[45037] in North American Network Operators' Group
Re: SSL for IRR queries?
daemon@ATHENA.MIT.EDU (Stephen Griffin)
Fri Jan 11 15:22:10 2002
Message-Id: <200201112021.PAA03115@elektra.ultra.net>
In-Reply-To: <Pine.GSO.4.40.0201111429310.5399-100000@mesa.bbnplanet.com> from Tony Tauber at "Jan 11, 2002 02:45:35 pm"
To: ttauber@genuity.net (Tony Tauber)
Date: Fri, 11 Jan 2002 15:21:20 -0500 (EST)
From: Stephen Griffin <stephen.griffin@rcn.com>
Cc: nanog@merit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
In the referenced message, Tony Tauber said:
>
> If there's a desire to trust information garnered
> from the Internet Routing Registry (eg. RADB, RIPE),
> it would seem that one would like a way to verify
> the server responding to queries.
At this time, I think verification and sanity-checking
of the data that goes into the IRR is more important than
that which comes out of it.
There is a plethora of stale registrations, entities who
don't register (*cough*701*cough*), and at least one entity
which is robo-proxy-registering routes "in the wild" (due to
the folks who don't register.)
I'ld love to see the first cleaned up (including others who
have registered chunks of your address space with their own
maintainer, making it tough to delete (much like the old problem
of others creating/referencing DNS servers making it impossible
to have them deleted.) The second group annoy me to no end, both
in the customer and in the peer variety. The third is somewhat annoying
since it can mask leaks from the folks who _do_ register, and doesn't
really solve #2.
