
From: Hank Nussbacher <HANK@taunivm.tau.ac.il> Currently it checks my email address and password. No match - and the maintainer of the AS gets a warning mail about the attempt to alter the routing within my AS - and I have gotten warning e-mails already. Adding in PGP authentication should not be too hard if it is not done already.
We would be much more comfortable with PGP. Currently, passwords are going in cleartext over Email, not an impressively secure scheme. Though PGP does preclude automatic submission by maintainers who do not wish to keep secret keys online. Personally, I will accept the restriction. Inter-RR exchanges (e.g. RIPE/RADB/MCI/...) may find such restrictions more of a problem. I have some tangential questions. Currently, we submit o NACRs o SWIPs to InterNIC o email re routing updates to Sprint o 81ish objects to MCI o 81ish objects to the RADB and I am told we will be moving to rwhois. 0 - Why the same data to MCI and RADB? It would seem reasonable to send all updates to one registry and have the others fetch what they need. 1 - When can do stop needing NACRs? Monday, i.e. effectively now? 2 - The RADB has a lot of old, now obsolete, data maintained by others. Do we have to ask each old maintainer to clean it out, or will it all be cleaned up as the changeover settles down? 3 - SWIPs and 81ish objects (and NACRs, but they're going away, yes?) share a non-trivial subset. Are there maintainers' tools for generating both from a single database? If not, we will surely create errors of consistency. 4 - Are there more appropriate fora for weenie questions? FYI, despite the lack of rigor, Sprint's has seemed (from the bottom of the pond view) to be the most immediate and reliable over the many moons. ( Of course, with only 700 customers as compared to, e.g., Karl's 5,000 they have a much easier time of it. :-) But the overwhelming problem with all avenues has been the NACR delay.