Hi, So why don't do some "hidden" flag part of asnum object?
Let say that, end user (MNT) would be able to indicate that ASN should be hidden from the BGP and provide remarks for a reason (IXP or whatever) - mandatory. If such ASN would be observed in the BGP, the hidden flag would be unset and LIR/holder would be notified. When there would be the ASN which would not be seen for more that 3 months and would have the "hidden" flag unset, the deregistation process (as in proposal - ask, wait, deregister) could be started. The holders of "hidden" ASNs could be then asked about their need of such ASN with longer period and also be notified when the ASN emerges somewhere when it shouldn't. This would address issues of: - Inactive holder: Requires action to set ASN as hidden - Hijack: When so, holder would get notified (after hijack ends the ASN would expire if holder doesn't exist anymore) - Provides mandatory feedback by remarks of reason why it is not announced - Provide a way how to prolongate period of asking if the ASN is needed by adding other means then pooling - Maybe provide yet another way of filtering of BGP path (hidden ASN should not be present there), however for such use it would had to become some kind of standard across RIRs It might bring issue of intentional attack on such flag by announcing such ASN and trigger the timer. There should be some period for which the ASN should be observed in BGP to trigger the process to partially mitigate such vector of attack and possible mishaps. Best Regards Martin Hunek Dne čtvrtek 23. března 2017 17:35:19 CET, Gert Doering napsal(a): > Hi, > > On Thu, Mar 23, 2017 at 02:53:27PM +0000, [email protected] wrote: > > In the internal processing side, will the RIPE NCC flag the ASNs that are > > justifiably not publicly visible. So that they don't get asked the same > > question every couple of months? > Well, if they keep being not publically visible, maybe they *should* > be asked regularily if they are *still* in use? > > For the same reason we're asking today - setups have changed, people > and companies cease to exist, stuff starts being no longer used. > > (I wouldn't ask "every couple of months", though, maybe "every few > years" - but that's for the community to decide, in the end) > > Gert Doering > -- APWG chair
signature.asc
Description: This is a digitally signed message part.
