From Sean.Zhao at CenturyLink.com Thu Sep 1 17:21:31 2011 From: Sean.Zhao at CenturyLink.com (Zhao, Sean) Date: Thu, 1 Sep 2011 15:21:31 -0600 Subject: [arin-tech-discuss] arin-tech-discuss Digest, Vol 9, Issue 1 In-Reply-To: References: Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF1AFB92904A@qtdenexmbm20.AD.QINTRA.COM> Thanks a lot David. That does work now. But I have one more question. Since I got ticket payload instead of org payload. How do I now the OrgHandle. Should I search the ticket by the ticket# I receive? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com -----Original Message----- From: arin-tech-discuss-bounces at arin.net [mailto:arin-tech-discuss-bounces at arin.net] On Behalf Of arin-tech-discuss-request at arin.net Sent: Thursday, September 01, 2011 12:00 PM To: arin-tech-discuss at arin.net Subject: arin-tech-discuss Digest, Vol 9, Issue 1 Send arin-tech-discuss mailing list submissions to arin-tech-discuss at arin.net To subscribe or unsubscribe via the World Wide Web, visit http://lists.arin.net/mailman/listinfo/arin-tech-discuss or, via email, send a message with subject or body 'help' to arin-tech-discuss-request at arin.net You can reach the person managing the list at arin-tech-discuss-owner at arin.net When replying, please edit your Subject line so it is more specific than "Re: Contents of arin-tech-discuss digest..." Today's Topics: 1. Re: Error message when I sent an org payload to create an Org (David Huberman) ---------------------------------------------------------------------- Message: 1 Date: Wed, 31 Aug 2011 21:21:50 +0000 From: David Huberman To: "'arin-tech-discuss at arin.net'" Cc: "Grimes, Ronald" Subject: Re: [arin-tech-discuss] Error message when I sent an org payload to create an Org Message-ID: Content-Type: text/plain; charset="us-ascii" Hello, There are two problems with your payload: 1) You have specified: xmlns="" in three places: Please remove xmlns="" from these tags. 2) You specified the attribute name= in the pocLinkRef fields. Please remove the name attribute. The resultant payload would be:

US USA

1113 W BIRCHWOOD AVE MESA 85210 ADVANCED ENERGY IDEAS This will also fail, but not because of any RESTful formatting issues. It will fail because all OrgIDs must have one (and only one) Admin POC. So you need to add a POC handle to serve as function='AD". Hope that helps! Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 ------------------------------ _______________________________________________ arin-tech-discuss mailing list arin-tech-discuss at arin.net http://lists.arin.net/mailman/listinfo/arin-tech-discuss End of arin-tech-discuss Digest, Vol 9, Issue 1 *********************************************** This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. From dhuberma at arin.net Tue Sep 6 10:29:54 2011 From: dhuberma at arin.net (David Huberman) Date: Tue, 6 Sep 2011 14:29:54 +0000 Subject: [arin-tech-discuss] arin-tech-discuss Digest, Vol 9, Issue 1 In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF1AFB92904A@qtdenexmbm20.AD.QINTRA.COM> Message-ID: Hello, > Since I got ticket payload instead of org payload. > How do I now the OrgHandle. Should I search the > ticket by the ticket# I receive? Two different answers: 1) When a user makes a call to create a new OrgID via the method you described in your earlier email, the request is ticketed and manually reviewed by ARIN staff. Once we reply in the ticket (with, say, an approval or a request for more information), that response is available via a call for the ticket's status. 2) Based on your previous questions to this list, it seems like you are looking to create OrgIDs for your customers for the purposes of reassigning IP addresses to them. In that scenario, you want to use the Create Recipient Org service, outlined under the NET methods and payloads. The Create Recipient Org service allows you to create OrgIDs instantly, with the OrgID presented in the return payload. Hope that helps! David --- David R Huberman ARIN Technical Specialist (703) 227-9866 From aaronh at bind.com Fri Sep 9 14:20:13 2011 From: aaronh at bind.com (Aaron Hughes) Date: Fri, 9 Sep 2011 11:20:13 -0700 Subject: [arin-tech-discuss] Customer Payload Country Message-ID: <20110909182013.GH6700@trace.bind.com> When creating a new customer or ORGID do I have to supply anything other than code2 for the country or do I really have to reverse lookup the country name? Cheers, Aaron [snip] CUSTOMERNAME

UNITED STATES US USA 1

CUST Line 1 Chantilly

20151 Line 1 PARENTORGHANDLE Tue Jan 25 16:17:18 EST 2011 true -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From dhuberma at arin.net Fri Sep 9 14:24:07 2011 From: dhuberma at arin.net (David Huberman) Date: Fri, 9 Sep 2011 18:24:07 +0000 Subject: [arin-tech-discuss] Customer Payload Country In-Reply-To: <20110909182013.GH6700@trace.bind.com> Message-ID: Hello, > When creating a new customer or ORGID do I have to supply anything > other than code2 for the country or do I really have to reverse > lookup the country name? For the iso3166-1 values, you only need use one of the available constructions. So: US ... should work dandy. Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 From aaronh at bind.com Fri Sep 9 14:47:08 2011 From: aaronh at bind.com (Aaron Hughes) Date: Fri, 9 Sep 2011 11:47:08 -0700 Subject: [arin-tech-discuss] Customer Payload Country In-Reply-To: References: <20110909182013.GH6700@trace.bind.com> Message-ID: <20110909184708.GI6700@trace.bind.com> Thanks David! Cheers, Aaron On Fri, Sep 09, 2011 at 06:24:07PM +0000, David Huberman wrote: > Hello, > > > When creating a new customer or ORGID do I have to supply anything > > other than code2 for the country or do I really have to reverse > > lookup the country name? > > For the iso3166-1 values, you only need use one of the available > constructions. So: > > > US > > > ... should work dandy. > > Regards, > David > > --- > David R Huberman > ARIN Technical Specialist > (703) 227-9866 > > > > -- > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From aaronh at bind.com Mon Sep 12 14:28:34 2011 From: aaronh at bind.com (Aaron Hughes) Date: Mon, 12 Sep 2011 11:28:34 -0700 Subject: [arin-tech-discuss] Delete problems with ORG and POC Message-ID: <20110912182834.GX6700@trace.bind.com> We send a DELETE request to this URL: https://www.arin.net/rest/org/CO-14?apikey=API-B7BF-XXXX-XXXX-XXXX There is no payload for this transaction; it's just the DELETE that should cause the record to be removed. But we get this response: [code] => E_AUTHENTICATION [message] => The API key is not authorized to make that request. The same is true for POCs and API key is correct and works for many other things. So here's a summary: Add Customer WORKS Get Customer WORKS Delete Customer WORKS Add Network (Reassign) WORKS Get Network WORKS Delete Network WORKS Add Org WORKS Get Org *NO* Delete Org *NO* Add POC WORKS Get POC *NO* Delete POC *NO* The methods for these operations are all parallel, and our code is identical for each. Yet Get and Delete work for Customers and Networks, but the same operations give the "Invalid API Key" error for Orgs and POCs. We don't know why. Thoughts? Cheers, Aaron -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From dhuberma at arin.net Mon Sep 12 14:48:30 2011 From: dhuberma at arin.net (David Huberman) Date: Mon, 12 Sep 2011 18:48:30 +0000 Subject: [arin-tech-discuss] Delete problems with ORG and POC In-Reply-To: <20110912182834.GX6700@trace.bind.com> Message-ID: Hello, - If you are not a POC on an OrgID, you may not GET or DELETE it with your API key. Only an API key associated with an ARIN online account which is linked to an authoritative POC for an OrgID may GET or DELETE it. - If your ARIN Online account is not linked to a given POC, you may not GET or DELETE that POC with your API key. The ability to create ORGs and POCs on behalf of your customers is a carryover from the old "reassign-detailed" and "reallocate" template functions. Similar to that older mechanism, ARIN considers the ORGs/POCs created to belong the organization/person defined (rather than to you, the upstream). Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 From aaronh at bind.com Mon Sep 12 14:56:14 2011 From: aaronh at bind.com (Aaron Hughes) Date: Mon, 12 Sep 2011 11:56:14 -0700 Subject: [arin-tech-discuss] Delete problems with ORG and POC In-Reply-To: References: <20110912182834.GX6700@trace.bind.com> Message-ID: <20110912185614.GZ6700@trace.bind.com> David, in-line. On Mon, Sep 12, 2011 at 06:48:30PM +0000, David Huberman wrote: > Hello, > > - If you are not a POC on an OrgID, you may not GET or DELETE it with your > API key. Only an API key associated with an ARIN online account which is > linked to an authoritative POC for an OrgID may GET or DELETE it. > > - If your ARIN Online account is not linked to a given POC, you may not > GET or DELETE that POC with your API key. That makes sense, thanks. > The ability to create ORGs and POCs on behalf of your customers is a > carryover from the old "reassign-detailed" and "reallocate" template > functions. Similar to that older mechanism, ARIN considers the ORGs/POCs > created to belong the organization/person defined (rather than to you, the > upstream). I am a little confused about this... Is the intent to simply leave stale resources in the DB once a resource is reclaimed? In this case, I created two test POCs and one ORG while validating the code prior to production roll-out. Do these simply go away with the next round of POC/ORG validating e-mails sent by ARIN? Also, to bring up the expected use issue again, is this the way I should be handling detail reassigns and reallocates? Thanks as always. Cheers, Aaron > > Regards, > David > > --- > David R Huberman > ARIN Technical Specialist > (703) 227-9866 > > -- > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From dhuberma at arin.net Mon Sep 12 15:16:44 2011 From: dhuberma at arin.net (David Huberman) Date: Mon, 12 Sep 2011 19:16:44 +0000 Subject: [arin-tech-discuss] Delete problems with ORG and POC In-Reply-To: <20110912185614.GZ6700@trace.bind.com> Message-ID: Hello Aaron, You wrote: > Is the intent to simply leave stale resources in the DB once a resource > is reclaimed? In this case, I created two test POCs and one ORG while > validating the code prior to production roll-out. Do these simply go > away with the next round of POC/ORG validating e-mails sent by ARIN? I think a fair statement is ARIN's primary concern was respecting the authority model for objects in Whois which already existed (prior to us developing the RESTful API). In lieu of a complex hierarchy that was aware of the meta reason an object existed -- OrgID X was created by Aaron to reassign space to one of his customers, and now that the customer has disconnected, Aaron should be able to remove OrgID X -- we deployed a straight-forward model which says "either you're authoritative for it because your ARIN Online account is linked to it, or you're not". A result of this may be ORG and POC data which is not linked to any number resource. That data, however, is expected to not be of operational concern to the broad community. (And I think it's worth noting: If you want to ensure that you can remove orphaned ORGs or POCs, one option would be to include yourself [either as POC, or as e-mail on the POC] in the authority chain of the ORG or POC. Whether that's acceptable to you, or your customer, is left to your discretion.) You also asked: > Also, to bring up the expected use issue again, is this the way I > should be handling detail reassigns and reallocates? The expected methodology for detailed reassigns and reallocates is: - CREATE RECIPIENT ORG - NET reassign or reallocate - eventually, DELETE that reassignment or reallocation I hope that helps :) Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 From andy at arin.net Mon Sep 12 15:56:43 2011 From: andy at arin.net (Andy Newton) Date: Mon, 12 Sep 2011 19:56:43 +0000 Subject: [arin-tech-discuss] Delete problems with ORG and POC In-Reply-To: References: Message-ID: <3D48AA94-46C1-4B4D-91C4-814234E5ED53@arin.net> Just a small note on this... On Sep 12, 2011, at 3:16 PM, David Huberman wrote: > (And I think it's worth noting: If you want to ensure that you can > remove orphaned ORGs or POCs, one option would be to include yourself > [either as POC, or as e-mail on the POC] in the authority chain of > the ORG or POC. Whether that's acceptable to you, or your customer, > is left to your discretion.) As David has stated, even with the RESTful interface we have to stay within the framework of the existing authorization chain. And always putting your POC on an Org is one way to be a part of the authorization chain. Today, it is the only way to do this with automation. Another method is to login in to AOL and link the new POC to your web account and API Key. Of course, that's not really conducive to automation, so we have worked up the 'makeLink' matrix parameter which can be passed during the POC create call. This parameter will automatically link the new POC to your web account. This new matrix parameter is already in code and tested, and will be deployed with our next software release which is currently scheduled for late September. I hope this information is helpful. Andy Newton Chief Engineer From arin at