jcurran at arin.net
Sun Jan 9 21:47:39 CST 2011
On Jan 9, 2011, at 9:53 PM, Jeff Wheeler wrote:
> Why should an operational security issue with the ARIN IRR be handled
> as a policy issue?
Operational security matters should simply be fixed; that's not a policy
matter but an implementation issue.
> Do you know that I have emailed ARIN about this both recently and in
> years past? Am I the only person who has ever tried to bring this to
> ARIN's attention? I doubt that.
Good to know; I'm rather interesting in knowing some particulars
here, so can you forward to me one or two of those messages? (or
just let me know the 'To' field used and I'll take it from there)
> What will the process be for handling operational security issues
> regarding future RPKI infrastructure? It is conceivable that there
> may be no alternative to ARIN, in the ARIN region, for trusted routing
> information data in the future. Today, we can choose not to use ARIN
> IRR, and the huge majority of networks who publish IRR data use their
> ISP databases or MERIT RADB. Are we faced with the possibility that
> ARIN simply doesn't have personnel capable of handling operational
> services, yet are forcing ARIN down a road that may make them a sole
> source of something we all need? If so, perhaps this is a very bad
> idea in need of further debate.
Feel free to discuss on this list (if deemed in charter) or arin-discuss
as you feel appropriate.
> I think the mentality at ARIN is one of paper-pushers and policy guys.
> That's perfectly fine for an organization whose main function is ...
> processing paperwork and allocating IP addresses. It is perhaps a
> very bad idea to ask ARIN to do operational things which they are very
> clearly unprepared to handle, to such an extent that they may need
> additional or different personnel, and really need to change their
Jeff - ARIN does indeed have folks who worry about whether the policy
development process is being followed. We also have folks who actually
implement the policy and issue number resources. What you may not know
is that we also have quite a few folks who have run production operational
services both for the Internet and other mission-critical environments.
I'm not surprised that the IRR allows plaintext passwords, but am myself
stunned if indeed we require them, since that disallows even a modicum of
protection from trivial acts of sabotage. Rather than repeat what lack
of information there is on the web site in regards to what forms of IRR
authentication is available, I will go determinate the state of reality
and post back here asap. At a minimum, we need much clearer documentation,
but if more is required, we'll get it fixed asap.
President and CEO
More information about the NANOG