North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Guardian for ARIN

  • From: Scott Granados
  • Date: Fri May 02 02:06:41 2003

Here here, and if there was a means to see this easily via whois that would
be perfect.  Just one small step to add to the announcement verification
process.  Perhaps something to do with the autoresponder where if the
contact doesn't respond say yearly or over some time period the contact gets
flagged as in question.  Also perhaps the fact that the space is announced
or not and if withdrawn some timer could be set to flag after months or some
appropriate time.  It seems that something additionally could be done.

----- Original Message ----- 
From: "Mike Leber" <[email protected]>
To: "Sean Donelan" <[email protected]>
Cc: <[email protected]>
Sent: Thursday, May 01, 2003 10:44 PM
Subject: Re: Guardian for ARIN

> On Fri, 2 May 2003, Sean Donelan wrote:
> > ARIN was formed, and the duties associated with IP numbers (AS and IP
> > addresses) were transfered to the new ARIN.  However, Guardian or some
> > alternative didn't seem to get transferred.  So we're back to anyone
> > who can spoof the point of contacts e-mail address can make changes
> > to the ARIN records.
> >
> > Is it time for ARIN to re-add security to their database update
> > procedures?
> That won't fix the immediate problem of hijacking legacy prefixes with
> expired domains for contacts.
> The most simplest, quickest, and easiest fix for this would be for ARIN to
> strip or mark as unusuable the email address of any contact in their
> database with an expired domain.
> Even in the case where the expired domain is a mistake, marking the
> contact invalid doesn't have adverse affect because it doesn't change the
> status of the allocation, and ARIN can provide a way to resubstantiate the
> email address by providing proof (i.e. documentation that is the same as
> the original documentation provided for the initial allocation).
> Also it would make it really obvious that there was a problem if a
> customer requests to announce a prefix with a marked invalid contact.
> Mike.
> +----------------- H U R R I C A N E - E L E C T R I C -----------------+
> | Mike Leber           Direct Internet Connections   Voice 510 580 4100 |
> | Hurricane Electric     Web Hosting  Colocation       Fax 510 580 4151 |
> | [email protected]                              |
> +-----------------------------------------------------------------------+