u61.u22.net Mon Sep 12 19:53:56 2011 From: arin at u61.u22.net (Always Learning) Date: Tue, 13 Sep 2011 00:53:56 +0100 Subject: [arin-tech-discuss] ARIN WHOIS - An International Annoyance & Making the USA appear stupid Message-ID: <1315871636.4599.146.camel@m6.u226.com> Hallo ARIN Technical readers, Mark Kosters, Chief Technical Officer of ARIN suggested on the NANOG list (Mon, 12 Sep 2011 21:14:54 +0000) I post my concerns on this list. The rest of the world look towards the US of A as the country that invented the Internet. That formerly military system has worked so incredibly well that it has become the great success story that created the Internet we know and love today. It is a great tribute to the brains and ingenuity of the American people. The English helped too with the Web concept invented at the European Centre for Nuclear Research (CERN - that is the French way of naming it). Being on Centos (the biggest Red Hat clone) I use software called jwhois and type 'whois'. This is where the ARIN disaster manifests itself. It is an avoidable disaster which, in its present broken-down state, does an international disservice to the US of A's justifiably proud tradition of promoting the Internet and giving the world good efficiently working services. I have a BASH script called .w It contains #! /bin/bash whois $1 host $1 When I type .w 51.51.51.51 I receive a normal and conventional display of data because that IP address is in Europe and it is not 'organised' by ARIN. When I type:- .w 64.64.64.64 I receive a one line summary of possible matches, which always includes ARIN, but omits the details we used to receive before ARIN implemented its much criticised "improved" service. My second script .wa is more useful for North American IP enquiries:- #! /bin/bash whois -h whois.arin.net n + $1 host $1 On some occasions I get a normal display of Northern American data. The 'n' and '+' are not part of WHOIS. They are ARIN's own parameters. This example produces a 'near-as-normal' display:- .wa 65.65.65.65 However when ARIN automatically forwards the query to a North American RWHOIS the query is apparently malformed and nothing useful is displayed. For example:- .wa 66.66.66.66 The Internet was created in North America. Many people around the world would genuinely appreciate ARIN's help in getting the ARIN version of WHOIS to revert to normal WHOIS displays. At present the misguided and mistaken ARIN programmers wants enquirers to click on web page after web page after web page to try and find the information previously displayed in a single response. Frankly that weird attitude is stark raving bonkers! Here is what a few other users of ARIN's WHOIS system have stated in the last few days:- -------------------------------------------- (private email to me) Mon, 12 Sep 2011 08:16:05 -0400 "I'm glad to hear I'm not the only one who thinks the `new and improved' ARIN site is NOT and it doesn't work in a standard conforming browser. I had to do some scripting and install some new software to get any information out of the Web site. I complained when my old WORKING Web link stopped working. "I was told it wasn't a valid link and asked where I got the link. (I got it from THEIR Web site.) I was told it was never a valid link and shortly there after that link completely disappeared. The person was very rude. I guess they had at least a few other complaints because the new Web site got a little bit better after that. The new site required one to make one after another clicks to links to get information that all used to be available in ONE click and on one short page. It is still crap. It used to be short simple and to the point. It gave you all the information one needed and no extra crap. Now there is a page of junk before one gets to the real content and that content is now spread out over a bigger area so one has to do more scrolling than before. "I guess someone needed a reason to justify their position and employment. "I prefer the KISS principle, Keep It Simple, Stupid. They bent over backwards to make the new site as non-standard and complicated as possible." ----------------------------------------------------------------- Jon Lewis, Mon, 12 Sep 2011 12:32:20 -0400 (EDT) "He's complaining that sometime in the past few weeks (or is it months now?) ARIN changed the behavior of their whois server. New output for the query 209.208.0.1 is (omitting comments): "Internet Connect Company, Inc. ICC-1 (NET-209-208-0-0-1) 209.208.0.0 - 209.208.127.255 American Registry for Internet Numbers NET209 (NET-209-0-0-0-0) 209.0.0.0 - 209.255.255.255 "The old behavior was that ARIN's whois server would respond with the data from NET-209-208-0-0-1. i.e. NetRange: 209.208.0.0 - 209.208.127.255 CIDR: 209.208.0.0/17 OriginAS: NetName: ICC-1 NetHandle: NET-209-208-0-0-1 Parent: NET-209-0-0-0-0 NetType: Direct Allocation ... "This is rather an annoying change for anyone who uses whois much as it means every ARIN query is now at least two queries and there are doubtless scripts in use to grab information from whois that broke as a result of this change. NANOG isn't the place to complain about this though." ------------------------------------------------------------------ Eric Krichbaum, Mon, 12 Sep 2011 11:46:05 -0500 "That was on June 25th according to Mark Kosters. They started to answer with both the parent and delegated objects. That hosed the way RWHOIS data was being reported to most things as the client won't know which to send through to the rwhois servers. Still works from an old SCO box but not from anything current. "A "+" flag on the query from some clients will get it to recurse, but for my tests kicked back "%error 350 Invalid Query Syntax". "My issue with that response is that the general whois query shouldn't have to have an extra flag passed to get the data you asked for in the first place. This traps out most of the standard users from ever getting the correct data. It also makes the rwhois data almost impossible for the general public to get." ------------------------------------------------------------------- Jon Lewis, Mon, 12 Sep 2011 13:22:13 -0400 (EDT) "It'd be nice if the NICNAME/WHOIS was left alone as far as default behavior is concerned. "So, our tools that use the NICNAME/WHOIS service for lookups at all the other RIRs, now need to be updated to support ARIN's overcomplicated web/XML, which nobody else uses?...and it seems even with RWS you still need to do multiple queries to go from having an IP to having the full whois record. "How does the community (other than some programmers) benefit from this?" --------------------------------------------------------------- So ARIN, how much longer are you determined to show the world ARIN does not care and ARIN wants to make the Internet more difficult to use than before? Mark Kosters, ARIN CTO, should be asking himself why he allowed this regrettably confusing mess ever to occur. This mess has damaged the once good reputation of ARIN. It is time for plain commonsense to poke its head above the mass of world-wide criticism of ARIN. Who at ARIN is man-enough (or woman-enough but women are generally more sensible than men) to declare ARIN will restore its once very reliable and useful WHOIS service. -- With best regards, Paul. England, EU. Please excuse any spelling or grammar mistakes. From aaronh at bind.com Tue Sep 13 12:22:46 2011 From: aaronh at bind.com (Aaron Hughes) Date: Tue, 13 Sep 2011 09:22:46 -0700 Subject: [arin-tech-discuss] Easy parent_net_handle lookup? Message-ID: <20110913162246.GR6700@trace.bind.com> The API for a Reassign requires a parent_net_handle. Is there a simple REST query that can be done for any given address to look up it's parent net handle? Cheers, Aaron -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From andy at arin.net Tue Sep 13 12:55:41 2011 From: andy at arin.net (Andy Newton) Date: Tue, 13 Sep 2011 16:55:41 +0000 Subject: [arin-tech-discuss] Easy parent_net_handle lookup? In-Reply-To: <20110913162246.GR6700@trace.bind.com> References: <20110913162246.GR6700@trace.bind.com> Message-ID: <1A6FAE70-278D-4352-A439-BC8B0D8B5D13@arin.net> On Sep 13, 2011, at 12:22 PM, Aaron Hughes wrote: > The API for a Reassign requires a parent_net_handle. Is there a simple REST query that can be done for any given address to look up it's parent net handle? Aaron, At present the best way to get that information is from Whois-RWS: http://whois.arin.net/rest/ip/192.168.0.1 Please note that here is a lag between when a network is registered and when it shows up in Whois, usually 10 minutes. Andy Newton, Chief Engineer, ARIN From Sean.Zhao at CenturyLink.com Tue Sep 13 16:48:00 2011 From: Sean.Zhao at CenturyLink.com (Zhao, Sean) Date: Tue, 13 Sep 2011 14:48:00 -0600 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF1AFB929AD5@qtdenexmbm20.AD.QINTRA.COM> Hi, When I send "https://www.arin.net/rest/poc/KOTLO3-ARIN?apikey=MY-API-KEY" , I got an error xml. It says "The API key is not authorized to make that request." Why? It fine for me to create a poc and an org and to reassign an ip with the same api-key. But I cannot GET poc? Or delete a poc that was created by me? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com ________________________________ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dhuberma at arin.net Tue Sep 13 18:23:40 2011 From: dhuberma at arin.net (David Huberman) Date: Tue, 13 Sep 2011 22:23:40 +0000 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF1AFB929AD5@qtdenexmbm20.AD.QINTRA.COM> Message-ID: Hello, An API key is only authorized to GET POCs which they enjoy authority for. Authorization is established via linking the POC to the ARIN Online account that the API key belongs to. When you create POCs for your customers, you do not innately have authority over the POC object. Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 From aaronh at bind.com Tue Sep 13 22:06:01 2011 From: aaronh at bind.com (Aaron Hughes) Date: Tue, 13 Sep 2011 19:06:01 -0700 Subject: [arin-tech-discuss] SSL error Message-ID: <20110914020601.GY6700@trace.bind.com> I am geting an odd error when connecting over SSL using curl and cannot figure out why. Cannot connect... blah blah.. So I test: @trace.bind.com:/Users/aaronh> curl -I https://www.arin.net curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. That's odd.... so I -k @trace.bind.com:/Users/aaronh> curl -k -I https://www.arin.net HTTP/1.1 200 OK Date: Wed, 14 Sep 2011 02:02:05 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Mon, 12 Sep 2011 15:04:27 GMT ETag: "28f5c7c-4146-d7da94c0" Accept-Ranges: bytes Content-Length: 16710 Connection: close Content-Type: text/html; charset=UTF-8 So I add... curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); Now: Failure: Return code is 400 Is there something wrong with ARINs SSL Cert or is there something wrong with this system?? Cheers, Aaron [snip] curl --version curl 7.22.0 (x86_64-apple-darwin10.8.0) libcurl/7.22.0 OpenSSL/1.0.0e zlib/1.2.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp Features: IPv6 Largefile NTLM NTLM_WB SSL libz /wwwdata/php5/bin/php --version PHP 5.3.8 (cli) (built: Sep 13 2011 18:35:29) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies /wwwdata/apache2/bin/httpd -v Server version: Apache/2.2.20 (Unix) Server built: Sep 13 2011 18:42:13 All over IPv6. On another system running PHP 5.3.3 with cURL 7.21.0, notroot at ubuntu-saj:~/dev/app/IP$ curl -I https://www.arin.net HTTP/1.1 200 OK Date: Wed, 14 Sep 2011 01:12:11 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Mon, 12 Sep 2011 15:04:27 GMT ETag: "28f5c7c-4146-d7da94c0" Accept-Ranges: bytes Content-Length: 16710 Connection: close Content-Type: text/html; charset=UTF-8 -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From joe at oregon.uoregon.edu Tue Sep 13 22:21:00 2011 From: joe at oregon.uoregon.edu (Joe St Sauver) Date: Tue, 13 Sep 2011 19:21:00 -0700 (PDT) Subject: [arin-tech-discuss] SSL error Message-ID: <11091319210065_F5A3@oregon.uoregon.edu> Aaron commented: #I am geting an odd error when connecting over SSL using curl and cannot #figure out why. # #Cannot connect... blah blah.. # #So I test: # #@trace.bind.com:/Users/aaronh> curl -I https://www.arin.net #curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: #error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed #More details here: http://curl.haxx.se/docs/sslcerts.html My favorite site for testing SSL server configurations is SSL Labs checker, see https://www.ssllabs.com/ssldb/analyze.html?d=www.arin.net www.arin.net makes an A(85), which is a pretty good grade given the way SSL Labs tallies up the points. You can drill down to see more details about what they check, and what they found in the case of www.arin.net Bottom line, looks normal to me. Regards, Joe From Sean.Zhao at CenturyLink.com Wed Sep 14 08:42:47 2011 From: Sean.Zhao at CenturyLink.com (Zhao, Sean) Date: Wed, 14 Sep 2011 06:42:47 -0600 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF1AFB1C1B22@qtdenexmbm20.AD.QINTRA.COM> References: <6369CD337F4CEE47A9FE64D907B2DBAF1AFB1C1B22@qtdenexmbm20.AD.QINTRA.COM> Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF1AFB929B25@qtdenexmbm20.AD.QINTRA.COM> Hi, again Does that mean if I need to delete a Poc, I have to delete the Org that is related to the Poc I want to delete? If I need to delete an Org, I have to delete the Net that is related to that Org first? