[ARIN-Suggestions] Responses to ACSP 2021.1 and ACSP 2021.2

ARIN info at arin.net
Wed Feb 3 12:12:35 EST 2021


On 3 February, we issued our response to ACSP 2021.1, which was received on 15 January, 2021:

This suggestion appears to be a duplicate of ACSP Suggestion 2012.20: Remove result limit for Whois-RWS child network queries, which requests support for allowing queries to return more than 256 network records (the current limitation). That suggestion is awaiting prioritization and has not yet been scheduled on ARIN’s Work Plan. Thank you for participating in the ARIN Consultation and Suggestion Process. Your suggestion will remain open until implemented.

The full text of the suggestion is available below and at:

https://www.arin.net/participate/community/acsp/suggestions/2021/2021-1/

Description:

Requesting network records limited to 256 - ARIN please release this limitation or increase it to more.

<example details redacted for privacy>

Value to Community: By releasing this limitation on ARIN or increasing it to more, we can all stop criminals from attacking our networks by having the information to do so.

Timeframe: Not specified

On 3 February, we also issued our response to ACSP 2021.2, which was received on 25 January, 2021:

Thank you for your suggestion, numbered 2021.2 upon receipt, requesting that ARIN offer Web Authentication (WebAuthn) and FIDO2 security key support. This suggestion appears to be a duplicate of ACSP 2019.14: Implement FIDO2 (WebAuthn) for ARIN Online. Both of these suggestions will remain open for consideration alongside other potential improvements to our ARIN Online login functionality for inclusion on our future work plan.

The full text of the suggestion is available below and at:

https://www.arin.net/participate/community/acsp/suggestions/2021/2021-2/

Description: The ARIN Online website should offer Web Authentication (WebAuthn) support in order for ARIN members to be able to secure their accounts using FIDO2 Security Keys.

Value to Community: Given the risk a compromise of one’s ARIN Online account could represent to one’s business, additional measures to prevent unauthorized account access are beneficial. Support for FIDO2 will allow ARIN members to additionally protect their account by requiring a “Security Key” (a physical device). FIDO2 is successor to traditional Multi-Factor Authentication mechanisms such as SMS OTPs or TOTPs. In contrast to TOPT keys (which exist just as a copy-able string), the main advantage of FIDO2 Security Keys is that they cannot be copied, as the keys are stored in a HSM. FIDO2 is an open standard, Security Keys can be obtained from a number of different vendors at low cost.

Timeframe: Not specified




More information about the arin-suggestions mailing list