[27500] in North American Network Operators' Group
Re: whois broke again?
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Mon Feb 21 16:10:55 2000
From: bmanning@vacation.karoshi.com
Message-Id: <200002212141.NAA12575@vacation.karoshi.com>
To: rirving@onecall.net (Richard Irving)
Date: Mon, 21 Feb 2000 13:41:48 -0800 (PST)
Cc: bmanning@vacation.karoshi.com, nanog@merit.edu
In-Reply-To: <38B19D3F.35FA8E7F@onecall.net> from "Richard Irving" at Feb 21, 2000 03:17:03 PM
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
> >>>> delegation glue ?
> >>
> >> and how/where did you get your AS & delegation?
>
> Public viewable data will have no verification,
> and ARIN/NSI/JPNIC/ETC will be in the critical path
> for timely resolution of said corrected data.
>
> [Seriously -Pregnant- Pause]
ok, ICANN delegates 64.0.0.0/8 to ARIN.
ARIN delegates 64.64.0.0/16 to BillsBait&Sushi
BBS delegates 64.64.0.0/20 to OnCall
OnCall delegates 64.64.0.0/24 to AviFreedman
There is a DNS inverse delegation at every point (granted w/o verification
today) where each site publishes a zone file. There is a chain of custody
at each delegation point. The owner of each zone may choose to publish
relevent data in the zone(s) they control. ARIN has near zero leverage
on OnCall for the delegations it makes to Avi. OnCall however does have
leverage since there is an existing business relationship w/ Avi.
This whole thing gets much tighter when/if we can get DNSSEC deployed
at least in the inverse tree.
Yes there are interesting scoping issues. Yes there are concerns wrt
evil people and tolerent applications. But this tactic clearly puts the
onus on the people in control of the useage, not some centralized repository.
YMMV.
--bill