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com From: Zhao, Sean Sent: Tuesday, September 13, 2011 4:48 PM To: 'arin-tech-discuss at arin.net' Cc: Grimes, Ronald Subject: I got an error when I am trying to get a poc info Hi, When I send "https://www.arin.net/rest/poc/KOTLO3-ARIN?apikey=MY-API-KEY" , I got an error xml. It says "The API key is not authorized to make that request." Why? It fine for me to create a poc and an org and to reassign an ip with the same api-key. But I cannot GET poc? Or delete a poc that was created by me? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com ________________________________ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dhuberma at arin.net Wed Sep 14 10:30:30 2011 From: dhuberma at arin.net (David Huberman) Date: Wed, 14 Sep 2011 14:30:30 +0000 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF1AFB929B25@qtdenexmbm20.AD.QINTRA.COM> Message-ID: Hello, You asked: > Does that mean if I need to delete a Poc, I have to delete the > Org that is related to the Poc I want to delete? Sort of. You certainly can't delete a POC if it's associated with an OrgID, so yes, you would need to delete the OrgID first, then you could delete the POC. You also asked: > If I need to delete an Org, I have to delete the Net that is > related to that Org first? Same thing. You cannot delete an OrgID if it has number resources, so yes, you would need to remove the reassignments first, then you could delete the OrgID. But ... - If you are not a POC on an OrgID, you may not GET or DELETE it with your API key. Only an API key associated with an ARIN online account which is linked to an authoritative POC for an OrgID may GET or DELETE it. - If your ARIN Online account is not linked to a given POC, you may not GET or DELETE that POC with your API key. The ability to create ORGs and POCs on behalf of your customers is a carryover from the old "reassign-detailed" and "reallocate" template functions. Similar to that older mechanism, ARIN considers the ORGs/POCs created to belong the organization/person defined (rather than to you, the upstream). Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 From andy at arin.net Wed Sep 14 14:59:40 2011 From: andy at arin.net (Andy Newton) Date: Wed, 14 Sep 2011 18:59:40 +0000 Subject: [arin-tech-discuss] SSL error In-Reply-To: <20110914020601.GY6700@trace.bind.com> References: <20110914020601.GY6700@trace.bind.com> Message-ID: <6E965182-0610-4FFC-B0CE-0F93EE50A816@arin.net> On Sep 13, 2011, at 10:06 PM, Aaron Hughes wrote: > I am geting an odd error when connecting over SSL using curl and cannot figure out why. > > Cannot connect... blah blah.. > > So I test: > > @trace.bind.com:/Users/aaronh> curl -I https://www.arin.net > curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: > error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed > More details here: http://curl.haxx.se/docs/sslcerts.html .... [snipped] Aaron, I have tried curl -I https://www.arin.net on my Mac, an up-to-date Ubuntu box, and an old installation of CentOS. They all worked. Are you getting an HTTP 400 error? -andy From Sean.Zhao at CenturyLink.com Thu Sep 15 08:44:40 2011 From: Sean.Zhao at CenturyLink.com (Zhao, Sean) Date: Thu, 15 Sep 2011 06:44:40 -0600 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF1AFBCAAE0E@qtdenexmbm20.AD.QINTRA.COM> Hi, David, Thanks for your response. I have more question regarding this issue. How do you know if I am the POC/OrgID or not? For example, I created a POC. The handle is ZHAOS2-ARIN. It is my name, my phone number. When I was trying to delete it, it still has the "authorized" issue. Obviously, somehow in Arin' DB, I am not me. Why is that? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com ________________________________ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dhuberma at arin.net Thu Sep 15 09:01:29 2011 From: dhuberma at arin.net (David Huberman) Date: Thu, 15 Sep 2011 13:01:29 +0000 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF1AFBCAAE0E@qtdenexmbm20.AD.QINTRA.COM> References: <6369CD337F4CEE47A9FE64D907B2DBAF1AFBCAAE0E@qtdenexmbm20.AD.QINTRA.COM> Message-ID: <47BF05778FBAC446B2C9219A3995592413BF125F@CHAXCH01.corp.arin.net> Hello Sean, To become authoritative for a POC handle, your ARIN Online account needs to be linked to it. Today, when you create a POC RESTfully, you are not automagically linked to it. So you would have to login to your ARIN Online account, click on POC RECORDS, and use the "link" function to become authoritative for ZHAOS2-ARIN. The good news is later this month, we'll be adding the function which will take care of that at the time of POC creation. We hope this new function will be very useful for you! Regards, David ________________________________ From: arin-tech-discuss-bounces at arin.net [arin-tech-discuss-bounces at arin.net] on behalf of Zhao, Sean [Sean.Zhao at CenturyLink.com] Sent: Thursday, September 15, 2011 8:44 AM To: 'arin-tech-discuss at arin.net' Cc: Grimes, Ronald Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a poc info Hi, David, Thanks for your response. I have more question regarding this issue. How do you know if I am the POC/OrgID or not? For example, I created a POC. The handle is ZHAOS2-ARIN. It is my name, my phone number. When I was trying to delete it, it still has the ?authorized? issue. Obviously, somehow in Arin? DB, I am not me. Why is that? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com ________________________________ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Sean.Zhao at CenturyLink.com Thu Sep 15 09:07:36 2011 From: Sean.Zhao at CenturyLink.com (Zhao, Sean) Date: Thu, 15 Sep 2011 07:07:36 -0600 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: <47BF05778FBAC446B2C9219A3995592413BF125F@CHAXCH01.corp.arin.net> References: <6369CD337F4CEE47A9FE64D907B2DBAF1AFBCAAE0E@qtdenexmbm20.AD.QINTRA.COM> <47BF05778FBAC446B2C9219A3995592413BF125F@CHAXCH01.corp.arin.net> Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF1AFBCAAE17@qtdenexmbm20.AD.QINTRA.COM> That is a good news! Do you have a good document for that too when the server is ready? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com From: David Huberman [mailto:dhuberma at arin.net] Sent: Thursday, September 15, 2011 9:01 AM To: Zhao, Sean; 'arin-tech-discuss at arin.net' Cc: Grimes, Ronald Subject: RE: [arin-tech-discuss] I got an error when I am trying to get a poc info Hello Sean, To become authoritative for a POC handle, your ARIN Online account needs to be linked to it. Today, when you create a POC RESTfully, you are not automagically linked to it. So you would have to login to your ARIN Online account, click on POC RECORDS, and use the "link" function to become authoritative for ZHAOS2-ARIN. The good news is later this month, we'll be adding the function which will take care of that at the time of POC creation. We hope this new function will be very useful for you! Regards, David ________________________________ From: arin-tech-discuss-bounces at arin.net [arin-tech-discuss-bounces at arin.net] on behalf of Zhao, Sean [Sean.Zhao at CenturyLink.com] Sent: Thursday, September 15, 2011 8:44 AM To: 'arin-tech-discuss at arin.net' Cc: Grimes, Ronald Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a poc info Hi, David, Thanks for your response. I have more question regarding this issue. How do you know if I am the POC/OrgID or not? For example, I created a POC. The handle is ZHAOS2-ARIN. It is my name, my phone number. When I was trying to delete it, it still has the "authorized" issue. Obviously, somehow in Arin' DB, I am not me. Why is that? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com ________________________________ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. ________________________________ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dhuberma at arin.net Thu Sep 15 12:15:10 2011 From: dhuberma at arin.net (David Huberman) Date: Thu, 15 Sep 2011 16:15:10 +0000 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF1AFBCAAE17@qtdenexmbm20.AD.QINTRA.COM> Message-ID: Hello Sean, We'll be publishing an updated METHODs PDF on the release date (currently scheduled for Saturday, September 24, 2011). I looked at the documentation, and makeLink turns out to be pretty easy to use. It's in the URL path: /rest/poc;makeLink=TRUE?apikey=APIKEY /rest/poc;makeLink=FALSE?apikey=APIKEY If you specify makeLink=TRUE, then the POC gets created and the ARIN Online account that generated the API key will be linked to that POC, giving it authority. So that turns out to be a really nice way of addressing the concern both you and Aaron Hughes brought up this week here on arin-tech-discuss. If you want to keep reassignment OrgIDs neat and tidy, you use makeLink=TRUE for all the creations, which gives you authorization to delete the OrgID when the customer disconnects, and permission to delete the POC after you delete the OrgID. Hope I wrote that clearly :) Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 On 9/15/11 9:07 AM, "Zhao, Sean" wrote: That is a good news! Do you have a good document for that too when the server is ready? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com From: David Huberman [mailto:dhuberma at arin.net] Sent: Thursday, September 15, 2011 9:01 AM To: Zhao, Sean; 'arin-tech-discuss at arin.net' Cc: Grimes, Ronald Subject: RE: [arin-tech-discuss] I got an error when I am trying to get a poc info Hello Sean, To become authoritative for a POC handle, your ARIN Online account needs to be linked to it. Today, when you create a POC RESTfully, you are not automagically linked to it. So you would have to login to your ARIN Online account, click on POC RECORDS, and use the "link" function to become authoritative for ZHAOS2-ARIN. The good news is later this month, we'll be adding the function which will take care of that at the time of POC creation. We hope this new function will be very useful for you! Regards, David ________________________________________ From: arin-tech-discuss-bounces at arin.net [arin-tech-discuss-bounces at arin.net] on behalf of Zhao, Sean [Sean.Zhao at CenturyLink.com] Sent: Thursday, September 15, 2011 8:44 AM To: 'arin-tech-discuss at arin.net' Cc: Grimes, Ronald Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a poc info Hi, David, Thanks for your response. I have more question regarding this issue. How do you know if I am the POC/OrgID or not? For example, I created a POC. The handle is ZHAOS2-ARIN. It is my name, my phone number. When I was trying to delete it, it still has the ?authorized? issue. Obviously, somehow in Arin? DB, I am not me. Why is that? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com ________________________________________ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. ________________________________________ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. From aaronh at bind.com Thu Sep 15 12:35:54 2011 From: aaronh at bind.com (Aaron Hughes) Date: Thu, 15 Sep 2011 09:35:54 -0700 Subject: [arin-tech-discuss] SSL error In-Reply-To: <6E965182-0610-4FFC-B0CE-0F93EE50A816@arin.net> References: <20110914020601.GY6700@trace.bind.com> <6E965182-0610-4FFC-B0CE-0F93EE50A816@arin.net> Message-ID: <20110915163554.GF6700@trace.bind.com> On Wed, Sep 14, 2011 at 06:59:40PM +0000, Andy Newton wrote: > > Aaron, I have tried curl -I https://www.arin.net on my Mac, an up-to-date Ubuntu box, and an old installation of CentOS. They all worked. > > Are you getting an HTTP 400 error? Here is the verbose output.. Still not entirely sure why this is happening: aaronh at trace.bind.com:/tftpboot> curl -v -I https://www.arin.net * About to connect() to www.arin.net port 443 (#0) * Trying 2001:500:4:13::80... connected * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS alert, Server hello (2): * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Closing connection #0 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. > > -andy -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From aaronh at bind.com Thu Sep 15 12:39:07 2011 From: aaronh at bind.com (Aaron Hughes) Date: Thu, 15 Sep 2011 09:39:07 -0700 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: References: <6369CD337F4CEE47A9FE64D907B2DBAF1AFBCAAE17@qtdenexmbm20.AD.QINTRA.COM> Message-ID: <20110915163907.GH6700@trace.bind.com> Thanks! This is a great solution! Cheers, Aaron On Thu, Sep 15, 2011 at 04:15:10PM +0000, David Huberman wrote: > Hello Sean, > > We'll be publishing an updated METHODs PDF on the release date (currently > scheduled for Saturday, September 24, 2011). I looked at the > documentation, and makeLink turns out to be pretty easy to use. It's in > the URL path: > > /rest/poc;makeLink=TRUE?apikey=APIKEY > /rest/poc;makeLink=FALSE?apikey=APIKEY > > > If you specify makeLink=TRUE, then the POC gets created and the ARIN > Online account that generated the API key will be linked to that POC, > giving it authority. > > So that turns out to be a really nice way of addressing the concern both > you and Aaron Hughes brought up this week here on arin-tech-discuss. If > you want to keep reassignment OrgIDs neat and tidy, you use makeLink=TRUE > for all the creations, which gives you authorization to delete the OrgID > when the customer