PGP authentication for the RADB

The RADB now supports authentication using PGP-based digital signatures.
If you want to use this feature, there are three things you must do:

* Register your public key with the RA.

* Modify your maintainer object to reflect your use of digital

* Sign (via PGP) your RADB transactions.

1. Registering your public key with the RA.

You must send your public key to the RA for inclusion onto our PGP
keyring. Use the "pgp -kxa" command to generate a copy of your public
key suitable for mailing, then mail the resultant file to

For example:

    % pgp -kxa pubkey
    % mail -s 'please register my public key' < pubkey.asc

You may use one of two methods of verification:

* Fax a copy of a photographic identification (passport or drivers license)

     RADB public key verification
     +1 313 747 3185

  please write your PGP fingerprint and email address on the fax

* Attend an RA sponsored key signing session at NANOG or IETF. You
  will need to bring a copy of your public key with a PGP fingerprint
  and photo identification. (This will be verification via the
  identification you bring, rather than having two other people agree
  that you are who you say you are.)

  We will be holding a key signing at NANOG on Monday, September 11 at
  5:00. If that time is not convenient, you can also accost RA team
  members at random and present them with with the appropriate

2. Modifications to the maintainer object

There is a new authentication option for the maintainer object. The
syntax for it is:

    auth: PGP-FROM {PGP User Id}

For example,

    auth: PGP-FROM John Smith <>

3. Signing your RADB transactions

You will need to PGP-sign each transaction you send to Use the "pgp -sta" command to do this.

For example:

    % pgp -sta -u routes
    % mail -s 'route updates' < routes.asc