Re: apnic - second day better

[Harald Tveit Alvestrand <harald@alvestrand.no>]

--On 21. august 2003 12:57 +1000 Geoff Huston <gih@telstra.net> wrote:

> > also note that paul made very clear (took me two tries:-) that the
> > rir will continue to change whois date even if the recipient is not
> > a member.  this is not to say that they will issue attestation of
> > ownership.
>
> It is my understanding that it would be of no value to issue an
> attestation of an association between an entity identity and an address
> resource if the attestor (is that a word?) has no means of validating
> such a attestation. Accordingly if the attestation is simply an assertion
> without reference to supportive documentation and records, then its of no
> useable value as far as I can tell.
this is by no means certain.
the assertion "I think this address block belonged to Bolt, Beranek and 
Newman 10 years ago" might not be enough to ascertain which of the seven 
companies derived from that ancestral source has authority over it now, but 
may be enough to cast doubt upon a claim that "this address block belongs 
to  A. Carribean Spammer".
(no insight into BBN's history or current status claimed....)

Of course, machines have a hard time acting in real time upon such "grey" 
conflicts, but it's enough to raise a flag that "something should be 
checked".

Harald's great insight of the week into practical security: If trying 
something results in you getting caught with high probability, it's likely 
to remain untried..... which is "secure enough" for many purposes....