How do I implement a hierarchy of CSIRTs?
There are two ways: By referencing different irt objects in the inetnum-hierarchy. In the following example the inetnum object UK-V4 references the IRT-UK: The larger inetnum object UNIVIE references the IRT-ACOnet-CERT:
meijer@gebbetje:~$ whois -h whois.ripe.net -r -c 220.127.116.11 % This is the RIPE Whois server. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/ripencc/pub-services/db/copyright.html inetnum: 18.104.22.168 - 22.214.171.124 netname: UNIVIE descr: LAN University of Vienna country: AT admin-c: HS118 tech-c: UVNA1-RIPE mnt-by: AS760-MNT mnt-irt: IRT-ACOnet-CERT status: ASSIGNED PI changed: porten _at_ mvs.gmd _dot_ de 19900816 changed: dfk _at_ cwi _dot_ nl 19900917 changed: Ewald.Jenisch _at_ cc.univie.ac _dot_ at 19930315 changed: ripe-dbm _at_ ripe _dot_ net 20000225 changed: woeber _at_ cc.univie.ac _dot_ at 20010626 changed: panigl _at_ cc.univie.ac _dot_ at 20010629 source: RIPE meijer@gebbetje:~$ whois -h whois.ripe.net -r -c 126.96.36.199 % This is the RIPE Whois server. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/ripencc/pub-services/db/copyright.html inetnum: 188.8.131.52 - 184.108.40.206 netname: UK-V4 mnt-irt: IRT-UK descr: LAN Ulrich Kiermayr country: AT admin-c: UK6107-RIPE tech-c: UK3 mnt-by: AS760-MNT mnt-by: UK-MNT status: ASSIGNED PA changed: ulrich.kiermayr _at_ univie.ac _dot_ at 20020822 source: RIPE
Another way would be to reference multiple irt objects in the most specific inetnum object, but that does not convey how the hierarchy is made up. This is the only way if there is no IP hierarchy that is usable for this purpose. This might occur with legacy class B/C addresses where one constituent might want to add his own irt object as well as the one of the NREN/LIR and the LIR does not also control the less-specific. Then the only way is for you to use both irt objects.