Hi Ed This sounds like a good move. I have 2 questions about the rules.
If I query 1000 personal data sets on an IP address, then I log in to my access account, can I query 1000 more? I know this to some extent bypasses the strict rules. But in that office situation you referred to, suppose someone else has queried 1001 objects and got the IP address temporarily blocked. Now I log in to my access account I would expect to have access to 1000 objects. I'll ask you the other question when I see you in Krakow. If I am right I don't want to give people another way to bypass your new rules. Of course nothing changes if you have a block of IPv6 addresses you can still query 1000 personal objects per IP address. Do you still include (non abuse-c) ROLE objects in the count as well as PERSON objects? cheers denis co-chair DB-WG On Tue, 14 May 2024 at 19:48, Edward Shryane via db-wg <db-wg@ripe.net> wrote: > > Dear colleagues, > > We would like to share some changes to the RIPE Database Acceptable Use > Policy and how we implement the daily limit. The Database team will enable > these changes from this Thursday, 16 May 2024 onwards. > > The RIPE NCC Executive Board approved amendments to the "RIPE Database > Acceptable Use Policy" (AUP) in March this year, allowing for an additional > method of accounting for RIPE Database queries containing personal data. With > this method, the count will be based per user, rather than per IP address, > for logged-in users. This allows multiple users to share the same public IP > address but be accounted for separately. Previously, an office behind a NAT, > for example, would get blocked as all users shared the same query limit. This > will no longer be the case, as we will count the number of queries per user > based on their RIPE NCC Access (single sign-on) accounts, if they are logged > in. For users who are not logged in to RIPE NCC Access accounts, the queries > will be counted based on IP addresses. > > Additionally, we found that the daily limit configured in Whois was > inconsistent with the AUP. Along with the other changes described above, we > will enforce the daily query limit in Whois in line with the Acceptable Use > Policy: > * Number of personal data sets returned in queries from an IP address – 1,000 > per 24 hours > * Number of personal data sets returned in queries from a RIPE NCC Access > (SSO) account – 1,000 per 24 hours > > Users who query for personal data above the daily limit will receive the > message below explaining what has happened and what to do next: > > Access from your host has been temporarily denied. For more information, see: > https://apps.db.ripe.net/docs/FAQ/#why-did-i-receive-an-error-201-access-denied > > The minutes from the March meeting of the RIPE NCC Executive Board are > available at: > https://www.ripe.net/about-us/executive-board/minutes/2024/174th-executive-board-meeting-minutes/ > > The resolution amending the RIPE Database Acceptable Use Policy is under > section 4.6. > > The updated RIPE Database Acceptable Use Policy is available on our website: > https://www.ripe.net/manage-ips-and-asns/db/support/documentation/ripe-database-acceptable-use-policy/ > > Regards, > Ed Shryane > RIPE NCC > > > -- > > To unsubscribe from this mailing list, get a password reminder, or change > your subscription options, please visit: > https://lists.ripe.net/mailman/listinfo/db-wg -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/db-wg
