From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: location@lists.ipfire.org Subject: Re: [PATCH 2/2] overrides: clarify file contents and policies Date: Fri, 06 Aug 2021 17:20:35 +0200 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7844204739342061070==" List-Id: --===============7844204739342061070== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, This doesn=E2=80=99t seem to apply :( -Michael > On 6 Aug 2021, at 17:07, Peter M=C3=BCller wro= te: >=20 > This patch updates the disclaimer blocks at the beginning of the > override-*.txt files, to be more accurate and helpful to people wishing > to propose changes to them. >=20 > In addition, a remark regarding the A[1-3] country codes has been added. >=20 > Signed-off-by: Peter M=C3=BCller > --- > overrides/override-a1.txt | 26 ++++++++++++++++---------- > overrides/override-a2.txt | 20 ++++++++++++++------ > overrides/override-a3.txt | 20 +++++++++++++++----- > overrides/override-other.txt | 26 ++++++++++++++++++-------- > 4 files changed, 63 insertions(+), 29 deletions(-) >=20 > diff --git a/overrides/override-a1.txt b/overrides/override-a1.txt > index 284c3e8..77d5b08 100644 > --- a/overrides/override-a1.txt > +++ b/overrides/override-a1.txt > @@ -1,19 +1,25 @@ > # > # override-a1 [.txt] > # > -# This file contains Autonomous Systems (AS) or IP networks/adresses > -# which are - in fact or with a high level of confidence - anonymous > -# proxies (special country code: A1). > +# This file contains Autonomous Systems and IP networks used - in fact or = with reasonable > +# confidence - for publicly available services for forwarding traffic anon= ymously, such as > +# VPN providers. > # > -# Since it does not make sense to assign them to a county, they > -# will be flagged as "A1" in the database. > +# While their country code set is preserved in libloc - unless utterly bog= us -, it does not > +# actually make sense to assign these to a distinct country. Therefore, th= ey will be flagged > +# as "anonymous proxies" in libloc query results. > # > -# Although we do not consider them to be bad entirely, they might > -# be unwanted in certain scenarios. > +# For historical reasons, parts of IPFire's web interface use "A1" as a co= untry code for them. > +# This violates ISO 3166, and might be changed to a different country code= inside a reserved > +# range in the future. > # > -# Please note only long-living Tor relay providers with static IPs > -# are listed here, as the list of all Tor relays will be dynamically > -# generated by another script. > +# At the moment, major Tor exit relay providers are included here as well.= They will be dropped > +# from this file in the future, as soon as bug #11754 has been solved and = a list of Tor exit > +# relays is imported dynamically while compiling the database. > +# > +# Improvement suggestions are appreciated, please submit them as patches t= o the location mailing > +# list. Refer to https://lists.ipfire.org/mailman/listinfo/location and ht= tps://wiki.ipfire.org/devel/contact > +# for further information. > # > # Please keep this file sorted. > # > diff --git a/overrides/override-a2.txt b/overrides/override-a2.txt > index 502948f..223b4df 100644 > --- a/overrides/override-a2.txt > +++ b/overrides/override-a2.txt > @@ -1,13 +1,21 @@ > # > # override-a2 [.txt] > # > -# This file contains Autonomous Systems (AS) or IP networks/addresses > -# which are - in fact or with a high level of confidence - belonging > -# to satellite network providers (special country code: A2). > +# This file contains Autonomous Systems and IP networks used - in fact or = with reasonable > +# confidence - for customers or dial-in pools of satellite-based internet = services. > # > -# Since a satellite uplink connection is possible from almost > -# anywhere in the world, it does not make sense to assign them to a > -# specific country. They will be flagged as "A2" in the database. > +# While their country code set is preserved in libloc - unless utterly bog= us -, it does not > +# actually make sense to assign these to a distinct country, since a satel= lite connection is > +# possible from virtually any place in the world. Therefore, they