69/8...this sucks

2. Each RIR should operate one or more routers with an open

peering

               policy which will perform the following functions:

I agree that the RIR is the right source for the data but I think that BGP
is the wrong protocol for publishing the data. Would you give a BGP feed
to all of your customers so that they can inject up-to-date bogons into
their firewall configs? Probably not and besides, the enterprise folks
wouldn't have a clue what to do with BGP in the first place. That's why I
have suggested using LDAP to publish the data.

Apologies if this has been discussed before, but, it seems to me that

this

is the easiest way to make the data readily available to the community
directly from the maintainers of the databases in a fashion which is
automatically up to date.

At this point a lot if people agree that the data needs to come directly
from the database maintainers, in our case that's ARIN. And people also
seem to agree that keeping the data automatically up to date is a good
thing. We still have some discussion as to which protocol to use for
publishing the data. I suggest that what is needed now is to engage ARIN
in the discussion and get this on the agenda with them. Technical details
can be worked out later, but now we need a commitment from ARIN that they
can and will make this data available and keep it up to date.

--Michael Dillon

2. Each RIR should operate one or more routers with an open

peering

               policy which will perform the following functions:

I agree that the RIR is the right source for the data but I think that
BGP is the wrong protocol for publishing the data. Would you give a BGP
feed to all of your customers so that they can inject up-to-date bogons
into their firewall configs? Probably not and besides, the enterprise
folks wouldn't have a clue what to do with BGP in the first place.
That's why I have suggested using LDAP to publish the data.

Nothing in my proposal precludes the data from being published via LDAP,
but, if you think the enterprise wouldn't know how to handle the data via
BGP, I gotta tell you, LDAP is much more difficult in my experience.

As to publishing the data to customers, sure. Why not. See my previous
post about all-comers BGP peer-groups.

Apologies if this has been discussed before, but, it seems to me that

this

is the easiest way to make the data readily available to the community
directly from the maintainers of the databases in a fashion which is
automatically up to date.

At this point a lot if people agree that the data needs to come directly
from the database maintainers, in our case that's ARIN. And people also
seem to agree that keeping the data automatically up to date is a good
thing. We still have some discussion as to which protocol to use for
publishing the data. I suggest that what is needed now is to engage ARIN
in the discussion and get this on the agenda with them. Technical details
can be worked out later, but now we need a commitment from ARIN that they
can and will make this data available and keep it up to date.

I don't see any reason we have to pick _A_ protocol. As far as I'm concerned,
it could easily be published via LDAP, DNS, _AND_ BGP. I am already working
on drafting a policy proposal.

Owen