[92965] in North American Network Operators' Group
Re: Collocation Access
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Mon Oct 23 14:25:38 2006
Date: Mon, 23 Oct 2006 14:17:45 -0400
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: "John A. Kilpatrick" <john@hypergeek.net>
Cc: nanog@nanog.org
In-Reply-To: <20061023103731.W56322@iama.hypergeek.net>
Errors-To: owner-nanog@merit.edu
On Mon, 23 Oct 2006 10:40:19 -0700 (PDT), "John A. Kilpatrick"
<john@hypergeek.net> wrote:
>
> On Mon, 23 Oct 2006, Craig Holland wrote:
>
> > In fact he did have an AT&T badge which he was not allowed to hand over
> > either. The fellow I chatted with at AT&T said they are not allowed to
> > hand over their badge because it would compromise their security.
>
> My tech said the same thing. That keycard could grant central office
> access so he couldn't surrender it.
That's quite likely accurate. My AT&T badge let me in via unattended
entrances at a variety of facilities; I'd expect that a tech's badge would
indeed work for many COs.
A better answer is for the COLO management to supply a number, on
request, to tenants; they'd pass this number on to their supplier, for
one-time use by the tech.
A government-issued ID (at most) proves your identity; it says nothing
about your authorization to be somewhere. A company-issued ID (at most)
proves that you work for some company that may or may not (a) be present
at the COLO, and (b) may or may not be there for legitimate reasons.
What's necessary here is *permission*.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
