[134671] in North American Network Operators' Group
Re: AltDB?
daemon@ATHENA.MIT.EDU (Jeff Wheeler)
Sun Jan 9 02:10:21 2011
In-Reply-To: <m2fwt23glz.wl%randy@psg.com>
Date: Sun, 9 Jan 2011 02:09:41 -0500
From: Jeff Wheeler <jsw@inconcepts.biz>
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sat, Jan 8, 2011 at 10:23 PM, Randy Bush <randy@psg.com> wrote:
> but, unlike the other regions, the arin.irr is not confuddled with the
> arin.whois. =A0i.e. it is kind of irrelevant to the authority on resource
> ownership, arin's real responsibility.
I certainly agree with this, and I am admittedly ignorant of the
history here, but I don't understand why ARIN is operating an IRR that
is very much insecure, instead of just not operating one at all.
> they are just providing a free irr service, as it is the popular thing
> for rirs to do these years. =A0and i don't think many use it. =A0if you
In terms of database size, excluding RIPE, the ARIN IRR is the 8th
largest, ahead of ALTDB and about 10% as large as Level3, the second
largest IRR database (except RIPE.) A mass-corruption of the ARIN IRR
overnight might be a serious incident causing service impact to a
large number of users and businesses, and cause probably thousands of
people to be got out of bed in the middle of the night, but clearly it
would not be a total disaster.
No one is forced to use ARIN IRR, but it's worth asking the question:
why is ARIN a trustworthy steward of RPKI infrastructure if their IRR
is a serious liability to The Internet because of a simple issue like
not supporting password or PGP authentication? Is this the reason
ARIN is spending time consulting their lawyers?
--=20
Jeff S Wheeler <jsw@inconcepts.biz>
Sr Network Operator=A0 /=A0 Innovative Network Concepts
