John Curran jcurran at
Sun Jan 9 21:47:39 CST 2011

On Jan 9, 2011, at 9:53 PM, Jeff Wheeler wrote:
> Why should an operational security issue with the ARIN IRR be handled
> as a policy issue?

Operational security matters should simply be fixed; that's not a policy
matter but an implementation issue. 

> Do you know that I have emailed ARIN about this both recently and in
> years past?  Am I the only person who has ever tried to bring this to
> ARIN's attention?  I doubt that.

Good to know; I'm rather interesting in knowing some particulars 
here, so can you forward to me one or two of those messages?  (or
just let me know the 'To' field used and I'll take it from there)

> What will the process be for handling operational security issues
> regarding future RPKI infrastructure?  It is conceivable that there
> may be no alternative to ARIN, in the ARIN region, for trusted routing
> information data in the future.  Today, we can choose not to use ARIN
> IRR, and the huge majority of networks who publish IRR data use their
> ISP databases or MERIT RADB.  Are we faced with the possibility that
> ARIN simply doesn't have personnel capable of handling operational
> services, yet are forcing ARIN down a road that may make them a sole
> source of something we all need?  If so, perhaps this is a very bad
> idea in need of further debate.

Feel free to discuss on this list (if deemed in charter) or arin-discuss 
as you feel appropriate.

> I think the mentality at ARIN is one of paper-pushers and policy guys.
> That's perfectly fine for an organization whose main function is ...
> processing paperwork and allocating IP addresses.  It is perhaps a
> very bad idea to ask ARIN to do operational things which they are very
> clearly unprepared to handle, to such an extent that they may need
> additional or different personnel, and really need to change their
> mentality.

Jeff - ARIN does indeed have folks who worry about whether the policy 
development process is being followed.  We also have folks who actually
implement the policy and issue number resources.  What you may not know 
is that we also have quite a few folks who have run production operational 
services both for the Internet and other mission-critical environments.  
I'm not surprised that the IRR allows plaintext passwords, but am myself
stunned if indeed we require them, since that disallows even a modicum of 
protection from trivial acts of sabotage.  Rather than repeat what lack 
of information there is on the web site in regards to what forms of IRR 
authentication is available, I will go determinate the state of reality 
and post back here asap. At a minimum, we need much clearer documentation, 
but if more is required, we'll get it fixed asap.


John Curran
President and CEO

More information about the NANOG mailing list