[ppml] LDAP? Why not?

Michael.Dillon at radianz.com Michael.Dillon at radianz.com
Fri Jul 25 04:31:48 EDT 2003


>>Oh, and while you're at it, why not put all of this stuff into an LDAP
>>server as well so that nobody gets the idea of using BGP peering 
sessions
>>to distribute up to date abuse contact info.

>I'm losing you here...
>Please explain?

It's my pet theory. I believe that if everyone published their directory 
type information using LDAP the world would be a better place. Examples 
include the whois directory, the various BGP and DNS based spammer 
blacklists like ORBS and the DUL. 

Instead of hacking BGP and/or DNS to do something they weren't intended to 
we would just write an LDAP schema (kind of like a data description) and 
then use an LDAP server. The DNS would only be used as a locator mechanism 
to find the right LDAP server

     _lwhois._tcp.example.com SRV lwhois.example.com
     lwhois.example.com       A   192.0.0.7

You could publish a directory of ASes originating abuse which you have 
detected and you could put all the reporting details into the directory 
instead of spewing out emails to abuse.example.com. Then, once a week, you 
could send a single email to a known good contact at example.com reporting 
the number of incidents in your directory and giving them the password 
needed to access the full details of their incidents. LDAP makes it easy 
to protect parts of the directory with passwords. The public would only be 
able to browse the high level stats on on incidents and the origin ASes 
could get at the details.

But, since LDAP is a protocol, the origin ASes could plug their own 
applications into your directory and do things like poll for new incidents 
every 15 minutes. It is a lot harder to do stuff like this if you have to 
parse the text of email messages or web pages. Basically, I think the 
world should stop writing new text parsers and start using the existing 
standard data encapsulation protocols like LDAP, etc.

If you decide to seriously do something like this, you might want to 
discuss it with Rob Thomas from Team Cymru because he has expressed some 
level of interest in publishing his directories using LDAP. You can find 
out more at the Bogon project http://www.cymru.com/BGP/bogon-rs.html

--Michael Dillon





More information about the ARIN-PPML mailing list