004 AS2012 AS2016 AS2017 AS2026 AS2028 AS2029 AS2036 AS2045 AS2049 AS2147 AS2148 AS2481 AS2487 AS2494 AS2529 AS2530 AS2578 AS2609 AS2643 AS2921 AS3151 AS3843 AS3917 AS3918 AS4148 AS4457 AS4458 AS4524 AS4588 AS4589 AS4974 AS6067 AS6168 AS6412 AS8093 AS8346 AS8452 AS11341 AS11660 AS15808 AS18732 AS19376 AS20598 AS21042 AS21174 AS21491 AS22627 AS24691 AS25429 AS29032 AS29039
In message <1478836722.4807768.1564661218800@mail.yahoo.com>, "ripedenis@yahoo.co.uk" <ripedenis@yahoo.co.uk> wrote:
I am sure the more searching you do you may find more cases like this. But you are still making the same point. We hear you. Can you suggest any improvements to the process that will address any of the cases you have already highlighted?
I'm not sure that I've made, or been making only one point. More like three, if you count the extra one that somebody else (Nick?) raised in response to me recent posts here. I'll just give my views on these in order, from easy to hard... 1) There are some (arguably small) "inconsistancies" in the data base that could, and maybe even should be cleaned up. The upper/lower case of the field values for things like org-type: is perhaps the most minor and inconsequential of these. But to the extent possible, even small nits like this that might possibly hinder automated analysis could be and should be eliminated. The resource records that don't have org: fields is another example of this. I'm not sure if that should even be fixed, but I don't think that it would -hurt- anything if it were to get fixed. Software hates exception cases, and so do I. Call me anal retentive if you like. I don't mind. Anyway that data to fix these cases already does seem to be there, e.g. in the associated person; and role: records, so it is just a question of will and manpower. Some folks will feel it is worth it to fix this, and as surely as night follows day, other won't. I could probably find other oddities and seeming deviations from the "norm" in the data base records, given a few days, but who knows if any of those are worth even remarking on, let alone fixing. I sure don't. Not yet anyway. 2) Somebody (Nick) suggested a field to indicate whether or when a given ORG had been vetted. I think that's a damn fine idea, and I would certainly argue in favor of a date stamp and not just a binary flag. If there's a date stamp, then nosey busybodies (aka independent researchers) such as myself could look at that, and if we happen to notice that a given ORG was last vetted 7 years ago, but there are press reports that it went bankrupt or was bought out 4 years ago, then we can suggest to NCC that it may be time for another look at that ORG and its contact info, etc. 3) As I've pointed out, there are lots of cases (countries) in the RIPE region where it isn't clear how the bleep NCC could possibly vet the ORGs that claim to be incorporated there, other than asking the ORG itself for documents, and then just trusting that those haven't been forged and/or that the party preseting them does in fact have some actual, finite, and non-zero connection to the relevant ORG. Even though I may bitch about this... because it DOES worry me... I don't have anything I can put forward as a possible viable solution. I have no shortage of ideas of what I personally would *like* to see done with respect to either new or existing ORG registrations that arise from countries that are "hiding the ball" with respect to their national corporate registries, but based on my experience so far with the RIPE community and its requirements of near-universal consensus (for any change proposal) all of the ideas I might propose for dealing with this issue would have, I'm sure, about the same chances of being adopted as the proverbial "lead balloon". Just as significantly, or perhaps even moreso, if even the anti-money- laundering advocates in the EU can't manage to wedge open these national corpoarate registries, I'm not persuaded that RIPE could do any better, no matter kind of draconian measures it might adopt to try to encourage or even force such openings. What I do know, and what I can say is that it is self-evident that the current NCC vetting process, such as it is, is prone to abuse and must necessarily involve a great deal of blind trust in the parties claiming to represent the ORGs being vetted. Quite obviously, few other folks see this as a problem. I however do. My only hope is that by bringing the problem out of the shadows and throwing it onto the table, maybe someone, here or elsewhere, will suggest something viable that might improve, even if only incrementally, the current situation. Regards, rfg
participants (2)
-
ripedenis@yahoo.co.uk -
Ronald F. Guilmette