[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
AltDB?
On Sat, Jan 8, 2011 at 2:47 PM, Christopher Morrow
<morrowc.lists at gmail.com> wrote:
> I don't think rr.arin.net and RPKI have anything to do with each
> other. I think the direction the RPKI should/is taking is to have the
I at least think that whatever future and time-table is planned for
RPKI, this should not stand in the way of ARIN offering an effective
authentication mechanism for the ARIN IRR. FYI, the reply I received
from ARIN was that there are no plans to improve its authentication
capability. I didn't ask why and don't really care why it has never
had anything more than MAIL-FROM in the past. Either it should be
improved (IMO) or it shouldn't be.
I really do wonder what ARIN's plan is if a bad guy decides to forge
emails and delete or modify some or all of the objects. Would they
just shut it down, improve authentication, or keep doing business as
usual? I am always surprised that black hat folks do not do things
like this when faced with a damaging vulnerability that can easily be
exploited with no way to trace the activity back to the bad guy.
--
Jeff S Wheeler <jsw at inconcepts.biz>
Sr Network Operator? /? Innovative Network Concepts
- Follow-Ups:
- AltDB?
- From: randy at psg.com (Randy Bush)
- References:
- AltDB?
- From: vixie at isc.org (Paul Vixie)
- AltDB?
- From: drc at virtualized.org (David Conrad)
- AltDB?
- From: vixie at isc.org (Paul Vixie)
- AltDB?
- From: randy at psg.com (Randy Bush)
- AltDB?
- From: randy at psg.com (Randy Bush)
- AltDB?
- From: vixie at isc.org (Paul Vixie)
- AltDB?
- From: jlewis at lewis.org (Jon Lewis)
- AltDB?
- From: morrowc.lists at gmail.com (Christopher Morrow)