North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Guardian for ARIN
Once upon a time, NSI handled both domain names and network addresses. NSI originally only checked the sender of the e-mail address matched its database. Spoofing the sender of an e-mail address is/was trivial, and eventually several domain names were hijacked by other unauthorized individuals. NSI added "Guardian" to their template process. Guardian permitted the points of contact (NIC-Handle) for objects in the NSI database to add a password (and allegedly a PGP key) to their records. Only templates using the correct password would be processed. Since NSI handled both names and numbers, a password on NIC-Handle protected both names and networks. ARIN was formed, and the duties associated with IP numbers (AS and IP addresses) were transfered to the new ARIN. However, Guardian or some alternative didn't seem to get transferred. So we're back to anyone who can spoof the point of contacts e-mail address can make changes to the ARIN records. Is it time for ARIN to re-add security to their database update procedures?