disconnects, and permission to delete the POC after you > delete the OrgID. > > Hope I wrote that clearly :) > > Regards, > David > > > --- > David R Huberman > ARIN Technical Specialist > (703) 227-9866 > > > > > > > > On 9/15/11 9:07 AM, "Zhao, Sean" wrote: > > That is a good news! Do you have a good document for that too when the > server is ready? > > > Thanks, > > Sean Zhao > Sean.Zhao at CenturyLink.com > > > From: David Huberman [mailto:dhuberma at arin.net] > > Sent: Thursday, September 15, 2011 9:01 AM > To: Zhao, Sean; 'arin-tech-discuss at arin.net' > Cc: Grimes, Ronald > Subject: RE: [arin-tech-discuss] I got an error when I am trying to get a > poc info > > > > Hello Sean, > > To become authoritative for a POC handle, your ARIN Online account needs > to be linked to it. Today, when you create a POC RESTfully, you are not > automagically linked to it. So you > would have to login to your ARIN Online account, click on POC RECORDS, > and use the "link" function to become authoritative for ZHAOS2-ARIN. The > good news is later this month, we'll be adding the function > which will take care of that at the time > of POC creation. We hope this new function will be very useful for you! > > Regards, > David > > ________________________________________ > > From: arin-tech-discuss-bounces at arin.net > [arin-tech-discuss-bounces at arin.net] on behalf of Zhao, Sean > [Sean.Zhao at CenturyLink.com] > Sent: Thursday, September 15, 2011 8:44 AM > To: 'arin-tech-discuss at arin.net' > Cc: Grimes, Ronald > Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a > poc info > > Hi, David, > Thanks for your response. I have more question regarding > this issue. How do you know if I am the POC/OrgID or not? For example, I > created a POC. The handle is ZHAOS2-ARIN. It is my name, my phone > number. When I was trying to delete it, it still has the ?authorized? > issue. Obviously, somehow in Arin? DB, I am not me. Why is that? > > Thanks, > > Sean Zhao > Sean.Zhao at CenturyLink.com > > > > ________________________________________ > > This communication is the property of CenturyLink and may contain > confidential or privileged information. Unauthorized use of this > communication is strictly > prohibited and may be unlawful. If you have received this communication > in error, please immediately notify the sender by reply e-mail and destroy > all copies of the communication and any attachments. > > > > > > ________________________________________ > This communication is the property of CenturyLink and may contain > confidential or privileged information. Unauthorized use of this > communication is strictly > prohibited and may be unlawful. If you have received this communication > in error, please immediately notify the sender by reply e-mail and destroy > all copies of the communication and any attachments. > > -- > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From aaronh at bind.com Thu Sep 15 13:35:50 2011 From: aaronh at bind.com (Aaron Hughes) Date: Thu, 15 Sep 2011 10:35:50 -0700 Subject: [arin-tech-discuss] SSL error In-Reply-To: <20110915163554.GF6700@trace.bind.com> References: <20110914020601.GY6700@trace.bind.com> <6E965182-0610-4FFC-B0CE-0F93EE50A816@arin.net> <20110915163554.GF6700@trace.bind.com> Message-ID: <20110915173550.GK6700@trace.bind.com> Actually looks like this is a recent curl problem. The default path for the ca-bendle is not being used. I had to re-complie with the specific path specified and that solved it. ./configure --enable-ipv6 --with-ssl=/usr/local/openssl-1.0.0e --with-ca-bundle= /usr/share/curl/curl-ca-bundle.crt aaronh at trace.bind.com:/data/src/curl-7.22.0> curl -I https://www.arin.net HTTP/1.1 200 OK Date: Thu, 15 Sep 2011 17:34:56 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Wed, 14 Sep 2011 19:41:45 GMT ETag: "dffb4-40bc-f33d1040" Accept-Ranges: bytes Content-Length: 16572 Connection: close Content-Type: text/html; charset=UTF-8 Thanks all. Cheers, Aaron On Thu, Sep 15, 2011 at 09:35:54AM -0700, Aaron Hughes wrote: > On Wed, Sep 14, 2011 at 06:59:40PM +0000, Andy Newton wrote: > > > > Aaron, I have tried curl -I https://www.arin.net on my Mac, an up-to-date Ubuntu box, and an old installation of CentOS. They all worked. > > > > Are you getting an HTTP 400 error? > > Here is the verbose output.. Still not entirely sure why this is happening: > > aaronh at trace.bind.com:/tftpboot> curl -v -I https://www.arin.net > * About to connect() to www.arin.net port 443 (#0) > * Trying 2001:500:4:13::80... connected > * SSLv3, TLS handshake, Client hello (1): > * SSLv3, TLS handshake, Server hello (2): > * SSLv3, TLS handshake, CERT (11): > * SSLv3, TLS alert, Server hello (2): > * SSL certificate problem, verify that the CA cert is OK. Details: > error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed > * Closing connection #0 > curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: > error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed > More details here: http://curl.haxx.se/docs/sslcerts.html > > curl performs SSL certificate verification by default, using a "bundle" > of Certificate Authority (CA) public keys (CA certs). If the default > bundle file isn't adequate, you can specify an alternate file > using the --cacert option. > If this HTTPS server uses a certificate signed by a CA represented in > the bundle, the certificate verification probably failed due to a > problem with the certificate (it might be expired, or the name might > not match the domain name in the URL). > If you'd like to turn off curl's verification of the certificate, use > the -k (or --insecure) option. > > > > > > > -andy > > -- > > Aaron Hughes > aaronh at bind.com > +1-831-824-4161 > Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 > http://www.bind.com/ > -- > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From aaronh at bind.com Thu Sep 15 14:22:51 2011 From: aaronh at bind.com (Aaron Hughes) Date: Thu, 15 Sep 2011 11:22:51 -0700 Subject: [arin-tech-discuss] FALSE vs. false on privateCustomer Message-ID: <20110915182251.GS6700@trace.bind.com> So this one really frustrated me and figured I would share. Incredibly, this doesn't work: FALSE but this does: false This means it's not actually a TRUE v. FALSE (1 v. 0), it's a string. E.g. if you are, like I am, storing something like $private_customer = $row['residential_customer_privacy_enable'];, don't make it a boolean. The error message is also misleading: bad character content for elementE_SCHEMA_VALIDATIONThe XML payload did not validate against the defined schema. Please see the documentation for details. Just a heads up to any of you who may run into this. ARIN Dev, If you change this to a boolean (as it likely should be, please make sure to account for both implementations as a string "false" might be considered "TRUE" in the boolean world. Cheers, Aaron -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From andy at arin.net Fri Sep 16 09:28:05 2011 From: andy at arin.net (Andy Newton) Date: Fri, 16 Sep 2011 13:28:05 +0000 Subject: [arin-tech-discuss] FALSE vs. false on privateCustomer In-Reply-To: <20110915182251.GS6700@trace.bind.com> References: <20110915182251.GS6700@trace.bind.com> Message-ID: <6255A1AC-664B-460D-83EF-965509FFE5EB@arin.net> Aaron, We define our XML using Relax NG, which defers to the W3C's XML Schema for primitive datatypes. Unfortunately, XML Schema defines a boolean as either "true" or "false". ( http://www.w3.org/TR/xmlschema-2/#boolean ) We validate all inbound XML to insure data integrity, and the error you are getting is a schema violation error. Admittedly, case insensitive "true" or "false" does seem limiting. I'll look into the feasibility of a backwards-compatible schema change that is more accepting of other logical notions of true and false. Andy Newton Chief Engineer On Sep 15, 2011, at 2:22 PM, Aaron Hughes wrote: > So this one really frustrated me and figured I would share. > > Incredibly, this doesn't work: FALSE > but this does: false > > This means it's not actually a TRUE v. FALSE (1 v. 0), it's a string. E.g. if you are, like I am, storing something like $private_customer = $row['residential_customer_privacy_enable'];, don't make it a boolean. > > The error message is also misleading: > > bad > character content for > elementE_SCHEMA_VALIDATION s/>The XML payload did not validate against the defined schema. > Please see the documentation for > details. > > Just a heads up to any of you who may run into this. > > ARIN Dev, > > If you change this to a boolean (as it likely should be, please make sure to account for both implementations as a string "false" might be considered "TRUE" in the boolean world. > > Cheers, > Aaron > > -- > > Aaron Hughes > aaronh at bind.com > +1-831-824-4161 > Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 > http://www.bind.com/ > _______________________________________________ > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss From aaronh at bind.com Fri Sep 16 13:25:07 2011 From: aaronh at bind.com (Aaron Hughes) Date: Fri, 16 Sep 2011 10:25:07 -0700 Subject: [arin-tech-discuss] Multiple simple reassigns to a single customer? Message-ID: <20110916172507.GE59057@trace.bind.com> I thought the process was: 1) Create a customer record 2) reassign simple if additional assignments needed: 1) select stored arin_cust_id 2) reassign to same arin_cust_id But.. This is the response I get from the server when I attempt to simple reassign a second block: What is the expected behavior and process? Cheers, Aaron ( [additionalInfo] => SimpleXMLElement Object ( ) [code] => E_ENTITY_VALIDATION [components] => SimpleXMLElement Object ( [component] => SimpleXMLElement Object ( [message] => This customer organization already has a network assigned to it. You may only sub-delegate one simple reassignment per customer organization. [name] => customerHandle ) ) [message] => Payload entity failed to validate; see component messages for details. ) -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From dhuberma at arin.net Fri Sep 16 13:36:29 2011 From: dhuberma at arin.net (David Huberman) Date: Fri, 16 Sep 2011 17:36:29 +0000 Subject: [arin-tech-discuss] Multiple simple reassigns to a single customer? In-Reply-To: <20110916172507.GE59057@trace.bind.com> Message-ID: Hello Aaron, Customer org records may only have one reassignment. Why? It's a database constraint from the Whois model that's been in use since 2002. With the recent development of ARIN's RESTful API, there are opportunities for us to re-work the database schema to allow multiple assignments to customer org records -- opportunities which didn't exist prior to March 2011. The staff here would like to make that happen. Such a change, however, is major in scope, and is expensive. It is not presently on the schedule of software development. It is our hope we will perform this change in the future. Process-wise, there are two methods I can think of: - if you're using simple reassignments, then you create a customer org record every time you reassign a distinct block of IP addresses. - if you're planning on multiple assignments to the same customer, you have the option of using the CREATE RECIPIENT ORG method, and doing a detailed reassignment to the OrgID. Real OrgIDs can have an unlimited number of IP address blocks and AS numbers. Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 On 9/16/11 1:25 PM, "Aaron Hughes" wrote: I thought the process was: 1) Create a customer record 2) reassign simple if additional assignments needed: 1) select stored arin_cust_id 2) reassign to same arin_cust_id But.. This is the response I get from the server when I attempt to simple reassign a second block: What is the expected behavior and process? Cheers, Aaron ( [additionalInfo] => SimpleXMLElement Object ( ) [code] => E_ENTITY_VALIDATION [components] => SimpleXMLElement Object ( [component] => SimpleXMLElement Object ( [message] => This customer organization already has a network assigned to it. You may only sub-delegate one simple reassignment per customer organization. [name] => customerHandle ) ) [message] => Payload entity failed to validate; see component messages for details. ) -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ _______________________________________________ arin-tech-discuss mailing list arin-tech-discuss at arin.net http://lists.arin.net/mailman/listinfo/arin-tech-discuss From andy at arin.net Fri Sep 16 13:56:58 2011 From: andy at arin.net (Andy Newton) Date: Fri, 16 Sep 2011 17:56:58 +0000 Subject: [arin-tech-discuss] Documentation for Reg-RWS (RESTful Provisioning) Message-ID: <3ADE2F5D-C36D-4831-85F5-E191796745D7@arin.net> All, We appreciate your patience and willingness to work with us through issues and questions that have arisen with regard to Reg-RWS, our RESTful provisioning and resource management interface. We recognize that our current documentation is deficient, and we are working to correct that problem. Poor or inadequate documentation can be frustrating, and for that we apologize. While the Reg-RWS documentation addresses specific method calls and payloads, there is no good reference to the broader ARIN business rules nor how they apply to the RESTful interface or any of the other ARIN systems. We are working to address this gap. Again, thank you for your patience and willingness to work through questions