From geier at geier.ne.tz Thu Jul 2 05:33:27 2020 From: geier at geier.ne.tz (Frank Habicht) Date: Thu, 2 Jul 2020 08:33:27 +0300 Subject: [DBWG] restrict name-space for new maintainer objects? Message-ID: Hi all, in the RIPE DB WG is a discussion about potential confusion and potential abuse if maintainer objects are called names that look like aut-num's. There seems to be a trend towards disallowing creation of new maintainer objects that look like ASNs (and aut-num objects' primary keys) : '^AS[0-9]+' I am also of the opinion that these should not be allowed to be created. I tried to test, and created the maintainer AS37084 in the AFRINIC DB. Successfully. :-( I would like us to consider whether the AFRINIC DB should implement a restriction to prevent creation of new maintainer objects with 'mntner:' attribute (primary key) in the format '^AS[0-9]+'. Should any other formats be prevented? Should we force to have all (new?) maintainer objects be with a '-MNT' suffix? A quick check shows that there are 30 maintainer objects matching 'mntner: +[aA][sS][0-9]+' . one has a '-MAINTAINER' suffix 28 have a '-MNT' suffix one has a '-AFRINIC' suffix none match '^mntner: +[aA][sS][0-9]+$' - to be same as aut-num's On another topic: RIPE seem to be having numbered WG items, so that when many issues are under discussion there can be a quick reference which we're talking about - and likely other advantages. Should we do the same? Above about maintainer objects could be DBWG-1 And this question whether the issues should be numbered could be DBWG-0 What are your comments? Thanks, Frank Habicht co-chair From benm at workonline.africa Thu Jul 2 08:03:35 2020 From: benm at workonline.africa (Ben Maddison) Date: Thu, 2 Jul 2020 10:03:35 +0200 Subject: [DBWG] restrict name-space for new maintainer objects? In-Reply-To: References: Message-ID: <20200702080335.tb2uqhlod2qbcmom@benm-laptop> Hi Frank, all, On 07/02, Frank Habicht wrote: > Hi all, > > in the RIPE DB WG is a discussion about potential confusion and > potential abuse if maintainer objects are called names that look like > aut-num's. > > There seems to be a trend towards disallowing creation of new maintainer > objects that look like ASNs (and aut-num objects' primary keys) : > '^AS[0-9]+' > > I am also of the opinion that these should not be allowed to be created. > > I tried to test, and created the maintainer AS37084 in the AFRINIC DB. > Successfully. :-( > > I would like us to consider whether the AFRINIC DB should implement a > restriction to prevent creation of new maintainer objects with 'mntner:' > attribute (primary key) in the format '^AS[0-9]+'. > > Should any other formats be prevented? > Should we force to have all (new?) maintainer objects be with a '-MNT' > suffix? > To be honest, I thought that this was already the case! Maybe it is in IRRd, but not RIPE-WHOIS derivatives? In any event, I think that this is a good idea. A prefix or suffix should be sufficient to clearly indicate that the object is a maintainer. I don't believe any other format checks are necessary if that is the case. > A quick check shows that there are 30 maintainer objects matching > 'mntner: +[aA][sS][0-9]+' . > one has a '-MAINTAINER' suffix > 28 have a '-MNT' suffix > one has a '-AFRINIC' suffix > none match '^mntner: +[aA][sS][0-9]+$' - to be same as aut-num's > > > On another topic: RIPE seem to be having numbered WG items, so that when > many issues are under discussion there can be a quick reference which > we're talking about - and likely other advantages. > > Should we do the same? > Above about maintainer objects could be DBWG-1 > And this question whether the issues should be numbered could be DBWG-0 > That is an excellent idea. Cheers, Ben From nishal at controlfreak.co.za Tue Jul 28 11:38:39 2020 From: nishal at controlfreak.co.za (Nishal Goburdhan) Date: Tue, 28 Jul 2020 13:38:39 +0200 Subject: [DBWG] proposal to auto-generate contents of the mandatory "changed" field in db objects. Message-ID: hi, per the subject line, i think that this is something that afrinic?s db could auto-append. this basically means that the field: ?changed: ? would no longer need to be filled out by the requestor, and afrinic would auto-populate this, based on : # mail headers, # datetime, and other relevant bits that can be discussed further here. i can?t see this breaking anything, but welcome additional discussion. i?m also not aware of a formal way to request these