Re: [Community-Discuss] post ipv4 depletion frauds, brokers activities

[ALAIN AINA]

> On Jun 25, 2016, at 6:22 AM, Nishal Goburdhan  
> wrote:
> 
> On 24 Jun 2016, at 21:06, Honest Ornella GANKPA wrote:
> 
>> It is quite scary actually that even the RIR is promoting such bad
>> practices on the pretense of simplicity
> 
> i disagree.
> and i’m not quite sure you see the double standard here.
> 
> you (meaning: a general user) are happy to use your user name and password, 
> and give your credit card details (ie. real money) to the afrinic website, 
> based simply on your acceptance of a perceived 3rd party valid certificate 
> implying identification  

Those who do have enough trust in  what you just describe, prefer other payment 
mechanisms


> (it’s true;  the payment bits at my.afrinic.net don’t require more than a 
> simple authenticated user login).

Yes, the authentication needed here  is to associate the payment to the org. 
the rest is more on how the payment is processed.


> that same set of authentication information, is needed to *manage* your 
> resources - that critical thing that your network needs -  on a daily basis.
> but yet, somehow you think that this same set of validation/authentication 
> criteria isn’t good enough for specific bits of the website?

No, here we need more and strong ones as you tried to obtain via your ticket. 
We all agree long ago, password-only protection is weak. 

—Alain

> i like to see evidence (proof).  it could be easily argued that, since the 
> e-voting process was Made Simpler (tm) more people used it this year;  i 
> don’t recall the actual numbers, but i’m told that there were *more* e-voters 
> users this year, than last, eh?
> 
> do i wish afrinic would improve security around my.afrinic?  heck yes;  i 
> logged ticket #249014 with afrinic in october 2014 asking for 2FA, which, i’m 
> told is slated for sometime in 2016.  (my ticket is still open!)   i think 
> that 2FA would be a better security deterrent than a bpki cert.  my most 
> recent cert was copied from a laptop, put onto a memory stick and handed to 
> me - i’m sure you can spot the obvious flaws with that .. :-)
> 
> 
>> And why isn't the community consulted when such decisions are taken?
> 
> there was a bylaw change that was done to allow electronic voting (being a 
> new means of voting).  that required membership (not community - mild 
> difference!) consultation.
> 
> the *mechanics* of the system, are *operational* changes.  for that, we have 
> smart people at afrinic that know how to run systems.  we should let them do, 
> what they are paid to do.  do they really need to get community^Wmember 
> consensus to let folks know that they are changing their name-server software 
> (ie. another operational change?)   :-)
> 
> —n.
> 
> ___
> Community-Discuss mailing list
> Community-Discuss@afrinic.net
> https://lists.afrinic.net/mailman/listinfo/community-discuss


___
Community-Discuss mailing list
Community-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/community-discuss

Re: [Community-Discuss] Annual Reports 2014 and 2015 Missing

[Alan Barrett]

> On 24 Jun 2016, at 22:14, Arnaud AMELINA  wrote:
> 
> Hi AFRINIC community,
> 
> After several research and consultations, It appears that the annual report 
> for 2015 was not presented at AfRINIC meeting in Gaborone as per the bylaws 
> section 7.6(iii).

The annual report mentioned in legislation is little more than the financial 
statement, and that was presented.  We are in the process of preparing a much 
more detailed 2015 annual report, and it will be published before the end of 
July.  The detailed 2014 annual report was delayed, but will also be published 
by the end of July 2016.

Alan Barrett
___
Community-Discuss mailing list
Community-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/community-discuss

Re: [Community-Discuss] post ipv4 depletion frauds, brokers activities

[Noah]

On 25 Jun 2016 05:01, "Nishal Goburdhan"  wrote:
>
> i counted thirty-two networks with ROAs listed at afrinic.
> so, if the true concern is poor RPKI adoption, is your ASN in that list?
> and, if not, why not?
>

It should be a serious concern when you count 32 with ROA on more that
1,428 ASNs assigned.

I am happy to see a very familiar one there, but then again, I think the
point being put forward is the failure to adopt RPKI, and the failure to
improve the IRR and the WHOIS.

And how do we do better in terms of showing “right to use” and protecting
objects in there.

> —n.
>

Noah
___
Community-Discuss mailing list
Community-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/community-discuss

Re: [Community-Discuss] post ipv4 depletion frauds, brokers activities

[sergekbk]

AfrNIC does have valid rpki data as one can see at the link below.
http://rpki-monitor.antd.nist.gov/?p=5=0
The point was about poor global adoption and how we can do better.
Regards.
Serge IlungaCell: +243814443160Skype: sergekbkR.D.Congo Original 
message From: Nishal Goburdhan  Date: 
06/25/2016  04:57  (GMT+03:00) To: General Discussions of AFRINIC 
 Subject: Re: [Community-Discuss] post ipv4 
depletion frauds, brokers activities 
On 24 Jun 2016, at 18:07, serge ilunga wrote:

> Some of the bad things may affect us, as globally we failed to adopt 
> RPKI*
> and  to improve the IRR and the Whois.
[snip]
> (*)http://rpki.surfnet.nl/perrir.html

so, i’m guessing this is in reference, on this website, to the 
“zero” reference, in the afrinic region?
i counted thirty-two networks with ROAs listed at afrinic.
so, if the true concern is poor RPKI adoption, is your ASN in that list?
and, if not, why not?

—n.

katala%  cat asn-list | awk -F ' ' '{print $1}' | sort -u

10474
12258
22690
26106
32653
327767
327917
327940
33764
36874
36958
37100
37105
37177
37181
37199
37226
37271
37301
37356
37403
3741
37474
37519
37596
37640
37663
37668
37674
37708
60781
6083
61138
7020

___
Community-Discuss mailing list
Community-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/community-discuss
___
Community-Discuss mailing list
Community-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/community-discuss

Re: [Community-Discuss] Annual Reports 2014 and 2015 Missing

[gm]

Arnaud,

I had not observed that. Thank you.  These reports are useful for us members 
get more operational information. 

I request Who ever does the posting to do so.

Thank you 

On Jun 24, 2016 10:14 PM, Arnaud AMELINA  wrote:
>
> Hi AFRINIC community,
>
> After several research and consultations, It appears that the annual report 
> for 2015 was not presented at AfRINIC meeting in Gaborone as per the bylaws 
> section 7.6(iii).
>
> http://www.afrinic.net/en/about/bylaws?start=6
>
> Also when one looks at the AFRINIC website, Annual Reports for both 2014 and 
> 2015 are missing. The last report to be posted was for 2013 and this is 2016.
>
> http://www.afrinic.net/en/library/corporate-documents
>
> Can we please know why as this reports are extremely important to the 
> community as stakeholders.___
Community-Discuss mailing list
Community-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/community-discuss