On Sat, Jan 8, 2011 at 10:23 PM, Randy Bush <randy@psg.com> wrote:
but, unlike the other regions, the arin.irr is not confuddled with the arin.whois. i.e. it is kind of irrelevant to the authority on resource ownership, arin's real responsibility.
I certainly agree with this, and I am admittedly ignorant of the history here, but I don't understand why ARIN is operating an IRR that is very much insecure, instead of just not operating one at all.
they are just providing a free irr service, as it is the popular thing for rirs to do these years. and i don't think many use it. if you
In terms of database size, excluding RIPE, the ARIN IRR is the 8th largest, ahead of ALTDB and about 10% as large as Level3, the second largest IRR database (except RIPE.) A mass-corruption of the ARIN IRR overnight might be a serious incident causing service impact to a large number of users and businesses, and cause probably thousands of people to be got out of bed in the middle of the night, but clearly it would not be a total disaster. No one is forced to use ARIN IRR, but it's worth asking the question: why is ARIN a trustworthy steward of RPKI infrastructure if their IRR is a serious liability to The Internet because of a simple issue like not supporting password or PGP authentication? Is this the reason ARIN is spending time consulting their lawyers? -- Jeff S Wheeler <jsw@inconcepts.biz> Sr Network Operator / Innovative Network Concepts