On Mon, Jul 09, 2007 at 04:50:56PM -0400, Joe Abley wrote:
SIDR is only of any widespread use if it is coupled with policy/ procedures at the RIRs to provide certificates for resources that are assigned/allocated. However, this seems like less of a hurdle than you'd think when you look at how many RIR staff are involved in working on it.
So, if you consider some future world where there are suitably machine-readable repositories of number resources (e.g. IRRs) are combined with machine-verifiable certificates affirming a customer's right to use them, how far out of the woods are we? Or are we going to find out that the real problem is some fundamental unwillingness to automate this stuff, or something else?
Going to a model with reasonable and well-defined policies and procedures is a good thing. However, it renders all the existing IRR information suspect. Even the RRs run by RIRs are worthless as they stand. For instance ARIN runs an RR but does no validation of what goes in there today. A reasonable approach might be to pick up with tools based on the new SIDR work and leave the existing IRR info behind. Tony