Re: Hierarchical authorisation failed, request forwarded to maintaine r ???
- Date: Mon, 14 Oct 2002 11:52:14 +0200
Hi,
On Mon, Oct 14, 2002 at 10:51:15AM +0200, Daniel Roesen wrote:
> On Mon, Oct 14, 2002 at 10:37:37AM +0200, Gert Doering wrote:
> > Shane, your explanation is confusing me. There are other examples with
> > "same route, different origin AS" in the RIPE-DB (check 194.97.0.0/16),
> > which is sometimes necessary while migrating a network to a new origin
> > AS.
>
> Yes, and this needs authorization from both ASN maintainers.
Why? If you have authoritation from the owner of the inetnum:, that
should be sufficient.
[..]
> > So the database should permit entry of this *new* object, instead of
> > checking for modification permission on the *existing* object.
> No. Because that allows hijacking under some circumstances.
No. The inetnum:/mnt-routes: check prevent hijacking (if the inetnum: is
in the same database - if not, the check on the route: object doesn't
prevent putting a competing route: object into some other IRR DB).
Gert Doering
-- NetMaster
--
Total number of prefixes smaller than registry allocations: 48282 (47686)
SpaceNet AG Mail: netmaster@localhost
Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0
80807 Muenchen Fax : +49-89-32356-299
|