On Jan 9, 2011, at 9:53 PM, Jeff Wheeler wrote:
Why should an operational security issue with the ARIN IRR be handled as a policy issue?
Operational security matters should simply be fixed; that's not a policy matter but an implementation issue.
Do you know that I have emailed ARIN about this both recently and in years past? Am I the only person who has ever tried to bring this to ARIN's attention? I doubt that.
Good to know; I'm rather interesting in knowing some particulars here, so can you forward to me one or two of those messages? (or just let me know the 'To' field used and I'll take it from there)
What will the process be for handling operational security issues regarding future RPKI infrastructure? It is conceivable that there may be no alternative to ARIN, in the ARIN region, for trusted routing information data in the future. Today, we can choose not to use ARIN IRR, and the huge majority of networks who publish IRR data use their ISP databases or MERIT RADB. Are we faced with the possibility that ARIN simply doesn't have personnel capable of handling operational services, yet are forcing ARIN down a road that may make them a sole source of something we all need? If so, perhaps this is a very bad idea in need of further debate.
Feel free to discuss on this list (if deemed in charter) or arin-discuss as you feel appropriate.
I think the mentality at ARIN is one of paper-pushers and policy guys. That's perfectly fine for an organization whose main function is ... processing paperwork and allocating IP addresses. It is perhaps a very bad idea to ask ARIN to do operational things which they are very clearly unprepared to handle, to such an extent that they may need additional or different personnel, and really need to change their mentality.
Jeff - ARIN does indeed have folks who worry about whether the policy development process is being followed. We also have folks who actually implement the policy and issue number resources. What you may not know is that we also have quite a few folks who have run production operational services both for the Internet and other mission-critical environments. I'm not surprised that the IRR allows plaintext passwords, but am myself stunned if indeed we require them, since that disallows even a modicum of protection from trivial acts of sabotage. Rather than repeat what lack of information there is on the web site in regards to what forms of IRR authentication is available, I will go determinate the state of reality and post back here asap. At a minimum, we need much clearer documentation, but if more is required, we'll get it fixed asap. /John John Curran President and CEO ARIN