AltDB? (IRR support & direction at ARIN)

Jeff Wheeler jsw at inconcepts.biz
Sun Jan 9 17:41:38 CST 2011


On Sun, Jan 9, 2011 at 6:27 PM, Randy Bush <randy at psg.com> wrote:
>>   Do you: 1) want IRR services, and if so, with what features?
>>           2) believe IRR services should be provided by ARIN?
>
> the irr is slightly useful today.  so, iff it is cheap and easy, arin
> providing an open and free instance is a public good.  again, iff it is
> easy and cheap.  and please do not waste time trying to 'fix' the irr,
> sad to say it's trying to make a silk purse out of a sow's ear.

I'm not suggesting that ARIN undertake a large and complex effort to
solve a bunch of issues with IRR.  All I am suggesting is that they
prevent anonymous bad guys with no inside information, special access,
or knowledge of passwords, from corrupting the data which some
networks choose to publish in ARIN IRR.

I am simply suggesting it is dangerous and irresponsible to run an IRR
with only MAIL-FROM authentication, and quite easy to also support
CRYPT-PW.  ARIN should either support passwords or immediately make
their IRR read-only and stop offering it as a service.  Imagine if
there was a Slashdot article or something about this, how long would
it take for some 14-year-old to erase the whole database, and how that
would pretty much force ARIN to make a choice anyway, but also, create
a lot of negative fall-out that might jeopardize trust in ARIN with
regard to other operational matters, like RPKI.

-- 
Jeff S Wheeler <jsw at inconcepts.biz>
Sr Network Operator  /  Innovative Network Concepts




More information about the NANOG mailing list