[arin-ppml] Policy Proposal: Whois Integrity Policy Proposal
Michael Sinatra
michael at rancid.berkeley.edu
Wed Aug 20 15:00:34 EDT 2008
On 08/20/08 11:47, Eric Westbrook wrote:
> That said, it does seem to me that some proposal, /perhaps one as simple
> as requiring use of the existing digital certificate facilities/, to
> improve whois integrity would probably have noteworthy merit. I do see
> a new proposal on the list regarding whois authentication. It seems to
> depend on this one, so I believe it's moot.
What the second proposal does is to allow for a non-(L)RSA mechanism for
authentication, in the event that more substantial authentication is
deemed appropriate by the ARIN community. One way that it might happen
is for the current "Whois Integrity" proposal to be adopted. However,
the language could be easily changed so that the proposal stands on its
own, by simply requiring more authentication for whois updates. Even if
it doesn't stand on its own, it's not moot. It removes the reliance on
the RSAs for authentication, which appears to be what you want.
On the digital cert issue, I leave that to ARIN staff as an
implementation issue, but it is what I had in mind as the method by
which folks would continue to make updates after their non-RSA
authentication.
michael
More information about the ARIN-PPML
mailing list