/lurkingmode disabled Should we, as a community, register with RIR's with PGP. And use special keys for resources? The only people to have the keys would be the end user/ISP and the RIR. Forged PGP can be done but not so easily. Basically email is so easy to forge should we not do what we do everywhere else and just add security? or ACL's or a firewall or....... /lurkingmode enabled ->-----Original Message----- ->From: william@elan.net [mailto:william@elan.net] ->Sent: Tuesday, November 04, 2003 7:00 AM ->To: nanog@merit.edu ->Subject: Re: Hijacked IP space. -> -> -> -> ->Also while we're on ip hijacking subject as I mentioned there ->is a new way it ->has been done where instead of reregistering domains, the ->actual email ->account is reused by somebody else and where whois at arin is ->for themost ->part left unchanged (making it difficult for arin to do anything). -> ->Because these cases are difficult to track the original ->owners and to proof ->hijacking or to notice that it happend, it would be nice to stop such ->activity in the first place. So I'd would really be good if ->somebody from ->earthlink contacts me and I can then tell them privately what ->names they ->need to "lock" as far as what their customers can request for ->additional ->emails. Same applies for other ISPs - if you who work for ->company that ->has in the past bought other large ISPs AND where you still ->allow new or ->existing customers to get new email accounts at the domains ->of those old ->companies (i.e. like earthlink is presumably doing with ->netcom.com), then ->let me know domains and I can tell you what not to allow your ->customers ->for emails. -> ->-- ->William Leibzon ->Elan Networks ->william@elan.net -> ->