Hi, On 1/4/24 16:58, Gert Doering wrote:
Provide visibility, and enforce 2FA for all accounts hat have "interesting" permissions (modify RPKI objects, transfer resources), at least.
from this perspective, even maintainers (linked not only to SSO accounts; [1]) accounts are interesting asset. At least those linked to route/route6 and as-set objects. Deleting them can also cause a lot of operational damage, as filters are processed automatically according to IRR data at many places. And the maintainers are tied directly to all objects, there's no link back to the LIR portal. It's not only about RPKI-related objects. The problem is more complex from this point of view. Only the unwanted ROA modification pointed to it, but the same issue can occur with other kind of objects id DB. Transfers are better protected I think, as there's always some manual intervention (and legal authorization). - Daniel [1] https://apps.db.ripe.net/docs/Authorisation/Using-the-Authorisation-Methods/