Hello,
On 8/5/24 3:32 PM, Edward Shryane wrote:
The current system is a compromise between allowing queries containing personal
data, and complying with the Acceptable Use Policy:
https://www.ripe.net/manage-ips-and-asns/db/support/documentation/ripe-database-acceptable-use-policy/
The current system is a design bug, not a compromise.
Acceptable Use Policy clearly defines limits per IP address (without
distinguishing whether IPv4 or IPv6).
Your implementation at this time blocks whole /64 subnet in case of
IPv6, not only single address violating AUP.
The limit is 1,000 objects that could contain personal data, which is not normally
reached by most users (< 0.02%), and it is clear what can be done if this is
exceeded.
The limit value isn't problem as well as limiting the number of queries
per IP address. But the developers probably wanted to make their life
easier and implemented the AUP incorrectly.
Blocking entire subnets as an initial reaction simply isn't the spirit
of AUP. IPv6 address has 128 bits, not only 64 you're using - whatever
the "reason" is.
Rather than re-write the accounting code, can the community review why objects containing
personal data is returned by default? Can we make "-r" the default?
If code contains bug (and that's now quite clear), it needs to be fixed
regardless of the data returned with the default settings.
I personally don't consider as a bad idea not to display personal data
at all (have "-r" as default), it's important that the abuse contact is
always displayed (and it is, even with "-r"). But that's different topic.
- Daniel
-----
To unsubscribe from this mailing list or change your subscription options,
please visit: https://mailman.ripe.net/mailman3/lists/db-wg.ripe.net/
As we have migrated to Mailman 3, you will need to create an account with the email matching your subscription before you can change your settings.
More details at: https://www.ripe.net/membership/mail/mailman-3-migration/
