I'm also supportive of this draft, I think it can be very useful if widely adopted.
One issue that some of my colleagues identified is the following: There are malicious ASNs out there who acquire huge amounts of IP6 space (like multiple /32's) to use for scraping, attacks, etc – they could set their prefix lengths to 128 and completely blow the storage of any database that trusts them. Similarly, a malicious ASN may falsely tag its prefixes as CGNAT so that it avoids blocking or throttling. Maybe the security considerations seconds can cover some of those cases. Best, -- *Vasilis Giotsas* | Research Engineer vasi...@cloudflare.com [image: Cloudflare Research Logo] <https://research.cloudflare.com/?utm_source=email_digital_signature> https://research.cloudflare.com/ <https://research.cloudflare.com/?utm_source=email_digital_signature>
_______________________________________________ OPSAWG mailing list -- opsawg@ietf.org To unsubscribe send an email to opsawg-le...@ietf.org