sorts of changes, so, if there actually *is* one, other than suggestions posted here, please educate me. ?n. From geier at geier.ne.tz Tue Jul 28 12:48:19 2020 From: geier at geier.ne.tz (Frank Habicht) Date: Tue, 28 Jul 2020 15:48:19 +0300 Subject: [DBWG] DBWG-2: proposal to auto-generate contents of the mandatory "changed" field in db objects. In-Reply-To: References: Message-ID: <1bd1cf13-ad71-ca75-415a-96b5ec87d27a@geier.ne.tz> Hi Nishal, Thanks for your email and proposal. assuming [1] we keep numbering WG issues, this should be DBWG-2. I'd like to invite all others; please give your input. Greetings, Frank [1] see email(s) from July 2nd. 100% of the one response(s) were in favour, I believe we can give a little time to get some more voices for or against. On 28/07/2020 14:38, Nishal Goburdhan wrote: > hi, > > per the subject line, i think that this is something that afrinic?s db > could auto-append. > > this basically means that the field: > ?changed:? ? > > would no longer need to be filled out by the requestor, and afrinic > would auto-populate this, based on : > # mail headers, > # datetime, > and other relevant bits that can be discussed further here.? i can?t see > this breaking anything, but welcome additional discussion. > > i?m also not aware of a formal way to request these sorts of changes, > so, if there actually *is* one, other than suggestions posted here, > please educate me. > > ?n. > > _______________________________________________ > DBWG mailing list > DBWG at afrinic.net > https://lists.afrinic.net/mailman/listinfo/dbwg From geier at geier.ne.tz Tue Jul 28 12:51:45 2020 From: geier at geier.ne.tz (Frank Habicht) Date: Tue, 28 Jul 2020 15:51:45 +0300 Subject: [DBWG] more formalised change process? In-Reply-To: References: Message-ID: <4088ba88-0a5e-edff-abc4-b88d3b5e617b@geier.ne.tz> Hi all, I'd like to split off Nishal's final question below into a separate thread. Subject is changed, but still a response to his email [1]. Regarding the question about a formal way to submit requests: In my understanding we don't have a formal way - yet. And we (the group) have the power to give us one. It would likely add credibility and certainty/predictability to the group and the process. On the other hand it _could_ draw out some changes to take longer. I also think this is not 0 and 1 - middle ground can be there. Lastly, we'd need not only consensus about whether we want to formalise more, but also folk volunteering to draft something. Frank [1] if there are strong opinions how this should be different, one can probably educate me. On 28/07/2020 14:38, Nishal Goburdhan wrote: > hi, > > per the subject line, i think that this is something that afrinic?s db > could auto-append. > > this basically means that the field: > ?changed:? ? > > would no longer need to be filled out by the requestor, and afrinic > would auto-populate this, based on : > # mail headers, > # datetime, > and other relevant bits that can be discussed further here.? i can?t see > this breaking anything, but welcome additional discussion. > > i?m also not aware of a formal way to request these sorts of changes, > so, if there actually *is* one, other than suggestions posted here, > please educate me. > > ?n. > > _______________________________________________ > DBWG mailing list > DBWG at afrinic.net > https://lists.afrinic.net/mailman/listinfo/dbwg From benm at workonline.africa Wed Jul 29 20:28:00 2020 From: benm at workonline.africa (Ben Maddison) Date: Wed, 29 Jul 2020 22:28:00 +0200 Subject: [DBWG] DBWG-2: proposal to auto-generate contents of the mandatory "changed" field in db objects. In-Reply-To: <1bd1cf13-ad71-ca75-415a-96b5ec87d27a@geier.ne.tz> References: <1bd1cf13-ad71-ca75-415a-96b5ec87d27a@geier.ne.tz> Message-ID: <20200729202800.fygiwpmtfpc5tjhv@benm-laptop> Hi all, On 07/28, Frank Habicht wrote: > Hi Nishal, > > Thanks for your email and proposal. > > assuming [1] we keep numbering WG issues, this should be DBWG-2. > > I'd like to invite all others; please give your input. > > > > On 28/07/2020 14:38, Nishal Goburdhan wrote: > > hi, > > > > per the subject line, i think that this is something that afrinic?s db > > could auto-append. > > > > this basically means that the field: > > ?changed:? ? > > > > would no longer need to be filled out by the requestor, and afrinic > > would auto-populate this, based on : > > # mail headers, > > # datetime, > > and other relevant bits that can be