Hi, On Mon, Oct 10, 2005 at 05:26:37PM +0200, Daniel Roesen wrote:
So indeed, getting the database entry is an important step toward tricking ISPs to route you.
Only for evildoers being customers of large ISPs who do stricly filter against IRR data. And then only RIPE IRR data can be used for authorization, as the only thing you need to create false IRR data in RADB is that you need to pay for a maintainer object. This is why I say that we need ONE constistent hierarchy of IRR auth data from IANA down.
The safety net has larger holes than you seem to think, I'm afraid. :-Z
Networks tend to consist mostly of holes between the rope... :-) But yes, I'm aware of that, and we should be working toward making it more difficult to spoof things, not making it more convenient. (If we can do it without ending up in horrendous bureaucracy) Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 81421 SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 D- 80807 Muenchen Fax : +49-89-32356-234