will be = flagged as "satellite > +# providers" in libloc query results. > +# > +# For historical reasons, parts of IPFire's web interface use "A2" as a co= untry code for them. > +# This violates ISO 3166, and might be changed to a different country code= inside a reserved > +# range in the future. > +# > +# Improvement suggestions are appreciated, please submit them as patches t= o the location mailing > +# list. Refer to https://lists.ipfire.org/mailman/listinfo/location and ht= tps://wiki.ipfire.org/devel/contact > +# for further information. > # > # Please keep this file sorted. > # > diff --git a/overrides/override-a3.txt b/overrides/override-a3.txt > index d810d93..b07d4b8 100644 > --- a/overrides/override-a3.txt > +++ b/overrides/override-a3.txt > @@ -1,12 +1,22 @@ > # > # override-a3 [.txt] > # > -# This file contains Autonomous Systems (AS) or IP networks/addresses > -# which are - in fact or with a high level of confidence - believed > -# to be worldwide anycast instances (special country codes: A3). > +# This file contains Autonomous Systems and IP networks used - in fact or = with reasonable > +# confidence - for worldwide anycast services. > # > -# It does not make sense to assign them to a certain country, they > -# will be flagged as "A3" in the database. > +# While their country code set is preserved in libloc - unless utterly bog= us -, it does not > +# make sense to assign these to a distinct country. Therefore, they will b= e flagged as "anycast" > +# in libloc query results. > +# > +# For historical reasons, parts of IPFire's web interface use "A3" as a co= untry code for them. > +# This violates ISO 3166, and might be changed to a different country code= inside a reserved > +# range in the future. > +# > +# Improvement suggestions are appreciated, please submit them as patches t= o the location mailing > +# list. Refer to https://lists.ipfire.org/mailman/listinfo/location and ht= tps://wiki.ipfire.org/devel/contact > +# for further information. > +# > +# Please keep this file sorted. > # >=20 > aut-num: AS69 > diff --git a/overrides/override-other.txt b/overrides/override-other.txt > index 045b515..d232fc6 100644 > --- a/overrides/override-other.txt > +++ b/overrides/override-other.txt > @@ -1,14 +1,24 @@ > # > -# override-other [.txt] > +# override-a3 [.txt] > # > -# This file contains Autonomous Systems (AS) or IP networks/addresses > -# whose country information in corresponding RIR data is believed or proven > -# to be invalid or inaccurate and which do not match to one of the special= categories > -# A[1-3]. > +# This file contains Autonomous Systems and IP networks whose RIR data are= believed to be inaccurate, > +# incomplete, or bogus on purpose and by chance. A small subset of its ent= ries applies to AS descriptions, > +# while the majority covers country code assignments. > # > -# Such networks might be legitimate (poorly maintained WHOIS data), shady > -# (networks owned by letterbox companies in offshore jurisdictions) or > -# hostile (faked RIR data in order to bypass location-based filtering). > +# The latter are crucial due to location-based firewalling or routing. Ina= ccurate country code assignments > +# therefore pose a security threat to these users, especially if being set= intentionally to circumvent such > +# filters. > +# > +# The term "Location" may refer to the actual, physical location of a netw= ork (usually hard to enumerate > +# beyond a country-level), or its jurisdiction. To the best of our knowled= ge, the contents of "country"-fields > +# in RIR databases were never clarified in this conext. > +# > +# When in doubt, the physical location of a network will be used below, es= pecially if the jurisdiction of a > +# network appears to be not helpful at all, such as offshore letterbox com= panies on the other end of the world. > +# > +# Improvement suggestions are appreciated, please submit them as patches t= o the location mailing > +# list. Refer to https://lists.ipfire.org/mailman/listinfo/location and ht= tps://wiki.ipfire.org/devel/contact > +# for further information. > # > # Please keep this file sorted. > # > --=20 > 2.26.2 --===============7844204739342061070==--