On Jan 29, 2011, at 10:50 PM, Jeff Wheeler wrote:
On Thu, Jan 27, 2011 at 10:00 PM, John Curran <jcurran@arin.net> wrote:
Based on the ARIN's IRR authentication thread a couple of weeks ago, there were suggestions placed into ARIN's ACSP process for changes to ARIN's IRR system. ARIN has looked at the integration issues involved and has scheduled an upgrade to the IRR system that will accept PGP and CRYPT-PW authentication as well as implementing notification support for both the mnt-nfy and notify fields by the end of August 2011.
I'm glad to see that a decision was made to improve the ARIN IRR, rather than stick to status-quo or abandon it.
Good to hear.
However, this response is essentially what most folks I spoke with off-list imagined: You have an immediate operational security problem which could cause service impact to ARIN members and others relying on the ARIN IRR database, and fixing it by allowing passwords or PGP to be used is not very hard.
I appreciate your estimate of the effort required to address this problem, but we're not doing this as a completely separate system but with the intention of having some level of integration with our existing ARIN Online system in the future. While this may take more effort, and was not in our original 2011 budget, we have been able to add it to plan with development to begin later in the year.
As I have stated on this list, I believe ARIN is not organizationally capable of handling operational issues.
You've asserted this belief in prior messages (as well as noting that "No one is forced to use ARIN IRR") If the IRR does not meet your needs during this period, I would recommend using one of the many alternative routing registries available. In any case, I'd like to thank you again for raising the concern about lack of IRR authentication, as it was instrumental in bringing this matter to resolution. Thanks! /John John Curran President and CEO ARIN