[ppml] ARIN Certificates

Jeroen Massar jeroen at unfix.org
Thu Apr 21 02:59:48 EDT 2005


On Wed, 2005-04-20 at 22:56 +0200, Daniel Roesen wrote:
> On Wed, Apr 20, 2005 at 10:44:15AM -1000, Randy Bush wrote:
> > perhaps having to have a different cert from each rir with which
> > one deals is not the best solution for the global internet?  is
> > the nro considering a single cert authority?
> 
> And while we're at it, can we please have a single IP
> allocation/assignment database, with a consistent autorization and
> authentication scheme, with all the IRR information tied to is (unlike
> RADB where everyone can enter what he/she likes)?

The problem here is that IANA is apparently not supposed to be running a
whois server, they have one but not for IP prefixes.

If they would simply have a redirect server on there, pointing to the
correct RIR, the complete "which RIR to query for this prefix" problem
would be gone. Authorization could then still be handled by the RIR's
separately, which is a nuisance for some very big global ISP's but oh
well, I guess we'll have to live with that.

The second problem is that there are currently 3 different whois servers
softwares in use by the 5 RIR's:

* APNIC + RIPE + AFRINIC use the RIPE whois server software
* ARIN uses their own weird edition, which *still* does not support CIDR
  (which is a big nuisance with IPv6)
* LACNIC uses a, it seems to be, modified ARIN server, thus no CIDR
  support either.

The latter two have their own formats, which don't match up with the
APNIC/RIPE/AFRINIC scheme, thus having one to always handle those two as
special cases.

First of all it would be a great thing to have ARIN have CIDR support,
so one can ask for a prefix instead for having to calculate the netmask
into class-based addresses, getting two, or more netnames back and
having to pick one of those. Oh joy global internet ;)

Greets,
 Jeroen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20050421/151e67bb/attachment-0001.sig>


More information about the ARIN-PPML mailing list