Hi Jeroen Jeroen Massar wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Christian Rasmussen [mailto:chr@jay.net] wrote:
Im sure that creating an IRT object is doable for any ISP which takes the time. The reason why I do not wish to use IRT is that it is much too complex for the very simple purpose it should have. It seems to have been designed to be used for outsourcing of abuse-handling, Im sure some ISP's do this but I haven't yet seen any numbers which justifies a design which primarily favors these ISP's.
It is a seperate object, just like what the abuse-c is supposed to be, but indeed without the encryption. If you put one pgpkey in the RIPE registry you are done, and you should already be using signed messages to update your objects anyways.
Remove the encryption-thing on the IRT object and let it be maintained by a maintainer object, then Im sure more ISP's would be willing to implement it, but for it to become a success I still believe the designers need to pay attention to the needs of those ISP's who have no use for the current version.
I could live with changing the mnt-irt to be an or case with the mnt-by too indeed as currently when one wants to update an object protected by the mnt-irt it needs to be signed by both the mnt-by and the mnt-irt, when you are 'outsourcing' as you call it this is a problem, otherwise one will have access to both the maintainer and the irt anyhow.
You only need to include the authorisation for the mnt-irt: when it is first added to an object. Once the mnt-irt: is in the object you do not need to include this authorisation for subsequent modifications or deletions. Nor do you need this authorisation to remove the mnt-irt: from this object. So only the addition of an mnt-irt: attribute needs to be authorised by the mnt-irt:. (It does not matter if this attribute is included when creating the object or added later with a modification of the object, both would require the additional authorisation.)
I think its very unfortunate that the Ripe DB doesn't have abuse information on all IP addresses, that should actually be the primary goal for a public IP database, at least from the Internet users perspective.
Well currently, according to toolwriters, it has, as they will just use all the e-mail lines they can find. Now there is a good solution, not ;)
Greets, Jeroen
-----BEGIN PGP SIGNATURE----- Version: Unfix PGP for Outlook Comment: Jeroen Massar / http://unfix.org/~jeroen/
iQBGBAERAgAQCRApqihSMz58IwUCQFc7lgAA5OUAnj9D2qJO0OVwEzz+bJUXwX1A Tbx3AKCKHU1lljo9gV+IIs/Wc8uJsavWjA== =wszm -----END PGP SIGNATURE-----
Best Regards Denis Walker RIPE NCC Software Engineering Department