[ARIN-Suggestions] New Response from ARIN for Suggestions 2023.1 and 2023.2

ARIN info at arin.net
Tue Feb 7 10:11:42 EST 2023 

A new response from ARIN has been posted for Suggestions 2023.1 and 2023.2. Find the original suggestions and latest responses from ARIN below.

---------------

2023.1: Limit Length of Members Lines for API
https://www.arin.net/participate/community/acsp/suggestions/2023/2023-01/

Author: Joe Abley   
Submitted On: 30 January 2023

Description:

We publish an as-set object AS13335:AS-CUSTOMERS by sending XML payloads through the API in an automated fashion. This results in as-set objects being published and mirrored from rr.arin.net which has all the many members formatted on a single members: line in the resulting RPSL as-set object, like this:

>>>>  jabley at YYT0L7C2CL ~ % whois -h rr.arin.net as13335:as-customers
>>>>  as-set: AS13335:AS-CUSTOMERS
>>>>  descr: Cloudflare, Inc
>>>>  101 Townsend Street, San Francisco
>>>>  California 94107, US
>>>>  +1-650-319-8930
>>>>  remarks: ---------------
>>>>  Cloudflare announces its ASNs via many upstream ASNs
 >>>> All Cloudflare abuse reporting can be done via
>>>>  https://www.cloudflare.com/abuse
>>>>  ---------------
>>>>  members: >>>>AS31,AS112,AS823,AS1204,AS1294,AS1421,AS1448,AS1921,AS1958,AS2047,AS2535,AS2639,AS3268,AS3557,AS3756,AS3955,AS4 
>>>>  058,AS4373,AS4657,AS4739,AS4802,AS4892,AS4927,AS5006,AS5032,AS5049,AS5390,AS5408,AS5419,AS5430,AS5539,AS5715,AS 
>>>>  6169,AS6450,AS6752,AS6908,AS6973,AS7377,AS7380,AS7484,AS7545,AS7810,AS7828,AS8248,AS8643,AS8651,AS8660,AS8781,A 
>>>>  S8831,AS8851,AS9011,AS9022,AS9090,AS9166,AS9426,AS9502,AS9520,AS9547,AS9554,AS9832,AS9942,AS10082,AS10384,AS10397,AS10461,AS10584,AS1
>>>>  0641,AS10666,AS10668,AS10725,AS10823,AS11082,AS11086,AS11144,AS11179,AS11207,AS11298,AS11318,AS11326,AS11331,AS11334,AS11369,AS11374,
>>>>  AS11657,AS11744,AS12130,AS12179,AS12273,AS12564,AS12766,AS13008,AS13038,AS13267,AS13283,AS13428,AS13461,... many, many, many, many 
>>>>  more... AS399868,AS399880,AS399921,AS399939,AS400011,AS400183,AS400566,AS400608

>>>>  admin-c: ADMIN2521-ARIN
>>>>  tech-c: ADMIN2521-ARIN
>>>>  tech-c: CLOUD146-ARIN
>>>>  mnt-by: MNT-CLOUD14
>>>>  created: 2021-07-15T17:06:11Z
>>>>  last-modified: 2022-11-18T19:53:28Z
>>>>  source: ARIN
>>>>  jabley at YYT0L7C2CL ~ %

This is all glorious legal RPSL but the long “members” line in the middle with no breaks causes problems for some people. For example, this is the full, non-truncated output from one (I think irrdv3 instance) that is mirroring the ARIN dataset, which gives a profoundly wrong answer:

>>>>  jabley at YYT0L7C2CL ~ % whois -h irr.wolcomm.net '!iAS-CLOUDFLARE,1'
>>>>  A61
>>>>  AS132892 AS13335 AS133877 AS14789 AS202623 AS209242 AS394536
>>>>  C
>>>>  jabley at YYT0L7C2CL ~ %

The XML schema for your REST API doesn’t allow us to specify how many members are stacked on a single line in the RPSL object you publish; that decision is made by your code when it constructs the RPSL. We confirmed this is true with your helpdesk, who gave us an entirely prompt and clear answer to that question.

So, what are the chances you could imagine a code change that limited the number of items on single members lines, so that instead of the big long line above you produced something like this?

>>>>  ...
>>>>  members: AS31, AS112, AS823, AS1204, AS1294, AS1421, AS1448, AS1921, AS1958, AS2047,
>>>>  members: AS2535, AS2639, AS3268, AS3557, AS3756, AS3955, AS4058, AS4373, AS4657,
>>>>  members: AS4739, AS4802, AS4892, AS4927, AS5006, AS5032, AS5049, AS5390, AS5408,
>>>>  members: AS5419, AS5430, AS5539, AS5715, AS6169, ... and so on
>>>>  ...

This ought to be entirely backwards-compatible with what you do right now, it just won’t cause other weak links in the IRR chain (so many weak links) barf in the same way.

Value to Community: Improved accuracy of global routing; increased compatibility with legacy IRR software; greater applicability of REST API

Timeframe: Not specified

Status: Open   

**ARIN Comment**

07 February 2023

Thank you for your suggestion, numbered 2023.1 upon confirmed receipt, asking that ARIN improve the RSPL output for as-set objects that limited the number of items on single members lines in order to make the output more accurate and useful.

We agree this change would result in better results for as-set object queries. We will investigate the requirements to build this new feature and schedule it for future development. Your suggestion will remain open until implemented.

Thank you for participating in the ARIN Consultation and Suggestion Process..

Regards,

American Registry for Internet Numbers (ARIN)

-----------------

2023.2: Allow Multiple Security Keys for 2FA
https://www.arin.net/participate/community/acsp/suggestions/2023/2023-02/

Author: Joe Abley   
Submitted On: 30 January 2023

Description: Allow multiple FIDO2-compatible hardware security keys to be associated with an account, so that a single key is no longer a single point of failure.

Value to Community: Improved robustness of 2FA with hardware security keys.

Timeframe: Not specified

Status: Confirmed

**ARIN Comment**

07 February 2023

Thank you for your suggestion, numbered 2023.2 upon confirmed receipt, asking that ARIN allow multiple hardware security keys for two-factor authentication (2FA) so that a single key cannot be a single point of failure.

We agree that allowing multiple hardware keys would be beneficial to customers and would increase the robustness of our 2FA implementation. We will investigate the requirements to build this new feature and schedule it for future development. Your suggestion will remain open until implemented. Thank you for participating in the ARIN Consultation and Suggestion Process.

Regards,

American Registry for Internet Numbers (ARIN)

More information about the arin-suggestions mailing list