[arin-discuss] For legacy holders concerned about the RSA requirement for new ARIN IRR and RPKI

Owen DeLong owen at delong.com
Thu Jul 23 17:48:05 EDT 2020 

I wonder how hard it would be to add CRYPT support to IRRD4?

Owen


> On Jul 23, 2020, at 14:10 , Kenneth Finnegan <kennethfinnegan2007 at gmail.com> wrote:
> 
> We've been trying to figure out how to migrate ALTDB from irrd 2 to irrd v4 for some time now, but the fact that IRRD4 is so opinionated that there's no overlap between available authentication methods means that it's going to be a painful flag day for us to make the migration and cut off access for all the users pending an authentication reset, and we haven't figured out all the contingencies for that migration plan yet.
> 
> ALTDB currently only supports EMAIL-FROM and CRYPT, so GPG is not available.
> --
> Kenneth Finnegan
> ALTDB Admin
> 
> 
> On Thu, Jul 23, 2020 at 1:57 PM Brian David <briand at kpfa.org <mailto:briand at kpfa.org>> wrote:
> +1 as well.
> 
> FCIX and ALTDB have been clutch for us as a tiny network operator. FCIX documentation and support are super useful. I pinged Kenneth @ altdb & fcix to see about the IRRd v4. 🤞
> 
> On Thu, Jul 23, 2020 at 1:22 PM Rob Seastrom <rs at seastrom.com <mailto:rs at seastrom.com>> wrote:
> 
> +1
> 
> > On Jul 23, 2020, at 2:13 PM, Job Snijders <job at ntt.net <mailto:job at ntt.net>> wrote:
> > 
> >> The FCIX whitepaper is quite well done and is a worthwhile read for
> >> anyone who’s emailing RPSL templates around regardless of where one is
> >> sending them.
> > 
> > The FCIX whitepaper advises the use of 'MAIL FROM:' authentication for
> > the mntner object: ** this is NOT recommended ** and *not* a best
> > practise. Please use GPG or one of the hash-based authentication
> > methods.
> > 
> > Kind regards,
> > 
> > Job
> > 
> > ps. I would like to urge both RADB and ALTDB to upgrade to the free open
> > source & modern IRRd v4 product which brings many security advantages
> > for both the IRRd operator and IRRd user. http://irrd.net/ <http://irrd.net/>
> 
> _______________________________________________
> ARIN-Discuss
> You are receiving this message because you are subscribed to
> the ARIN Discussion Mailing List (ARIN-discuss at arin.net <mailto:ARIN-discuss at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-discuss <https://lists.arin.net/mailman/listinfo/arin-discuss>
> Please contact info at arin.net <mailto:info at arin.net> if you experience any issues.
> _______________________________________________
> ARIN-Discuss
> You are receiving this message because you are subscribed to
> the ARIN Discussion Mailing List (ARIN-discuss at arin.net <mailto:ARIN-discuss at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-discuss <https://lists.arin.net/mailman/listinfo/arin-discuss>
> Please contact info at arin.net <mailto:info at arin.net> if you experience any issues.
> _______________________________________________
> ARIN-Discuss
> You are receiving this message because you are subscribed to
> the ARIN Discussion Mailing List (ARIN-discuss at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-discuss
> Please contact info at arin.net if you experience any issues.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-discuss/attachments/20200723/b91a019b/attachment.htm>

More information about the ARIN-discuss mailing list