and issues. Andy Newton Chief Engineer, ARIN From heather.schiller at verizon.com Fri Sep 16 13:43:56 2011 From: heather.schiller at verizon.com (Schiller, Heather A) Date: Fri, 16 Sep 2011 13:43:56 -0400 Subject: [arin-tech-discuss] Multiple simple reassigns to a single customer? In-Reply-To: References: <20110916172507.GE59057@trace.bind.com> Message-ID: Yuck.. The solution is to either generate multiple reassign simple records with no way to tie the 'organization'/customer to other records - or for everybody to generate separate "Real OrgIDs" and you have the same problem.. Of not being able to easily correlate records for the same company. Wouldn't it be ideal to have companies obtain a single org id from ARIN - with ARIN doing some checking to see if they already have an ORG ID - and then the company gives that ORG id to their provider. I don't think this is any more outrageous than requesting companies provide their TIN when they request resources from ARIN. --Heather -----Original Message----- From: arin-tech-discuss-bounces at arin.net [mailto:arin-tech-discuss-bounces at arin.net] On Behalf Of David Huberman Sent: Friday, September 16, 2011 1:36 PM To: Aaron Hughes; ARIN Tech Subject: Re: [arin-tech-discuss] Multiple simple reassigns to a single customer? Hello Aaron, Customer org records may only have one reassignment. Why? It's a database constraint from the Whois model that's been in use since 2002. With the recent development of ARIN's RESTful API, there are opportunities for us to re-work the database schema to allow multiple assignments to customer org records -- opportunities which didn't exist prior to March 2011. The staff here would like to make that happen. Such a change, however, is major in scope, and is expensive. It is not presently on the schedule of software development. It is our hope we will perform this change in the future. Process-wise, there are two methods I can think of: - if you're using simple reassignments, then you create a customer org record every time you reassign a distinct block of IP addresses. - if you're planning on multiple assignments to the same customer, you have the option of using the CREATE RECIPIENT ORG method, and doing a detailed reassignment to the OrgID. Real OrgIDs can have an unlimited number of IP address blocks and AS numbers. Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 On 9/16/11 1:25 PM, "Aaron Hughes" wrote: I thought the process was: 1) Create a customer record 2) reassign simple if additional assignments needed: 1) select stored arin_cust_id 2) reassign to same arin_cust_id But.. This is the response I get from the server when I attempt to simple reassign a second block: What is the expected behavior and process? Cheers, Aaron ( [additionalInfo] => SimpleXMLElement Object ( ) [code] => E_ENTITY_VALIDATION [components] => SimpleXMLElement Object ( [component] => SimpleXMLElement Object ( [message] => This customer organization already has a network assigned to it. You may only sub-delegate one simple reassignment per customer organization. [name] => customerHandle ) ) [message] => Payload entity failed to validate; see component messages for details. ) -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ _______________________________________________ arin-tech-discuss mailing list arin-tech-discuss at arin.net http://lists.arin.net/mailman/listinfo/arin-tech-discuss _______________________________________________ arin-tech-discuss mailing list arin-tech-discuss at arin.net http://lists.arin.net/mailman/listinfo/arin-tech-discuss From dhuberma at arin.net Fri Sep 16 15:27:55 2011 From: dhuberma at arin.net (David Huberman) Date: Fri, 16 Sep 2011 19:27:55 +0000 Subject: [arin-tech-discuss] Multiple simple reassigns to a single customer? In-Reply-To: Message-ID: Hello Heather, ARIN is hosting an ARIN Online Users Forum at the joint NANOG/ARIN meeting in Philadelphia. The Forum is scheduled for 6pm the evening of Tuesday, 11 October 2011. This would be a great idea to bring to that Forum! Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 On 9/16/11 1:43 PM, "Schiller, Heather A" wrote: Yuck.. The solution is to either generate multiple reassign simple records with no way to tie the 'organization'/customer to other records - or for everybody to generate separate "Real OrgIDs" and you have the same problem.. Of not being able to easily correlate records for the same company. Wouldn't it be ideal to have companies obtain a single org id from ARIN - with ARIN doing some checking to see if they already have an ORG ID - and then the company gives that ORG id to their provider. I don't think this is any more outrageous than requesting companies provide their TIN when they request resources from ARIN. --Heather -----Original Message----- From: arin-tech-discuss-bounces at arin.net [mailto:arin-tech-discuss-bounces at arin.net] On Behalf Of David Huberman Sent: Friday, September 16, 2011 1:36 PM To: Aaron Hughes; ARIN Tech Subject: Re: [arin-tech-discuss] Multiple simple reassigns to a single customer? Hello Aaron, Customer org records may only have one reassignment. Why? It's a database constraint from the Whois model that's been in use since 2002. With the recent development of ARIN's RESTful API, there are opportunities for us to re-work the database schema to allow multiple assignments to customer org records -- opportunities which didn't exist prior to March 2011. The staff here would like to make that happen. Such a change, however, is major in scope, and is expensive. It is not presently on the schedule of software development. It is our hope we will perform this change in the future. Process-wise, there are two methods I can think of: - if you're using simple reassignments, then you create a customer org record every time you reassign a distinct block of IP addresses. - if you're planning on multiple assignments to the same customer, you have the option of using the CREATE RECIPIENT ORG method, and doing a detailed reassignment to the OrgID. Real OrgIDs can have an unlimited number of IP address blocks and AS numbers. Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 On 9/16/11 1:25 PM, "Aaron Hughes" wrote: I thought the process was: 1) Create a customer record 2) reassign simple if additional assignments needed: 1) select stored arin_cust_id 2) reassign to same arin_cust_id But.. This is the response I get from the server when I attempt to simple reassign a second block: What is the expected behavior and process? Cheers, Aaron ( [additionalInfo] => SimpleXMLElement Object ( ) [code] => E_ENTITY_VALIDATION [components] => SimpleXMLElement Object ( [component] => SimpleXMLElement Object ( [message] => This customer organization already has a network assigned to it. You may only sub-delegate one simple reassignment per customer organization. [name] => customerHandle ) ) [message] => Payload entity failed to validate; see component messages for details. ) -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ _______________________________________________ arin-tech-discuss mailing list arin-tech-discuss at arin.net http://lists.arin.net/mailman/listinfo/arin-tech-discuss _______________________________________________ arin-tech-discuss mailing list arin-tech-discuss at arin.net http://lists.arin.net/mailman/listinfo/arin-tech-discuss From aaronh at bind.com Fri Sep 16 15:47:03 2011 From: aaronh at bind.com (Aaron Hughes) Date: Fri, 16 Sep 2011 12:47:03 -0700 Subject: [arin-tech-discuss] Multiple simple reassigns to a single customer? In-Reply-To: References: <20110916172507.GE59057@trace.bind.com> Message-ID: <20110916194703.GK59057@trace.bind.com> On Fri, Sep 16, 2011 at 01:43:56PM -0400, Schiller, Heather A wrote: > Yuck.. The solution is to either generate multiple reassign simple records with no way to tie the 'organization'/customer to other records - or for everybody to generate separate "Real OrgIDs" and you have the same problem.. Of not being able to easily correlate records for the same company. +1 > Wouldn't it be ideal to have companies obtain a single org id from ARIN - with ARIN doing some checking to see if they already have an ORG ID - and then the company gives that ORG id to their provider. I don't think this is any more outrageous than requesting companies provide their TIN when they request resources from ARIN. I don't see this as a viable option. The majority of our customers are not knowledgeable in this area and should not have to be. The onus is on us as LIRs & RIRs to make this easy for them & work to keep the SWIP data as accurate as possible. We need to either be able to tie multiple resources to a customer record or have makeLink=TRUE work on OrgIDs we create. > Process-wise, there are two methods I can think of: > > - if you're using simple reassignments, then you create a customer org record every time you reassign a distinct block of IP addresses. > > - if you're planning on multiple assignments to the same customer, you have the option of using the CREATE RECIPIENT ORG method, and doing a detailed reassignment to the OrgID. Real OrgIDs can have an unlimited number of IP address blocks and AS numbers. Which one of these two does ARIN prefer? I realize ARIN is working on documenting the process per the e-mail from Andy earlier today, however, for those of us stuck in a place where there is no other method for things such as IPv6 detailed reassigns and no reason to have multiple methods for SWIPing, we could really use some guidance here. Additionally, I don't want to make the mistake of releasing IPAM software that has coded methods of this process and find out post release that we are not following the preferred method. Thank you again for your time and help. Cheers, Aaron > > Regards, > > > David > > > --- > David R Huberman > ARIN Technical Specialist > (703) 227-9866 > > > > > > > > On 9/16/11 1:25 PM, "Aaron Hughes" wrote: > > I thought the process was: > 1) Create a customer record > 2) reassign simple > if additional assignments needed: > 1) select stored arin_cust_id > 2) reassign to same arin_cust_id > > But.. This is the response I get from the server when I attempt to simple reassign a second block: > > What is the expected behavior and process? > > Cheers, > Aaron > > ( > [additionalInfo] => SimpleXMLElement Object > ( > ) > > [code] => E_ENTITY_VALIDATION > [components] => SimpleXMLElement Object > ( > [component] => SimpleXMLElement Object > ( > [message] => This customer organization already has a network assigned to it. You may only sub-delegate one simple reassignment per customer organization. > [name] => customerHandle > ) > > ) > > [message] => Payload entity failed to validate; see component messages for details. > ) > > -- > > Aaron Hughes > aaronh at bind.com > +1-831-824-4161 > Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ _______________________________________________ > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss > > _______________________________________________ > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From dhuberma at arin.net Fri Sep 16 16:20:13 2011 From: dhuberma at arin.net (David Huberman) Date: Fri, 16 Sep 2011 20:20:13 +0000 Subject: [arin-tech-discuss] Multiple simple reassigns to a single customer? In-Reply-To: <20110916194703.GK59057@trace.bind.com> Message-ID: Hello Aaron, Regarding the two processes I posted about, ARIN has no preference. The design of the system supports both methods equally. My response was intended to help brainstorm solutions that you might find helpful. I think that if simple reassigns are preferred by your customers, then the first method (creating a recipient customer org, then reassigning a block of IP addresses to that org, and repeating every time you reassign a distinct block) is best. It's in-line with what's in Whois today, as a plurality of the 4+ million Whois objects are simple reassignment network records and their corresponding customer records. If consistency in the data is paramount, however, then you might choose to create an OrgID for a customer with more than one network assignment, and submit detailed reassignments using that OrgID. We support whichever works best for you and your customers! Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 On 9/16/11 3:47 PM, "Aaron Hughes" wrote: On Fri, Sep 16, 2011 at 01:43:56PM -0400, Schiller, Heather A wrote: > Yuck.. The solution is to either generate multiple reassign simple >records with no way to tie the 'organization'/customer to other records - >or for everybody to generate separate "Real OrgIDs" and you have the same >problem.. Of not being able to easily correlate records for the same >company. +1 > Wouldn't it be ideal to have companies obtain a single org id from ARIN >- with ARIN doing some checking to see if they already have an ORG ID - >and then the company gives that ORG id to their provider. I don't think >this is any more outrageous than requesting companies provide their TIN >when they request resources from ARIN. I don't see this as a viable option. The majority of our customers are not knowledgeable in this area and should not have to be. The onus is on us as LIRs & RIRs to make this easy for them & work to keep the SWIP data as accurate as possible. We need to either be able to tie multiple resources to a customer record or have makeLink=TRUE work on OrgIDs we create. > Process-wise, there are two methods I can think of: > > - if you're using simple reassignments, then you create a customer org >record every time you reassign a distinct block of IP addresses. > > - if you're planning on multiple assignments to the same customer, you >have the option of using the CREATE RECIPIENT ORG method, and doing a >detailed reassignment to the OrgID. Real OrgIDs can have an unlimited >number of IP address blocks and AS numbers. Which one of these two does ARIN prefer? I realize ARIN is working on documenting the process per the e-mail from Andy earlier today, however, for those of us stuck in a place where there is no other method for things such as IPv6 detailed reassigns and no reason to have multiple methods for SWIPing, we could really use some guidance here. Additionally, I don't want to make the mistake of releasing IPAM software that has coded methods of this process and find out post release that we are not following the preferred method. Thank you again for your time and help. Cheers, Aaron > > Regards, > > > David > > > --- > David R Huberman > ARIN Technical Specialist > (703) 227-9866 > > > > > > > > On 9/16/11 1:25 PM, "Aaron Hughes" wrote: > > I thought the process was: > 1) Create a customer record > 2) reassign simple > if additional assignments needed: > 1) select stored arin_cust_id > 2) reassign to same arin_cust_id > > But.. This is the response I get from the server when I attempt to >simple reassign a second block: > > What is the expected behavior and process? > > Cheers, > Aaron > > ( > [additionalInfo] => SimpleXMLElement Object > ( > ) > > [code] => E_ENTITY_VALIDATION > [components] => SimpleXMLElement Object > ( > [component] => SimpleXMLElement Object > ( > [message] => This customer organization already has >a network assigned to it. You may only sub-delegate one simple >reassignment per customer organization. > [name] => customerHandle > ) > > ) > > [message] => Payload entity failed to validate; see component >messages for details. > ) > > -- > > Aaron Hughes > aaronh at bind.com > +1-831-824-4161 > Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 >http://www.bind.com/ _______________________________________________ > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss > > _______________________________________________ > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From aaronh at bind.com Fri Sep 16 17:33:01 2011 From: aaronh at bind.com (Aaron Hughes) Date: Fri, 16 Sep 2011 14:33:01 -0700 Subject: [arin-tech-discuss] Multiple simple reassigns to a single customer? In-Reply-To: References: <20110916194703.GK59057@trace.bind.com> Message-ID: <20110916213301.GM59057@trace.bind.com> David, Thank you again for the continued clarity into how the ARIN DB schema and process work. While I am always happy to discuss ideas on modifying the process and/or implementation tools, my Eye Of Sauron is focused on a working product. That being said, I had no intention of stepping on a brainstorm solutions discussion and do believe it will be helpful. Once my team and I complete our implementation, I will be more than happy to share our experience and suggestions. For now, I will simply move the ARIN_Customer_ID association to the IP/IPv6 block rather than the customer record and create a new ARIN_Customer_ID per block for simple reassigns. Cheers, Aaron On Fri, Sep 16, 2011 at 08:20:13PM +0000, David Huberman wrote: > Hello Aaron, > > Regarding the two processes I posted about, ARIN has no preference. > The design of the system supports both methods equally. My response > was intended to help brainstorm solutions that you might find helpful. > > I think that if simple reassigns are preferred by your customers, then > the first method (creating a recipient customer org, then reassigning > a block of IP addresses to that org, and repeating every time you > reassign a distinct block) is best. It's in-line with what's in Whois > today, as a plurality of the 4+ million Whois objects are simple > reassignment network records and their corresponding customer records. > If consistency in the data is paramount, however, then you might > choose to create an OrgID for a customer with more than one network > assignment, and submit detailed reassignments using that OrgID. > > We support whichever works best for you and your customers! > > Regards, > David > > --- > David R Huberman > ARIN Technical Specialist > (703) 227-9866 > > > > > > > > On 9/16/11 3:47 PM, "Aaron Hughes" wrote: > > On Fri, Sep 16, 2011 at 01:43:56PM -0400, Schiller, Heather A wrote: > > Yuck.. The solution is to either generate multiple reassign simple > >records with no way to tie the 'organization'/customer to other records - > >or for everybody to generate separate "Real OrgIDs" and you have the same > >problem.. Of not being able to easily correlate records for the same > >company. > > +1 > > > Wouldn't it be ideal to have companies obtain a single org id from ARIN > >- with ARIN doing some checking to see if they already have an ORG ID - > >and then the company gives that ORG id to their provider. I don't think > >this is any more outrageous than requesting companies provide their TIN > >when they request resources from ARIN. > > I don't see this as a viable option. The majority of our customers are not > knowledgeable in this area and should not have to be. The onus is on us as > LIRs & RIRs to make this easy for them & work to keep the SWIP data as > accurate as possible. > > We need to either be able to tie multiple resources to a customer record > or have makeLink=TRUE work on OrgIDs we create. > > > Process-wise, there are two methods I can think of: > > > > - if you're using simple reassignments, then you create a customer org > >record every time you reassign a distinct block of IP addresses. > > > > - if you're planning on multiple assignments to the same customer, you > >have the option of using the CREATE RECIPIENT ORG method, and doing a > >detailed reassignment to the OrgID. Real OrgIDs can have an unlimited > >number of IP address blocks and AS numbers. > > Which one of these two does ARIN prefer? I realize ARIN is working on > documenting the process per the e-mail from Andy earlier today, however, > for those of us stuck in a place where there is no other method for things > such as IPv6 detailed reassigns and no reason to have multiple methods for > SWIPing, we could really use some guidance here. > > Additionally, I don't want to make the mistake of releasing IPAM software > that has coded methods of this process and find out post release that we > are not following the preferred method. > > Thank you again for your time and help. > > Cheers, > Aaron > > > > > Regards, > > > > > > David > > > > > > --- > > David R Huberman > > ARIN Technical Specialist > > (703) 227-9866 > > > > > > > > > > > > > > > > On 9/16/11 1:25 PM, "Aaron Hughes" wrote: > > > > I thought the process was: > > 1) Create a customer record > > 2) reassign simple > > if additional assignments needed: > > 1) select stored arin_cust_id > > 2) reassign to same arin_cust_id > > > > But.. This is the response I get from the server when I attempt to > >simple reassign a second block: > > > > What is the expected behavior and process? > > > > Cheers, > > Aaron > > > > ( > > [additionalInfo] => SimpleXMLElement Object > > ( > > ) > > > > [code] => E_ENTITY_VALIDATION > > [components] => SimpleXMLElement Object > > ( > > [component] => SimpleXMLElement Object > > ( > > [message] => This customer organization already has > >a network assigned to it. You may only sub-delegate one simple > >reassignment per customer organization. > > [name] => customerHandle > > ) > > > > ) > > > > [message] => Payload entity failed to validate; see component > >messages for details. > > ) > > > > -- > > > > Aaron Hughes > > aaronh at bind.com > > +1-831-824-4161 > > Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 > >http://www.bind.com/ _______________________________________________ > > arin-tech-discuss mailing list > > arin-tech-discuss at arin.net > > http://lists.arin.net/mailman/listinfo/arin-tech-discuss > > > > _______________________________________________ > > arin-tech-discuss mailing list > > arin-tech-discuss at arin.net > > http://lists.arin.net/mailman/listinfo/arin-tech-discuss > > -- > > Aaron Hughes > aaronh at bind.com > +1-831-824-4161 > Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 > http://www.bind.com/ -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From Sean.Zhao at CenturyLink.com Tue Sep 20 15:37:13 2011 From: Sean.Zhao at CenturyLink.com (Zhao, Sean) Date: Tue, 20 Sep 2011 13:37:13 -0600 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: <20110915163907.GH6700@trace.bind.com> References: <6369CD337F4CEE47A9FE64D907B2DBAF1AFBCAAE17@qtdenexmbm20.AD.QINTRA.COM> <20110915163907.GH6700@trace.bind.com> Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF1B1C992497@qtdenexmbm20.AD.QINTRA.COM> David, Ron and I have more question regarding this. So if I have Arin's API-Key which is assigned to QWEST, I can link this API-key to the any POC I create. So I am an authority of this POC. I can modify and delete this POC. Am I correct? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com -----Original Message----- From: Aaron Hughes [mailto:aaronh at bind.com] Sent: Thursday, September 15, 2011 12:39 PM To: David Huberman Cc: Zhao, Sean; 'arin-tech-discuss at arin.net'; Grimes, Ronald Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a poc info Thanks! This is a great solution! Cheers, Aaron On Thu, Sep 15, 2011 at 04:15:10PM +0000, David Huberman wrote: > Hello Sean, > > We'll be publishing an updated METHODs PDF on the release date (currently > scheduled for Saturday, September 24, 2011). I looked at the > documentation, and makeLink turns out to be pretty easy to use. It's in > the URL path: > > /rest/poc;makeLink=TRUE?apikey=APIKEY > /rest/poc;makeLink=FALSE?apikey=APIKEY > > > If you specify makeLink=TRUE, then the POC gets created and the ARIN > Online account that generated the API key will be linked to that POC, > giving it authority. > > So that turns out to be a really nice way of addressing the concern both > you and Aaron Hughes brought up this week here on arin-tech-discuss. If > you want to keep reassignment OrgIDs neat and tidy, you use makeLink=TRUE > for all the creations, which gives you authorization to delete the OrgID > when the customer disconnects, and permission to delete the POC after you > delete the OrgID. > > Hope I wrote that clearly :) > > Regards, > David > > > --- > David R Huberman > ARIN Technical Specialist > (703) 227-9866 > > > > > > > > On 9/15/11 9:07 AM, "Zhao, Sean" wrote: > > That is a good news! Do you have a good document for that too when the > server is ready? > > > Thanks, > > Sean Zhao > Sean.Zhao at CenturyLink.com > > > From: David Huberman [mailto:dhuberma at arin.net] > > Sent: Thursday, September 15, 2011 9:01 AM > To: Zhao, Sean; 'arin-tech-discuss at arin.net' > Cc: Grimes, Ronald > Subject: RE: [arin-tech-discuss] I got an error when I am trying to get a > poc info > > > > Hello Sean, > > To become authoritative for a POC handle, your ARIN Online account needs > to be linked to it. Today, when you create a POC RESTfully, you are not > automagically linked to it. So you > would have to login to your ARIN Online account, click on POC RECORDS, > and use the "link" function to become authoritative for ZHAOS2-ARIN. The > good news is later this month, we'll be adding the function > which will take care of that at the time > of POC creation. We hope this new function will be very useful for you! > > Regards, > David > > ________________________________________ > > From: arin-tech-discuss-bounces at arin.net > [arin-tech-discuss-bounces at arin.net] on behalf of Zhao, Sean > [Sean.Zhao at CenturyLink.com] > Sent: Thursday, September 15, 2011 8:44 AM > To: 'arin-tech-discuss at arin.net' > Cc: Grimes, Ronald > Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a > poc info > > Hi, David, > Thanks for your response. I have more question regarding > this issue. How do you know if I am the POC/OrgID or not? For example, I > created a POC. The handle is ZHAOS2-ARIN. It is my name, my phone > number. When I was trying to delete it, it still has the ?authorized? > issue. Obviously, somehow in Arin? DB, I am not me. Why is that? > > Thanks, > > Sean Zhao > Sean.Zhao at CenturyLink.com > > > > ________________________________________ > > This communication is the property of CenturyLink and may contain > confidential or privileged information. Unauthorized use of this > communication is strictly > prohibited and may be unlawful. If you have received this communication > in error, please immediately notify the sender by reply e-mail and destroy > all copies of the communication and any attachments. > > > > > > ________________________________________ > This communication is the property of CenturyLink and may contain > confidential or privileged information. Unauthorized use of this > communication is strictly > prohibited and may be unlawful. If you have received this communication > in error, please immediately notify the sender by reply e-mail and destroy > all copies of the communication and any attachments. > > -- > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. From dhuberma at arin.net Tue Sep 20 15:49:19 2011 From: dhuberma at arin.net (David Huberman) Date: Tue, 20 Sep 2011 19:49:19 +0000 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF1B1C992497@qtdenexmbm20.AD.QINTRA.COM> Message-ID: Hello Sean, Correct (for POCs you create after makeLink is deployed). Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 On 9/20/11 3:37 PM, "Zhao, Sean" wrote: David, Ron and I have more question regarding this. So if I have Arin's API-Key which is assigned to QWEST, I can link this API-key to the any POC I create. So I am an authority of this POC. I can modify and delete this POC. Am I correct? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com -----Original Message----- From: Aaron Hughes [mailto:aaronh at bind.com] Sent: Thursday, September 15, 2011 12:39 PM To: David Huberman Cc: Zhao, Sean; 'arin-tech-discuss at arin.net'; Grimes, Ronald Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a poc info Thanks! This is a great solution! Cheers, Aaron On Thu, Sep 15, 2011 at 04:15:10PM +0000, David Huberman wrote: > Hello Sean, > > We'll be publishing an updated METHODs PDF on the release date (currently > scheduled for Saturday, September 24, 2011). I looked at the > documentation, and makeLink turns out to be pretty easy to use. It's in > the URL path: > > /rest/poc;makeLink=TRUE?apikey=APIKEY > /rest/poc;makeLink=FALSE?apikey=APIKEY > > > If you specify makeLink=TRUE, then the POC gets created and the ARIN > Online account that generated the API key will be linked to that POC, > giving it authority. > > So that turns out to be a really nice way of addressing the concern both > you and Aaron Hughes brought up this week here on arin-tech-discuss. If > you want to keep reassignment OrgIDs neat and tidy, you use makeLink=TRUE > for all the creations, which gives you authorization to delete the OrgID > when the customer disconnects, and permission to delete the POC after you > delete the OrgID. > > Hope I wrote that clearly :) > > Regards, > David > > > --- > David R Huberman > ARIN Technical Specialist > (703) 227-9866 > > > > > > > > On 9/15/11 9:07 AM, "Zhao, Sean" wrote: > > That is a good news! Do you have a good document for that too when the > server is ready? > > > Thanks, > > Sean Zhao > Sean.Zhao at CenturyLink.com > > > From: David Huberman [mailto:dhuberma at arin.net] > > Sent: Thursday, September 15, 2011 9:01 AM > To: Zhao, Sean; 'arin-tech-discuss at arin.net' > Cc: Grimes, Ronald > Subject: RE: [arin-tech-discuss] I got an error when I am trying to get a > poc info > > > > Hello Sean, > > To become authoritative for a POC handle, your ARIN Online account needs > to be linked to it. Today, when you create a POC RESTfully, you are not > automagically linked to it. So you > would have to login to your ARIN Online account, click on POC RECORDS, > and use the "link" function to become authoritative for ZHAOS2-ARIN. The > good news is later this month, we'll be adding the function > which will take care of that at the time > of POC creation. We hope this new function will be very useful for you! > > Regards, > David > > ________________________________________ > > From: arin-tech-discuss-bounces at arin.net > [arin-tech-discuss-bounces at arin.net] on behalf of Zhao, Sean > [Sean.Zhao at CenturyLink.com] > Sent: Thursday, September 15, 2011 8:44 AM > To: 'arin-tech-discuss at arin.net' > Cc: Grimes, Ronald > Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a > poc info > > Hi, David, > Thanks for your response. I have more question regarding > this issue. How do you know if I am the POC/OrgID or not? For example, I > created a POC. The handle is ZHAOS2-ARIN. It is my name, my phone > number. When I was trying to delete it, it still has the ?authorized? > issue. Obviously, somehow in Arin? DB, I am not me. Why is that? > > Thanks, > > Sean Zhao > Sean.Zhao at CenturyLink.com > > > > ________________________________________ > > This communication is the property of CenturyLink and may contain > confidential or privileged information. Unauthorized use of this > communication is strictly > prohibited and may be unlawful. If you have received this communication > in error, please immediately notify the sender by reply e-mail and >destroy > all copies of the communication and any attachments. > > > > > > ________________________________________ > This communication is the property of CenturyLink and may contain > confidential or privileged information. Unauthorized use of this > communication is strictly > prohibited and may be unlawful. If you have received this communication > in error, please immediately notify the sender by reply e-mail and >destroy > all copies of the communication and any attachments. > > -- > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. From Sean.Zhao at CenturyLink.com Tue Sep 20 15:58:47 2011 From: Sean.Zhao at CenturyLink.com (Zhao, Sean) Date: Tue, 20 Sep 2011 13:58:47 -0600 Subject: [arin-tech-discuss] I got an error when I am trying to get a poc info In-Reply-To: References: <6369CD337F4CEE47A9FE64D907B2DBAF1B1C992497@qtdenexmbm20.AD.QINTRA.COM> Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF1B1C9924A5@qtdenexmbm20.AD.QINTRA.COM> Great! That will save our life here! Thanks, Sean Zhao Sean.Zhao at CenturyLink.com -----Original Message----- From: David Huberman [mailto:dhuberma at arin.net] Sent: Tuesday, September 20, 2011 3:49 PM To: Zhao, Sean Cc: 'arin-tech-discuss at arin.net' Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a poc info Hello Sean, Correct (for POCs you create after makeLink is deployed). Regards, David --- David R Huberman ARIN Technical Specialist (703) 227-9866 On 9/20/11 3:37 PM, "Zhao, Sean" wrote: David, Ron and I have more question regarding this. So if I have Arin's API-Key which is assigned to QWEST, I can link this API-key to the any POC I create. So I am an authority of this POC. I can modify and delete this POC. Am I correct? Thanks, Sean Zhao Sean.Zhao at CenturyLink.com -----Original Message----- From: Aaron Hughes [mailto:aaronh at bind.com] Sent: Thursday, September 15, 2011 12:39 PM To: David Huberman Cc: Zhao, Sean; 'arin-tech-discuss at arin.net'; Grimes, Ronald Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a poc info Thanks! This is a great solution! Cheers, Aaron On Thu, Sep 15, 2011 at 04:15:10PM +0000, David Huberman wrote: > Hello Sean, > > We'll be publishing an updated METHODs PDF on the release date (currently > scheduled for Saturday, September 24, 2011). I looked at the > documentation, and makeLink turns out to be pretty easy to use. It's in > the URL path: > > /rest/poc;makeLink=TRUE?apikey=APIKEY > /rest/poc;makeLink=FALSE?apikey=APIKEY > > > If you specify makeLink=TRUE, then the POC gets created and the ARIN > Online account that generated the API key will be linked to that POC, > giving it authority. > > So that turns out to be a really nice way of addressing the concern both > you and Aaron Hughes brought up this week here on arin-tech-discuss. If > you want to keep reassignment OrgIDs neat and tidy, you use makeLink=TRUE > for all the creations, which gives you authorization to delete the OrgID > when the customer disconnects, and permission to delete the POC after you > delete the OrgID. > > Hope I wrote that clearly :) > > Regards, > David > > > --- > David R Huberman > ARIN Technical Specialist > (703) 227-9866 > > > > > > > > On 9/15/11 9:07 AM, "Zhao, Sean" wrote: > > That is a good news! Do you have a good document for that too when the > server is ready? > > > Thanks, > > Sean Zhao > Sean.Zhao at CenturyLink.com > > > From: David Huberman [mailto:dhuberma at arin.net] > > Sent: Thursday, September 15, 2011 9:01 AM > To: Zhao, Sean; 'arin-tech-discuss at arin.net' > Cc: Grimes, Ronald > Subject: RE: [arin-tech-discuss] I got an error when I am trying to get a > poc info > > > > Hello Sean, > > To become authoritative for a POC handle, your ARIN Online account needs > to be linked to it. Today, when you create a POC RESTfully, you are not > automagically linked to it. So you > would have to login to your ARIN Online account, click on POC RECORDS, > and use the "link" function to become authoritative for ZHAOS2-ARIN. The > good news is later this month, we'll be adding the function > which will take care of that at the time > of POC creation. We hope this new function will be very useful for you! > > Regards, > David > > ________________________________________ > > From: arin-tech-discuss-bounces at arin.net > [arin-tech-discuss-bounces at arin.net] on behalf of Zhao, Sean > [Sean.Zhao at CenturyLink.com] > Sent: Thursday, September 15, 2011 8:44 AM > To: 'arin-tech-discuss at arin.net' > Cc: Grimes, Ronald > Subject: Re: [arin-tech-discuss] I got an error when I am trying to get a > poc info > > Hi, David, > Thanks for your response. I have more question regarding > this issue. How do you know if I am the POC/OrgID or not? For example, I > created a POC. The handle is ZHAOS2-ARIN. It is my name, my phone > number. When I was trying to delete it, it still has the ?authorized? > issue. Obviously, somehow in Arin? DB, I am not me. Why is that? > > Thanks, > > Sean Zhao > Sean.Zhao at CenturyLink.com > > > > ________________________________________ > > This communication is the property of CenturyLink and may contain > confidential or privileged information. Unauthorized use of this > communication is strictly > prohibited and may be unlawful. If you have received this communication > in error, please immediately notify the sender by reply e-mail and >destroy > all copies of the communication and any attachments. > > > > > > ________________________________________ > This communication is the property of CenturyLink and may contain > confidential or privileged information. Unauthorized use of this > communication is strictly > prohibited and may be unlawful. If you have received this communication > in error, please immediately notify the sender by reply e-mail and >destroy > all copies of the communication and any attachments. > > -- > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. From aaronh at bind.com Mon Sep 26 16:19:08 2011 From: aaronh at bind.com (Aaron Hughes) Date: Mon, 26 Sep 2011 13:19:08 -0700 Subject: [arin-tech-discuss] Official State Abbreviations link? Message-ID: <20110926201908.GF80404@trace.bind.com> Does ARIN have an officially supported state abbreviations text file link like they do countries? I had an error creating a POC I did not expect and it was due to not enforcing 'CA' vs. California. I was going to parse: https://www.usps.com/send/official-abbreviations.htm but since ARIN has https://www.arin.net/knowledge/rirs/countries.html I was hoping to find a states list. Cheers, Aaron -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ From andy at arin.net Tue Sep 27 09:15:18 2011 From: andy at arin.net (Andy Newton) Date: Tue, 27 Sep 2011 13:15:18 +0000 Subject: [arin-tech-discuss] Official State Abbreviations link? In-Reply-To: <20110926201908.GF80404@trace.bind.com> References: <20110926201908.GF80404@trace.bind.com> Message-ID: <7429EEC5-49C1-4A6C-84F8-D6821C366F65@arin.net> Aaron, In general we try to follow the ISO 3166 codes for countries and regions. For mapping states and provinces (regions) to countries in the ARIN region, here is what we use: -----------------+--------------------------------+--------------+ STATE_PROV_CODE | STATE_PROV_NAME | COUNTRY_CODE | -----------------+--------------------------------+--------------+ AK | ALASKA | US | AS | AMERICAN SAMOA | AS | AZ | ARIZONA | US | AR | ARKANSAS | US | CA | CALIFORNIA | US | CO | COLORADO | US | CT | CONNECTICUT | US | DE | DELAWARE | US | DC | DISTRICT OF COLUMBIA | US | FM | FEDERATED STATES OF MICRONESIA | FM | FL | FLORIDA | US | GA | GEORGIA | US | GU | GUAM | GU | HI | HAWAII | US | ID | IDAHO | US | IL | ILLINOIS | US | IN | INDIANA | US | IA | IOWA | US | KS | KANSAS | US | KY | KENTUCKY | US | LA | LOUISIANA | US | ME | MAINE | US | MH | MARSHALL ISLANDS | MH | MD | MARYLAND | US | MA | MASSACHUSETTS | US | MI | MICHIGAN | US | MN | MINNESOTA | US | MS | MISSISSIPPI | US | MO | MISSOURI | US | MT | MONTANA | US | NE | NEBRASKA | US | NV | NEVADA | US | NH | NEW HAMPSHIRE | US | NJ | NEW JERSEY | US | NM | NEW MEXICO | US | NY | NEW YORK | US | NC | NORTH CAROLINA | US | ND | NORTH DAKOTA | US | MP | NORTHERN MARIANA ISLANDS | MP | OH | OHIO | US | OK | OKLAHOMA | US | OR | OREGON | US | PW | PALAU | PW | PA | PENNSYLVANIA | US | PR | PUERTO RICO | PR | RI | RHODE ISLAND | US | SC | SOUTH CAROLINA | US | SD | SOUTH DAKOTA | US | TN | TENNESSEE | US | TX | TEXAS | US | UT | UTAH | US | VT | VERMONT | US | VI | VIRGIN ISLANDS | VI | VA | VIRGINIA | US | WA | WASHINGTON | US | WV | WEST VIRGINIA | US | WI | WISCONSIN | US | WY | WYOMING | US | AE | ARMED FORCES | US | AA | ARMED FORCES AMERICAS | US | AP | ARMED FORCES PACIFIC | US | AB | ALBERTA | CA | BC | BRITISH COLUMBIA | CA | MB | MANITOBA | CA | NB | NEW BRUNSWICK | CA | NL | NEWFOUNDLAND AND LABRADOR | CA | NT | NORTHWEST TERRITORIES | CA | NS | NOVA SCOTIA | CA | NU | NUNAVUT | CA | ON | ONTARIO | CA | PE | PRINCE EDWARD ISLAND | CA | QC | QUEBEC | CA | SK | SASKATCHEWAN | CA | YT | YUKON | CA | AL | ALABAMA | US | -----------------+--------------------------------+--------------+ And we'll put this into