Ronald,
On 04/02/2021 02.22, Ronald F. Guilmette via db-wg wrote:
I mean seriously, who designed these questions?
The RIPE Database Requirements Task Force, with support from the RIPE
NCC. This task force includes me, although I am speaking only for myself
here.
My feeling is that any set of good requirements is the minimal set of
functionality needed to do something. As such, everything that we put
forward as a requirement needs to be justified. The survey is an attempt
to understand how important - if at all - various things that are
currently stored and published in the RIPE Database are to the RIPE
community.
Your opinion that the RIPE Database should contain and make public lots
of information is clear. I think that our job as the task force is to
try to understand and document what your use cases are and whether or
not those reach the level of one or more requirements for what should be
in the database and whether it should be public.
Every tightening of security or privacy makes life more difficult for
someone. Several years ago the shift from unencrypted HTTP to encrypted
HTTPS was problematic for vendors who sold products or services that
analyzed this traffic to help companies secure or otherwise understand
their networks. The current shift from unencrypted DNS to DNS-over-TLS
or DNS-over-HTTPS is problematic for companies that snoop on DNS traffic
to check for bots or other hacked systems accessing their
command-and-control networks.
So I recognize that the parts of your work that involve getting data out
of WHOIS databases is going to be harder if that information is not
there. Possibly your work will be impossible. It is understandable that
this would make you a bit angry or afraid. Even so, not every current
use or potential use of the RIPE Database is necessarily something that
must be supported going forward.
Note that the task force has already published an incomplete draft of
the requirements, so you can see what we have in mind:
https://www.ripe.net/resolveuid/ec75a6eb21684150bbcf6cd53917629c
Also note that this is the *beginning* of the process of changing the
database, so nothing the task force recommends is to be considered the
final word. Any changes will go through the usual RIPE policy
development process (PDP) in an appropriate working group (probably
either Database or Routing, but possibly Address Policy), so there will
be plenty of time to discuss specific proposals.
Cheers,
--
Shane
