[102762] in North American Network Operators' Group
Re: [admin] [summary] RE: YouTube IP Hijacking
daemon@ATHENA.MIT.EDU (Arnd Vehling)
Tue Feb 26 07:48:19 2008
Date: Tue, 26 Feb 2008 13:31:34 +0100
From: Arnd Vehling <av@nethead.de>
To: Leo Vegoda <leo.vegoda@icann.org>
CC: Alex Pilosov <alex@pilosoft.com>, Danny McPherson <danny@tcb.net>,
nanog <nanog@merit.edu>
In-Reply-To: <C3E9BFEE.F899%leo.vegoda@icann.org>
Errors-To: owner-nanog@merit.edu
Leo Vegoda wrote:
> On 26/02/2008 12:06, "Arnd Vehling" <av@nethead.de> wrote:
>
> [...]
>
>> With a decent LIR DB (like the RIPE DB) this is only possible if an
>> hijacker breaks the authentication of the according database objects
>> which is a pain in the a** _if_ the objects use a proper authentication
>> scheme like PGP.
>
> I wonder what percentage of maintainers in the RIPE database only have PGP
> and/or X.509 auth schemes. I'd be surprised if it was as high as 5%.
True, but thats still better than having no authentication at all and
its possible to require strong authentication on inetnum, route and AS
objects. I just cant understand why LIR's like ARIN dont have any decent
methods for this implemented in their DB. Or did this change recently?
-- Arnd
