[ppml] Policy Proposal: Authentication of Legacy Resources
Scott Leibrand
sleibrand at internap.com
Wed Jul 11 01:39:40 EDT 2007
Edward Lewis wrote:
> At 17:09 -0700 7/10/07, Scott Leibrand wrote:
>
>> I can see how your arguments would apply to removing whois records
>> from the
>> database, but after re-reading the proposal I see that Andrew only
>> proposed
>> removing DNS delegation. Can you explain how you depend on ARIN
>> publishing
>> information on the allocation of address space in DNS (rather than
>> WHOIS)? It
>> would seem to me that ARIN members like you and me benefit primarily
>> from
>> having WHOIS information on legacy netblocks.
>
> In brief and in theory...if I get a packet from legacy space, I will
> want to do a lookup based on the address it came from. To see if the
> claimed domain name matches the address' PTR record or some other
> protocol related info tied to address space and not domain name.
>
> (As I said - in theory and way past my local bed time.)
Yeah, that's pretty common, for applications like SSH and SMTP. My
question is, if the lookup fails, don't you just treat it like an
untrusted connection? That seems like something that would impact the
clients on the legacy space a lot more than you as a server operator and
ARIN member.
A follow-up question for the morning: Is there anything you use DNS for
(or that you know other people use it for) that would significantly
affect non-legacy parties (without also affecting the legacy netblock's
users) if PTR lookups from legacy space were to fail?
-Scott
More information about the ARIN-PPML
mailing list