At 12:03 +0200 11/6/02, Daniel Roesen wrote:
On Tue, Jun 11, 2002 at 09:57:27AM +0200, Marcus Rist wrote:
In your concrete case this would mean you have to fullfill RIPE-NCC-NONE-MNT (inetnum), DE-COLT-MNT (AS9126) and UUNET-MNT (193.96.0.0/13).
I don't know how this is possible to achieve.
Colt signs their request with their PGP key, sending the mail to UUnet instead of auto-dbm. UUnet then signs the Colt request with their key and send it to auto-dbm. Caveat: never tested that, but I was told it should work.
This is correct. The authorization model of the RIPE DB is rps-auth (rfc2725). It provides a means of ensuring not only proper authentication (normal maintainers as before) but also provides a means to have proper authorization (when creating a new route, did the owner of the AS allow to put them down as origin AS, and did the holder of the address space allow the AS holder to announce the prefix?) PGP is the best suited way of doing this. MAIL-FROM fails because an email can only have one from address. Passwords have the little problem that, since the password is sent in cleartext in the update, you would disclose your password to someone else when co-signing an update. So if you need to do co-signing the advise is to use PGP in your maintainers Regards Joao Damas RIPE NCC
Regards, Daniel