[ppml] ARIN Certificates

Michael.Dillon at radianz.com Michael.Dillon at radianz.com
Thu Apr 21 05:53:56 EDT 2005

> In the members meeting, it was reported that cases of attempted 
> registration fraud have been observed.  (Details I don't have...)  I 
> asked about uptake on ARIN's certificate service 
> (http://www.arin.net/CA) and heard that the community hasn't been 
> taking advantage of this.
> Consider this a request for folks with ARIN POC's to look into this 

ARIN's CA service is incredibly complex and is essentially
broken by design, from a human factors point of view. That's
why the community hasn't been taking advantage of this.

I'm curious why ARIN needs such a convoluted system of identity
checking while my bank is satisfied with an exchange of information
in person, and a letter sent to my home address. This is enough
for them to establish my identity for the purposes of online transactions.

If there really is a role for certificates in ARIN and there really
is an easy way in which certificates can be used to log into a 
web application to update ARIN records and request services, then
why don't we do that?

Perhaps the real problem is the lack of technology vision and the
misguided desire to maintain an incredibly archaic email based
transaction system. Not to mention the archaic whois protocol and
the archaic rwhois server software.

Sometimes an organization needs to bite the bullet and move into
the 21st century, sweep aside the old archaic infrastructure, and
leverage the powerful, off-the-shelf tools that are available today.

--Michael Dillon

More information about the ARIN-PPML mailing list