discussed further here.? i can?t see > > this breaking anything, but welcome additional discussion. > > I think that the principle is sensible, but the details might be tricky. The "date" part is easy to calculate on receipt. The "from" part is less so: - updates via the web-submission thingy - updates via the REST-wotsit - updates generated by tooling that sets the 'changed:' to the correct user but generates the 'From:' using a shared/dummy mailbox Having accurate 'changed:' is important for attribution, as the current legacy space saga reminds us. If we're going to solve this properly, perhaps referencing the mntner used to authorise the update is the way to go? (it's transport independent, less spoof-able, and maybe more useful for a later audit). Users could then provide an optional 'changed-reason:', providing email attribution and/or commit-msg things. Cheers, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From benm at workonline.africa Wed Jul 29 20:44:54 2020 From: benm at workonline.africa (Ben Maddison) Date: Wed, 29 Jul 2020 22:44:54 +0200 Subject: [DBWG] more formalised change process? In-Reply-To: <4088ba88-0a5e-edff-abc4-b88d3b5e617b@geier.ne.tz> References: <4088ba88-0a5e-edff-abc4-b88d3b5e617b@geier.ne.tz> Message-ID: <20200729204454.sh7a5gia3qc3xecy@benm-laptop> Hi Frank, all, On 07/28, Frank Habicht wrote: > Hi all, > > I'd like to split off Nishal's final question below into a separate > thread. Subject is changed, but still a response to his email [1]. > > Regarding the question about a formal way to submit requests: > > In my understanding we don't have a formal way - yet. And we (the group) > have the power to give us one. > It would likely add credibility and certainty/predictability to the > group and the process. On the other hand it _could_ draw out some > changes to take longer. I also think this is not 0 and 1 - middle ground > can be there. > Lastly, we'd need not only consensus about whether we want to formalise > more, but also folk volunteering to draft something. > I think there are a few separate questions in here: - how do we track/reference/manage proposals, to ensure that good ideas aren't simply lost? - do we want a clear "adoption" process where a proposal goes from idea to WG work-item, and if so what does that process look like? - what should the output of our work look like? The answers to these depend in part on what the WG is expected to produce, and the extent to which we are empowered to provide direction on the WHOIS operation. The current published charter (for want of a better word) [1] makes this sound decidedly uni-directional. Is there a revision to this hiding somewhere that I haven't found? Cheers, Ben [1]: https://afrinic.net/committees/database-wg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From nishal at controlfreak.co.za Fri Jul 31 16:10:17 2020 From: nishal at controlfreak.co.za (Nishal Goburdhan) Date: Fri, 31 Jul 2020 18:10:17 +0200 Subject: [DBWG] DBWG-2: proposal to auto-generate contents of the mandatory "changed" field in db objects. In-Reply-To: <20200729202800.fygiwpmtfpc5tjhv@benm-laptop> References: <1bd1cf13-ad71-ca75-415a-96b5ec87d27a@geier.ne.tz> <20200729202800.fygiwpmtfpc5tjhv@benm-laptop> Message-ID: <174967AC-F49D-41AF-9C14-6C8CAF0B39F2@controlfreak.co.za> On 29 Jul 2020, at 22:28, Ben Maddison via DBWG wrote: > Hi all, > > I think that the principle is sensible, but the details might be > tricky. > > The "date" part is easy to calculate on receipt. > The "from" part is less so: > - updates via the web-submission thingy > - updates via the REST-wotsit > - updates generated by tooling that sets the 'changed:' to the correct > user but generates the 'From:' using a shared/dummy mailbox > > Having accurate 'changed:' is important for attribution, as the > current > legacy space saga reminds us. nishal at slartibartfast:~$ date && whois -B -h whois.afrinic.net ndg-afrinic | grep -A1 changed Fri Jul 31 18:08:21 SAST 2020 changed: ben.maddison at domain.invalid 19990730 source: AFRINIC are you saying the database is incorrect? :-) > If we're going to solve this properly, perhaps referencing the mntner > used to authorise the update is the way to go? (it's transport > independent, less spoof-able, and maybe more useful for a later > audit). > Users could then provide an optional 'changed-reason:', providing > email > attribution and/or commit-msg things. i support ben?s very common-sense suggestion. -n.