documentation, as you have suggested. Andy Newton, Chief Engineer On Sep 26, 2011, at 4:19 PM, Aaron Hughes wrote: > Does ARIN have an officially supported state abbreviations text file link like they do countries? I had an error creating a POC I did not expect and it was due to not enforcing 'CA' vs. California. I was going to parse: https://www.usps.com/send/official-abbreviations.htm but since ARIN has https://www.arin.net/knowledge/rirs/countries.html I was hoping to find a states list. > > Cheers, > Aaron > > > -- > > Aaron Hughes > aaronh at bind.com > +1-831-824-4161 > Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 > http://www.bind.com/ > _______________________________________________ > arin-tech-discuss mailing list > arin-tech-discuss at arin.net > http://lists.arin.net/mailman/listinfo/arin-tech-discuss From markk at arin.net Tue Sep 27 17:36:38 2011 From: markk at arin.net (Mark Kosters) Date: Tue, 27 Sep 2011 21:36:38 +0000 Subject: [arin-tech-discuss] Updates in ARIN's RESTful API for Registration/Provisioning Message-ID: Hi ARIN's production release on Sept 24 introduced additional functionality. The marked-up version of the payloads and method documents are attached with these additions. Please note that the OT&E/Beta Registration system also has been updated as well for those who currently have test accounts and desire to test this new functionality. Regards, Mark ARIN CTO -------------- next part -------------- A non-text attachment was scrubbed... Name: restful-payloads-September2011.pdf Type: application/pdf Size: 286099 bytes Desc: restful-payloads-September2011.pdf URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: restful-methods-September2011.pdf Type: application/pdf Size: 255845 bytes Desc: restful-methods-September2011.pdf URL: From aaronh at bind.com Thu Sep 29 11:33:42 2011 From: aaronh at bind.com (Aaron Hughes) Date: Thu, 29 Sep 2011 08:33:42 -0700 Subject: [arin-tech-discuss] Official State Abbreviations link? In-Reply-To: <7429EEC5-49C1-4A6C-84F8-D6821C366F65@arin.net> References: <20110926201908.GF80404@trace.bind.com> <7429EEC5-49C1-4A6C-84F8-D6821C366F65@arin.net> Message-ID: <20110929153342.GD70276@trace.bind.com> All, Andy and I have put several versions of the state list together for your implementation pleasure and figured it was appropriate to share with the list. Attached. Thanks Andy! Cheers, Aaron On Tue, Sep 27, 2011 at 01:15:18PM +0000, Andy Newton wrote: > Aaron, > > In general we try to follow the ISO 3166 codes for countries and regions. > For mapping states and provinces (regions) to countries in the ARIN region, here is what we use: > > -----------------+--------------------------------+--------------+ > STATE_PROV_CODE | STATE_PROV_NAME | COUNTRY_CODE | > -----------------+--------------------------------+--------------+ > AK | ALASKA | US | > AS | AMERICAN SAMOA | AS | > AZ | ARIZONA | US | > AR | ARKANSAS | US | > CA | CALIFORNIA | US | > CO | COLORADO | US | > CT | CONNECTICUT | US | > DE | DELAWARE | US | > DC | DISTRICT OF COLUMBIA | US | > FM | FEDERATED STATES OF MICRONESIA | FM | > FL | FLORIDA | US | > GA | GEORGIA | US | > GU | GUAM | GU | > HI | HAWAII | US | > ID | IDAHO | US | > IL | ILLINOIS | US | > IN | INDIANA | US | > IA | IOWA | US | > KS | KANSAS | US | > KY | KENTUCKY | US | > LA | LOUISIANA | US | > ME | MAINE | US | > MH | MARSHALL ISLANDS | MH | > MD | MARYLAND | US | > MA | MASSACHUSETTS | US | > MI | MICHIGAN | US | > MN | MINNESOTA | US | > MS | MISSISSIPPI | US | > MO | MISSOURI | US | > MT | MONTANA | US | > NE | NEBRASKA | US | > NV | NEVADA | US | > NH | NEW HAMPSHIRE | US | > NJ | NEW JERSEY | US | > NM | NEW MEXICO | US | > NY | NEW YORK | US | > NC | NORTH CAROLINA | US | > ND | NORTH DAKOTA | US | > MP | NORTHERN MARIANA ISLANDS | MP | > OH | OHIO | US | > OK | OKLAHOMA | US | > OR | OREGON | US | > PW | PALAU | PW | > PA | PENNSYLVANIA | US | > PR | PUERTO RICO | PR | > RI | RHODE ISLAND | US | > SC | SOUTH CAROLINA | US | > SD | SOUTH DAKOTA | US | > TN | TENNESSEE | US | > TX | TEXAS | US | > UT | UTAH | US | > VT | VERMONT | US | > VI | VIRGIN ISLANDS | VI | > VA | VIRGINIA | US | > WA | WASHINGTON | US | > WV | WEST VIRGINIA | US | > WI | WISCONSIN | US | > WY | WYOMING | US | > AE | ARMED FORCES | US | > AA | ARMED FORCES AMERICAS | US | > AP | ARMED FORCES PACIFIC | US | > AB | ALBERTA | CA | > BC | BRITISH COLUMBIA | CA | > MB | MANITOBA | CA | > NB | NEW BRUNSWICK | CA | > NL | NEWFOUNDLAND AND LABRADOR | CA | > NT | NORTHWEST TERRITORIES | CA | > NS | NOVA SCOTIA | CA | > NU | NUNAVUT | CA | > ON | ONTARIO | CA | > PE | PRINCE EDWARD ISLAND | CA | > QC | QUEBEC | CA | > SK | SASKATCHEWAN | CA | > YT | YUKON | CA | > AL | ALABAMA | US | > -----------------+--------------------------------+--------------+ > > > And we'll put this into documentation, as you have suggested. > > Andy Newton, > Chief Engineer > > On Sep 26, 2011, at 4:19 PM, Aaron Hughes wrote: > > > Does ARIN have an officially supported state abbreviations text file link like they do countries? I had an error creating a POC I did not expect and it was due to not enforcing 'CA' vs. California. I was going to parse: https://www.usps.com/send/official-abbreviations.htm but since ARIN has https://www.arin.net/knowledge/rirs/countries.html I was hoping to find a states list. > > > > Cheers, > > Aaron > > > > > > -- > > > > Aaron Hughes > > aaronh at bind.com > > +1-831-824-4161 > > Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 > > http://www.bind.com/ > > _______________________________________________ > > arin-tech-discuss mailing list > > arin-tech-discuss at arin.net > > http://lists.arin.net/mailman/listinfo/arin-tech-discuss -- Aaron Hughes aaronh at bind.com +1-831-824-4161 Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8 http://www.bind.com/ -------------- next part -------------- "STATE_PROV_CODE","STATE_PROV_NAME","COUNTRY_CODE" "AK","ALASKA","US" "AS","AMERICAN SAMOA","AS" "AZ","ARIZONA","US" "AR","ARKANSAS","US" "CA","CALIFORNIA","US" "CO","COLORADO","US" "CT","CONNECTICUT","US" "DE","DELAWARE","US" "DC","DISTRICT OF COLUMBIA","US" "FM","FEDERATED STATES OF MICRONESIA","FM" "FL","FLORIDA","US" "GA","GEORGIA","US" "GU","GUAM","GU" "HI","HAWAII","US" "ID","IDAHO","US" "IL","ILLINOIS","US" "IN","INDIANA","US" "IA","IOWA","US" "KS","KANSAS","US" "KY","KENTUCKY","US" "LA","LOUISIANA","US" "ME","MAINE","US" "MH","MARSHALL ISLANDS","MH" "MD","MARYLAND","US" "MA","MASSACHUSETTS","US" "MI","MICHIGAN","US" "MN","MINNESOTA","US" "MS","MISSISSIPPI","US" "MO","MISSOURI","US" "MT","MONTANA","US" "NE","NEBRASKA","US" "NV","NEVADA","US" "NH","NEW HAMPSHIRE","US" "NJ","NEW JERSEY","US" "NM","NEW MEXICO","US" "NY","NEW YORK","US" "NC","NORTH CAROLINA","US" "ND","NORTH DAKOTA","US" "MP","NORTHERN MARIANA ISLANDS","MP" "OH","OHIO","US" "OK","OKLAHOMA","US" "OR","OREGON","US" "PW","PALAU","PW" "PA","PENNSYLVANIA","US" "PR","PUERTO RICO","PR" "RI","RHODE ISLAND","US" "SC","SOUTH CAROLINA","US" "SD","SOUTH DAKOTA","US" "TN","TENNESSEE","US" "TX","TEXAS","US" "UT","UTAH","US" "VT","VERMONT","US" "VI","VIRGIN ISLANDS","VI" "VA","VIRGINIA","US" "WA","WASHINGTON","US" "WV","WEST VIRGINIA","US" "WI","WISCONSIN","US" "WY","WYOMING","US" "AE","ARMED FORCES","US" "AA","ARMED FORCES AMERICAS","US" "AP","ARMED FORCES PACIFIC","US" "AB","ALBERTA","CA" "BC","BRITISH COLUMBIA","CA" "MB","MANITOBA","CA" "NB","NEW BRUNSWICK","CA" "NL","NEWFOUNDLAND AND LABRADOR","CA" "NT","NORTHWEST TERRITORIES","CA" "NS","NOVA SCOTIA","CA" "NU","NUNAVUT","CA" "ON","ONTARIO","CA" "PE","PRINCE EDWARD ISLAND","CA" "QC","QUEBEC","CA" "SK","SASKATCHEWAN","CA" "YT","YUKON","CA" "AL","ALABAMA","US" -------------- next part -------------- -------------- next part -------------- -- INSERTING into STATE_PROV Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('AK','ALASKA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('AS','AMERICAN SAMOA','AS'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('AZ','ARIZONA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('AR','ARKANSAS','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('CA','CALIFORNIA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('CO','COLORADO','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('CT','CONNECTICUT','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('DE','DELAWARE','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('DC','DISTRICT OF COLUMBIA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('FM','FEDERATED STATES OF MICRONESIA','FM'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('FL','FLORIDA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('GA','GEORGIA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('GU','GUAM','GU'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('HI','HAWAII','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('ID','IDAHO','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('IL','ILLINOIS','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('IN','INDIANA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('IA','IOWA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('KS','KANSAS','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('KY','KENTUCKY','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('LA','LOUISIANA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('ME','MAINE','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MH','MARSHALL ISLANDS','MH'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MD','MARYLAND','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MA','MASSACHUSETTS','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MI','MICHIGAN','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MN','MINNESOTA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MS','MISSISSIPPI','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MO','MISSOURI','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MT','MONTANA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NE','NEBRASKA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NV','NEVADA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NH','NEW HAMPSHIRE','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NJ','NEW JERSEY','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NM','NEW MEXICO','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NY','NEW YORK','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NC','NORTH CAROLINA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('ND','NORTH DAKOTA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MP','NORTHERN MARIANA ISLANDS','MP'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('OH','OHIO','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('OK','OKLAHOMA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('OR','OREGON','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('PW','PALAU','PW'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('PA','PENNSYLVANIA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('PR','PUERTO RICO','PR'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('RI','RHODE ISLAND','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('SC','SOUTH CAROLINA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('SD','SOUTH DAKOTA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('TN','TENNESSEE','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('TX','TEXAS','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('UT','UTAH','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('VT','VERMONT','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('VI','VIRGIN ISLANDS','VI'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('VA','VIRGINIA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('WA','WASHINGTON','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('WV','WEST VIRGINIA','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('WI','WISCONSIN','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('WY','WYOMING','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('AE','ARMED FORCES','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('AA','ARMED FORCES AMERICAS','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('AP','ARMED FORCES PACIFIC','US'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('AB','ALBERTA','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('BC','BRITISH COLUMBIA','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('MB','MANITOBA','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NB','NEW BRUNSWICK','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NL','NEWFOUNDLAND AND LABRADOR','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NT','NORTHWEST TERRITORIES','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NS','NOVA SCOTIA','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('NU','NUNAVUT','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('ON','ONTARIO','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('PE','PRINCE EDWARD ISLAND','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('QC','QUEBEC','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('SK','SASKATCHEWAN','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('YT','YUKON','CA'); Insert into STATE_PROV (STATE_PROV_CODE,STATE_PROV_NAME,COUNTRY_CODE) values ('AL','ALABAMA','US'); -------------- next part -------------- A non-text attachment was scrubbed... Name: STATE_PROV.xml Type: application/xml Size: 13437 bytes Desc: not available URL: