From memsvcs at arin.net Mon Nov 11 15:34:14 2002 From: memsvcs at arin.net (Member Services) Date: Mon, 11 Nov 2002 15:34:14 -0500 (EST) Subject: [ppml] ARIN X Meeting Minutes Posted Message-ID: <200211112034.PAA15633@ops.arin.net> ARIN recently concluded its tenth Public Policy and Member Meetings held in Eugene, Oregon, October 30 - November 1, 2002. Minutes of these meetings, as well as the presentations given, are now available on the ARIN website at: Public Policy Meeting http://www.arin.net/library/minutes/ARIN_X/ppm.html Members Meeting http://www.arin.net/library/minutes/ARIN_X/member.html ARIN Member Services From memsvcs at arin.net Mon Nov 11 16:38:33 2002 From: memsvcs at arin.net (Member Services) Date: Mon, 11 Nov 2002 16:38:33 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-2 Message-ID: <200211112138.QAA28111@ops.arin.net> The ARIN Advisory Council voted to forward the following policy proposal to the ARIN Board of Trustees for consideration. This is a last call for comments on this policy proposal prior to the ARIN Board of Trustees review. Comments received during this period will be included with the proposal when it is presented to the Board of Trustees for their consideration. Please send your comments to ppml at arin.net. This last call will expire at 23:59 EST on November 22, 2002. Raymond A. Plzak President American Registry for Internet Numbers (ARIN) *** Last Call: Policy Proposal 2002-2 *** 2002-2: Experimental Internet Resource Allocations There have been a number of experimental address allocations undertaken in the Internet over the past decade. These experimental address allocations have been made by the IANA in coordination with standards bodies, such as the IETF, on an ad hoc basis. There is currently no systematic means of receiving other Numbering Resources on a temporary basis as part of a recognised experiment in Internet technology deployment. The following policy is proposed: The RIRs will allocate Numbering Resources to entities requiring temporary Numbering Resources for a fixed period of time under the terms of recognised experimental activity. The following criteria for this policy are proposed: 1. Public Disclosure of Experimental Requests The organisation requesting the resources will have to detail what experimental work they are going to carry out. Such detail can usually be made either: * by submitting a proposal that references a current IETF Experimental RFC (Detail Two), or * by submitting an 'experiment proposal' detailing what resources are required, and what activities will be carried out (Detail Three). Such experimental proposals will, in the normal course of events be made public upon acceptance of the proposal by an RIR. Consideration will be given to non-disclosure constraints, but this is anticipated to be a prohibitive constraint upon the use of public Numbering Resources, even in an experimental context. The RIR will not allocate resources if the entire research experiment cannot be publicly disclosed as per Details Two and Three following. 2. Resource Coordination with Standards Development Bodies The IETF from time to time describes experimental activities and associated requirements for resources that will be required by participants in the experiment. It is considered as being acceptable for the organisation to reference a current Experimental RFC and indicate the organisation's participation in the experiment. Organisations such as the IETF, who describe experimental activities as part of their standards development process, need to consider the associated Numbering Resource requirements with any proposed experiment, and under this proposal will need to liaise with the RIRs as part of the process of publishing a draft as an experimental RFC. 3. Resource Coordination with Independent Experiments For experimental proposals not covered by Detail Two, the RIR will require the experiment's aims and objectives to be published in a publicly accessible document. The RIRs have a strong preference for the use of an Experimental RFC published through the IETF, but will accept other publication mechanisms where the experiment's objectives and practices are publicly and openly available free of charges and free of any constraints of disclosure. The RIRs would also normally require that the experiment's outcomes be published in an openly and freely available document, again free of charges and free of any constraints of disclosure. 4. Resource Allocation Term and Renewal The Numbering Resources are allocated on a lease/license basis for a period of one year. The allocation can be renewed on application to the issuing RIR providing information as per in Detail One. The identity and details of the applicant and the allocated Numbering Resources will be published under the conditions of the RIR's normal publication policy (for example, listed as a temporary allocation in the RIR's database). 5. Single Resource Allocation per Experiment The RIR will make one-off allocations only, on an annual basis. Additional allocations outside the annual cycle will not be made unless justified by a subsequent complete application. It's important for the requesting organisation to ensure they have sufficient resources requested as part of their initial application for the proposed experimental use. 6. Resource Allocation Fees Each RIR may charge an administration fee to cover each allocation made of these experimental resources. This fee simply covers registration and maintenance, rather than the full allocation process for standard RIR members. This administration fee should be as low as possible as these requests do not have to undergo the same evaluation process as those requested in the normal policy environment. 7. Resource Allocation Size The Numbering Resources requested come from the global Internet Resource space, and are not from private or other non-routable Internet Resource space. The allocation size should be consistent with the existing RIR minimum allocation sizes, unless small allocations are intended to be explicitly part of the experiment. If an organisation requires more resource than stipulated by the minimum allocation sizes in force at the time of their request, they should include in their research proposal why this is required. 8. Commercial Use Prohibited If there is any evidence that the temporary resource is being used for commercial purposes, or is being used for any activities not documented in the original experiment description provided to the RIR, the issuing RIR reserves the right to immediately withdraw the resource and reassign it to the free pool. 9. Resource Request Appeal or Arbitration The RIRs should be in a position to assess and comment on the objectives of the experiment with regard to the requested amount of Numbering Resources. The issuing RIR should be able to modify the requested allocation as appropriate, and in agreement with the proposer. In the event that the proposed modifications are not acceptable, the requesting organization may request an appeal or arbitration using the normal procedures of the RIR. In this case, the original standards body that endorsed the experimental action may be requested to provide additional information regarding the experiment and its objectives to assist in the resolution of the appeal. ## END ## From memsvcs at arin.net Mon Nov 11 16:37:05 2002 From: memsvcs at arin.net (Member Services) Date: Mon, 11 Nov 2002 16:37:05 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-1 Message-ID: <200211112137.QAA27860@ops.arin.net> The ARIN Advisory Council voted to forward the following policy proposal to the ARIN Board of Trustees for consideration. This is a last call for comments on this policy proposal prior to the ARIN Board of Trustees review. Comments received during this period will be included with the proposal when it is presented to the Board of Trustees for their consideration. Please send your comments to ppml at arin.net. This last call will expire at 23:59 EST on November 22, 2002. Raymond A. Plzak President American Registry for Internet Numbers (ARIN) *** Last Call: Policy Proposal 2002-1 *** 2002-1: Lame Delegations in IN-ADDR.ARPA ARIN will actively identify lame DNS name server(s) for in-addr.arpa delegations associated with address blocks allocated, assigned or administered by ARIN. Upon identification of a lame delegation, ARIN shall attempt to contact the POC for that resource. The process of contact shall follow at least the following sequence until the lame delegation is repaired: 1) E-mail contact to POC information from ARIN database record(s) associated with the in-addr.arpa delegation 2) E-mail contact to POC information from ARIN database record(s) associated with ASN(s) originating the route in the global routing table. 3) Telephone contact to any POC information obtained above 4) Postal mail contact to any POC information obtained above requesting response within 30 days After completing the contact procedures listed above, and the lame delegation persists, and waiting for a minimum of 30 days following the postal mail being sent, ARIN shall update the resource record with text indicating: 1) That the delegation has been determined to be lame 2) The evaluation date of the lame delegation 3) That contact has been attempted unsuccessfully 4) The date record was updated The record shall be further updated by removing the name server delegation(s). ## END ## From memsvcs at arin.net Mon Nov 11 16:39:43 2002 From: memsvcs at arin.net (Member Services) Date: Mon, 11 Nov 2002 16:39:43 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-4 Message-ID: <200211112139.QAA28203@ops.arin.net> The ARIN Advisory Council voted to forward the following policy proposal to the ARIN Board of Trustees for consideration. This is a last call for comments on this policy proposal prior to the ARIN Board of Trustees review. Comments received during this period will be included with the proposal when it is presented to the Board of Trustees for their consideration. Please send your comments to ppml at arin.net. This last call will expire at 23:59 EST on November 22, 2002. Raymond A. Plzak President American Registry for Internet Numbers (ARIN) *** Last Call: Policy Proposal 2002-4 *** 2002-4: Bulk Copies of ARIN's WHOIS ARIN will provide a bulk copy of WHOIS output, including point of contact information, on the ARIN site for download by any organization that wishes to obtain the data providing they agree to ARIN's acceptable use policy. This point of contact information will not include data marked as private. It is also proposed the existing ARIN Bulk WHOIS Acceptable Use Policy... ## The ARIN WHOIS data is for Internet operational or technical research purposes pertaining to Internet operations only. It may not be used for advertising, direct marketing, marketing research, or similar purposes. Use of the ARIN WHOIS data for these activities is explicitly forbidden. ARIN requests to be notified of any such activities or suspicions thereof. ## ...be applied in the implementation of any policy that results from this policy proposal with the addition of the following text: Redistributing bulk ARIN WHOIS data is explicitly forbidden. It is permissible to publish the data an individual query or small number of queries at a time, as long as reasonable precautions are taken to prevent automated querying by database harvesters. ## END ## From memsvcs at arin.net Mon Nov 11 16:40:49 2002 From: memsvcs at arin.net (Member Services) Date: Mon, 11 Nov 2002 16:40:49 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-5 Message-ID: <200211112140.QAA28303@ops.arin.net> The ARIN Advisory Council voted to forward the following policy proposal to the ARIN Board of Trustees for consideration. This is a last call for comments on this policy proposal prior to the ARIN Board of Trustees review. Comments received during this period will be included with the proposal when it is presented to the Board of Trustees for their consideration. Please send your comments to ppml at arin.net. This last call will expire at 23:59 EST on November 22, 2002. Raymond A. Plzak President American Registry for Internet Numbers (ARIN) *** Last Call: Policy Proposal 2002-5 *** 2002-5: Amnesty Requests If an organization, whether a member or non-member, ISP or end-user, relinquishes a block of portable address space to ARIN, they shall be allowed to receive a block /24 or shorter, returning exchanged space within 12 months, and they shall not be required to justify their use of that space. That is, anyone should be able to decrease their use of address space at any time without fear of the effects of a utilization audit. ARIN staff shall, at their discretion, determine whether the smaller replacement block shall be a subnet of the returned block, or a block allocated from some different range. In the case of an organization name change for address resource records, ARIN's normal transfer policies will apply. If the exchanged address block was maintained in the ARIN database without maintenance fees, the replacement space shall be as well, but if the returned block had associated maintenance fees, then the replacement block shall also be subject to maintenance fees. ## END ## From memsvcs at arin.net Mon Nov 11 16:43:27 2002 From: memsvcs at arin.net (Member Services) Date: Mon, 11 Nov 2002 16:43:27 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-8 Message-ID: <200211112143.QAA28693@ops.arin.net> The ARIN Advisory Council voted to forward the following policy proposal to the ARIN Board of Trustees for consideration. This is a last call for comments on this policy proposal prior to the ARIN Board of Trustees review. Comments received during this period will be included with the proposal when it is presented to the Board of Trustees for their consideration. Please send your comments to ppml at arin.net. This last call will expire at 23:59 EST on November 22, 2002. Raymond A. Plzak President American Registry for Internet Numbers (ARIN) *** Last Call: Policy Proposal 2002-8 *** 2002-8: Privatizing POC Information ARIN's new database allows an organization to designate several points of contact for their organization and resource records. Available types of POCs are Admin, Technical, Abuse, and NOC. If an organization designates several POCs for the management of their organization or resource records in the ARIN database, they are made available via ARIN WHOIS. In order for a point of contact to conduct resource administration for a given resource record in the ARIN database, that POC does have to be associated with the resource record in the ARIN database, and therefore is listed in ARIN WHOIS. It is proposed organizations be able to designate certain points of contact as private from ARIN WHOIS, with the exception that, at the minimum, one point of contact must be viewable. ## END ## From memsvcs at arin.net Mon Nov 11 16:42:03 2002 From: memsvcs at arin.net (Member Services) Date: Mon, 11 Nov 2002 16:42:03 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <200211112142.QAA28381@ops.arin.net> The ARIN Advisory Council voted to forward the following policy proposal to the ARIN Board of Trustees for consideration. This is a last call for comments on this policy proposal prior to the ARIN Board of Trustees review. Comments received during this period will be included with the proposal when it is presented to the Board of Trustees for their consideration. Please send your comments to ppml at arin.net. This last call will expire at 23:59 EST on November 22, 2002. Raymond A. Plzak President American Registry for Internet Numbers (ARIN) *** Last Call: Policy Proposal 2002-6 *** 2002-6: Aggregation Requests If an organization, whether a member or non-member, ISP or end-user, relinquishes a group of portable, non-aggregatable address blocks to ARIN, they shall be allowed to receive a block in exchange, /24 or shorter, but no more than the shortest block that could contain all of the returned blocks. Exchanged space shall be returned within 12 months. For example, if an organization relinquished three /24s, they should be allowed to take either a /24, a /23, or a /22 in exchange. If all of the previous address blocks were maintained in the ARIN database without maintenance fees, the replacement space shall be as well, but if any one of the returned blocks had associated maintenance fees, then the replacement block shall also be subject to maintenance fees. ## END ## From jmcburnett at msmgmt.com Mon Nov 11 18:10:24 2002 From: jmcburnett at msmgmt.com (McBurnett, Jim) Date: Mon, 11 Nov 2002 18:10:24 -0500 Subject: [ppml] Policy 2002-3,7 and 9 comment Message-ID: <390E55B947E7C848898AEBB9E50770600EB44A@msmdcfs01.msmgmt.com> Okay, Having read through all of the notes from the meeting, and considering my current situation of "leasing" a class C for Multi-homing and being nearly stuck to one of my ISPs due to the IP range being theirs, I have but a few questions: 1. A new Class C under these policies may not be globally routable if a single provider chooses not to advertise me. Correct? 2. I see that the prices involved for the Class C and BGP would be $2500 plus the $500 AS. Is this right? Or do I have my assignment/allocation mixed up? Or is this the ISP price? 3. Since I am currently paying $75 monthly for a Class C, how is that in comparison to the "overcharging" of small companies as mentioned in the Policy statements? What are some of you paying? And finally: Should a new routing standard be examined where as a "verification" of source could be attached and authenticated to pass routes to "core" routers so that non-globally routable blocks do not become a rule instead of an exception? IE. using IPSEC or CA etc. pass routes to a Route processor for a backbone provider to be able to propagate those routes to the net via summarizable routes? And Yes I know this is not the correct place to mention this, but I remember seeing several concerns about the global routing issues that can arise from the micro-allocations these policies may cause. Comments? Where should this be mentioned? IETF? IANA? I think at some point there is going to have to be another way to advertise, what I see it that there will be quite a few of the /24's out there. It would be great if a number of the /24's were consecutive and multihomed to some of the same ISP's.. HMMM is that a profitable venture? ISP A and ISP B advertise cooperation for multihoming under ARIN polices 2002-3 and 2002-7 for ease of use for the customer?? Maybe they can use this to make up for the loss of the revenue in those high-cost of IP addresses...... Just a few thoughts from a rank amateur.... Jim McBurnett Director of Information Technology Mid-South Management Company, Inc. From ron at aol.net Mon Nov 11 18:34:36 2002 From: ron at aol.net (Ron da Silva) Date: Mon, 11 Nov 2002 18:34:36 -0500 Subject: [ppml] Policy 2002-3,7 and 9 comment In-Reply-To: <390E55B947E7C848898AEBB9E50770600EB44A@msmdcfs01.msmgmt.com>; from jmcburnett@msmgmt.com on Mon, Nov 11, 2002 at 06:10:24PM -0500 References: <390E55B947E7C848898AEBB9E50770600EB44A@msmdcfs01.msmgmt.com> Message-ID: <20021111183436.W4188@aol.net> Jim, On Mon, Nov 11, 2002 at 06:10:24PM -0500, McBurnett, Jim wrote: > Okay, > Having read through all of the notes from the meeting, and considering my current situation of "leasing" a class C for Multi-homing and being nearly stuck to one of my ISPs due to the IP range being theirs, I have but a few questions: > > 1. A new Class C under these policies may not be globally routable if a single provider chooses not to advertise me. Correct? Correct. Actually, for that matter any allocation or assignment from ARIN guarantees no amount of routability. The routing of address space is negotiated between two parties either by purchase of services, peering or other arrangement. ARIN has no ability to ensure routability of address space. > Should a new routing standard be examined where as a "verification" of source could be attached and authenticated to pass routes to "core" routers so that non-globally routable blocks do not become a rule instead of an exception? IE. using IPSEC or CA etc. pass routes to a Route processor for a backbone provider to be able to propagate those routes to the net via summerizable routes? And Yes I know this is not the correct place to mention this, but I remember seeing several concerns about the global routing issues that can arise from the micro-allocations these policies may cause. > Comments? Where should this be mentioned? IETF? IANA? Good comment..and also currently in discussion in a variety of venues. Your best place to start this would be on the NANOG mailing list (though you should search the mailing list archives online for previous discussions first). Work in securing BGP is also emerging in the IETF. Check some of the work being done in the routing area. -ron From ebohlin at uu.net Tue Nov 12 16:05:06 2002 From: ebohlin at uu.net (Einar Bohlin) Date: Tue, 12 Nov 2002 16:05:06 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 (fwd) Message-ID: Hi, RE: IPs, new for used This looks like a blacklisted IP exchange; kind of like a dirty needle exchange program. Does a legacy B and a /24 get you a /15? And no fees for this? Sign me up, and give me those /24s we gave back to ARIN recently (just kidding). Used IPs are not as good as fresh ones. What's ARIN going to do with the used ones? Will there be reduced fees for those used IPs? (arin-usedIPs.net and arin-half.com are available). Keep in mind that when this is properly abused many of these requests will have to turn into transfer requests. This is to reduce routes? It looks too easily abused, with dubious results. Regards, Einar Bohlin IP Team UUNET Technologies, Inc. Phone: USA 703 886-7362 email: einar.bohlin at wcom.com (VNET Number 806-7362) *** Last Call: Policy Proposal 2002-6 *** 2002-6: Aggregation Requests If an organization, whether a member or non-member, ISP or end-user, relinquishes a group of portable, non-aggregatable address blocks to ARIN, they shall be allowed to receive a block in exchange, /24 or shorter, but no more than the shortest block that could contain all of the returned blocks. Exchanged space shall be returned within 12 months. For example, if an organization relinquished three /24s, they should be allowed to take either a /24, a /23, or a /22 in exchange. If all of the previous address blocks were maintained in the ARIN database without maintenance fees, the replacement space shall be as well, but if any one of the returned blocks had associated maintenance fees, then the replacement block shall also be subject to maintenance fees. ## END ## From ahp at hilander.com Wed Nov 13 12:06:52 2002 From: ahp at hilander.com (Alec H. Peterson) Date: Wed, 13 Nov 2002 10:06:52 -0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 (fwd) In-Reply-To: References: Message-ID: <2147483647.1037182012@macleod.hilander.com> Hi Einar, Do you have any suggestions on how the policy could be changed to address your concerns? Alec --On Tuesday, November 12, 2002 16:05 -0500 Einar Bohlin wrote: > Hi, > > RE: IPs, new for used > > This looks like a blacklisted IP exchange; kind > of like a dirty needle exchange program. > > Does a legacy B and a /24 get you a /15? And no fees > for this? Sign me up, and give me those /24s we gave back to > ARIN recently (just kidding). > > Used IPs are not as good as fresh ones. What's > ARIN going to do with the used ones? Will > there be reduced fees for those used IPs? > (arin-usedIPs.net and arin-half.com are available). > > Keep in mind that when this is properly abused many of > these requests will have to turn into transfer requests. > > This is to reduce routes? It looks too easily abused, with > dubious results. > > Regards, > > Einar Bohlin > IP Team > UUNET Technologies, Inc. > Phone: USA 703 886-7362 > email: einar.bohlin at wcom.com > (VNET Number 806-7362) > > *** Last Call: Policy Proposal 2002-6 *** > > 2002-6: Aggregation Requests > > If an organization, whether a member or non-member, ISP or end-user, > relinquishes a group of portable, non-aggregatable address blocks to > ARIN, they shall be allowed to receive a block in exchange, /24 or > shorter, but no more than the shortest block that could contain all of > the returned blocks. Exchanged space shall be returned within 12 > months. For example, if an organization relinquished three /24s, they > should be allowed to take either a /24, a /23, or a /22 in exchange. If > all of the previous address blocks were maintained in the ARIN database > without maintenance fees, the replacement space shall be as well, but if > any one of the returned blocks had associated maintenance fees, then the > replacement block shall also be subject to maintenance fees. > >## END ## > -- Alec H. Peterson -- ahp at hilander.com Chief Technology Officer Catbird Networks, http://www.catbird.com From thinman at clp.cw.net Wed Nov 13 12:42:08 2002 From: thinman at clp.cw.net (Tanya Hinman) Date: Wed, 13 Nov 2002 12:42:08 -0500 Subject: [ppml] RE: [arin-announce] Last Call for Comment: Policy Proposal 2002-8 In-Reply-To: <200211112143.QAA28693@ops.arin.net> Message-ID: Since the Admin is the only contact that requires a "real" person, does anyone have an issue with just allowing the privatization of the AdminHandle? This would mean that all other handles would be viewable accept the AdminHandle. During the ARIN meeting, I believe it was discussed that the personal names were the issues, not the role accounts. Thanks, Tanya Tanya Hinman Cable & Wireless Manager, GNOC Provide IP Address Engineering Office: +1 919 465 4023 -----Original Message----- From: owner-arin-announce at arin.net [mailto:owner-arin-announce at arin.net]On Behalf Of Member Services Sent: Monday, November 11, 2002 4:43 PM To: arin-announce at arin.net; ppml at arin.net Subject: [arin-announce] Last Call for Comment: Policy Proposal 2002-8 The ARIN Advisory Council voted to forward the following policy proposal to the ARIN Board of Trustees for consideration. This is a last call for comments on this policy proposal prior to the ARIN Board of Trustees review. Comments received during this period will be included with the proposal when it is presented to the Board of Trustees for their consideration. Please send your comments to ppml at arin.net. This last call will expire at 23:59 EST on November 22, 2002. Raymond A. Plzak President American Registry for Internet Numbers (ARIN) *** Last Call: Policy Proposal 2002-8 *** 2002-8: Privatizing POC Information ARIN's new database allows an organization to designate several points of contact for their organization and resource records. Available types of POCs are Admin, Technical, Abuse, and NOC. If an organization designates several POCs for the management of their organization or resource records in the ARIN database, they are made available via ARIN WHOIS. In order for a point of contact to conduct resource administration for a given resource record in the ARIN database, that POC does have to be associated with the resource record in the ARIN database, and therefore is listed in ARIN WHOIS. It is proposed organizations be able to designate certain points of contact as private from ARIN WHOIS, with the exception that, at the minimum, one point of contact must be viewable. ## END ## From ebohlin at uu.net Wed Nov 13 17:58:48 2002 From: ebohlin at uu.net (Einar Bohlin) Date: Wed, 13 Nov 2002 17:58:48 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 (fwd) In-Reply-To: <2147483647.1037182012@macleod.hilander.com> Message-ID: Hi Alec, I saw in the meeting notes that an APNIC rep mentioned that this was seldom used because renumbering seemed to be a deterrent. I think renumbering is a concern for legitamate users of nets and they won't bother to use this policy. It's the other guys who'd take advantage of this that worry me. I don't see a way to make this better, it's a bad idea and I believe the board should not ratify this one. There's not enough good compared to the opportunity for abuse. Is it assumed that if someone turned in non-contiguous swamp nets, that they'd get a cidr from the swamp range? In the example, where does the /22 come from, the swamp or the current range, or is it ARIN's choice? Cheers, Einar Bohlin On Wed, 13 Nov 2002, Alec H. Peterson wrote: > Hi Einar, > > Do you have any suggestions on how the policy could be changed to address > your concerns? > > Alec > > --On Tuesday, November 12, 2002 16:05 -0500 Einar Bohlin > wrote: > > > Hi, > > > > RE: IPs, new for used > > > > This looks like a blacklisted IP exchange; kind > > of like a dirty needle exchange program. > > > > Does a legacy B and a /24 get you a /15? And no fees > > for this? Sign me up, and give me those /24s we gave back to > > ARIN recently (just kidding). > > > > Used IPs are not as good as fresh ones. What's > > ARIN going to do with the used ones? Will > > there be reduced fees for those used IPs? > > (arin-usedIPs.net and arin-half.com are available). > > > > Keep in mind that when this is properly abused many of > > these requests will have to turn into transfer requests. > > > > This is to reduce routes? It looks too easily abused, with > > dubious results. > > > > Regards, > > > > Einar Bohlin > > IP Team > > UUNET Technologies, Inc. > > Phone: USA 703 886-7362 > > email: einar.bohlin at wcom.com > > (VNET Number 806-7362) > > > > *** Last Call: Policy Proposal 2002-6 *** > > > > 2002-6: Aggregation Requests > > > > If an organization, whether a member or non-member, ISP or end-user, > > relinquishes a group of portable, non-aggregatable address blocks to > > ARIN, they shall be allowed to receive a block in exchange, /24 or > > shorter, but no more than the shortest block that could contain all of > > the returned blocks. Exchanged space shall be returned within 12 > > months. For example, if an organization relinquished three /24s, they > > should be allowed to take either a /24, a /23, or a /22 in exchange. If > > all of the previous address blocks were maintained in the ARIN database > > without maintenance fees, the replacement space shall be as well, but if > > any one of the returned blocks had associated maintenance fees, then the > > replacement block shall also be subject to maintenance fees. > > > >## END ## > > > > > -- > Alec H. Peterson -- ahp at hilander.com > Chief Technology Officer > Catbird Networks, http://www.catbird.com > From david.conrad at nominum.com Wed Nov 13 18:24:12 2002 From: david.conrad at nominum.com (David Conrad) Date: Wed, 13 Nov 2002 15:24:12 -0800 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: Message-ID: Einar, As a person responsible for a policy similar to that being discussed at ARIN, albeit in a different region, let me provide my 2 cents: On 11/12/02 1:05 PM, "Einar Bohlin" wrote: > This looks like a blacklisted IP exchange; kind of like a > dirty needle exchange program. Not really. It is an attempt to try to clean up allocations made prior to the understanding of the need to aggregate. > Does a legacy B and a /24 get you a /15? And no fees > for this? My reading of the policy proposed would indicate that yes, if you had _fully_ used a /16 and had an additional /24, you would be able to request a /15. I am, however, a bit skeptical that full utilization of a /16 such that a /24 wouldn't fit is possible. > Used IPs are not as good as fresh ones. Interesting assertion. Why do you say this? > What's > ARIN going to do with the used ones? Presumably, if enough can be returned, they'll form larger aggregate blocks which can then be re-allocated. > Will there be reduced fees for those used IPs? Why? > Keep in mind that when this is properly abused many of > these requests will have to turn into transfer requests. What forms of abuse do you anticipate? > This is to reduce routes? It looks too easily abused, with > dubious results. What is the scarcest resource on the Internet these days? Rgds, -drc From baptista at dot-god.com Wed Nov 13 18:35:49 2002 From: baptista at dot-god.com (Joe Baptista) Date: Wed, 13 Nov 2002 18:35:49 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: Message-ID: On Wed, 13 Nov 2002, David Conrad wrote: > > Used IPs are not as good as fresh ones. > > Interesting assertion. Why do you say this? legacy traffic ... From jmcburnett at msmgmt.com Wed Nov 13 18:42:39 2002 From: jmcburnett at msmgmt.com (McBurnett, Jim) Date: Wed, 13 Nov 2002 18:42:39 -0500 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <390E55B947E7C848898AEBB9E50770600D662B@msmdcfs01.msmgmt.com> Exactly! I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. The problem I see is: How can you tell those uninformed users that they aren't to use the IP's anymore and how to find out who used to have those IP addresses. Wouldn't it be bad if some illegitimate business had those IP's before you? (assumedly they had a shorter than a /24) As David said.. This is my 2 cents worth... Jim -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 6:36 PM To: David Conrad Cc: Einar Bohlin; ARIN PPML Subject: Re: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, David Conrad wrote: > > Used IPs are not as good as fresh ones. > > Interesting assertion. Why do you say this? legacy traffic ... From baptista at dot-god.com Wed Nov 13 18:53:34 2002 From: baptista at dot-god.com (Joe Baptista) Date: Wed, 13 Nov 2002 18:53:34 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: <390E55B947E7C848898AEBB9E50770600D662B@msmdcfs01.msmgmt.com> Message-ID: On Wed, 13 Nov 2002, McBurnett, Jim wrote: > Exactly! > I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. sometimes legacy traffic is automated (no human in charge). the equipment or software thinks there's something there and keeps trying. We have the same issues on some of our IP - old customers who still get queried. regards joe baptista From Stacy_Taylor at icgcomm.com Wed Nov 13 18:56:22 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Wed, 13 Nov 2002 16:56:22 -0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710830@denexg21.icgcomm.com> As the administrator for an extremely legacy network, (was NETCOM), I run into this issue frequently. What it does is beg the question of how to clean up previously used space, which is another issue entirely. Stacy -----Original Message----- From: McBurnett, Jim [mailto:jmcburnett at msmgmt.com] Sent: Wednesday, November 13, 2002 3:43 PM To: Joe Baptista; David Conrad Cc: Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 Exactly! I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. The problem I see is: How can you tell those uninformed users that they aren't to use the IP's anymore and how to find out who used to have those IP addresses. Wouldn't it be bad if some illegitimate business had those IP's before you? (assumedly they had a shorter than a /24) As David said.. This is my 2 cents worth... Jim -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 6:36 PM To: David Conrad Cc: Einar Bohlin; ARIN PPML Subject: Re: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, David Conrad wrote: > > Used IPs are not as good as fresh ones. > > Interesting assertion. Why do you say this? legacy traffic ... From jmcburnett at msmgmt.com Wed Nov 13 18:59:38 2002 From: jmcburnett at msmgmt.com (McBurnett, Jim) Date: Wed, 13 Nov 2002 18:59:38 -0500 Subject: [ppml] Cont of 2002-6 discussion with question for all..... Message-ID: <390E55B947E7C848898AEBB9E50770600D662C@msmdcfs01.msmgmt.com> Well, I think that is a question for the list. How can we clean this legacy space? We all know it is going to get worse. ISP A, B and C turn in a dozen or so disparet class C's. With at least 30 - 40 (or more) server IP addresses per ISP, the new user of that block could be deluged by requests, espeically if they happen to put up a DNS server or webserver on the sae IP as the predessor... There has to be a way to clean the space... Could there be a search engine created to identify who owned it previously? An update to core providers? IDEAS anyone? Jim -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Wednesday, November 13, 2002 6:56 PM To: McBurnett, Jim; Joe Baptista; David Conrad Cc: Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 As the administrator for an extremely legacy network, (was NETCOM), I run into this issue frequently. What it does is beg the question of how to clean up previously used space, which is another issue entirely. Stacy -----Original Message----- From: McBurnett, Jim [mailto:jmcburnett at msmgmt.com] Sent: Wednesday, November 13, 2002 3:43 PM To: Joe Baptista; David Conrad Cc: Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 Exactly! I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. The problem I see is: How can you tell those uninformed users that they aren't to use the IP's anymore and how to find out who used to have those IP addresses. Wouldn't it be bad if some illegitimate business had those IP's before you? (assumedly they had a shorter than a /24) As David said.. This is my 2 cents worth... Jim -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 6:36 PM To: David Conrad Cc: Einar Bohlin; ARIN PPML Subject: Re: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, David Conrad wrote: > > Used IPs are not as good as fresh ones. > > Interesting assertion. Why do you say this? legacy traffic ... From ebohlin at uu.net Wed Nov 13 19:10:42 2002 From: ebohlin at uu.net (Einar Bohlin) Date: Wed, 13 Nov 2002 19:10:42 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-5 In-Reply-To: <200211112140.QAA28303@ops.arin.net> Message-ID: Hi, RE: Amnesty exchange - more routes This one looks to me like a legacy B for a /17 exchange program. They won't get half of the B back, because ARIN doesn't assign CIDRs from the "B" ranges. And then they can take the /17 and use it at 8 different places successfully (8 /20s in a /17) which is troublesome to do today with a B and providers who filter. Net result is 7 additional routes. I do think there should be an amnesty policy, but it'd be like this: "If you have some nets that you're not using and would like to return them to ARIN, please do so, we won't think that you're bad nor hold it against you for waiting so long to do it." Regards, Einar Bohlin IP Team UUNET Technologies, Inc. Phone: USA 703 886-7362 email: einar.bohlin at wcom.com (VNET Number 806-7362) On Mon, 11 Nov 2002, Member Services wrote: > The ARIN Advisory Council voted to forward the > following policy proposal to the ARIN Board of > Trustees for consideration. > > This is a last call for comments on this policy > proposal prior to the ARIN Board of Trustees review. > Comments received during this period will be included > with the proposal when it is presented to the Board > of Trustees for their consideration. > > Please send your comments to ppml at arin.net. This last > call will expire at 23:59 EST on November 22, 2002. > > Raymond A. Plzak > President > American Registry for Internet Numbers (ARIN) > > > *** Last Call: Policy Proposal 2002-5 *** > > 2002-5: Amnesty Requests > > If an organization, whether a member or non-member, ISP or end-user, > relinquishes a block of portable address space to ARIN, they shall be > allowed to receive a block /24 or shorter, returning exchanged space > within 12 months, and they shall not be required to justify their use of > that space. That is, anyone should be able to decrease their use of > address space at any time without fear of the effects of a utilization > audit. ARIN staff shall, at their discretion, determine whether the > smaller replacement block shall be a subnet of the returned block, or a > block allocated from some different range. In the case of an > organization name change for address resource records, ARIN's normal > transfer policies will apply. If the exchanged address block was > maintained in the ARIN database without maintenance fees, the > replacement space shall be as well, but if the returned block had > associated maintenance fees, then the replacement block shall also be > subject to maintenance fees. > > > ## END ## > From Stacy_Taylor at icgcomm.com Wed Nov 13 19:27:18 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Wed, 13 Nov 2002 17:27:18 -0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710838@denexg21.icgcomm.com> This issue also affects the larger CIDR on occasion. If an abuser was on one /24, some ISPs will block the CIDR to which it belongs, even if the ISP has taken care of the spam. Geoff of Exodus and I spoke of this at length at the conference. Presumably, if the block has been returned, the former user is out of business or on another block and cannot be contacted. How does it help us to know who that was? Are we forced to use this space in tiny blocks to interrupt the routing? I think we can ill afford to blacklist blocks. Stacy -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 3:54 PM To: McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, McBurnett, Jim wrote: > Exactly! > I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. sometimes legacy traffic is automated (no human in charge). the equipment or software thinks there's something there and keeps trying. We have the same issues on some of our IP - old customers who still get queried. regards joe baptista From jmcburnett at msmgmt.com Wed Nov 13 19:30:49 2002 From: jmcburnett at msmgmt.com (McBurnett, Jim) Date: Wed, 13 Nov 2002 19:30:49 -0500 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <390E55B947E7C848898AEBB9E50770600EB457@msmdcfs01.msmgmt.com> But what is the solution? The spammer is usually blocked by each and every end user, the ISP of the end-user being spammed or the ISP of the spammer. If any of these are done then should the block change hands we are still left with the problem. If the records are kept so that XYZ corp was blocked due to Spam and you as DEF corp discover that you can't send mail to ABC corp. I think ABC corp.'s ISP should be able to see fairly easily that XYZ no longer owns the block and can fix it.. This depends on the ISP knowing why they blocked it and if necessary creating a global "black-list". I know we don't want to do this, but I don't see any other idea.... Jim -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Wednesday, November 13, 2002 7:27 PM To: 'Joe Baptista'; McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 This issue also affects the larger CIDR on occasion. If an abuser was on one /24, some ISPs will block the CIDR to which it belongs, even if the ISP has taken care of the spam. Geoff of Exodus and I spoke of this at length at the conference. Presumably, if the block has been returned, the former user is out of business or on another block and cannot be contacted. How does it help us to know who that was? Are we forced to use this space in tiny blocks to interrupt the routing? I think we can ill afford to blacklist blocks. Stacy -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 3:54 PM To: McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, McBurnett, Jim wrote: > Exactly! > I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. sometimes legacy traffic is automated (no human in charge). the equipment or software thinks there's something there and keeps trying. We have the same issues on some of our IP - old customers who still get queried. regards joe baptista From john at chagres.net Wed Nov 13 20:13:16 2002 From: john at chagres.net (John M. Brown) Date: Wed, 13 Nov 2002 18:13:16 -0700 Subject: [ppml] Cont of 2002-6 discussion with question for all..... In-Reply-To: <390E55B947E7C848898AEBB9E50770600D662C@msmdcfs01.msmgmt.com> Message-ID: <002501c28b7b$02e8e190$f9ecdfd8@laptoy> place DNS servers on the legacy DNS stuff, then poison the replys with an IP to a "Please fix your network" web page.. Or get registries and registrars to be more active in cleaning up their glue records > -----Original Message----- > From: owner-ppml at arin.net [mailto:owner-ppml at arin.net] On > Behalf Of McBurnett, Jim > Sent: Wednesday, November 13, 2002 5:00 PM > To: Taylor, Stacy; Joe Baptista; David Conrad > Cc: Einar Bohlin; ARIN PPML > Subject: [ppml] Cont of 2002-6 discussion with question for all..... > > > Well, > I think that is a question for the list. > How can we clean this legacy space? > We all know it is going to get worse. > > ISP A, B and C turn in a dozen or so disparet class C's. With > at least 30 - 40 (or more) server IP addresses per ISP, the > new user of that block could be deluged by requests, > espeically if they happen to put up a DNS server or webserver > on the sae IP as the predessor... There has to be a way to > clean the space... > > Could there be a search engine created to identify who owned > it previously? An update to core providers? > > IDEAS anyone? > > > Jim > > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Wednesday, November 13, 2002 6:56 PM > To: McBurnett, Jim; Joe Baptista; David Conrad > Cc: Einar Bohlin; ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > As the administrator for an extremely legacy network, (was > NETCOM), I run into this issue frequently. What it does is > beg the question of how to clean up previously used space, > which is another issue entirely. > > Stacy > > -----Original Message----- > From: McBurnett, Jim [mailto:jmcburnett at msmgmt.com] > Sent: Wednesday, November 13, 2002 3:43 PM > To: Joe Baptista; David Conrad > Cc: Einar Bohlin; ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > Exactly! > I got a Class C from my provider and I get at least 500-1000 > hits a day to two of my IP's for DNS services, Which are > there anymore and other less frequent hits to web services > ports. The problem I see is: How can you tell those > uninformed users that they aren't to use the IP's anymore and > how to find out who used to have those IP addresses. Wouldn't > it be bad if some illegitimate business had those IP's before > you? (assumedly they had a shorter than a /24) > > As David said.. This is my 2 cents worth... > Jim > > -----Original Message----- > From: Joe Baptista [mailto:baptista at dot-god.com] > Sent: Wednesday, November 13, 2002 6:36 PM > To: David Conrad > Cc: Einar Bohlin; ARIN PPML > Subject: Re: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > > On Wed, 13 Nov 2002, David Conrad wrote: > > > > Used IPs are not as good as fresh ones. > > > > Interesting assertion. Why do you say this? > > legacy traffic ... > From jlewis at lewis.org Wed Nov 13 23:49:54 2002 From: jlewis at lewis.org (jlewis at lewis.org) Date: Wed, 13 Nov 2002 23:49:54 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: Message-ID: On Wed, 13 Nov 2002, Joe Baptista wrote: > > On Wed, 13 Nov 2002, David Conrad wrote: > > > > Used IPs are not as good as fresh ones. > > > > Interesting assertion. Why do you say this? > > legacy traffic ... More like legacy filters. Anyone want some used Agis/Cyberpromo IP space? Maybe we should give that to Topica. :) ---------------------------------------------------------------------- Jon Lewis *jlewis at lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ From jrace at attglobal.net Wed Nov 13 23:52:36 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Thu, 14 Nov 2002 11:52:36 +0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY CHECK Message-ID: <200211140452.gAE4qmYm083905@smtp1.arin.net> On Wed, 13 Nov 2002 19:30:49 -0500, McBurnett, Jim wrote: >But what is the solution? >The spammer is usually blocked by each and every end user, the ISP of the end-user being spammed or the ISP of the spammer. >If any of these are done then should the block change hands we are still left with the problem. Well my firm is a continuing spam victim so I will pitch in here with a reality check. Blocklisting IP address space is the ONLY thing that works to stop spam, and its use is definitely going to increase until the bodies in charge of allocating space become active rather than passive about the pollution of the space they manage. I have had many quarrels with ICANN about this, who are somnolent in regard to such simple matters as brazenly fraudulent domain name registrations. My attempts to get ARIN and APNIC to go after fraudulent or negligently managed IP address space have not, to put it gently, been crowned with glorious success. If you can't even do that, then you have to expect the unhappy consequences you are whining about in this thread. In fact, the managers of domain names and IP address space, if they want to avoid the nightmarish jungle the Internet is becoming, are going have to act on the spam issue. There is just no other way; otherwise the Net will be destroyed as a valid medium for e-mail. I have plenty of ideas what to do, which could be codified in RFCs. See . Enjoy. Kind regards to all, Jeffrey Race Cambridge Electronics Laboratories From pfs at cisco.com Thu Nov 14 00:14:00 2002 From: pfs at cisco.com (Philip Smith) Date: Thu, 14 Nov 2002 15:14:00 +1000 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY CHECK In-Reply-To: <200211140452.gAE4qmYm083905@smtp1.arin.net> Message-ID: <5.1.0.14.2.20021114145740.0425c590@localhost> At 11:52 14/11/2002 +0700, Dr. Jeffrey Race wrote: >Well my firm is a continuing spam victim so I will pitch in here with >a reality check. Blocklisting IP address space is the ONLY thing that >works to stop spam, and its use is definitely going to increase until >the bodies in charge of allocating space become active rather than >passive about the pollution of the space they manage. What does spam have to do with the bodies allocating address space? Or to use an analogy, what does junk postal mail have to do with the people who allocate post codes. Nothing. >I have had many quarrels with ICANN about this, who are somnolent >in regard to such simple matters as brazenly fraudulent domain >name registrations. If someone fraudulently registers a domain name, how did they manage to register it? It must have got into the DNS somehow, so who put it there? Might be worth chasing the people who did that, because ICANN is too busy doing other things which don't matter. >My attempts to get ARIN and APNIC to go after fraudulent or >negligently managed IP address space have not, to put it gently, been >crowned with glorious success. If you can't even do that, then >you have to expect the unhappy consequences you are whining about in >this thread. Okay, we're away off track here: 1. Fraudulent use of address space - if someone is using address space which isn't their's to use, I'd be interested to know why their upstream ISP is letting them use it. Wouldn't you? 2. What has negligently used address space got to do with the RIRs. They allocate to the ISPs, and on rare occasions to the end user. ISPs assign to the end-users, so if someone is negligently using this assignment, don't you think it would be a better idea to tell the organisation who has delegated responsibility of this address space to the end user? >In fact, the managers of domain names and IP address space, if they >want to avoid the nightmarish jungle the Internet is becoming, are >going have to act on the spam issue. There is just no other way; >otherwise the Net will be destroyed as a valid medium for e-mail. The management is distributed - step up the tree, not to the top. If the RIRs membership really want the RIRs to micromanage every single allocation they make, the RIR membership should step forward and suggest that. >I have plenty of ideas what to do, which could be codified in RFCs. >See . Enjoy. Write them up! Bring them to the ARIN meeting, propose policy. Bring them to the IETF, etc. philip -- From jrace at attglobal.net Thu Nov 14 01:38:08 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Thu, 14 Nov 2002 13:38:08 +0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY CHECK Message-ID: <200211140638.gAE6cJYm084702@smtp1.arin.net> On Thu, 14 Nov 2002 15:14:00 +1000, Philip Smith wrote: >What does spam have to do with the bodies allocating address space? I didn't raise the subject. List members were whining about the pollution of IP addresses, as though (as Dickens wrote of the French Revolution) "it were the only harvest ever known under the skies that had not been sown--as if nothing had ever been done, or omitted to be done, that had led to it" >Or to use an analogy, what does junk postal mail have to do with the >people who >allocate post codes. Nothing. > In fact plenty and the parallel is quite nice; thank you for raising it. If your company rents a postbox and allows its employees to use it for fraud, the postal inspectors will shut the box, and possibly launch a criminal prosecution against you. >If someone fraudulently registers a domain name, how did they manage to >register it? There are separate databases for billing and for WHOIS. The WHOIS data are intentionally fraudulent. >It must have got into the DNS somehow, so who put it there? >Might be worth chasing the people who did that, because ICANN is too busy >doing other things which don't matter. In fact it is in ICANN's charter to police fraud, but they are extremely resistant to the concept of obeying their charter, as you have surmised already in other regards :) > >>My attempts to get ARIN and APNIC to go after fraudulent or >>negligently managed IP address space have not, to put it gently, been >>crowned with glorious success. If you can't even do that, then >>you have to expect the unhappy consequences you are whining about in >>this thread. > >Okay, we're away off track here: > >1. Fraudulent use of address space - if someone is using address space >which isn't their's to use, I'd be interested to know why their upstream >ISP is letting them use it. Wouldn't you? I apologize for the inclarity; I mean allowing allocated space to be used to commit fraud, theft of service and the like. > >2. What has negligently used address space got to do with the RIRs. They >allocate to the ISPs, and on rare occasions to the end user. ISPs assign to >the end-users, so if someone is negligently using this assignment, don't >you think it would be a better idea to tell the organisation who has >delegated responsibility of this address space to the end user? Yes, in fact that is the SOP, but some ISPs intentionally profit from these criminal activities, and until they are threatened, they will continue to profit. Same idea as the UUNet/WorldCom accounting frauds. Nothing happened to the criminals at the top of the organization for a long time. If the regulators had been doing their jobs the accounting frauds would have been much smaller in impact. And by the way, the irony is that UUNet/MCI are one of the biggest profiteers, if not the biggest, on spam. I offered a complete, ready-to-eat, criminal prosecution (under Virginia Computer Crime Act) to UUNet legal staff, who refused to take action. I asked their staff attorney under what direction this policy was taken. He said "Mr. Ebbers". Is the picture clear now? > >>In fact, the managers of domain names and IP address space, if they >>want to avoid the nightmarish jungle the Internet is becoming, are >>going have to act on the spam issue. There is just no other way; >>otherwise the Net will be destroyed as a valid medium for e-mail. > >The management is distributed - step up the tree, not to the top. If the >RIRs membership really want the RIRs to micromanage every single allocation >they make, the RIR membership should step forward and suggest that. Your suggestion is excellent and I am pleased to flag the issue for you. Actions have consequences and no actions also have (like now) disastrous consequences. (Meaning: if you are not willing to act against abuse of IP address space, don't whine in public newsgroups about its pollution, which is the predictable consequence when the policeman are asleep.) > >>I have plenty of ideas what to do, which could be codified in RFCs. >>See . Enjoy. > >Write them up! Bring them to the ARIN meeting, propose policy. Bring them >to the IETF, etc. I started writing up ideas for an RFC about six months ago but could not gather any enthusiasm for it, so I decided to wait until the situation dramatically worsened, which it has now (some countries becoming essentially intranets, Red China now on the verge; I am proposing to local ISPs in Thailand where I spend much time to block all traffic from that country due to egregious mismanagement of its internet connectivity). However I have a day job and kids to feed. I am willing to work with anyone who feels as if he needs a mission in life. Dr. Jeffrey Race, President Cambridge Electronics Laboratories 20 Chester Street, Somerville MA 02144-3005 USA Tel +1 617 625-7645 (res) Tel +1 617 629-2805 (ofc) Fax +1 617 623-1882 Tel +1 617 823-2941/504-4124 (mobile--sometimes on) ????????????????????????????????????????????????????? ? Download TELECOM DESIGN TRICKS! ? ? ? ? ? ? Download information on our latest product: ? ? QUIKLINK PRIVATE WIRE AUTOMATIC RINGDOWN UNIT ? ? ? ?It's new! It's very small! It's very inexpensive!? ????????????????????????????????????????????????????? From pfs at cisco.com Thu Nov 14 04:02:39 2002 From: pfs at cisco.com (Philip Smith) Date: Thu, 14 Nov 2002 19:02:39 +1000 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY CHECK In-Reply-To: <200211140638.gAE6cHvg008594@proxy2.cisco.com> Message-ID: <5.1.0.14.2.20021114184758.00aca298@localhost> At 13:38 14/11/2002 +0700, Dr. Jeffrey Race wrote: >On Thu, 14 Nov 2002 15:14:00 +1000, Philip Smith wrote: > >What does spam have to do with the bodies allocating address space? > >I didn't raise the subject. List members were whining about the >pollution of IP addresses, as though (as Dickens wrote of the French >Revolution) "it were the only harvest ever known under the skies >that had not been sown--as if nothing had ever been done, or omitted >to be done, that had led to it" I know, we're way of the original topic. Spam is a rat hole sadly, but thankfully nothing to do with the RIRs. >If your company rents a postbox and allows its employees to >use it for fraud, the postal inspectors will shut the box, and possibly >launch a criminal prosecution against you. They may do where you live. In most places, if a company's employees use company resources for fraudulent purposes, the company solves the problem involving authorities as appropriate. I hadn't noticed the RIRs or ICANN being given the power of arrest. >I apologize for the inclarity; I mean allowing allocated space to be >used to commit fraud, theft of service and the like. I get back to the question. What has this got to do with the RIRs? I don't live in a police state (you might do ;-), so unless we are considering inviting the governments to run the internet and magically stop all this spam, we need to work with the distributed trust model we have built over the last decade or so. >Yes, in fact that is the SOP, but some ISPs intentionally profit from >these criminal activities, and until they are threatened, they will >continue to profit. Same idea as the UUNet/WorldCom accounting >frauds. Nothing happened to the criminals at the top of the organization >for a long time. If the regulators had been doing their jobs the >accounting frauds would have been much smaller in impact. Won't comment on this. I only come back to analogy - should the people who are printing the US$ notes that these people are using fraudulently be held responsible for stopping them. Interesting concept. >And by the way, the irony is that UUNet/MCI are one of the biggest >profiteers, if not the biggest, on spam. I don't think UUNET care what is in the packets they carry - they see traffic, they carry traffic. It's not a carrier's business to go snooping inside packets. Law enforcement may want to look inside packets - but that's their job. >(Meaning: if you are not willing to act against abuse >of IP address space, don't whine in public newsgroups about its >pollution, which is the predictable consequence when the policeman >are asleep.) Well, I come back to an earlier point. The only reason that IP address space does get misused is that some ISPs don't check that their customers are using legitimate address space. The ISP Security BOF at the last NANOG covered this in significant detail. philip -- From John.Sweeting at teleglobe.com Thu Nov 14 09:56:52 2002 From: John.Sweeting at teleglobe.com (Sweeting, John) Date: Thu, 14 Nov 2002 09:56:52 -0500 Subject: [ppml] Cont of 2002-6 discussion with question for all..... Message-ID: <170E5E7779BCD3118C2A0008C7F40C1906E9BA9D@usresms03.teleglobe.com> I think that is a fair question but not as part of the 2002-6 policy discussion. I believe that the objective of the policy is allow entities to turn in non-aggretable address blocks in order to reduce routes. We need to stay focused on the policy itself in order to help the BoT make a determination on whether to enact the policy or not. -----Original Message----- From: McBurnett, Jim [mailto:jmcburnett at msmgmt.com] Sent: Wednesday, November 13, 2002 7:00 PM To: Taylor, Stacy; Joe Baptista; David Conrad Cc: Einar Bohlin; ARIN PPML Subject: [ppml] Cont of 2002-6 discussion with question for all..... Well, I think that is a question for the list. How can we clean this legacy space? We all know it is going to get worse. ISP A, B and C turn in a dozen or so disparet class C's. With at least 30 - 40 (or more) server IP addresses per ISP, the new user of that block could be deluged by requests, espeically if they happen to put up a DNS server or webserver on the sae IP as the predessor... There has to be a way to clean the space... Could there be a search engine created to identify who owned it previously? An update to core providers? IDEAS anyone? Jim -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Wednesday, November 13, 2002 6:56 PM To: McBurnett, Jim; Joe Baptista; David Conrad Cc: Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 As the administrator for an extremely legacy network, (was NETCOM), I run into this issue frequently. What it does is beg the question of how to clean up previously used space, which is another issue entirely. Stacy -----Original Message----- From: McBurnett, Jim [mailto:jmcburnett at msmgmt.com] Sent: Wednesday, November 13, 2002 3:43 PM To: Joe Baptista; David Conrad Cc: Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 Exactly! I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. The problem I see is: How can you tell those uninformed users that they aren't to use the IP's anymore and how to find out who used to have those IP addresses. Wouldn't it be bad if some illegitimate business had those IP's before you? (assumedly they had a shorter than a /24) As David said.. This is my 2 cents worth... Jim -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 6:36 PM To: David Conrad Cc: Einar Bohlin; ARIN PPML Subject: Re: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, David Conrad wrote: > > Used IPs are not as good as fresh ones. > > Interesting assertion. Why do you say this? legacy traffic ... From John.Sweeting at teleglobe.com Thu Nov 14 10:43:05 2002 From: John.Sweeting at teleglobe.com (Sweeting, John) Date: Thu, 14 Nov 2002 10:43:05 -0500 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <170E5E7779BCD3118C2A0008C7F40C1906E9BA9E@usresms03.teleglobe.com> Wouldn't this apply to all returned IP blocks? and not just to ones returned under this policy? Should this be a reason not to move forward with Policy 2002-6? -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Wednesday, November 13, 2002 7:27 PM To: 'Joe Baptista'; McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 This issue also affects the larger CIDR on occasion. If an abuser was on one /24, some ISPs will block the CIDR to which it belongs, even if the ISP has taken care of the spam. Geoff of Exodus and I spoke of this at length at the conference. Presumably, if the block has been returned, the former user is out of business or on another block and cannot be contacted. How does it help us to know who that was? Are we forced to use this space in tiny blocks to interrupt the routing? I think we can ill afford to blacklist blocks. Stacy -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 3:54 PM To: McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, McBurnett, Jim wrote: > Exactly! > I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. sometimes legacy traffic is automated (no human in charge). the equipment or software thinks there's something there and keeps trying. We have the same issues on some of our IP - old customers who still get queried. regards joe baptista From jrace at attglobal.net Thu Nov 14 10:59:07 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Thu, 14 Nov 2002 22:59:07 +0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY CHECK Message-ID: <200211141559.gAEFxNYm091301@smtp1.arin.net> On Thu, 14 Nov 2002 08:17:06 -0600, Bill Darte wrote: [snip] >Is it possible to definitively trace spam to an individual or responsible >party? Yes, almost always. 1-Occasionally for 'mainsleaze spam' the spammer uses his own SMTP server. I just got one of these a few minutes ago from Double-click and reported it to its upstream. 2-Almost always however spammers abuse open relays, open proxies (some- times multi-stage, just as you see in the movies), or broken formmail scripts. In these cases you cannot trace (unless you have access to the logs, which seldom happens) so you have to look at the 'money return path' rather than the upload path. This is all elaborated at . 3-For any individual victim it is usually not possible to trace such cutouts as toll-free numbers. However technical means allow the cognoscenti who inhabit Spam-L and NANAE to establish footprints for spammers, and these are very soon documented e.g. at ROKSO. One can do a lookup on various strings (header fragments, hash marks, toll free numbers) and identify the very persons involved and their networks. It turns our there are probably less than one hundred spammer nests worldwide and if these could be taken down, spam traffic would decline drastically. They stay in business due to the collaboration of scum like C&W and UUNet. >What would be a necessary precursor to suing for the cost associated with >spam detection and mitigation... state or federal law? The public resources to not exist to pursue criminal prosecutions or civil actions. They hardly exist to pursue corporate fraudsters, crooked politicians, and child molesters. The only hope in the legal area is to remove the immunities granted to ISPs and backbones and then, as with the anti-junk-fax legislation, let the public become their own enforcers. However all this is beside the point. No new legislation is necessary. The one thing that works, and works INSTANTLY, is blocklists. The entire spam nightmare could be over in a few days if the bodies responsible for IP address and domain name allocation got together and made it clear (e.g. by RFC) that any internet user, ISP or backbone is going to be null routed if it allows spam to emit from its network. Don't laugh. It's true. Read . You are going to have to do it, or internet e-mail is going to be a thing of the past, unusable. Cheers to all, Jeffrey Race From lee.howard at wcom.com Thu Nov 14 11:55:46 2002 From: lee.howard at wcom.com (Lee Howard) Date: Thu, 14 Nov 2002 11:55:46 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY CHECK In-Reply-To: <200211140638.gAE6cJYm084702@smtp1.arin.net> Message-ID: On Thu, 14 Nov 2002, Dr. Jeffrey Race wrote: > Date: Thu, 14 Nov 2002 13:38:08 +0700 > From: Dr. Jeffrey Race > To: Philip Smith > Cc: ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 REALITY > CHECK > > On Thu, 14 Nov 2002 15:14:00 +1000, Philip Smith wrote: > >What does spam have to do with the bodies allocating address space? [. . .] > >2. What has negligently used address space got to do with the RIRs. They > >allocate to the ISPs, and on rare occasions to the end user. ISPs assign > to > >the end-users, so if someone is negligently using this assignment, don't > >you think it would be a better idea to tell the organisation who has > >delegated responsibility of this address space to the end user? > > Yes, in fact that is the SOP, but some ISPs intentionally profit from > these criminal activities, and until they are threatened, they will > continue to profit. Same idea as the UUNet/WorldCom accounting > frauds. Nothing happened to the criminals at the top of the organization > for a long time. If the regulators had been doing their jobs the > accounting frauds would have been much smaller in impact. Were you intentionally trolling for me? I'm not competent to comment on WorldCom's accounting. I can say that I am personally distressed about it, but it seems to me that action was taken pretty quickly after it was discovered. > And by the way, the irony is that UUNet/MCI are one of the biggest > profiteers, if not the biggest, on spam. I offered a complete, > ready-to-eat, criminal prosecution (under Virginia Computer Crime Act) > to UUNet legal staff, who refused to take action. I asked their > staff attorney under what direction this policy was taken. He said > "Mr. Ebbers". Is the picture clear now? I'm not familiar with the specifics of the case above. I can imagine that we might have limited resources for litigation, and spam might not be the highest priority right now. Again, I'm not really competent to comment. I've personally, gleefully, shut down spammers' connectivity. I have always doubted that UUNET's portion of spam is disproportionately larger than its portion of other Internet traffic. If you have a beef with what we do about spam, talk to us directly or take it to NANAE where you'll find many people to share in bashing UUNET and WorldCom. It's not appropriate for ARIN PPML, however. I'm willing to let us be used as an example of an ISP, though. If you want to say: For example, say UUNET assigns a /24 to a customer, who spams, gets blacklisted, and is shut down. UUNET assigns the /24 to another customer. Is UUNET responsible for knowing that the network was blacklisted, and getting it removed from the list? Later, UUNET returns the /14 allocation to ARIN. Is ARIN or UUNET or anyone responsible for removing that /24 from the blacklist before it is allocated to another ARIN member? Lee > Dr. Jeffrey Race, President > Cambridge Electronics Laboratories From Stacy_Taylor at icgcomm.com Thu Nov 14 13:23:27 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Thu, 14 Nov 2002 11:23:27 -0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA0171083E@denexg21.icgcomm.com> I think that 12 months to renumber is overly generous. Organizations willing to request aggregatable space should be ready to renumber before they request it. Also, how will we enforce the move off the numbers? My current allocation is extra large by dint of NETCOM promising to renumber and "forgetting" to give back space. And, Einar's point about turning in a /16 plus one /24 and getting a /15 in return is valid one under the current wording. There is a huge difference between turning 3 /24s and getting a /22, and his scenario. We must safeguard against that. We should not move forward with this policy as it stands. Stacy -----Original Message----- From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] Sent: Thursday, November 14, 2002 7:43 AM To: ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 Wouldn't this apply to all returned IP blocks? and not just to ones returned under this policy? Should this be a reason not to move forward with Policy 2002-6? -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Wednesday, November 13, 2002 7:27 PM To: 'Joe Baptista'; McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 This issue also affects the larger CIDR on occasion. If an abuser was on one /24, some ISPs will block the CIDR to which it belongs, even if the ISP has taken care of the spam. Geoff of Exodus and I spoke of this at length at the conference. Presumably, if the block has been returned, the former user is out of business or on another block and cannot be contacted. How does it help us to know who that was? Are we forced to use this space in tiny blocks to interrupt the routing? I think we can ill afford to blacklist blocks. Stacy -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 3:54 PM To: McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, McBurnett, Jim wrote: > Exactly! > I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. sometimes legacy traffic is automated (no human in charge). the equipment or software thinks there's something there and keeps trying. We have the same issues on some of our IP - old customers who still get queried. regards joe baptista From John.Sweeting at teleglobe.com Thu Nov 14 14:55:33 2002 From: John.Sweeting at teleglobe.com (Sweeting, John) Date: Thu, 14 Nov 2002 14:55:33 -0500 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <170E5E7779BCD3118C2A0008C7F40C1906E9BAA6@usresms03.teleglobe.com> Hi Stacy, do you have specific language that you would recommend be added to ensure that the situation described below is safeguarded against? This invitation is extended to all on the mailing list. Thanks. -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Thursday, November 14, 2002 1:23 PM To: 'Sweeting, John'; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 I think that 12 months to renumber is overly generous. Organizations willing to request aggregatable space should be ready to renumber before they request it. Also, how will we enforce the move off the numbers? My current allocation is extra large by dint of NETCOM promising to renumber and "forgetting" to give back space. And, Einar's point about turning in a /16 plus one /24 and getting a /15 in return is valid one under the current wording. There is a huge difference between turning 3 /24s and getting a /22, and his scenario. We must safeguard against that. We should not move forward with this policy as it stands. Stacy -----Original Message----- From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] Sent: Thursday, November 14, 2002 7:43 AM To: ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 Wouldn't this apply to all returned IP blocks? and not just to ones returned under this policy? Should this be a reason not to move forward with Policy 2002-6? -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Wednesday, November 13, 2002 7:27 PM To: 'Joe Baptista'; McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 This issue also affects the larger CIDR on occasion. If an abuser was on one /24, some ISPs will block the CIDR to which it belongs, even if the ISP has taken care of the spam. Geoff of Exodus and I spoke of this at length at the conference. Presumably, if the block has been returned, the former user is out of business or on another block and cannot be contacted. How does it help us to know who that was? Are we forced to use this space in tiny blocks to interrupt the routing? I think we can ill afford to blacklist blocks. Stacy -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 3:54 PM To: McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, McBurnett, Jim wrote: > Exactly! > I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. sometimes legacy traffic is automated (no human in charge). the equipment or software thinks there's something there and keeps trying. We have the same issues on some of our IP - old customers who still get queried. regards joe baptista From Jill.Kulpinski at cw.com Thu Nov 14 15:28:53 2002 From: Jill.Kulpinski at cw.com (Jill Kulpinski) Date: Thu, 14 Nov 2002 12:28:53 -0800 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: due to addressing issues (mine)...this did not go out last night when I orginally wrote it, so now it is somewhat out of date, but I will send it again anyways for whatever it is worth... This whole issue regarding blacklists seems to be growing each day and more rapidly in the past few months. I would love to know what to tell Customers who are assigned space that was once used by some other Customer who got it blacklisted on one of the thousands of lists out there. I can not control who creates a blacklist, nor who uses it to set up filters, so is there really any means of providing a Customer address space that will never be blacklisted? No. But they want temporary fixes in the meantime which is an impractical solution. I would love to hear other people's thoughts on this but I realize I may be getting off of the topic a bit. Thanks very much, Jill Kulpinski -----Original Message----- From: McBurnett, Jim [mailto:jmcburnett at msmgmt.com] Sent: Wednesday, November 13, 2002 4:31 PM To: Taylor, Stacy; Joe Baptista Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 But what is the solution? The spammer is usually blocked by each and every end user, the ISP of the end-user being spammed or the ISP of the spammer. If any of these are done then should the block change hands we are still left with the problem. If the records are kept so that XYZ corp was blocked due to Spam and you as DEF corp discover that you can't send mail to ABC corp. I think ABC corp.'s ISP should be able to see fairly easily that XYZ no longer owns the block and can fix it.. This depends on the ISP knowing why they blocked it and if necessary creating a global "black-list". I know we don't want to do this, but I don't see any other idea.... Jim -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Wednesday, November 13, 2002 7:27 PM To: 'Joe Baptista'; McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 This issue also affects the larger CIDR on occasion. If an abuser was on one /24, some ISPs will block the CIDR to which it belongs, even if the ISP has taken care of the spam. Geoff of Exodus and I spoke of this at length at the conference. Presumably, if the block has been returned, the former user is out of business or on another block and cannot be contacted. How does it help us to know who that was? Are we forced to use this space in tiny blocks to interrupt the routing? I think we can ill afford to blacklist blocks. Stacy -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 3:54 PM To: McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, McBurnett, Jim wrote: > Exactly! > I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. sometimes legacy traffic is automated (no human in charge). the equipment or software thinks there's something there and keeps trying. We have the same issues on some of our IP - old customers who still get queried. regards joe baptista From Stacy_Taylor at icgcomm.com Thu Nov 14 16:14:18 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Thu, 14 Nov 2002 14:14:18 -0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710844@denexg21.icgcomm.com> Hi John And Everyone, Maybe the policy can only be for aggregate blocks up to /17? I feel like the spirit of the policy is to encourage the return of smaller blocks. After a /17 the organization would have to justify for the /16.... Or perhaps an organization can only CIDR up if they turn in more than half or 3/4 of the space in the next largest CIDR? This idea smacks of reverse justification, but would prohibit Einar's scenario. Whaddya think? Stacy -----Original Message----- From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] Sent: Thursday, November 14, 2002 11:56 AM To: ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 Hi Stacy, do you have specific language that you would recommend be added to ensure that the situation described below is safeguarded against? This invitation is extended to all on the mailing list. Thanks. -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Thursday, November 14, 2002 1:23 PM To: 'Sweeting, John'; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 I think that 12 months to renumber is overly generous. Organizations willing to request aggregatable space should be ready to renumber before they request it. Also, how will we enforce the move off the numbers? My current allocation is extra large by dint of NETCOM promising to renumber and "forgetting" to give back space. And, Einar's point about turning in a /16 plus one /24 and getting a /15 in return is valid one under the current wording. There is a huge difference between turning 3 /24s and getting a /22, and his scenario. We must safeguard against that. We should not move forward with this policy as it stands. Stacy -----Original Message----- From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] Sent: Thursday, November 14, 2002 7:43 AM To: ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 Wouldn't this apply to all returned IP blocks? and not just to ones returned under this policy? Should this be a reason not to move forward with Policy 2002-6? -----Original Message----- From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] Sent: Wednesday, November 13, 2002 7:27 PM To: 'Joe Baptista'; McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 This issue also affects the larger CIDR on occasion. If an abuser was on one /24, some ISPs will block the CIDR to which it belongs, even if the ISP has taken care of the spam. Geoff of Exodus and I spoke of this at length at the conference. Presumably, if the block has been returned, the former user is out of business or on another block and cannot be contacted. How does it help us to know who that was? Are we forced to use this space in tiny blocks to interrupt the routing? I think we can ill afford to blacklist blocks. Stacy -----Original Message----- From: Joe Baptista [mailto:baptista at dot-god.com] Sent: Wednesday, November 13, 2002 3:54 PM To: McBurnett, Jim Cc: David Conrad; Einar Bohlin; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Wed, 13 Nov 2002, McBurnett, Jim wrote: > Exactly! > I got a Class C from my provider and I get at least 500-1000 hits a day to two of my IP's for DNS services, Which are there anymore and other less frequent hits to web services ports. sometimes legacy traffic is automated (no human in charge). the equipment or software thinks there's something there and keeps trying. We have the same issues on some of our IP - old customers who still get queried. regards joe baptista From ebohlin at uu.net Thu Nov 14 18:07:31 2002 From: ebohlin at uu.net (Einar Bohlin) Date: Thu, 14 Nov 2002 18:07:31 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: Message-ID: Hi David, > My reading of the policy proposed would indicate that yes, if you had > _fully_ used a /16 and had an additional /24, you would be able to request a > /15. I am, however, a bit skeptical that full utilization of a /16 such > that a /24 wouldn't fit is possible. There's no mention of the justification process in the policy. The example is this: "For example, if an organization relinquished three /24s, they should be allowed to take either a /24, a /23, or a /22 in exchange." The wording makes it the customer's choice, not ARIN's. Is that the intention? > > Used IPs are not as good as fresh ones. > > Interesting assertion. Why do you say this? We've gotten used IPs from ARIN, and we daily recycle nets to customers. There aren't any problems with IPs when they're brand new. > > Will there be reduced fees for those used IPs? > > Why? When ARIN allocates a net to an ISP, the expectation is that the net has not been assigned before. ARIN doesn't gaurantee routability, of course; however ARIN will know that certain nets have been recycled. That knowledge means used IPs should be treated differently. You don't pay for the nets, you pay for a service... with recycled nets the overall service is not the same quality as with new nets. > > Keep in mind that when this is properly abused many of > > these requests will have to turn into transfer requests. > > What forms of abuse do you anticipate? If an organization registered nets over the course of several years, they're not going to be registered to the same company name; those turn into transfers. Maybe it's not like a couple years ago when getting your own routable block was most sought after. But as far as abuse goes, I was thinking it wouldn't be too hard to find 9 /24s that weren't even routed and don't belong to you and return them for a /20. You know, maybe with a little more work this could become a distributed net retrieval system. > What is the scarcest resource on the Internet these days? At first I thought you'd meant room for routes. But instead I choose time. ARIN meetings are few. Policies are submitted. There's so little time to debate them. People do their best in the time they have. It's a beta world. If this is released and we learn that it needs modification, so be it (even the webhosting debacle wasn't that bad). Regards, Einar Bohlin IP Team UUNET Technologies, Inc. Phone: USA 703 886-7362 email: einar.bohlin at wcom.com (VNET Number 806-7362) On Wed, 13 Nov 2002, David Conrad wrote: > Einar, > > As a person responsible for a policy similar to that being discussed at > ARIN, albeit in a different region, let me provide my 2 cents: > > On 11/12/02 1:05 PM, "Einar Bohlin" wrote: > > This looks like a blacklisted IP exchange; kind of like a > > dirty needle exchange program. > > Not really. It is an attempt to try to clean up allocations made prior to > the understanding of the need to aggregate. > > > Does a legacy B and a /24 get you a /15? And no fees > > for this? > > My reading of the policy proposed would indicate that yes, if you had > _fully_ used a /16 and had an additional /24, you would be able to request a > /15. I am, however, a bit skeptical that full utilization of a /16 such > that a /24 wouldn't fit is possible. > > > Used IPs are not as good as fresh ones. > > Interesting assertion. Why do you say this? > > > What's > > ARIN going to do with the used ones? > > Presumably, if enough can be returned, they'll form larger aggregate blocks > which can then be re-allocated. > > > Will there be reduced fees for those used IPs? > > Why? > > > Keep in mind that when this is properly abused many of > > these requests will have to turn into transfer requests. > > What forms of abuse do you anticipate? > > > This is to reduce routes? It looks too easily abused, with > > dubious results. > > What is the scarcest resource on the Internet these days? > > Rgds, > -drc > > From jrace at attglobal.net Thu Nov 14 21:36:05 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Fri, 15 Nov 2002 09:36:05 +0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <200211150236.gAF2aFYm013435@smtp1.arin.net> On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: >This whole issue regarding blacklists seems to be growing each day and more >rapidly in the past few months. I would love to know what to tell Customers who >are assigned space that was once used by some other Customer who got it >blacklisted on one of the thousands of lists out there. I can not control who >creates a blacklist, nor who uses it to set up filters, so is there really any >means of providing a Customer address space that will never be blacklisted? No. >But they want temporary fixes in the meantime which is an impractical solution. >I would love to hear other people's thoughts on this but I realize I may be >getting off of the topic a bit. It is completely on topic for the reasons you state. In general, announcement on Spam-L and NANAE that the ownership of IP address space has been taken over by new non-spammer user will cause many or most of the blocklists to remove the previously offending addresses. However some blocklist managers don't follow these groups assiduously, some blocklist managers have a several-month waiting period, and some blocklist managers have a policy NEVER to admit traffic from any once-polluted address space, possibly because they have been lied to so many times. So there is NO universal retrospective solution. Therefore, and this is the simple point I have been trying to make here, there remains only a prospective solution. That is what you have to face, and face now, because the use of blocklists is growing rapidly and possibly exponentially. It is the only defense we victims have against the present irresponsible management of IP address space and domain names. The RIRs are responsible for the proper management, express and implied, of the IP address space allocated to them. Since recycling of IP address space obviously will occur over the years, decades and centuries, the RIRs have a duty to prevent pollution of the resources they manage. The pollution comes from spamming. This means the RIRs have to have a clear policy that IP address users must not spam, must not allow spammers on their networks, and must have hair-trigger management systems in place to identify incipient spammers and penalize them (because blocklist additions can occur in days). (All this is eminently doable now by presently existing technical measures, and many ISPs do indeed use such measures.) Any user who violates this rule must have his IP address space withdrawn. That is the only sanction that anyone will pay attention to. In short, the RIRs have to take on a role to act, probably agggressively and violently, against abuse of the resources they manage, by the people to whom they entrust these resources. If you list members are not willing to rise up and force them to prevent spammers from pissing in the pool, then don't complain about how the water tastes when you swim in it. It is the result of your own (in)action. Jeffrey Race From Jill.Kulpinski at cw.com Thu Nov 14 21:50:11 2002 From: Jill.Kulpinski at cw.com (Jill Kulpinski) Date: Thu, 14 Nov 2002 18:50:11 -0800 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: how do i take action against people who don't respond? i am very pro-active in making sure our resources are used appropriately, but how do you tell someone they are not allowed to post a listing, they need to change their listing, or also... force people to not use these blacklists? no matter what we do...some joe-shmo out there could set up a site and put any address he wanted to on a list and market it to the internet world as a blacklist. if someone actually trusts and uses this list... that should be their problem. BUT i tell a Customer who has a complaint he or whomever he serves should not use the listing...and i get 'but everyone....even the major providers use it'. what can i do....for every list that i get some innocent person off of, who is to stop some other person for putting mr. innocent on another list? and how am i ever supposed to be able to guarantee to a Customer that no one is blacklisting their space? it is not possible to provide this guarantee, so what is the solution...and both short term and long term would be great. Thanks, Jill -----Original Message----- From: Dr. Jeffrey Race [mailto:jrace at attglobal.net] Sent: Thursday, November 14, 2002 6:36 PM To: Jill Kulpinski; ppml at arin.net Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: >This whole issue regarding blacklists seems to be growing each day and more >rapidly in the past few months. I would love to know what to tell Customers who >are assigned space that was once used by some other Customer who got it >blacklisted on one of the thousands of lists out there. I can not control who >creates a blacklist, nor who uses it to set up filters, so is there really any >means of providing a Customer address space that will never be blacklisted? No. >But they want temporary fixes in the meantime which is an impractical solution. >I would love to hear other people's thoughts on this but I realize I may be >getting off of the topic a bit. It is completely on topic for the reasons you state. In general, announcement on Spam-L and NANAE that the ownership of IP address space has been taken over by new non-spammer user will cause many or most of the blocklists to remove the previously offending addresses. However some blocklist managers don't follow these groups assiduously, some blocklist managers have a several-month waiting period, and some blocklist managers have a policy NEVER to admit traffic from any once-polluted address space, possibly because they have been lied to so many times. So there is NO universal retrospective solution. Therefore, and this is the simple point I have been trying to make here, there remains only a prospective solution. That is what you have to face, and face now, because the use of blocklists is growing rapidly and possibly exponentially. It is the only defense we victims have against the present irresponsible management of IP address space and domain names. The RIRs are responsible for the proper management, express and implied, of the IP address space allocated to them. Since recycling of IP address space obviously will occur over the years, decades and centuries, the RIRs have a duty to prevent pollution of the resources they manage. The pollution comes from spamming. This means the RIRs have to have a clear policy that IP address users must not spam, must not allow spammers on their networks, and must have hair-trigger management systems in place to identify incipient spammers and penalize them (because blocklist additions can occur in days). (All this is eminently doable now by presently existing technical measures, and many ISPs do indeed use such measures.) Any user who violates this rule must have his IP address space withdrawn. That is the only sanction that anyone will pay attention to. In short, the RIRs have to take on a role to act, probably agggressively and violently, against abuse of the resources they manage, by the people to whom they entrust these resources. If you list members are not willing to rise up and force them to prevent spammers from pissing in the pool, then don't complain about how the water tastes when you swim in it. It is the result of your own (in)action. Jeffrey Race From Jill.Kulpinski at cw.com Thu Nov 14 21:54:08 2002 From: Jill.Kulpinski at cw.com (Jill Kulpinski) Date: Thu, 14 Nov 2002 18:54:08 -0800 Subject: FW: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: still having mail issues...so my apologies if this is posted more than once. how do i take action against people who don't respond? i am very pro-active in making sure our resources are used appropriately, but how do you tell someone they are not allowed to post a listing, they need to change their listing, or also... force people to not use these blacklists? no matter what we do...some joe-shmo out there could set up a site and put any address he wanted to on a list and market it to the internet world as a blacklist. if someone actually trusts and uses this list... that should be their problem. BUT i tell a Customer who has a complaint he or whomever he serves should not use the listing...and i get 'but everyone....even the major providers use it'. what can i do....for every list that i get some innocent person off of, who is to stop some other person for putting mr. innocent on another list? and how am i ever supposed to be able to guarantee to a Customer that no one is blacklisting their space? it is not possible to provide this guarantee, so what is the solution...and both short term and long term would be great. Thanks, Jill On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: >This whole issue regarding blacklists seems to be growing each day and more >rapidly in the past few months. I would love to know what to tell Customers who >are assigned space that was once used by some other Customer who got it >blacklisted on one of the thousands of lists out there. I can not control who >creates a blacklist, nor who uses it to set up filters, so is there really any >means of providing a Customer address space that will never be blacklisted? No. >But they want temporary fixes in the meantime which is an impractical solution. >I would love to hear other people's thoughts on this but I realize I may be >getting off of the topic a bit. It is completely on topic for the reasons you state. In general, announcement on Spam-L and NANAE that the ownership of IP address space has been taken over by new non-spammer user will cause many or most of the blocklists to remove the previously offending addresses. However some blocklist managers don't follow these groups assiduously, some blocklist managers have a several-month waiting period, and some blocklist managers have a policy NEVER to admit traffic from any once-polluted address space, possibly because they have been lied to so many times. So there is NO universal retrospective solution. Therefore, and this is the simple point I have been trying to make here, there remains only a prospective solution. That is what you have to face, and face now, because the use of blocklists is growing rapidly and possibly exponentially. It is the only defense we victims have against the present irresponsible management of IP address space and domain names. The RIRs are responsible for the proper management, express and implied, of the IP address space allocated to them. Since recycling of IP address space obviously will occur over the years, decades and centuries, the RIRs have a duty to prevent pollution of the resources they manage. The pollution comes from spamming. This means the RIRs have to have a clear policy that IP address users must not spam, must not allow spammers on their networks, and must have hair-trigger management systems in place to identify incipient spammers and penalize them (because blocklist additions can occur in days). (All this is eminently doable now by presently existing technical measures, and many ISPs do indeed use such measures.) Any user who violates this rule must have his IP address space withdrawn. That is the only sanction that anyone will pay attention to. In short, the RIRs have to take on a role to act, probably agggressively and violently, against abuse of the resources they manage, by the people to whom they entrust these resources. If you list members are not willing to rise up and force them to prevent spammers from pissing in the pool, then don't complain about how the water tastes when you swim in it. It is the result of your own (in)action. Jeffrey Race From jrace at attglobal.net Thu Nov 14 22:03:28 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Fri, 15 Nov 2002 10:03:28 +0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 GETTING OFF BLOCKLISTS Message-ID: <200211150303.gAF33bYm013794@smtp1.arin.net> On Thu, 14 Nov 2002 18:50:11 -0800, Jill Kulpinski wrote: >how do i take action against people who don't respond? You can't. Mail servers are private property. The owner of the mail server can establish any rules for its use, so long as announced to users of the service (for a public service). LOTS of ISPs get competitive advantage by using blocklists and telling potential customers that they will not receive spam from polluted IP address space (everywhere in China, Hinet in Taiwan etc) i am very pro-active in >making sure our resources are used appropriately, but how do you tell someone >they are not allowed to post a listing, You can't tell someone not to post what he wants. Many blocklists are non-commercial, volunteer efforts. This point recently was ventilated in a thread on Spam-L (which you might like to join to access the world's REAL experts on spam prevention and eradication). The creator of the blocklist announces that it is his PRIVATE blocklist, which anyone is free to use. It is legally unchallengeable. they need to change their listing, or also... >force people to not use these blacklists? You can't for reasons stated above. The only solution is to stop the pollution. Then there is no need for anti-pollution remedies. All that said, most of the blocklists provide data on the offensive activities and the managers will amend the list if evidence is shown that the anti-social activities have ceased definitively. They would obviously wait a long time before believing claims of virtue from serial offenders like C&W or UUNet (US side--the European side of UU is very good). Don't fight the blocklists; they are the only thing now allowing e-mail to remain viable for many users. Therefore they are a Good Thing. What we want is for responsible bodies (fill in name of you favorite RIR) to act so the blocklist fill trends to zero, or anyway epsilon. Jeffrey Race From mury at goldengate.net Thu Nov 14 22:29:31 2002 From: mury at goldengate.net (Mury) Date: Thu, 14 Nov 2002 21:29:31 -0600 (CST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: <200211150236.gAF2aFYm013435@smtp1.arin.net> Message-ID: I'm not sure I should comment because I did not read all of the posts regarding this. However, I'll take a chance at being flamed for repeating someone else or being off-topic. Didn't this start with someone not wanting used space, because used space can have legacy consequences? Those consequences being black-listed IPs, existing servers outside the IP block still thinking they need to talk to those IPs for a service long gone, etc. It seems to me like it is very similiar to getting a recycled 1-800 number. It sucks. I really don't see how the RIRs can effectively revoke the IP space of spammers. That is going to take a lot of effort and probably result in a lot of days sitting in court. That's not to say that I wouldn't like to see it happen, but I don't think that is a viable answer. Why can't the RIR maintain a list of returned IP space? Blacklisting services that are worth using could easily cross check their blacklisted IPs against that list. The RIRs should also recycle the IPs on a first in first out basis to minimize any legacy traffic going to those IPs. It's not perfect, but statistically it makes sense. Of course they could also advertise all unallocated IPs to themselves or an outside service to check for abnormal amounts of legacy traffic and not assign blocks that are being hit hard. It's hard for me to imagine that if IP space is returned and it is not recycled for a year or two that a blacklisting service couldn't find the resources to remove that IP space from their lists and for a very high percentage of the legacy traffic to have vanished. Anyone using a blacklisting service that can't keep something like that up to date can't possibly trust their accuracy anyway. And in my experience most blacklisters are savvy enough to appreciate and utilize a list that the RIR's could easily maintain. Mury On Fri, 15 Nov 2002, Dr. Jeffrey Race wrote: > On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: > >This whole issue regarding blacklists seems to be growing each day and more > >rapidly in the past few months. I would love to know what to tell Customers who > >are assigned space that was once used by some other Customer who got it > >blacklisted on one of the thousands of lists out there. I can not control who > >creates a blacklist, nor who uses it to set up filters, so is there really any > >means of providing a Customer address space that will never be blacklisted? No. > >But they want temporary fixes in the meantime which is an impractical solution. > >I would love to hear other people's thoughts on this but I realize I may be > >getting off of the topic a bit. > > > It is completely on topic for the reasons you state. > > In general, announcement on Spam-L and NANAE that the ownership of IP address > space has been taken over by new non-spammer user will cause many or most of > the blocklists to remove the previously offending addresses. However some > blocklist managers don't follow these groups assiduously, some blocklist > managers have a several-month waiting period, and some blocklist managers have > a policy NEVER to admit traffic from any once-polluted address space, possibly > because they have been lied to so many times. > > So there is NO universal retrospective solution. > > Therefore, and this is the simple point I have been trying to make here, > there remains only a prospective solution. That is what you have to face, > and face now, because the use of blocklists is growing rapidly and possibly > exponentially. It is the only defense we victims have against the present > irresponsible management of IP address space and domain names. > > The RIRs are responsible for the proper management, express and > implied, of the IP address space allocated to them. Since recycling of > IP address space obviously will occur over the years, decades and > centuries, the RIRs have a duty to prevent pollution of the resources > they manage. The pollution comes from spamming. This means the RIRs > have to have a clear policy that IP address users must not spam, must > not allow spammers on their networks, and must have hair-trigger management > systems in place to identify incipient spammers and penalize them (because > blocklist additions can occur in days). (All this is eminently doable now > by presently existing technical measures, and many ISPs do indeed use such > measures.) Any user who violates this rule must have his IP address space > withdrawn. That is the only sanction that anyone will pay attention to. > > In short, the RIRs have to take on a role to act, probably agggressively > and violently, against abuse of the resources they manage, by the people > to whom they entrust these resources. If you list members are not willing > to rise up and force them to prevent spammers from pissing in the pool, > then don't complain about how the water tastes when you swim in it. It > is the result of your own (in)action. > > Jeffrey Race > From jrace at attglobal.net Fri Nov 15 01:40:53 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Fri, 15 Nov 2002 13:40:53 +0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <200211150641.gAF6f2Ym015871@smtp1.arin.net> On Thu, 14 Nov 2002 21:29:31 -0600 (CST), Mury wrote: >Anyone using a blacklisting service that can't keep something like that up >to date can't possibly trust their accuracy anyway. And in my experience >most blacklisters are savvy enough to appreciate and utilize a list that >the RIR's could easily maintain. Here is a typical announcement (on Spam-L) of a repentant ISP trying to get off blocklists: Date: Thu, 14 Nov 2002 18:04:15 -0500 From: "W. Mark Herrick, Jr." Subject: BLOCK: Spews Listing S1620 - Removal Request All issues related to Road Runner (had all related DNS entries removed and had all domain records (whois) remove any reference to a Road Runner IP address) have been resolved. Our customer was hosting DNS for these domains. That customer is no longer doing so. Problem Domains that have been removed: dirtytraffic.com, thapics.com, verynicetits.com, pornsiteengine.com, bentspokemedia.com, veryhornyteens.com Requesting removal of 24.129.179.0 - 24.129.181.255 Mark Herrick Director - Operations Security Road Runner From billd at cait.wustl.edu Fri Nov 15 09:23:03 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Fri, 15 Nov 2002 08:23:03 -0600 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: I think Mury's suggestions are near the mark on this issue. RIRs maintain a list of returned space RIRs defer allocating from list until needed) then allocate from list First In/First Out RIRs employ tests (if possible?) to determine suitability - worst stuff goes to top of list RIRs would make an effort to publicize service to Blacklisters Other thoughts? Obviously there is a 'cost' to this service. Is the reclamation for aggregation worth the cost? Bill Darte > -----Original Message----- > From: Mury [mailto:mury at goldengate.net] > Sent: Thursday, November 14, 2002 9:30 PM > To: Dr. Jeffrey Race > Cc: Jill Kulpinski; ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > > I'm not sure I should comment because I did not read all of the posts > regarding this. However, I'll take a chance at being flamed > for repeating > someone else or being off-topic. > > Didn't this start with someone not wanting used space, > because used space > can have legacy consequences? Those consequences being > black-listed IPs, > existing servers outside the IP block still thinking they > need to talk to > those IPs for a service long gone, etc. > > It seems to me like it is very similiar to getting a recycled 1-800 > number. It sucks. > > I really don't see how the RIRs can effectively revoke the IP space of > spammers. That is going to take a lot of effort and probably > result in a > lot of days sitting in court. That's not to say that I > wouldn't like to > see it happen, but I don't think that is a viable answer. > > Why can't the RIR maintain a list of returned IP space? Blacklisting > services that are worth using could easily cross check their > blacklisted > IPs against that list. > > The RIRs should also recycle the IPs on a first in first out basis to > minimize any legacy traffic going to those IPs. It's not perfect, but > statistically it makes sense. Of course they could also advertise all > unallocated IPs to themselves or an outside service to check > for abnormal > amounts of legacy traffic and not assign blocks that are > being hit hard. > > It's hard for me to imagine that if IP space is returned and it is not > recycled for a year or two that a blacklisting service > couldn't find the > resources to remove that IP space from their lists and for a very high > percentage of the legacy traffic to have vanished. > > Anyone using a blacklisting service that can't keep something > like that up > to date can't possibly trust their accuracy anyway. And in > my experience > most blacklisters are savvy enough to appreciate and utilize > a list that > the RIR's could easily maintain. > > Mury > > > > > On Fri, 15 Nov 2002, Dr. Jeffrey Race wrote: > > > On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: > > >This whole issue regarding blacklists seems to be growing > each day and more > > >rapidly in the past few months. I would love to know what > to tell Customers who > > >are assigned space that was once used by some other > Customer who got it > > >blacklisted on one of the thousands of lists out there. I > can not control who > > >creates a blacklist, nor who uses it to set up filters, so > is there really any > > >means of providing a Customer address space that will > never be blacklisted? No. > > >But they want temporary fixes in the meantime which is an > impractical solution. > > >I would love to hear other people's thoughts on this but I > realize I may be > > >getting off of the topic a bit. > > > > > > It is completely on topic for the reasons you state. > > > > In general, announcement on Spam-L and NANAE that the > ownership of IP address > > space has been taken over by new non-spammer user will > cause many or most of > > the blocklists to remove the previously offending > addresses. However some > > blocklist managers don't follow these groups assiduously, > some blocklist > > managers have a several-month waiting period, and some > blocklist managers have > > a policy NEVER to admit traffic from any once-polluted > address space, possibly > > because they have been lied to so many times. > > > > So there is NO universal retrospective solution. > > > > Therefore, and this is the simple point I have been trying > to make here, > > there remains only a prospective solution. That is what > you have to face, > > and face now, because the use of blocklists is growing > rapidly and possibly > > exponentially. It is the only defense we victims have > against the present > > irresponsible management of IP address space and domain names. > > > > The RIRs are responsible for the proper management, express and > > implied, of the IP address space allocated to them. Since > recycling of > > IP address space obviously will occur over the years, decades and > > centuries, the RIRs have a duty to prevent pollution of the > resources > > they manage. The pollution comes from spamming. This > means the RIRs > > have to have a clear policy that IP address users must not > spam, must > > not allow spammers on their networks, and must have > hair-trigger management > > systems in place to identify incipient spammers and > penalize them (because > > blocklist additions can occur in days). (All this is > eminently doable now > > by presently existing technical measures, and many ISPs do > indeed use such > > measures.) Any user who violates this rule must have his > IP address space > > withdrawn. That is the only sanction that anyone will pay > attention to. > > > > In short, the RIRs have to take on a role to act, probably > agggressively > > and violently, against abuse of the resources they manage, > by the people > > to whom they entrust these resources. If you list members > are not willing > > to rise up and force them to prevent spammers from pissing > in the pool, > > then don't complain about how the water tastes when you > swim in it. It > > is the result of your own (in)action. > > > > Jeffrey Race > > > From baptista at dot-god.com Fri Nov 15 09:56:59 2002 From: baptista at dot-god.com (Joe Baptista) Date: Fri, 15 Nov 2002 09:56:59 -0500 (EST) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: Message-ID: The one thing I do see from this thread is a need for the RIR's to disclose if address space has been used before. Cheers Joe Baptista -- Planet Communications & Computing Facility a division of The dot.GOD Registry, Limited On Thu, 14 Nov 2002, Mury wrote: > > I'm not sure I should comment because I did not read all of the posts > regarding this. However, I'll take a chance at being flamed for repeating > someone else or being off-topic. > > Didn't this start with someone not wanting used space, because used space > can have legacy consequences? Those consequences being black-listed IPs, > existing servers outside the IP block still thinking they need to talk to > those IPs for a service long gone, etc. > > It seems to me like it is very similiar to getting a recycled 1-800 > number. It sucks. > > I really don't see how the RIRs can effectively revoke the IP space of > spammers. That is going to take a lot of effort and probably result in a > lot of days sitting in court. That's not to say that I wouldn't like to > see it happen, but I don't think that is a viable answer. > > Why can't the RIR maintain a list of returned IP space? Blacklisting > services that are worth using could easily cross check their blacklisted > IPs against that list. > > The RIRs should also recycle the IPs on a first in first out basis to > minimize any legacy traffic going to those IPs. It's not perfect, but > statistically it makes sense. Of course they could also advertise all > unallocated IPs to themselves or an outside service to check for abnormal > amounts of legacy traffic and not assign blocks that are being hit hard. > > It's hard for me to imagine that if IP space is returned and it is not > recycled for a year or two that a blacklisting service couldn't find the > resources to remove that IP space from their lists and for a very high > percentage of the legacy traffic to have vanished. > > Anyone using a blacklisting service that can't keep something like that up > to date can't possibly trust their accuracy anyway. And in my experience > most blacklisters are savvy enough to appreciate and utilize a list that > the RIR's could easily maintain. > > Mury > > > > > On Fri, 15 Nov 2002, Dr. Jeffrey Race wrote: > > > On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: > > >This whole issue regarding blacklists seems to be growing each day and more > > >rapidly in the past few months. I would love to know what to tell Customers who > > >are assigned space that was once used by some other Customer who got it > > >blacklisted on one of the thousands of lists out there. I can not control who > > >creates a blacklist, nor who uses it to set up filters, so is there really any > > >means of providing a Customer address space that will never be blacklisted? No. > > >But they want temporary fixes in the meantime which is an impractical solution. > > >I would love to hear other people's thoughts on this but I realize I may be > > >getting off of the topic a bit. > > > > > > It is completely on topic for the reasons you state. > > > > In general, announcement on Spam-L and NANAE that the ownership of IP address > > space has been taken over by new non-spammer user will cause many or most of > > the blocklists to remove the previously offending addresses. However some > > blocklist managers don't follow these groups assiduously, some blocklist > > managers have a several-month waiting period, and some blocklist managers have > > a policy NEVER to admit traffic from any once-polluted address space, possibly > > because they have been lied to so many times. > > > > So there is NO universal retrospective solution. > > > > Therefore, and this is the simple point I have been trying to make here, > > there remains only a prospective solution. That is what you have to face, > > and face now, because the use of blocklists is growing rapidly and possibly > > exponentially. It is the only defense we victims have against the present > > irresponsible management of IP address space and domain names. > > > > The RIRs are responsible for the proper management, express and > > implied, of the IP address space allocated to them. Since recycling of > > IP address space obviously will occur over the years, decades and > > centuries, the RIRs have a duty to prevent pollution of the resources > > they manage. The pollution comes from spamming. This means the RIRs > > have to have a clear policy that IP address users must not spam, must > > not allow spammers on their networks, and must have hair-trigger management > > systems in place to identify incipient spammers and penalize them (because > > blocklist additions can occur in days). (All this is eminently doable now > > by presently existing technical measures, and many ISPs do indeed use such > > measures.) Any user who violates this rule must have his IP address space > > withdrawn. That is the only sanction that anyone will pay attention to. > > > > In short, the RIRs have to take on a role to act, probably agggressively > > and violently, against abuse of the resources they manage, by the people > > to whom they entrust these resources. If you list members are not willing > > to rise up and force them to prevent spammers from pissing in the pool, > > then don't complain about how the water tastes when you swim in it. It > > is the result of your own (in)action. > > > > Jeffrey Race > > > From chuegen at cisco.com Fri Nov 15 10:24:42 2002 From: chuegen at cisco.com (Craig A. Huegen) Date: Fri, 15 Nov 2002 09:24:42 -0600 (Central Standard Time) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: <5BDB545714D0764F8452CC5A25DDEEFA0171083E@denexg21.icgcomm.com> Message-ID: On Thu, 14 Nov 2002, Taylor, Stacy wrote: > I think that 12 months to renumber is overly generous. Organizations > willing to request aggregatable space should be ready to renumber before > they request it. Renumbering a larger network takes some significant time. Software packages tie license keys to IP addresses, software has IP addresses hard coded, etc. Each of these requires project management, finding downtime windows, user announcements / user upgrades, etc. In some environments, 12 months is actually a very tight squeeze when you're renumbering, even in a fully DHCP-enabled environment for end users. Don't underestimate the work required in renumbering for medium and large end-sites. It's not fun, and I have battle scars to prove it. /cah --- Craig A. Huegen, Chief Network Architect C i s c o S y s t e m s IT Transport, Network Technology & Design || || Cisco Systems, Inc., 400 East Tasman Drive || || San Jose, CA 95134, (408) 526-8104 |||| |||| email: chuegen at cisco.com CCIE #2100 ..:||||||:..:||||||:.. From Stacy_Taylor at icgcomm.com Fri Nov 15 10:37:40 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Fri, 15 Nov 2002 08:37:40 -0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA0171084F@denexg21.icgcomm.com> There is no one on this list who does not understand the pain of renumbering. However, it seems to me that the scope of this policy does not encompass the renumbering of large end-sites. In my RFC2050 /24 reclamation/Smackdown many endusers complained that it would take them 6 months to move off my numbers, but when threatened with routing cessation they were off in 3 weeks. People prepared to utilize this policy should have the resources already in place to renumber when they make the request. An organization turning in three disparate /24s for a /22 should not require that much time. -----Original Message----- From: Craig A. Huegen [mailto:chuegen at cisco.com] Sent: Friday, November 15, 2002 7:25 AM To: Taylor, Stacy Cc: 'Sweeting, John'; ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 On Thu, 14 Nov 2002, Taylor, Stacy wrote: > I think that 12 months to renumber is overly generous. Organizations > willing to request aggregatable space should be ready to renumber before > they request it. Renumbering a larger network takes some significant time. Software packages tie license keys to IP addresses, software has IP addresses hard coded, etc. Each of these requires project management, finding downtime windows, user announcements / user upgrades, etc. In some environments, 12 months is actually a very tight squeeze when you're renumbering, even in a fully DHCP-enabled environment for end users. Don't underestimate the work required in renumbering for medium and large end-sites. It's not fun, and I have battle scars to prove it. /cah --- Craig A. Huegen, Chief Network Architect C i s c o S y s t e m s IT Transport, Network Technology & Design || || Cisco Systems, Inc., 400 East Tasman Drive || || San Jose, CA 95134, (408) 526-8104 |||| |||| email: chuegen at cisco.com CCIE #2100 ..:||||||:..:||||||:.. From billd at cait.wustl.edu Fri Nov 15 10:55:38 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Fri, 15 Nov 2002 09:55:38 -0600 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: I basically agree that a renumbering timetable is necessary and that is should try to be compassionate without leading to procrastination...we want to motivate the return behavior. I also agree that people should be prepared for the migration by the time they take advantage of the policy. Perhaps there is a middle ground that would 'scale'... maybe a maximum of 3 levels. 3 months for aggregates smaller than /22, 6 months for /22-/20 and 12 months for larger than /20. Would this be too cumbersome? What about only 2 levels? billd > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Friday, November 15, 2002 9:38 AM > To: 'Craig A. Huegen'; Taylor, Stacy > Cc: 'Sweeting, John'; ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > There is no one on this list who does not understand the pain of > renumbering. However, it seems to me that the scope of this > policy does not > encompass the renumbering of large end-sites. In my RFC2050 /24 > reclamation/Smackdown many endusers complained that it would > take them 6 > months to move off my numbers, but when threatened with > routing cessation > they were off in 3 weeks. People prepared to utilize this > policy should > have the resources already in place to renumber when they > make the request. > > An organization turning in three disparate /24s for a /22 > should not require > that much time. > > -----Original Message----- > From: Craig A. Huegen [mailto:chuegen at cisco.com] > Sent: Friday, November 15, 2002 7:25 AM > To: Taylor, Stacy > Cc: 'Sweeting, John'; ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > On Thu, 14 Nov 2002, Taylor, Stacy wrote: > > > I think that 12 months to renumber is overly generous. > Organizations > > willing to request aggregatable space should be ready to > renumber before > > they request it. > > Renumbering a larger network takes some significant time. Software > packages tie license keys to IP addresses, software has IP > addresses hard > coded, etc. Each of these requires project management, > finding downtime > windows, user announcements / user upgrades, etc. In some > environments, > 12 months is actually a very tight squeeze when you're > renumbering, even > in a fully DHCP-enabled environment for end users. > > Don't underestimate the work required in renumbering for > medium and large > end-sites. It's not fun, and I have battle scars to prove it. > > /cah > > --- > Craig A. Huegen, Chief Network Architect C i s c o S y s t e m s > IT Transport, Network Technology & Design || || > Cisco Systems, Inc., 400 East Tasman Drive || || > San Jose, CA 95134, (408) 526-8104 |||| |||| > email: chuegen at cisco.com CCIE #2100 ..:||||||:..:||||||:.. > From chuegen at cisco.com Fri Nov 15 10:54:03 2002 From: chuegen at cisco.com (Craig A. Huegen) Date: Fri, 15 Nov 2002 09:54:03 -0600 (Central Standard Time) Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: <5BDB545714D0764F8452CC5A25DDEEFA0171084F@denexg21.icgcomm.com> Message-ID: I absolutely agree with that. This policy currently has no upper bounds (although it has been raised); as a result, talking about a reasonable time must be put in context of size. /cah On Fri, 15 Nov 2002, Taylor, Stacy wrote: > There is no one on this list who does not understand the pain of > renumbering. However, it seems to me that the scope of this policy does not > encompass the renumbering of large end-sites. In my RFC2050 /24 > reclamation/Smackdown many endusers complained that it would take them 6 > months to move off my numbers, but when threatened with routing cessation > they were off in 3 weeks. People prepared to utilize this policy should > have the resources already in place to renumber when they make the request. > > An organization turning in three disparate /24s for a /22 should not require > that much time. > > -----Original Message----- > From: Craig A. Huegen [mailto:chuegen at cisco.com] > Sent: Friday, November 15, 2002 7:25 AM > To: Taylor, Stacy > Cc: 'Sweeting, John'; ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > On Thu, 14 Nov 2002, Taylor, Stacy wrote: > > > I think that 12 months to renumber is overly generous. Organizations > > willing to request aggregatable space should be ready to renumber before > > they request it. > > Renumbering a larger network takes some significant time. Software > packages tie license keys to IP addresses, software has IP addresses hard > coded, etc. Each of these requires project management, finding downtime > windows, user announcements / user upgrades, etc. In some environments, > 12 months is actually a very tight squeeze when you're renumbering, even > in a fully DHCP-enabled environment for end users. > > Don't underestimate the work required in renumbering for medium and large > end-sites. It's not fun, and I have battle scars to prove it. > > /cah > > --- > Craig A. Huegen, Chief Network Architect C i s c o S y s t e m s > IT Transport, Network Technology & Design || || > Cisco Systems, Inc., 400 East Tasman Drive || || > San Jose, CA 95134, (408) 526-8104 |||| |||| > email: chuegen at cisco.com CCIE #2100 ..:||||||:..:||||||:.. > --- Craig A. Huegen, Chief Network Architect C i s c o S y s t e m s IT Transport, Network Technology & Design || || Cisco Systems, Inc., 400 East Tasman Drive || || San Jose, CA 95134, (408) 526-8104 |||| |||| email: chuegen at cisco.com CCIE #2100 ..:||||||:..:||||||:.. From John.Sweeting at teleglobe.com Fri Nov 15 10:55:28 2002 From: John.Sweeting at teleglobe.com (Sweeting, John) Date: Fri, 15 Nov 2002 10:55:28 -0500 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <170E5E7779BCD3118C2A0008C7F40C1906E9BAB1@usresms03.teleglobe.com> I would like to point out that the Policy Proposal 2002-6 does not mention re-issuing of the returned address space. If enough people feel strongly that this Policy should be "Tabled" until that issue is addressed then they should state that fact. If people feel strongly that the wording needs to be changed to make it a better policy and keep it from being abused then that should also be stated (along with suggested wording or changes to make it better). If they just plain feel that it is not a good policy at all (as Einar has done) then please state that along with your reasons for feeling that way. If we want to discuss all the issues with SPAM, Blocklisting and other issues associated with USED IP space then lets start a new thread for that. What we really need to see on these Last Call replies are the feelings one way or the other on whether this policy should be approved by the BoT and put in place. Thank you all. -----Original Message----- From: Bill Darte [mailto:billd at cait.wustl.edu] Sent: Friday, November 15, 2002 9:23 AM To: 'Mury' Cc: ppml at arin.net Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 I think Mury's suggestions are near the mark on this issue. RIRs maintain a list of returned space RIRs defer allocating from list until needed) then allocate from list First In/First Out RIRs employ tests (if possible?) to determine suitability - worst stuff goes to top of list RIRs would make an effort to publicize service to Blacklisters Other thoughts? Obviously there is a 'cost' to this service. Is the reclamation for aggregation worth the cost? Bill Darte > -----Original Message----- > From: Mury [mailto:mury at goldengate.net] > Sent: Thursday, November 14, 2002 9:30 PM > To: Dr. Jeffrey Race > Cc: Jill Kulpinski; ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > > I'm not sure I should comment because I did not read all of the posts > regarding this. However, I'll take a chance at being flamed > for repeating > someone else or being off-topic. > > Didn't this start with someone not wanting used space, > because used space > can have legacy consequences? Those consequences being > black-listed IPs, > existing servers outside the IP block still thinking they > need to talk to > those IPs for a service long gone, etc. > > It seems to me like it is very similiar to getting a recycled 1-800 > number. It sucks. > > I really don't see how the RIRs can effectively revoke the IP space of > spammers. That is going to take a lot of effort and probably > result in a > lot of days sitting in court. That's not to say that I > wouldn't like to > see it happen, but I don't think that is a viable answer. > > Why can't the RIR maintain a list of returned IP space? Blacklisting > services that are worth using could easily cross check their > blacklisted > IPs against that list. > > The RIRs should also recycle the IPs on a first in first out basis to > minimize any legacy traffic going to those IPs. It's not perfect, but > statistically it makes sense. Of course they could also advertise all > unallocated IPs to themselves or an outside service to check > for abnormal > amounts of legacy traffic and not assign blocks that are > being hit hard. > > It's hard for me to imagine that if IP space is returned and it is not > recycled for a year or two that a blacklisting service > couldn't find the > resources to remove that IP space from their lists and for a very high > percentage of the legacy traffic to have vanished. > > Anyone using a blacklisting service that can't keep something > like that up > to date can't possibly trust their accuracy anyway. And in > my experience > most blacklisters are savvy enough to appreciate and utilize > a list that > the RIR's could easily maintain. > > Mury > > > > > On Fri, 15 Nov 2002, Dr. Jeffrey Race wrote: > > > On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: > > >This whole issue regarding blacklists seems to be growing > each day and more > > >rapidly in the past few months. I would love to know what > to tell Customers who > > >are assigned space that was once used by some other > Customer who got it > > >blacklisted on one of the thousands of lists out there. I > can not control who > > >creates a blacklist, nor who uses it to set up filters, so > is there really any > > >means of providing a Customer address space that will > never be blacklisted? No. > > >But they want temporary fixes in the meantime which is an > impractical solution. > > >I would love to hear other people's thoughts on this but I > realize I may be > > >getting off of the topic a bit. > > > > > > It is completely on topic for the reasons you state. > > > > In general, announcement on Spam-L and NANAE that the > ownership of IP address > > space has been taken over by new non-spammer user will > cause many or most of > > the blocklists to remove the previously offending > addresses. However some > > blocklist managers don't follow these groups assiduously, > some blocklist > > managers have a several-month waiting period, and some > blocklist managers have > > a policy NEVER to admit traffic from any once-polluted > address space, possibly > > because they have been lied to so many times. > > > > So there is NO universal retrospective solution. > > > > Therefore, and this is the simple point I have been trying > to make here, > > there remains only a prospective solution. That is what > you have to face, > > and face now, because the use of blocklists is growing > rapidly and possibly > > exponentially. It is the only defense we victims have > against the present > > irresponsible management of IP address space and domain names. > > > > The RIRs are responsible for the proper management, express and > > implied, of the IP address space allocated to them. Since > recycling of > > IP address space obviously will occur over the years, decades and > > centuries, the RIRs have a duty to prevent pollution of the > resources > > they manage. The pollution comes from spamming. This > means the RIRs > > have to have a clear policy that IP address users must not > spam, must > > not allow spammers on their networks, and must have > hair-trigger management > > systems in place to identify incipient spammers and > penalize them (because > > blocklist additions can occur in days). (All this is > eminently doable now > > by presently existing technical measures, and many ISPs do > indeed use such > > measures.) Any user who violates this rule must have his > IP address space > > withdrawn. That is the only sanction that anyone will pay > attention to. > > > > In short, the RIRs have to take on a role to act, probably > agggressively > > and violently, against abuse of the resources they manage, > by the people > > to whom they entrust these resources. If you list members > are not willing > > to rise up and force them to prevent spammers from pissing > in the pool, > > then don't complain about how the water tastes when you > swim in it. It > > is the result of your own (in)action. > > > > Jeffrey Race > > > From John.Sweeting at teleglobe.com Fri Nov 15 10:59:17 2002 From: John.Sweeting at teleglobe.com (Sweeting, John) Date: Fri, 15 Nov 2002 10:59:17 -0500 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <170E5E7779BCD3118C2A0008C7F40C1906E9BAB3@usresms03.teleglobe.com> It may be easier for ARIN to manage a 2 level formatted something like: Everyone automatically gets 6 months but if they can justify why it will take longer the time could be extended to no more than 12 months. -----Original Message----- From: Bill Darte [mailto:billd at cait.wustl.edu] Sent: Friday, November 15, 2002 10:56 AM To: 'Taylor, Stacy' Cc: ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 I basically agree that a renumbering timetable is necessary and that is should try to be compassionate without leading to procrastination...we want to motivate the return behavior. I also agree that people should be prepared for the migration by the time they take advantage of the policy. Perhaps there is a middle ground that would 'scale'... maybe a maximum of 3 levels. 3 months for aggregates smaller than /22, 6 months for /22-/20 and 12 months for larger than /20. Would this be too cumbersome? What about only 2 levels? billd > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Friday, November 15, 2002 9:38 AM > To: 'Craig A. Huegen'; Taylor, Stacy > Cc: 'Sweeting, John'; ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > There is no one on this list who does not understand the pain of > renumbering. However, it seems to me that the scope of this > policy does not > encompass the renumbering of large end-sites. In my RFC2050 /24 > reclamation/Smackdown many endusers complained that it would > take them 6 > months to move off my numbers, but when threatened with > routing cessation > they were off in 3 weeks. People prepared to utilize this > policy should > have the resources already in place to renumber when they > make the request. > > An organization turning in three disparate /24s for a /22 > should not require > that much time. > > -----Original Message----- > From: Craig A. Huegen [mailto:chuegen at cisco.com] > Sent: Friday, November 15, 2002 7:25 AM > To: Taylor, Stacy > Cc: 'Sweeting, John'; ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > On Thu, 14 Nov 2002, Taylor, Stacy wrote: > > > I think that 12 months to renumber is overly generous. > Organizations > > willing to request aggregatable space should be ready to > renumber before > > they request it. > > Renumbering a larger network takes some significant time. Software > packages tie license keys to IP addresses, software has IP > addresses hard > coded, etc. Each of these requires project management, > finding downtime > windows, user announcements / user upgrades, etc. In some > environments, > 12 months is actually a very tight squeeze when you're > renumbering, even > in a fully DHCP-enabled environment for end users. > > Don't underestimate the work required in renumbering for > medium and large > end-sites. It's not fun, and I have battle scars to prove it. > > /cah > > --- > Craig A. Huegen, Chief Network Architect C i s c o S y s t e m s > IT Transport, Network Technology & Design || || > Cisco Systems, Inc., 400 East Tasman Drive || || > San Jose, CA 95134, (408) 526-8104 |||| |||| > email: chuegen at cisco.com CCIE #2100 ..:||||||:..:||||||:.. > From billd at cait.wustl.edu Fri Nov 15 11:15:00 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Fri, 15 Nov 2002 10:15:00 -0600 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: The only problem I see with this is the subjectiveness.... I personally don't have a problem with ARIN's discretion in the matter....does anyone else......? 6 months up to /20...... 12 months beyond? billd > -----Original Message----- > From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] > Sent: Friday, November 15, 2002 9:59 AM > To: 'Bill Darte'; 'Taylor, Stacy' > Cc: ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > It may be easier for ARIN to manage a 2 level formatted > something like: > > Everyone automatically gets 6 months but if they can justify > why it will > take longer the time could be extended to no more than 12 months. > > -----Original Message----- > From: Bill Darte [mailto:billd at cait.wustl.edu] > Sent: Friday, November 15, 2002 10:56 AM > To: 'Taylor, Stacy' > Cc: ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > I basically agree that a renumbering timetable is necessary > and that is > should try to be compassionate without leading to > procrastination...we want > to motivate the return behavior. I also agree that people > should be prepared > for the migration by the time they take advantage of the > policy. Perhaps > there is a middle ground that would 'scale'... maybe a > maximum of 3 levels. > 3 months for aggregates smaller than /22, 6 months for > /22-/20 and 12 months > for larger than /20. Would this be too cumbersome? What about only 2 > levels? > > billd > > > -----Original Message----- > > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > > Sent: Friday, November 15, 2002 9:38 AM > > To: 'Craig A. Huegen'; Taylor, Stacy > > Cc: 'Sweeting, John'; ARIN PPML > > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > > > > There is no one on this list who does not understand the pain of > > renumbering. However, it seems to me that the scope of this > > policy does not > > encompass the renumbering of large end-sites. In my RFC2050 /24 > > reclamation/Smackdown many endusers complained that it would > > take them 6 > > months to move off my numbers, but when threatened with > > routing cessation > > they were off in 3 weeks. People prepared to utilize this > > policy should > > have the resources already in place to renumber when they > > make the request. > > > > An organization turning in three disparate /24s for a /22 > > should not require > > that much time. > > > > -----Original Message----- > > From: Craig A. Huegen [mailto:chuegen at cisco.com] > > Sent: Friday, November 15, 2002 7:25 AM > > To: Taylor, Stacy > > Cc: 'Sweeting, John'; ARIN PPML > > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > > > > On Thu, 14 Nov 2002, Taylor, Stacy wrote: > > > > > I think that 12 months to renumber is overly generous. > > Organizations > > > willing to request aggregatable space should be ready to > > renumber before > > > they request it. > > > > Renumbering a larger network takes some significant time. Software > > packages tie license keys to IP addresses, software has IP > > addresses hard > > coded, etc. Each of these requires project management, > > finding downtime > > windows, user announcements / user upgrades, etc. In some > > environments, > > 12 months is actually a very tight squeeze when you're > > renumbering, even > > in a fully DHCP-enabled environment for end users. > > > > Don't underestimate the work required in renumbering for > > medium and large > > end-sites. It's not fun, and I have battle scars to prove it. > > > > /cah > > > > --- > > Craig A. Huegen, Chief Network Architect C i s c o S > y s t e m s > > IT Transport, Network Technology & Design || || > > Cisco Systems, Inc., 400 East Tasman Drive || || > > San Jose, CA 95134, (408) 526-8104 |||| |||| > > email: chuegen at cisco.com CCIE #2100 > ..:||||||:..:||||||:.. > > > From Stacy_Taylor at icgcomm.com Fri Nov 15 11:05:28 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Fri, 15 Nov 2002 09:05:28 -0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710851@denexg21.icgcomm.com> Good idea. John's 2 level sounds reasonable to me. The enforcement issue remains, though. Does the Registry contact the upstream and the organization? Notices of Action that routing of the old block(s) will be discontinued 30 days prior? As someone said at the meeting, we should have a stick to go with the carrot. (Was that Bill W.?) -----Original Message----- From: Bill Darte [mailto:billd at cait.wustl.edu] Sent: Friday, November 15, 2002 7:56 AM To: 'Taylor, Stacy' Cc: ARIN PPML Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 I basically agree that a renumbering timetable is necessary and that is should try to be compassionate without leading to procrastination...we want to motivate the return behavior. I also agree that people should be prepared for the migration by the time they take advantage of the policy. Perhaps there is a middle ground that would 'scale'... maybe a maximum of 3 levels. 3 months for aggregates smaller than /22, 6 months for /22-/20 and 12 months for larger than /20. Would this be too cumbersome? What about only 2 levels? billd > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Friday, November 15, 2002 9:38 AM > To: 'Craig A. Huegen'; Taylor, Stacy > Cc: 'Sweeting, John'; ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > There is no one on this list who does not understand the pain of > renumbering. However, it seems to me that the scope of this > policy does not > encompass the renumbering of large end-sites. In my RFC2050 /24 > reclamation/Smackdown many endusers complained that it would > take them 6 > months to move off my numbers, but when threatened with > routing cessation > they were off in 3 weeks. People prepared to utilize this > policy should > have the resources already in place to renumber when they > make the request. > > An organization turning in three disparate /24s for a /22 > should not require > that much time. > > -----Original Message----- > From: Craig A. Huegen [mailto:chuegen at cisco.com] > Sent: Friday, November 15, 2002 7:25 AM > To: Taylor, Stacy > Cc: 'Sweeting, John'; ARIN PPML > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > On Thu, 14 Nov 2002, Taylor, Stacy wrote: > > > I think that 12 months to renumber is overly generous. > Organizations > > willing to request aggregatable space should be ready to > renumber before > > they request it. > > Renumbering a larger network takes some significant time. Software > packages tie license keys to IP addresses, software has IP > addresses hard > coded, etc. Each of these requires project management, > finding downtime > windows, user announcements / user upgrades, etc. In some > environments, > 12 months is actually a very tight squeeze when you're > renumbering, even > in a fully DHCP-enabled environment for end users. > > Don't underestimate the work required in renumbering for > medium and large > end-sites. It's not fun, and I have battle scars to prove it. > > /cah > > --- > Craig A. Huegen, Chief Network Architect C i s c o S y s t e m s > IT Transport, Network Technology & Design || || > Cisco Systems, Inc., 400 East Tasman Drive || || > San Jose, CA 95134, (408) 526-8104 |||| |||| > email: chuegen at cisco.com CCIE #2100 ..:||||||:..:||||||:.. > From billd at cait.wustl.edu Fri Nov 15 11:35:19 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Fri, 15 Nov 2002 10:35:19 -0600 Subject: [ppml] Policy Proposal 2002-6 reworded? Message-ID: Suppose 2002-6 were reworded to reflect the issues raised as such..... Original.... If an organization, whether a member or non-member, ISP or end-user, relinquishes a group of portable, non-aggregatable address blocks to ARIN, they shall be allowed to receive a block in exchange, /24 or shorter, but no more than the shortest block that could contain all of the returned blocks. Exchanged space shall be returned within 12 months. For example, if an organization relinquished three /24s, they should be allowed to take either a /24, a /23, or a /22 in exchange. If all of the previous address blocks were maintained in the ARIN database without maintenance fees, the replacement space shall be as well, but if any one of the returned blocks had associated maintenance fees, then the replacement block shall also be subject to maintenance fees. Proposed rewording.... If any organization relinquishes a group of portable, non-aggregatable address blocks to ARIN, they shall receive a block in exchange. Exchange blocks will be of sufficient size to contain the space of all returned blocks without justification up to /17. Exchange blocks of greater than /17 will require justification of address useage per existing ARIN requirements for addtional address allocations. Exchange blocks larger than /20 must be renumbered within 12 months; all others must be renumbered within 6 months. If ALL returned blocks were maintained by ARIN without maintenance fees, the exchange block will also be maintained without fee. Other alternatives? billd From richardj at arin.net Fri Nov 15 11:32:47 2002 From: richardj at arin.net (Richard Jimmerson) Date: Fri, 15 Nov 2002 11:32:47 -0500 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: Message-ID: <003701c28cc4$a1a06fc0$e8fc95c0@arin.net> This is in response to a request for information by Bill Darte: ARIN maintains an internal log of all IP address space that has been returned to ARIN. Address space that is identified as "legacy address space" is marked as such and is not normally re-issued. All other address space is normally held for at least a year before it is considered for re-issue. Richard Jimmerson Director of Operations American Registry for Internet Numbers (ARIN) > -----Original Message----- > From: owner-ppml at arin.net [mailto:owner-ppml at arin.net] On > Behalf Of Mury > Sent: Thursday, November 14, 2002 10:30 PM > To: Dr. Jeffrey Race > Cc: Jill Kulpinski; ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > > I'm not sure I should comment because I did not read all of the posts > regarding this. However, I'll take a chance at being flamed > for repeating > someone else or being off-topic. > > Didn't this start with someone not wanting used space, > because used space > can have legacy consequences? Those consequences being > black-listed IPs, > existing servers outside the IP block still thinking they > need to talk to > those IPs for a service long gone, etc. > > It seems to me like it is very similiar to getting a recycled 1-800 > number. It sucks. > > I really don't see how the RIRs can effectively revoke the IP space of > spammers. That is going to take a lot of effort and probably > result in a > lot of days sitting in court. That's not to say that I > wouldn't like to > see it happen, but I don't think that is a viable answer. > > Why can't the RIR maintain a list of returned IP space? Blacklisting > services that are worth using could easily cross check their > blacklisted > IPs against that list. > > The RIRs should also recycle the IPs on a first in first out basis to > minimize any legacy traffic going to those IPs. It's not perfect, but > statistically it makes sense. Of course they could also advertise all > unallocated IPs to themselves or an outside service to check > for abnormal > amounts of legacy traffic and not assign blocks that are > being hit hard. > > It's hard for me to imagine that if IP space is returned and it is not > recycled for a year or two that a blacklisting service > couldn't find the > resources to remove that IP space from their lists and for a very high > percentage of the legacy traffic to have vanished. > > Anyone using a blacklisting service that can't keep something > like that up > to date can't possibly trust their accuracy anyway. And in > my experience > most blacklisters are savvy enough to appreciate and utilize > a list that > the RIR's could easily maintain. > > Mury > > > > > On Fri, 15 Nov 2002, Dr. Jeffrey Race wrote: > > > On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: > > >This whole issue regarding blacklists seems to be growing > each day and more > > >rapidly in the past few months. I would love to know what > to tell Customers who > > >are assigned space that was once used by some other > Customer who got it > > >blacklisted on one of the thousands of lists out there. I > can not control who > > >creates a blacklist, nor who uses it to set up filters, so > is there really any > > >means of providing a Customer address space that will > never be blacklisted? No. > > >But they want temporary fixes in the meantime which is an > impractical solution. > > >I would love to hear other people's thoughts on this but I > realize I may be > > >getting off of the topic a bit. > > > > > > It is completely on topic for the reasons you state. > > > > In general, announcement on Spam-L and NANAE that the > ownership of IP address > > space has been taken over by new non-spammer user will > cause many or most of > > the blocklists to remove the previously offending > addresses. However some > > blocklist managers don't follow these groups assiduously, > some blocklist > > managers have a several-month waiting period, and some > blocklist managers have > > a policy NEVER to admit traffic from any once-polluted > address space, possibly > > because they have been lied to so many times. > > > > So there is NO universal retrospective solution. > > > > Therefore, and this is the simple point I have been trying > to make here, > > there remains only a prospective solution. That is what > you have to face, > > and face now, because the use of blocklists is growing > rapidly and possibly > > exponentially. It is the only defense we victims have > against the present > > irresponsible management of IP address space and domain names. > > > > The RIRs are responsible for the proper management, express and > > implied, of the IP address space allocated to them. Since > recycling of > > IP address space obviously will occur over the years, decades and > > centuries, the RIRs have a duty to prevent pollution of the > resources > > they manage. The pollution comes from spamming. This > means the RIRs > > have to have a clear policy that IP address users must not > spam, must > > not allow spammers on their networks, and must have > hair-trigger management > > systems in place to identify incipient spammers and > penalize them (because > > blocklist additions can occur in days). (All this is > eminently doable now > > by presently existing technical measures, and many ISPs do > indeed use such > > measures.) Any user who violates this rule must have his > IP address space > > withdrawn. That is the only sanction that anyone will pay > attention to. > > > > In short, the RIRs have to take on a role to act, probably > agggressively > > and violently, against abuse of the resources they manage, > by the people > > to whom they entrust these resources. If you list members > are not willing > > to rise up and force them to prevent spammers from pissing > in the pool, > > then don't complain about how the water tastes when you > swim in it. It > > is the result of your own (in)action. > > > > Jeffrey Race > > > From asr at latency.net Fri Nov 15 11:43:23 2002 From: asr at latency.net (Adam Rothschild) Date: Fri, 15 Nov 2002 11:43:23 -0500 Subject: FW: [ppml] Last Call for Comment: Policy Proposal 2002-6 In-Reply-To: ; from Jill.Kulpinski@cw.com on Thu, Nov 14, 2002 at 06:54:08PM -0800 References: Message-ID: <20021115114323.H43093@latency.net> On 2002-11-14-21:54:08, Jill Kulpinski wrote: > still having mail issues...so my apologies if this is posted more than once. Wouldn't happen to have anything to do with your mail server being blacklisted by SPEWS due to Cable and Wireless employees spamming folks promoting real estate/MLM scams, would it? ;) Or your clearly documented inability to shut down big-revenue-generating spamming customers? But, I digress... > how do i take action against people who don't respond? i am very > pro-active in making sure our resources are used appropriately, but > how do you tell someone they are not allowed to post a listing, they > need to change their listing, or also... force people to not use > these blacklists? Wow, could you possibly stray any further off-topic for this list? In short, you don't. Sure, you could blackhole the IP's of the name servers used by these blackhole lists. But it'll hurt customer satisfaction metrics once folks notice what you're doing, and the lack of sound technical reasoning behind it. At the risk of sounding sappy, you could even describe the resulting customer churn as an "Exodus". > no matter what we do...some joe-shmo out there could set up a site > and put any address he wanted to on a list and market it to the > internet world as a blacklist. if someone actually trusts and uses > this list... that should be their problem. Exactly. Such is life. > BUT i tell a Customer who has a complaint he or whomever > he serves should not use the listing...and i get 'but everyone....even the major providers use it'. > what can i do....for every list that i get some innocent person off of, who is to stop some other > person for putting mr. innocent on another list? > and how am i ever supposed to be able to guarantee to a Customer that no one is blacklisting their space? > it is not possible to provide this guarantee, so what is the solution...and both short term and long term > would be great. This is very cut and dried. You have two choices: 1) Run an efficient abuse department. When you receive complaints of spamming customers, act in accordance with your AUP, including ultimately disconnecting them in a timely fashion. 2) Continue to do what you're doing now, and deal with the consequences of innocent customers being allocated blacklisted IP space. Like it not, said blackholes are a fact of life. When used properly, they are invaluable tools in helping reduce the amount of e-mail received from rogue sources. Rather than try to blackhole the blackholes, perhaps it's time to step back and give some thought as to why you're in them to begin with. -a From alexk at tugger.net Fri Nov 15 11:44:09 2002 From: alexk at tugger.net (Alex Kamantauskas) Date: Fri, 15 Nov 2002 11:44:09 -0500 (EST) Subject: [ppml] Policy Proposal 2002-6 reworded? In-Reply-To: Message-ID: On Fri, 15 Nov 2002, Bill Darte wrote: > Suppose 2002-6 were reworded to reflect the issues raised as such..... > > > Proposed rewording.... > > If any organization relinquishes a group of portable, non-aggregatable > address blocks to ARIN, they shall receive a block in exchange. Exchange > blocks will be of sufficient size to contain the space of all returned > blocks without justification up to /17. Exchange blocks of greater than /17 > will require justification of address useage per existing ARIN requirements > for addtional address allocations. Exchange blocks larger than /20 must be > renumbered within 12 months; all others must be renumbered within 6 months. > If ALL returned blocks were maintained by ARIN without maintenance fees, the > exchange block will also be maintained without fee. > > > Other alternatives? > I would modify this to read: "Exchange blocks larger than /20 must be renumbered within 12 months; all others must be renumbered within 6 months unless organization can justify a timeframe extension" -- /ak From Stacy_Taylor at icgcomm.com Fri Nov 15 11:47:22 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Fri, 15 Nov 2002 09:47:22 -0700 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710852@denexg21.icgcomm.com> Right! I believe that: * The scope of the policy must be clarified to prevent abuse: An organization can only CIDR up if they turn in 3/4 of the space in the next largest CIDR. * The policy should apply only to CIDRs smaller than /17: larger blocks must be justified. * There should be a two level time frame for renumbering: 6 months for smaller blocks; 12 for larger. * A mechanism for enforcement of renumbering time frames must be generated and implemented. This policy should not go forward as it is currently drafted. Thanks, Stacy -----Original Message----- From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] Sent: Friday, November 15, 2002 7:55 AM To: ppml at arin.net Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 I would like to point out that the Policy Proposal 2002-6 does not mention re-issuing of the returned address space. If enough people feel strongly that this Policy should be "Tabled" until that issue is addressed then they should state that fact. If people feel strongly that the wording needs to be changed to make it a better policy and keep it from being abused then that should also be stated (along with suggested wording or changes to make it better). If they just plain feel that it is not a good policy at all (as Einar has done) then please state that along with your reasons for feeling that way. If we want to discuss all the issues with SPAM, Blocklisting and other issues associated with USED IP space then lets start a new thread for that. What we really need to see on these Last Call replies are the feelings one way or the other on whether this policy should be approved by the BoT and put in place. Thank you all. -----Original Message----- From: Bill Darte [mailto:billd at cait.wustl.edu] Sent: Friday, November 15, 2002 9:23 AM To: 'Mury' Cc: ppml at arin.net Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 I think Mury's suggestions are near the mark on this issue. RIRs maintain a list of returned space RIRs defer allocating from list until needed) then allocate from list First In/First Out RIRs employ tests (if possible?) to determine suitability - worst stuff goes to top of list RIRs would make an effort to publicize service to Blacklisters Other thoughts? Obviously there is a 'cost' to this service. Is the reclamation for aggregation worth the cost? Bill Darte > -----Original Message----- > From: Mury [mailto:mury at goldengate.net] > Sent: Thursday, November 14, 2002 9:30 PM > To: Dr. Jeffrey Race > Cc: Jill Kulpinski; ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > > I'm not sure I should comment because I did not read all of the posts > regarding this. However, I'll take a chance at being flamed > for repeating > someone else or being off-topic. > > Didn't this start with someone not wanting used space, > because used space > can have legacy consequences? Those consequences being > black-listed IPs, > existing servers outside the IP block still thinking they > need to talk to > those IPs for a service long gone, etc. > > It seems to me like it is very similiar to getting a recycled 1-800 > number. It sucks. > > I really don't see how the RIRs can effectively revoke the IP space of > spammers. That is going to take a lot of effort and probably > result in a > lot of days sitting in court. That's not to say that I > wouldn't like to > see it happen, but I don't think that is a viable answer. > > Why can't the RIR maintain a list of returned IP space? Blacklisting > services that are worth using could easily cross check their > blacklisted > IPs against that list. > > The RIRs should also recycle the IPs on a first in first out basis to > minimize any legacy traffic going to those IPs. It's not perfect, but > statistically it makes sense. Of course they could also advertise all > unallocated IPs to themselves or an outside service to check > for abnormal > amounts of legacy traffic and not assign blocks that are > being hit hard. > > It's hard for me to imagine that if IP space is returned and it is not > recycled for a year or two that a blacklisting service > couldn't find the > resources to remove that IP space from their lists and for a very high > percentage of the legacy traffic to have vanished. > > Anyone using a blacklisting service that can't keep something > like that up > to date can't possibly trust their accuracy anyway. And in > my experience > most blacklisters are savvy enough to appreciate and utilize > a list that > the RIR's could easily maintain. > > Mury > > > > > On Fri, 15 Nov 2002, Dr. Jeffrey Race wrote: > > > On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: > > >This whole issue regarding blacklists seems to be growing > each day and more > > >rapidly in the past few months. I would love to know what > to tell Customers who > > >are assigned space that was once used by some other > Customer who got it > > >blacklisted on one of the thousands of lists out there. I > can not control who > > >creates a blacklist, nor who uses it to set up filters, so > is there really any > > >means of providing a Customer address space that will > never be blacklisted? No. > > >But they want temporary fixes in the meantime which is an > impractical solution. > > >I would love to hear other people's thoughts on this but I > realize I may be > > >getting off of the topic a bit. > > > > > > It is completely on topic for the reasons you state. > > > > In general, announcement on Spam-L and NANAE that the > ownership of IP address > > space has been taken over by new non-spammer user will > cause many or most of > > the blocklists to remove the previously offending > addresses. However some > > blocklist managers don't follow these groups assiduously, > some blocklist > > managers have a several-month waiting period, and some > blocklist managers have > > a policy NEVER to admit traffic from any once-polluted > address space, possibly > > because they have been lied to so many times. > > > > So there is NO universal retrospective solution. > > > > Therefore, and this is the simple point I have been trying > to make here, > > there remains only a prospective solution. That is what > you have to face, > > and face now, because the use of blocklists is growing > rapidly and possibly > > exponentially. It is the only defense we victims have > against the present > > irresponsible management of IP address space and domain names. > > > > The RIRs are responsible for the proper management, express and > > implied, of the IP address space allocated to them. Since > recycling of > > IP address space obviously will occur over the years, decades and > > centuries, the RIRs have a duty to prevent pollution of the > resources > > they manage. The pollution comes from spamming. This > means the RIRs > > have to have a clear policy that IP address users must not > spam, must > > not allow spammers on their networks, and must have > hair-trigger management > > systems in place to identify incipient spammers and > penalize them (because > > blocklist additions can occur in days). (All this is > eminently doable now > > by presently existing technical measures, and many ISPs do > indeed use such > > measures.) Any user who violates this rule must have his > IP address space > > withdrawn. That is the only sanction that anyone will pay > attention to. > > > > In short, the RIRs have to take on a role to act, probably > agggressively > > and violently, against abuse of the resources they manage, > by the people > > to whom they entrust these resources. If you list members > are not willing > > to rise up and force them to prevent spammers from pissing > in the pool, > > then don't complain about how the water tastes when you > swim in it. It > > is the result of your own (in)action. > > > > Jeffrey Race > > > From billd at cait.wustl.edu Fri Nov 15 12:07:48 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Fri, 15 Nov 2002 11:07:48 -0600 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: I am not sure that enforcement could/should be included in the policy. I believe it is a consideration for policy action.... policies that cannot be enforced should not exist, but I think that enforcement should be implicit. If the circumstances prove to warrant enforcement then cross the bridge with those that violate and at the same time do advance work with those petitioning against the policy to ensure that they will not be a problem...... IMO billd > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Friday, November 15, 2002 10:47 AM > To: 'Sweeting, John'; ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > Right! > I believe that: > * The scope of the policy must be clarified to prevent abuse: An > organization can only CIDR up if they turn in 3/4 of the > space in the next > largest CIDR. > * The policy should apply only to CIDRs smaller than /17: > larger blocks > must be justified. > * There should be a two level time frame for renumbering: 6 > months for > smaller blocks; 12 for larger. > * A mechanism for enforcement of renumbering time frames > must be generated > and implemented. > > This policy should not go forward as it is currently drafted. > > Thanks, > Stacy > -----Original Message----- > From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] > Sent: Friday, November 15, 2002 7:55 AM > To: ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > I would like to point out that the Policy Proposal 2002-6 > does not mention > re-issuing of the returned address space. If enough people > feel strongly > that this Policy should be "Tabled" until that issue is > addressed then they > should state that fact. If people feel strongly that the > wording needs to be > changed to make it a better policy and keep it from being > abused then that > should also be stated (along with suggested wording or > changes to make it > better). If they just plain feel that it is not a good policy > at all (as > Einar has done) then please state that along with your > reasons for feeling > that way. If we want to discuss all the issues with SPAM, > Blocklisting and > other issues associated with USED IP space then lets start a > new thread for > that. What we really need to see on these Last Call replies > are the feelings > one way or the other on whether this policy should be > approved by the BoT > and put in place. Thank you all. > > -----Original Message----- > From: Bill Darte [mailto:billd at cait.wustl.edu] > Sent: Friday, November 15, 2002 9:23 AM > To: 'Mury' > Cc: ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > I think Mury's suggestions are near the mark on this issue. > RIRs maintain a list of returned space > RIRs defer allocating from list until needed) then allocate > from list First > In/First Out > RIRs employ tests (if possible?) to determine suitability - > worst stuff goes > to top of list > RIRs would make an effort to publicize service to Blacklisters > > Other thoughts? > > Obviously there is a 'cost' to this service. Is the reclamation for > aggregation worth the cost? > > Bill Darte > > > > -----Original Message----- > > From: Mury [mailto:mury at goldengate.net] > > Sent: Thursday, November 14, 2002 9:30 PM > > To: Dr. Jeffrey Race > > Cc: Jill Kulpinski; ppml at arin.net > > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > > > > > > I'm not sure I should comment because I did not read all of > the posts > > regarding this. However, I'll take a chance at being flamed > > for repeating > > someone else or being off-topic. > > > > Didn't this start with someone not wanting used space, > > because used space > > can have legacy consequences? Those consequences being > > black-listed IPs, > > existing servers outside the IP block still thinking they > > need to talk to > > those IPs for a service long gone, etc. > > > > It seems to me like it is very similiar to getting a recycled 1-800 > > number. It sucks. > > > > I really don't see how the RIRs can effectively revoke the > IP space of > > spammers. That is going to take a lot of effort and probably > > result in a > > lot of days sitting in court. That's not to say that I > > wouldn't like to > > see it happen, but I don't think that is a viable answer. > > > > Why can't the RIR maintain a list of returned IP space? > Blacklisting > > services that are worth using could easily cross check their > > blacklisted > > IPs against that list. > > > > The RIRs should also recycle the IPs on a first in first > out basis to > > minimize any legacy traffic going to those IPs. It's not > perfect, but > > statistically it makes sense. Of course they could also > advertise all > > unallocated IPs to themselves or an outside service to check > > for abnormal > > amounts of legacy traffic and not assign blocks that are > > being hit hard. > > > > It's hard for me to imagine that if IP space is returned > and it is not > > recycled for a year or two that a blacklisting service > > couldn't find the > > resources to remove that IP space from their lists and for > a very high > > percentage of the legacy traffic to have vanished. > > > > Anyone using a blacklisting service that can't keep something > > like that up > > to date can't possibly trust their accuracy anyway. And in > > my experience > > most blacklisters are savvy enough to appreciate and utilize > > a list that > > the RIR's could easily maintain. > > > > Mury > > > > > > > > > > On Fri, 15 Nov 2002, Dr. Jeffrey Race wrote: > > > > > On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: > > > >This whole issue regarding blacklists seems to be growing > > each day and more > > > >rapidly in the past few months. I would love to know what > > to tell Customers who > > > >are assigned space that was once used by some other > > Customer who got it > > > >blacklisted on one of the thousands of lists out there. I > > can not control who > > > >creates a blacklist, nor who uses it to set up filters, so > > is there really any > > > >means of providing a Customer address space that will > > never be blacklisted? No. > > > >But they want temporary fixes in the meantime which is an > > impractical solution. > > > >I would love to hear other people's thoughts on this but I > > realize I may be > > > >getting off of the topic a bit. > > > > > > > > > It is completely on topic for the reasons you state. > > > > > > In general, announcement on Spam-L and NANAE that the > > ownership of IP address > > > space has been taken over by new non-spammer user will > > cause many or most of > > > the blocklists to remove the previously offending > > addresses. However some > > > blocklist managers don't follow these groups assiduously, > > some blocklist > > > managers have a several-month waiting period, and some > > blocklist managers have > > > a policy NEVER to admit traffic from any once-polluted > > address space, possibly > > > because they have been lied to so many times. > > > > > > So there is NO universal retrospective solution. > > > > > > Therefore, and this is the simple point I have been trying > > to make here, > > > there remains only a prospective solution. That is what > > you have to face, > > > and face now, because the use of blocklists is growing > > rapidly and possibly > > > exponentially. It is the only defense we victims have > > against the present > > > irresponsible management of IP address space and domain names. > > > > > > The RIRs are responsible for the proper management, express and > > > implied, of the IP address space allocated to them. Since > > recycling of > > > IP address space obviously will occur over the years, decades and > > > centuries, the RIRs have a duty to prevent pollution of the > > resources > > > they manage. The pollution comes from spamming. This > > means the RIRs > > > have to have a clear policy that IP address users must not > > spam, must > > > not allow spammers on their networks, and must have > > hair-trigger management > > > systems in place to identify incipient spammers and > > penalize them (because > > > blocklist additions can occur in days). (All this is > > eminently doable now > > > by presently existing technical measures, and many ISPs do > > indeed use such > > > measures.) Any user who violates this rule must have his > > IP address space > > > withdrawn. That is the only sanction that anyone will pay > > attention to. > > > > > > In short, the RIRs have to take on a role to act, probably > > agggressively > > > and violently, against abuse of the resources they manage, > > by the people > > > to whom they entrust these resources. If you list members > > are not willing > > > to rise up and force them to prevent spammers from pissing > > in the pool, > > > then don't complain about how the water tastes when you > > swim in it. It > > > is the result of your own (in)action. > > > > > > Jeffrey Race > > > > > > From John.Sweeting at teleglobe.com Fri Nov 15 13:30:56 2002 From: John.Sweeting at teleglobe.com (Sweeting, John) Date: Fri, 15 Nov 2002 13:30:56 -0500 Subject: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: <170E5E7779BCD3118C2A0008C7F40C1906E9BAB5@usresms03.teleglobe.com> I agree Bill, the problem of renumbering is associated with other policies and as such there should be a policy for ARIN to deal with all issues of renumbering......i.e. it should not be different for different policies but the same for all violators not returning address space as agreed. -----Original Message----- From: Bill Darte [mailto:billd at cait.wustl.edu] Sent: Friday, November 15, 2002 12:08 PM To: 'Taylor, Stacy'; ppml at arin.net Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 I am not sure that enforcement could/should be included in the policy. I believe it is a consideration for policy action.... policies that cannot be enforced should not exist, but I think that enforcement should be implicit. If the circumstances prove to warrant enforcement then cross the bridge with those that violate and at the same time do advance work with those petitioning against the policy to ensure that they will not be a problem...... IMO billd > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Friday, November 15, 2002 10:47 AM > To: 'Sweeting, John'; ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > Right! > I believe that: > * The scope of the policy must be clarified to prevent abuse: An > organization can only CIDR up if they turn in 3/4 of the > space in the next > largest CIDR. > * The policy should apply only to CIDRs smaller than /17: > larger blocks > must be justified. > * There should be a two level time frame for renumbering: 6 > months for > smaller blocks; 12 for larger. > * A mechanism for enforcement of renumbering time frames > must be generated > and implemented. > > This policy should not go forward as it is currently drafted. > > Thanks, > Stacy > -----Original Message----- > From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] > Sent: Friday, November 15, 2002 7:55 AM > To: ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > I would like to point out that the Policy Proposal 2002-6 > does not mention > re-issuing of the returned address space. If enough people > feel strongly > that this Policy should be "Tabled" until that issue is > addressed then they > should state that fact. If people feel strongly that the > wording needs to be > changed to make it a better policy and keep it from being > abused then that > should also be stated (along with suggested wording or > changes to make it > better). If they just plain feel that it is not a good policy > at all (as > Einar has done) then please state that along with your > reasons for feeling > that way. If we want to discuss all the issues with SPAM, > Blocklisting and > other issues associated with USED IP space then lets start a > new thread for > that. What we really need to see on these Last Call replies > are the feelings > one way or the other on whether this policy should be > approved by the BoT > and put in place. Thank you all. > > -----Original Message----- > From: Bill Darte [mailto:billd at cait.wustl.edu] > Sent: Friday, November 15, 2002 9:23 AM > To: 'Mury' > Cc: ppml at arin.net > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > I think Mury's suggestions are near the mark on this issue. > RIRs maintain a list of returned space > RIRs defer allocating from list until needed) then allocate > from list First > In/First Out > RIRs employ tests (if possible?) to determine suitability - > worst stuff goes > to top of list > RIRs would make an effort to publicize service to Blacklisters > > Other thoughts? > > Obviously there is a 'cost' to this service. Is the reclamation for > aggregation worth the cost? > > Bill Darte > > > > -----Original Message----- > > From: Mury [mailto:mury at goldengate.net] > > Sent: Thursday, November 14, 2002 9:30 PM > > To: Dr. Jeffrey Race > > Cc: Jill Kulpinski; ppml at arin.net > > Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6 > > > > > > > > I'm not sure I should comment because I did not read all of > the posts > > regarding this. However, I'll take a chance at being flamed > > for repeating > > someone else or being off-topic. > > > > Didn't this start with someone not wanting used space, > > because used space > > can have legacy consequences? Those consequences being > > black-listed IPs, > > existing servers outside the IP block still thinking they > > need to talk to > > those IPs for a service long gone, etc. > > > > It seems to me like it is very similiar to getting a recycled 1-800 > > number. It sucks. > > > > I really don't see how the RIRs can effectively revoke the > IP space of > > spammers. That is going to take a lot of effort and probably > > result in a > > lot of days sitting in court. That's not to say that I > > wouldn't like to > > see it happen, but I don't think that is a viable answer. > > > > Why can't the RIR maintain a list of returned IP space? > Blacklisting > > services that are worth using could easily cross check their > > blacklisted > > IPs against that list. > > > > The RIRs should also recycle the IPs on a first in first > out basis to > > minimize any legacy traffic going to those IPs. It's not > perfect, but > > statistically it makes sense. Of course they could also > advertise all > > unallocated IPs to themselves or an outside service to check > > for abnormal > > amounts of legacy traffic and not assign blocks that are > > being hit hard. > > > > It's hard for me to imagine that if IP space is returned > and it is not > > recycled for a year or two that a blacklisting service > > couldn't find the > > resources to remove that IP space from their lists and for > a very high > > percentage of the legacy traffic to have vanished. > > > > Anyone using a blacklisting service that can't keep something > > like that up > > to date can't possibly trust their accuracy anyway. And in > > my experience > > most blacklisters are savvy enough to appreciate and utilize > > a list that > > the RIR's could easily maintain. > > > > Mury > > > > > > > > > > On Fri, 15 Nov 2002, Dr. Jeffrey Race wrote: > > > > > On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote: > > > >This whole issue regarding blacklists seems to be growing > > each day and more > > > >rapidly in the past few months. I would love to know what > > to tell Customers who > > > >are assigned space that was once used by some other > > Customer who got it > > > >blacklisted on one of the thousands of lists out there. I > > can not control who > > > >creates a blacklist, nor who uses it to set up filters, so > > is there really any > > > >means of providing a Customer address space that will > > never be blacklisted? No. > > > >But they want temporary fixes in the meantime which is an > > impractical solution. > > > >I would love to hear other people's thoughts on this but I > > realize I may be > > > >getting off of the topic a bit. > > > > > > > > > It is completely on topic for the reasons you state. > > > > > > In general, announcement on Spam-L and NANAE that the > > ownership of IP address > > > space has been taken over by new non-spammer user will > > cause many or most of > > > the blocklists to remove the previously offending > > addresses. However some > > > blocklist managers don't follow these groups assiduously, > > some blocklist > > > managers have a several-month waiting period, and some > > blocklist managers have > > > a policy NEVER to admit traffic from any once-polluted > > address space, possibly > > > because they have been lied to so many times. > > > > > > So there is NO universal retrospective solution. > > > > > > Therefore, and this is the simple point I have been trying > > to make here, > > > there remains only a prospective solution. That is what > > you have to face, > > > and face now, because the use of blocklists is growing > > rapidly and possibly > > > exponentially. It is the only defense we victims have > > against the present > > > irresponsible management of IP address space and domain names. > > > > > > The RIRs are responsible for the proper management, express and > > > implied, of the IP address space allocated to them. Since > > recycling of > > > IP address space obviously will occur over the years, decades and > > > centuries, the RIRs have a duty to prevent pollution of the > > resources > > > they manage. The pollution comes from spamming. This > > means the RIRs > > > have to have a clear policy that IP address users must not > > spam, must > > > not allow spammers on their networks, and must have > > hair-trigger management > > > systems in place to identify incipient spammers and > > penalize them (because > > > blocklist additions can occur in days). (All this is > > eminently doable now > > > by presently existing technical measures, and many ISPs do > > indeed use such > > > measures.) Any user who violates this rule must have his > > IP address space > > > withdrawn. That is the only sanction that anyone will pay > > attention to. > > > > > > In short, the RIRs have to take on a role to act, probably > > agggressively > > > and violently, against abuse of the resources they manage, > > by the people > > > to whom they entrust these resources. If you list members > > are not willing > > > to rise up and force them to prevent spammers from pissing > > in the pool, > > > then don't complain about how the water tastes when you > > swim in it. It > > > is the result of your own (in)action. > > > > > > Jeffrey Race > > > > > > From Jill.Kulpinski at cw.com Fri Nov 15 14:02:10 2002 From: Jill.Kulpinski at cw.com (Jill Kulpinski) Date: Fri, 15 Nov 2002 11:02:10 -0800 Subject: FW: [ppml] Last Call for Comment: Policy Proposal 2002-6 Message-ID: In light of the fact that I have been becoming more aware and informed about this issue and am attempting to do something about improving the environmnent however I can and on behalf of whatever organization I may represent, I will take any negative comments as constructive critcism so thanks. So...joe-schmo wants to improve his relationship with the blacklisters and show that he is actively trying to clean things up. Hmmm...following the instructions on the blacklisting sites to have things removed does not work. What then? Joe will not accept the fact that he is just screwed and can not improve the internet environment on behalf of the address space he administers. Also, how does Joe know that he has contacted all the 'right' blacklisters? People could use anything they wanted to, or make their own. Or are there considered 'main blacklists' that are recognized by the internet community as standard resources? Joe agrees that option 1 is the way to go. Reality, though, dictates otherwise for Joe and he wants to know what he can do in the meantime that would be effective. Joe would be happy to prove that address space is not being used for spamming and should not be listed, provided that there is reciprocated action and the space is removed. It is very tough, though, because blacklisters don't list just the offenders, but as everyone knows, larger aggregates containing clean addresses as well as the dirty ones. -----Original Message----- From: Adam Rothschild [mailto:asr at latency.net] Sent: Friday, November 15, 2002 8:43 AM To: Jill Kulpinski Cc: ppml at arin.net Subject: Re: FW: [ppml] Last Call for Comment: Policy Proposal 2002-6 On 2002-11-14-21:54:08, Jill Kulpinski wrote: > still having mail issues...so my apologies if this is posted more than once. Wouldn't happen to have anything to do with your mail server being blacklisted by SPEWS due to Cable and Wireless employees spamming folks promoting real estate/MLM scams, would it? ;) Or your clearly documented inability to shut down big-revenue-generating spamming customers? But, I digress... > how do i take action against people who don't respond? i am very > pro-active in making sure our resources are used appropriately, but > how do you tell someone they are not allowed to post a listing, they > need to change their listing, or also... force people to not use > these blacklists? Wow, could you possibly stray any further off-topic for this list? In short, you don't. Sure, you could blackhole the IP's of the name servers used by these blackhole lists. But it'll hurt customer satisfaction metrics once folks notice what you're doing, and the lack of sound technical reasoning behind it. At the risk of sounding sappy, you could even describe the resulting customer churn as an "Exodus". > no matter what we do...some joe-shmo out there could set up a site > and put any address he wanted to on a list and market it to the > internet world as a blacklist. if someone actually trusts and uses > this list... that should be their problem. Exactly. Such is life. > BUT i tell a Customer who has a complaint he or whomever > he serves should not use the listing...and i get 'but everyone....even the major providers use it'. > what can i do....for every list that i get some innocent person off of, who is to stop some other > person for putting mr. innocent on another list? > and how am i ever supposed to be able to guarantee to a Customer that no one is blacklisting their space? > it is not possible to provide this guarantee, so what is the solution...and both short term and long term > would be great. This is very cut and dried. You have two choices: 1) Run an efficient abuse department. When you receive complaints of spamming customers, act in accordance with your AUP, including ultimately disconnecting them in a timely fashion. 2) Continue to do what you're doing now, and deal with the consequences of innocent customers being allocated blacklisted IP space. Like it not, said blackholes are a fact of life. When used properly, they are invaluable tools in helping reduce the amount of e-mail received from rogue sources. Rather than try to blackhole the blackholes, perhaps it's time to step back and give some thought as to why you're in them to begin with. -a From Stacy_Taylor at icgcomm.com Fri Nov 15 15:13:24 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Fri, 15 Nov 2002 13:13:24 -0700 Subject: [ppml] Policy Proposal 2002-6 reworded? Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710854@denexg21.icgcomm.com> I like Alex's sentence, and this wording of the policy. Thanks, Stacy -----Original Message----- From: Alex Kamantauskas [mailto:alexk at tugger.net] Sent: Friday, November 15, 2002 8:44 AM To: Bill Darte Cc: 'ppml at arin.net' Subject: Re: [ppml] Policy Proposal 2002-6 reworded? On Fri, 15 Nov 2002, Bill Darte wrote: > Suppose 2002-6 were reworded to reflect the issues raised as such..... > > > Proposed rewording.... > > If any organization relinquishes a group of portable, non-aggregatable > address blocks to ARIN, they shall receive a block in exchange. Exchange > blocks will be of sufficient size to contain the space of all returned > blocks without justification up to /17. Exchange blocks of greater than /17 > will require justification of address useage per existing ARIN requirements > for addtional address allocations. Exchange blocks larger than /20 must be > renumbered within 12 months; all others must be renumbered within 6 months. > If ALL returned blocks were maintained by ARIN without maintenance fees, the > exchange block will also be maintained without fee. > > > Other alternatives? > I would modify this to read: "Exchange blocks larger than /20 must be renumbered within 12 months; all others must be renumbered within 6 months unless organization can justify a timeframe extension" -- /ak From billd at cait.wustl.edu Fri Nov 15 15:43:17 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Fri, 15 Nov 2002 14:43:17 -0600 Subject: [ppml] Policy Proposal 2002-6 reworded? Message-ID: The ARIN BoT has asked the AC to provide crisp and unambiguous policy statements..... While, as I have said, I have sympathy for those with 'extraordinary' circumstances which might cause them to have trouble meeting the requirements for renumbering and would thus cause them to petition for more time from ARIN. This places and extraordinary burden on ARIN staff as well.... If we MUST put this extension justification language in then I suggest we MUST provide some representative guidance on what would qualify for justification.......much as the examples of Internet Infrastructure associated with the micro allocations policy..... I urge that we do not incorporate such language, but leave to the organization the understanding that they need to make extraordinary preparation for renumbering if they have extraordinary renumbering circumstances.... and wish to take advantage of this policy. billd -----Original Message----- From: Taylor, Stacy To: 'Alex Kamantauskas'; Bill Darte Cc: 'ppml at arin.net' Sent: 11/15/02 2:13 PM Subject: RE: [ppml] Policy Proposal 2002-6 reworded? I like Alex's sentence, and this wording of the policy. Thanks, Stacy -----Original Message----- From: Alex Kamantauskas [mailto:alexk at tugger.net] Sent: Friday, November 15, 2002 8:44 AM To: Bill Darte Cc: 'ppml at arin.net' Subject: Re: [ppml] Policy Proposal 2002-6 reworded? On Fri, 15 Nov 2002, Bill Darte wrote: > Suppose 2002-6 were reworded to reflect the issues raised as such..... > > > Proposed rewording.... > > If any organization relinquishes a group of portable, non-aggregatable > address blocks to ARIN, they shall receive a block in exchange. Exchange > blocks will be of sufficient size to contain the space of all returned > blocks without justification up to /17. Exchange blocks of greater than /17 > will require justification of address useage per existing ARIN requirements > for addtional address allocations. Exchange blocks larger than /20 must be > renumbered within 12 months; all others must be renumbered within 6 months. > If ALL returned blocks were maintained by ARIN without maintenance fees, the > exchange block will also be maintained without fee. > > > Other alternatives? > I would modify this to read: "Exchange blocks larger than /20 must be renumbered within 12 months; all others must be renumbered within 6 months unless organization can justify a timeframe extension" -- /ak From Stacy_Taylor at icgcomm.com Fri Nov 15 15:58:48 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Fri, 15 Nov 2002 13:58:48 -0700 Subject: [ppml] Policy Proposal 2002-6 reworded? Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710855@denexg21.icgcomm.com> Excellent point. The original wording stands, then? -----Original Message----- From: Bill Darte [mailto:billd at cait.wustl.edu] Sent: Friday, November 15, 2002 12:43 PM To: 'Taylor, Stacy '; ''Alex Kamantauskas' '; Bill Darte Cc: ''ppml at arin.net' ' Subject: RE: [ppml] Policy Proposal 2002-6 reworded? The ARIN BoT has asked the AC to provide crisp and unambiguous policy statements..... While, as I have said, I have sympathy for those with 'extraordinary' circumstances which might cause them to have trouble meeting the requirements for renumbering and would thus cause them to petition for more time from ARIN. This places and extraordinary burden on ARIN staff as well.... If we MUST put this extension justification language in then I suggest we MUST provide some representative guidance on what would qualify for justification.......much as the examples of Internet Infrastructure associated with the micro allocations policy..... I urge that we do not incorporate such language, but leave to the organization the understanding that they need to make extraordinary preparation for renumbering if they have extraordinary renumbering circumstances.... and wish to take advantage of this policy. billd -----Original Message----- From: Taylor, Stacy To: 'Alex Kamantauskas'; Bill Darte Cc: 'ppml at arin.net' Sent: 11/15/02 2:13 PM Subject: RE: [ppml] Policy Proposal 2002-6 reworded? I like Alex's sentence, and this wording of the policy. Thanks, Stacy -----Original Message----- From: Alex Kamantauskas [mailto:alexk at tugger.net] Sent: Friday, November 15, 2002 8:44 AM To: Bill Darte Cc: 'ppml at arin.net' Subject: Re: [ppml] Policy Proposal 2002-6 reworded? On Fri, 15 Nov 2002, Bill Darte wrote: > Suppose 2002-6 were reworded to reflect the issues raised as such..... > > > Proposed rewording.... > > If any organization relinquishes a group of portable, non-aggregatable > address blocks to ARIN, they shall receive a block in exchange. Exchange > blocks will be of sufficient size to contain the space of all returned > blocks without justification up to /17. Exchange blocks of greater than /17 > will require justification of address useage per existing ARIN requirements > for addtional address allocations. Exchange blocks larger than /20 must be > renumbered within 12 months; all others must be renumbered within 6 months. > If ALL returned blocks were maintained by ARIN without maintenance fees, the > exchange block will also be maintained without fee. > > > Other alternatives? > I would modify this to read: "Exchange blocks larger than /20 must be renumbered within 12 months; all others must be renumbered within 6 months unless organization can justify a timeframe extension" -- /ak From alexk at tugger.net Fri Nov 15 16:06:29 2002 From: alexk at tugger.net (Alex Kamantauskas) Date: Fri, 15 Nov 2002 16:06:29 -0500 (EST) Subject: [ppml] Policy Proposal 2002-6 reworded? In-Reply-To: <5BDB545714D0764F8452CC5A25DDEEFA01710855@denexg21.icgcomm.com> Message-ID: I'm not adamant that the timeframe extension language stay in. If others still want it, I think we should place language that describes what is needed by the justification. Those who require a timeframe extension would have to prove that they need the extension. I would not want the language to be used as a loophole to buy some time for those who would normally easily be able to renumber within the 6 month period. On Fri, 15 Nov 2002, Taylor, Stacy wrote: > Excellent point. The original wording stands, then? > > > -----Original Message----- > From: Bill Darte [mailto:billd at cait.wustl.edu] > Sent: Friday, November 15, 2002 12:43 PM > To: 'Taylor, Stacy '; ''Alex Kamantauskas' '; Bill Darte > Cc: ''ppml at arin.net' ' > Subject: RE: [ppml] Policy Proposal 2002-6 reworded? > > > The ARIN BoT has asked the AC to provide crisp and unambiguous policy > statements..... > > While, as I have said, I have sympathy for those with 'extraordinary' > circumstances which might cause them to have trouble meeting the > requirements for renumbering and would thus cause them to petition for more > time from ARIN. > > This places and extraordinary burden on ARIN staff as well.... > > If we MUST put this extension justification language in then I suggest we > MUST provide some representative guidance on what would qualify for > justification.......much as the examples of Internet Infrastructure > associated with the micro allocations policy..... > > I urge that we do not incorporate such language, but leave to the > organization the understanding that they need to make extraordinary > preparation for renumbering if they have extraordinary renumbering > circumstances.... and wish to take advantage of this policy. > > billd > > > > > -----Original Message----- > From: Taylor, Stacy > To: 'Alex Kamantauskas'; Bill Darte > Cc: 'ppml at arin.net' > Sent: 11/15/02 2:13 PM > Subject: RE: [ppml] Policy Proposal 2002-6 reworded? > > I like Alex's sentence, and this wording of the policy. > Thanks, > Stacy > > -----Original Message----- > From: Alex Kamantauskas [mailto:alexk at tugger.net] > Sent: Friday, November 15, 2002 8:44 AM > To: Bill Darte > Cc: 'ppml at arin.net' > Subject: Re: [ppml] Policy Proposal 2002-6 reworded? > > > On Fri, 15 Nov 2002, Bill Darte wrote: > > > Suppose 2002-6 were reworded to reflect the issues raised as such..... > > > > > > Proposed rewording.... > > > > If any organization relinquishes a group of portable, non-aggregatable > > address blocks to ARIN, they shall receive a block in exchange. > Exchange > > blocks will be of sufficient size to contain the space of all returned > > blocks without justification up to /17. Exchange blocks of greater > than > /17 > > will require justification of address useage per existing ARIN > requirements > > for addtional address allocations. Exchange blocks larger than /20 > must > be > > renumbered within 12 months; all others must be renumbered within 6 > months. > > If ALL returned blocks were maintained by ARIN without maintenance > fees, > the > > exchange block will also be maintained without fee. > > > > > > Other alternatives? > > > > I would modify this to read: > > "Exchange blocks larger than /20 must be renumbered within 12 months; > all > others must be renumbered within 6 months unless organization can > justify > a timeframe extension" > > -- > /ak > -- /ak From memsvcs at arin.net Fri Nov 15 16:03:54 2002 From: memsvcs at arin.net (Member Services) Date: Fri, 15 Nov 2002 16:03:54 -0500 (EST) Subject: [ppml] ARIN Board of Trustees Election Results Message-ID: David Conrad and Bill Woodcock have been elected to the ARIN Board of Trustees. Each will serve a three-year term commencing January 1, 2003. The ARIN Board of Trustees congratulates David and Bill and looks forward to working with them. The ARIN Board of Trustees wishes to thank John Brown and Stephen Stuart for their participation as candidates in the election, wishes them well in their future endeavors, and encourages them to remain active in the activities of ARIN. Raymond A. Plzak President & CEO American Registry for Internet Numbers From memsvcs at arin.net Fri Nov 15 16:31:20 2002 From: memsvcs at arin.net (Member Services) Date: Fri, 15 Nov 2002 16:31:20 -0500 (EST) Subject: [ppml] ARIN Advisory Council Election Results Message-ID: <200211152131.QAA10693@ops.arin.net> The ARIN Bylaws require the ARIN Board of Trustees confirm the election results of the ARIN Advisory Council (AC). The ARIN Board of Trustees will meet on November 17, 2002, and the election results for the ARIN AC will be announced on Monday, November 18, 2002. Member Services American Registry for Internet Numbers (ARIN) From jrace at attglobal.net Fri Nov 15 22:11:41 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Sat, 16 Nov 2002 10:11:41 +0700 Subject: [ppml] Getting off blocklists Message-ID: <200211160311.gAG3BqYm042746@smtp1.arin.net> Jill this is the answer to your question; you can take further correspondence on this subject offlist or carry it to Spam-L where there are much better resources. This information may be useful to other PPML list members as well First, your correspondence proves beyond doubt that blocklists work and are the ONLY thing that works against refractory spammers and their profiteering enablers like C&W. You did not get interested in this subject until the C&W corporate mail servers got blocklisted. See below. On Fri, 15 Nov 2002 11:02:10 -0800, Jill Kulpinski wrote: >So...joe-schmo wants to improve his relationship with the blacklisters and show >that he is actively trying to clean things up. He has to CLEAN THEM UP (which means throw them off the network), not "try" mmm...following the instructions on the blacklisting >sites to have things removed does not work. What then? Joe will not accept the fact that he is >just screwed and can not improve the internet environment on behalf of the address space he >administers. As people driven by reason and idealism, not profit, most antispammers are willing to listen to anyone and act as reason dictates. There are very few crazies in the antispamming community, though there are arguments about how big a mallet to apply to the likes of C&W and UUNet. Public announcements on Spam-L and NANAE will get you off most lists. >Also, how does Joe know that he has contacted all the 'right' blacklisters? See above. Everyone in the community reads Spam-L. >It is very tough, though, because blacklisters don't list just the offenders, >but as everyone knows, larger aggregates containing clean addresses as well as >the dirty ones. I will explain this to you. There are published policies about blocklisting. The most famous one is from SPEWS which you should download and read carefully. Basically SPEWS starts by blocklisting an offending IP address after reports to the (ir)responsible owner are ignored. As reports continue, the blocklisting is enlarged progressively. The final step, after all efforts at polite persuasion have failed (as have with C&W) is to blocklist the corporate mail servers. When the spam-enabling ISP's own executives no longer can use e-mail (just like their victims, ha ha ha) then they start to pay attention. Apparently this is why you have become interested in spam--you are paying the price of the misdeeds of your firm's (mis)management. All these issues have been thoroughly ventilated on Spam-L. You (and anyone else interested in how blocklists work) should sign up for Spal-L: send a message to containing the string subscribe SPAM-L (your name) You will also want to get the SPEWS FAQ. SPEWS is probably the most effective blocklist because its operators are anonymous and beyond the reach of land sharks (=lawyers) from spam-enablers like C&W. Google on this string: +spews +faq Jeffrey Race PS: Please ask your management why they are still hosting after months of complaints and robotic auto-acks. Their answer will tell you why you personally are having 'mail issues'. [C:\]tracerte sex2go.com 0 192.168.1.1 (192.168.1.1) 8 ms 0 ms 7 ms 1 192.168.1.1 (192.168.1.1) 0 ms 0 ms 0 ms 2 10.20.12.9 (10.20.12.9) 47 ms 55 ms 47 ms 3 ppp-203.144.161.5.revip.asianet.co.th (203.144.161.5) 47 ms 54 ms 4 ppp-203.144.144.157.revip.asianet.co.th (203.144.144.157) 54 ms 46 ms 5 ppp-203.144.144.2.revip.asianet.co.th (203.144.144.2) 54 ms 55 ms 6 210.182.0.193 (210.182.0.193) 149 ms 148 ms 141 ms 7 210.120.192.6 (210.120.192.6) 149 ms 149 ms 141 ms 8 203.255.234.194 (203.255.234.194) 273 ms 258 ms 266 ms 9 * 203.255.234.57 (203.255.234.57) 274 ms 273 ms 10 bpr2-so-6-0-1.PaloAltoPaix.cw.net (206.24.241.217) 273 ms 273 ms 2 11 agr1-loopback.SantaClara.cw.net (208.172.146.101) 274 ms 265 ms 27 12 dcr1-so-6-0-0.SantaClara.cw.net (208.172.156.37) 274 ms 273 ms 281 13 dcr1-loopback.NewYork.cw.net (206.24.194.99) 375 ms 383 ms 383 ms 14 ahr1-pos-0-0.Weehawkennj2.cw.net (206.24.207.34) 359 ms 360 ms 359 15 csr11-ve241.Weehawkennj2.cw.net (216.35.65.154) 375 ms 359 ms 360 16 216.35.68.28 (216.35.68.28) 360 ms 360 ms 359 ms 17 64.14.41.90 (64.14.41.90) 382 ms 382 ms * Have a nice day. /end/ From randy at psg.com Sat Nov 16 12:51:54 2002 From: randy at psg.com (Randy Bush) Date: Sat, 16 Nov 2002 12:51:54 -0500 Subject: [ppml] Re: Policy Proposal 2002-2: Experimental Internet Resource Allocations Message-ID: it is nice to see the rirs working on developing these policies. but, as a member of (not representative of) the ietf, this does intersect some of the ietf's areas of concern. having spent a lot of time and blood trying to get the rirs empowered in this space, i am concerned that the rir/ietf cooperation continue to be constructive, with each playing its part in the movie. my major concerns with the document at are: o it states that the standards processes bodies other then the itef might be used. the ietf thinks of itself as _the_ standards body at the ip address layer of the stack. so either there is mis-understanding here, or a better explanation of what you mean is needed. o 2002-2 limits things to "experimental rfcs." so, there are corner cases, for example, a standards track rfc could not be allocated experimental space. this is why the tentative draft refers to rfc 2434 section 2 and uses the phrase "ietf consensus process." to save you a lookup: IETF Consensus - New values are assigned through the IETF consensus process. Specifically, new assignments are made via RFCs approved by the IESG. Typically, the IESG will seek input on prospective assignments from appropriate persons (e.g., a relevant Working Group if one exists). if would be of help, i could try to get a more formal liaison statement from the iab on this. but my guess is we just have not spent the energy communicating with each other very well. randy From memsvcs at arin.net Mon Nov 18 14:54:56 2002 From: memsvcs at arin.net (Member Services) Date: Mon, 18 Nov 2002 14:54:56 -0500 (EST) Subject: [ppml] ARIN Advisory Council Election Results Message-ID: Congratulations to the following individuals who have been elected to the Advisory Council. In accordance with the ARIN Bylaws, the results of this election were confirmed by the ARIN Board of Trustees on November 17, 2002. Their terms, commencing on January 1, 2003, are specified below. William (Bill) J. Darte three years Alec H. Peterson three years Tanya Hinman three years Suzanne Woolf three years John Sweeting three years Mark Kosters one year On Friday, November 14, 2002, the Advisory Council appointed Lea Roberts and Stacy Taylor as Advisory Council members to fill the vacancies created by the resignations of lyric apted and John Brown. These appointments were confirmed by the ARIN Board of Trustees on Sunday, November 17, 2002. The appointments to these vacancies are interim and shall become part of the election process for Advisory Council members held for the purpose of filling Advisory Council terms that will expire December 31, 2003. The ARIN Board of Trustees wishes to thank Dana Argiro, Andrew Dul, Teri Francis, Dale Finkelson, Cleveland Mickles and Charles Smith for their participation as candidates in the election and looks forward to their continued participation in the activities of ARIN. Raymond A. Plzak President & CEO American Registry for Internet Numbers (ARIN) From jrace at attglobal.net Tue Nov 19 08:37:28 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Tue, 19 Nov 2002 20:37:28 +0700 Subject: FW: [ppml] Last Call for Comment: Policy Proposal 2002-6 BLOCKLIST AGAINST CORPORATE MAIL RELAYS Message-ID: <200211191337.gAJDbdYm000464@smtp1.arin.net> On Fri, 15 Nov 2002 11:02:10 -0800, Jill Kulpinski wrote: It is very tough, though, because blacklisters don't list just the offenders, but as everyone knows, larger aggregates containing clean addresses as well as the dirty ones. > Above URL points to press release of blocklisting Verio corporate mail servers (shutting off Verio corporate communications to 98 million addresses) due to Verion management decision to host criminal spam gangs. All victim complaints were useless, so SBL has blocklisted the corporate mail servers. Mallet to the head is the only thing that works. Jeffrey Race From billd at cait.wustl.edu Tue Nov 19 10:55:57 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Tue, 19 Nov 2002 09:55:57 -0600 Subject: [ppml] Re: Policy Proposal 2002-2: Experimental Internet Reso urce Allocations Message-ID: Randy, > > o it states that the standards processes bodies other then the > itef might be used. the ietf thinks of itself as _the_ > standards body at the ip address layer of the stack. so either > there is mis-understanding here, or a better explanation of > what you mean is needed. I'm not sure I understand what you have written here.......... are you saying that experimentation by entities other than IETF be precluded from having access to experimental allocations of routable addresses? I don't read into 2002-2 anything that suggest that ARIN is endorsing protocol or process standardization by bodies other than IETF. They are simply making address space available for 'open', non-commercial, experimental processes.....no? > > o 2002-2 limits things to "experimental rfcs." so, there are > corner cases, for example, a standards track rfc could not be > allocated experimental space. this is why the tentative draft > > > > refers to rfc 2434 section 2 and uses the phrase "ietf > consensus process." to save you a lookup: > > IETF Consensus - New values are assigned through the IETF > consensus process. Specifically, new assignments are made > via RFCs approved by the IESG. Typically, the IESG will > seek input on prospective assignments from appropriate > persons (e.g., a relevant Working Group if one exists). Also, here, I think you are saying that the qualification upon rfc is too restrictive? I have no problems with expanding the scope of availability to include all experimental uses which meet the public transparency stipulations, no just those expressed in 'experimental' rfcs............ though I'm always interested in being enlightened. > > if would be of help, i could try to get a more formal liaison > statement from the iab on this. but my guess is we just have > not spent the energy communicating with each other very well. > > randy > From memsvcs at arin.net Tue Nov 19 12:28:37 2002 From: memsvcs at arin.net (Member Services) Date: Tue, 19 Nov 2002 12:28:37 -0500 (EST) Subject: [ppml] Appointments to the ARIN Advisory Council Message-ID: As announced yesterday, Lea Roberts and Stacy Taylor were appointed by the Advisory Council on November 15 to fill the seats of two members who resigned near the close of this year's election process. As such, their terms begin immediately. The terms of all elected members begin January 1, 2003. ARIN Member Services From randy at psg.com Tue Nov 19 18:44:25 2002 From: randy at psg.com (Randy Bush) Date: Tue, 19 Nov 2002 18:44:25 -0500 Subject: [ppml] Re: Policy Proposal 2002-2: Experimental Internet Reso urce Allocations References: Message-ID: >> o it states that the standards processes bodies other then the >> itef might be used. the ietf thinks of itself as _the_ >> standards body at the ip address layer of the stack. so either >> there is mis-understanding here, or a better explanation of >> what you mean is needed. > > I'm not sure I understand what you have written here.......... are you > saying that experimentation by entities other than IETF be precluded from > having access to experimental allocations of routable addresses? I don't > read into 2002-2 anything that suggest that ARIN is endorsing protocol or > process standardization by bodies other than IETF. They are simply making > address space available for 'open', non-commercial, experimental > processes.....no? the issue is what standards organization's process is used to process a proposal. in that case, indeed i am saying it should be ietf's. note that this is not who may think of proposals. >> o 2002-2 limits things to "experimental rfcs." so, there are >> corner cases, for example, a standards track rfc could not be >> allocated experimental space. this is why the tentative draft >> >> >> >> refers to rfc 2434 section 2 and uses the phrase "ietf >> consensus process." to save you a lookup: >> >> IETF Consensus - New values are assigned through the IETF >> consensus process. Specifically, new assignments are made >> via RFCs approved by the IESG. Typically, the IESG will >> seek input on prospective assignments from appropriate >> persons (e.g., a relevant Working Group if one exists). > > Also, here, I think you are saying that the qualification upon > rfc is too restrictive? not at all. please reread what i quoted from 2434 randy From Stacy_Taylor at icgcomm.com Wed Nov 20 11:33:24 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Wed, 20 Nov 2002 09:33:24 -0700 Subject: [ppml] Policy Proposal 2002-1 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710888@denexg21.icgcomm.com> Hi Everyone, The language of the process of notifying lame in-addr.arpas is convoluted. Can we simplify it in this way? 1) E-mail the POC associated with the in-addr.arpa delegation from the ARIN database. 2) E-mail the POC associated with the ASN(s) originating the route in the global routing table. 3) Telephone any POC associated with the ASN or ARIN records. 4) Send postal mail any POC associated with the ASN or ARIN records. Request response within 30 days. Thanks, Stacy From Stacy_Taylor at icgcomm.com Wed Nov 20 12:08:21 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Wed, 20 Nov 2002 10:08:21 -0700 Subject: [ppml] Policy 2002-5 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710889@denexg21.icgcomm.com> Hi Everyone, On the same vein, how do we feel about this rewording? Also, I again feel that 12 months is way too long a time, especially if the organization is already not using a part of the space. If an organization, whether a member or non-member, ISP or end-user, relinquishes a larger block of portable address space to ARIN, they shall be allowed to receive a smaller block, /24 or shorter, in exchange. The organization will not be required to justify their use of the new, smaller block. The organization must return the block to be exchanged within 12 months. ARIN staff shall, at their discretion, determine whether the smaller replacement block shall be a subnet of the returned block, or a block allocated from some different range. In the case of an organization name change for address resource records, ARIN's normal transfer policies will apply. If the exchanged address block was maintained in the ARIN database without maintenance fees, the replacement space shall be as well. Likewise, if the returned block had associated maintenance fees, then the replacement block shall also be subject to maintenance fees. Thanks, Stacy From Michael.Dillon at radianz.com Wed Nov 20 12:51:35 2002 From: Michael.Dillon at radianz.com (Michael.Dillon at radianz.com) Date: Wed, 20 Nov 2002 17:51:35 +0000 Subject: [ppml] Policy 2002-5 Message-ID: >Hi Everyone, >On the same vein, how do we feel about this rewording? Also, I again feel >that 12 months is way too long a time, especially if the organization is >already not using a part of the space. I think that we should set aside this issue until it can be more clearly formulated and discussed. One issue that I see is that this is trying to do two different things and I believe that we need two more focused policies to accomplish that. Firstly, we want to contact all legacy users of IPv4 space and get them to become part of the system, i.e. keep in touch and register their up to date contact information. Secondly, we want to organize the pre-ARIN IPv4 space in a more logical manner because we can probably achieve a higher usage rate by doing so. And maybe thirdly, we want legacy users to pay for service. At a minimum there is the in-addr.arpa service, but a case can be made for part of the routability attribute being provided by being legitimately registered with ARIN. Therefore, let's drop the specific proposal 2002-5 and let's begin to discuss how we can better address its contents in a more focused and coordinated way. I would suggest that there be a program to contact all holders of legacy IPv4 space and that we should tell them that they MUST register their contact information with their RIR or else relinquish their allocation. This is not a hardship for any address space holder. Some organizations may claim that their use of the space is outside of the public Internet and therefore they should be left alone, however I disagree. They should still at minimum register their contact info and the status of the space. Whether or not they should legitimately continue to be given exclusive usage rights to the space is something that we should not be dealing with at all right now. We just need to know who has the usage rights to every single fragment of the IPv4 space. If, in fact, we are going to reorganize the layout of the legacy allocations such as the swamp, then I believe that we need more discussion and some joint action with the other RIRs. Any policy relating to this should be identically worded with all RIRs. I believe that it is a good idea to swap space only if the result is a less chaotic map of the IPv4 space at the level of RIR allocations to members. What I mean is that today we know that in certain ranges, the RIR allocated all blocks at /19 or larger. In other ranges the RIRs allocated at /20 or larger. If we can reorganize the swamp so that there are defined ranges in which all allocations are /21 or larger, /22 or larger, /23 or larger and /24 or larger then this would be a good thing. But we won't really know how big to make these ranges until we have an idea of who has legacy usage rights and still wishes to retain those rights. Also, once we decide to reorganize the space through swapping, we should have at least a rough plan for offering new allocations with the same sizes. And perhaps we should even be issuing smaller blocks than /24 in a defined range for small multihomed networks. And then there is payment for service which is an issue that strikes at the heart of what a registry is and what it does. Here, I believe we need a vision that goes beyond matters such as swamp cleaning in the IPv4 space but also encompasses the future when IPv6 is so widely deployed that we have decided to abandon the IPv4 space entirely. People will still be using IPv4 for lots of things but we won't have any need for a global registry for IPv4 anymore. At that time, I still see some value in having RIRs and I see that there are services for which fees should be paid. ARIN will still be the maintainer of the single authoritative database that identifies the organization which has legitimate rights of use for any specific IP address. For various reasons, I feel that ARIN should be flexing its muscle a little more in this area. One thing that I believe ARIN should do is to provide a new form of routing registry which identifies who has the usage rights to every block and which references any local routing registry which that rights holder may be operating. It should be possible for every network operator to verify their incoming route announcements by querying such a registry either in realtime or by mirroring the database. Whether or not anyone does in fact do such validation is not important nor is it important whether or not they trust ARIN well enough to hook the registry directly to their routers. The important issue here is that ARIN should make an authoritative database available for queries and mirroring and that ARIN should enforce this database by removing the data when an organization is no longer in good standing. In any case, it would be nice if you all would change the subject lines of any replies to this message because there are really 4 separate threads that could be started from these suggestions. Thanks. -- Michael Dillon From billd at cait.wustl.edu Wed Nov 20 13:23:44 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Wed, 20 Nov 2002 12:23:44 -0600 Subject: [ppml] Policy Proposal 2002-1 Message-ID: Is the "Request response withing 30days" associated only with item 4 or all of them??? billd > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Wednesday, November 20, 2002 10:33 AM > To: 'ppml at arin.net' > Subject: [ppml] Policy Proposal 2002-1 > > > Hi Everyone, > The language of the process of notifying lame in-addr.arpas > is convoluted. > Can we simplify it in this way? > > > > 1) E-mail the POC associated with the in-addr.arpa > delegation from the ARIN database. > 2) E-mail the POC associated with the ASN(s) originating > the route in the global routing table. > 3) Telephone any POC associated with the ASN or ARIN records. > 4) Send postal mail any POC associated with the ASN or ARIN > records. Request > response within 30 days. > > > Thanks, > Stacy > > From Stacy_Taylor at icgcomm.com Wed Nov 20 13:47:47 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Wed, 20 Nov 2002 11:47:47 -0700 Subject: [ppml] Policy Proposal 2002-1 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA0171088D@denexg21.icgcomm.com> Items 1, 2, and 3 elicit fairly immediate responses, yes? The postal solution would occur should the other three fail, and it would be the last step before consequences. The letter would serve as Notice of Action by the Registry. Stacy -----Original Message----- From: Bill Darte [mailto:billd at cait.wustl.edu] Sent: Wednesday, November 20, 2002 10:24 AM To: 'Taylor, Stacy'; 'ppml at arin.net' Subject: RE: [ppml] Policy Proposal 2002-1 Is the "Request response withing 30days" associated only with item 4 or all of them??? billd > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Wednesday, November 20, 2002 10:33 AM > To: 'ppml at arin.net' > Subject: [ppml] Policy Proposal 2002-1 > > > Hi Everyone, > The language of the process of notifying lame in-addr.arpas > is convoluted. > Can we simplify it in this way? > > > > 1) E-mail the POC associated with the in-addr.arpa > delegation from the ARIN database. > 2) E-mail the POC associated with the ASN(s) originating > the route in the global routing table. > 3) Telephone any POC associated with the ASN or ARIN records. > 4) Send postal mail any POC associated with the ASN or ARIN > records. Request > response within 30 days. > > > Thanks, > Stacy > > From billd at cait.wustl.edu Wed Nov 20 14:02:01 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Wed, 20 Nov 2002 13:02:01 -0600 Subject: [ppml] Policy 2002-5 let's keep it simple? Message-ID: Michael.Dillon wrote: > > >Hi Everyone, > >On the same vein, how do we feel about this rewording? > Also, I again > feel > >that 12 months is way too long a time, especially if the > organization is > >already not using a part of the space. > > I think that we should set aside this issue until it can be > more clearly > formulated and discussed. One issue that I see is that this > is trying to > do two different things and I believe that we need two more focused > policies to accomplish that. Firstly, we want to contact all > legacy users > of IPv4 space and get them to become part of the system, i.e. keep in > touch and register their up to date contact information. Do you think it is a good idea to have an amnesty policy in place prior to contacting legacy holders? > Secondly, we want > to organize the pre-ARIN IPv4 space in a more logical manner > because we > can probably achieve a higher usage rate by doing so. Do you think benefits of the amnesty policy (as written) will contribute to this goal? Is it necessary to have achieve a high degree of re-organization to achieve any benefit at all? And > maybe thirdly, > we want legacy users to pay for service. Would the partial benefits of re-organization or legacy space be valuable without getting legacy users to pay? > I would suggest that there be a program to contact all > holders of legacy > IPv4 space and that we should tell them that they MUST register their > contact information with their RIR or else relinquish their > allocation. At this point does ARIN not express it's authority to reclaim legacy allocations and does this not likely provoke a legal battle? Must we go there to achieve some useful benefits from the 'stepping stone' amnesty policy as proposed? > This is not a hardship for any address space holder. Some > organizations > may claim that their use of the space is outside of the > public Internet > and therefore they should be left alone, however I disagree. > They should > still at minimum register their contact info and the status > of the space. > Whether or not they should legitimately continue to be given > exclusive > usage rights to the space is something that we should not be > dealing with > at all right now. We just need to know who has the usage > rights to every > single fragment of the IPv4 space. ASKING legacy holders to register and expressing supporting logic is one thing....... but saying you MUST register or lose you allocation is much more. Once you make the authority challenge, you may as well go all the way and assert total authority and bill too. Do it for one, do it for all. Now you have a really BIG project with lots of legal fees........... only Dennis is happy then. > > If, in fact, we are going to reorganize the layout of the legacy > allocations such as the swamp, then I believe that we need > more discussion > and some joint action with the other RIRs. Any policy > relating to this > should be identically worded with all RIRs. I believe that it > is a good > idea to swap space only if the result is a less chaotic map > of the IPv4 > space at the level of RIR allocations to members. What I mean is that > today we know that in certain ranges, the RIR allocated all > blocks at /19 > or larger. In other ranges the RIRs allocated at /20 or > larger. If we can > reorganize the swamp so that there are defined ranges in which all > allocations are /21 or larger, /22 or larger, /23 or larger > and /24 or > larger then this would be a good thing. But we won't really > know how big > to make these ranges until we have an idea of who has legacy > usage rights > and still wishes to retain those rights. Also, once we decide to > reorganize the space through swapping, we should have at > least a rough > plan for offering new allocations with the same sizes. And perhaps we > should even be issuing smaller blocks than /24 in a defined range for > small multihomed networks. > And then there is payment for service which is an issue that > strikes at > the heart of what a registry is and what it does. Here, I > believe we need > a vision that goes beyond matters such as swamp cleaning in > the IPv4 space > but also encompasses the future when IPv6 is so widely > deployed that we > have decided to abandon the IPv4 space entirely. People will still be > using IPv4 for lots of things but we won't have any need for a global > registry for IPv4 anymore. Seems easier to organize a transition to IPv6 than to attempt to redress all previous allocation errors and fight all the court challenges and then end up with a protocol and address space which is insufficient to fuel future demand. I believe that making a start with an amnesty policy (perhaps wordsmithed) is a good first step toward many potentially valuable future objectives you itemize. Simple to enact, simple to explain, simple to support.... and it achieves direct and indirect good. > > -- Michael Dillon > From billd at cait.wustl.edu Wed Nov 20 14:03:19 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Wed, 20 Nov 2002 13:03:19 -0600 Subject: [ppml] Policy Proposal 2002-1 Message-ID: Got it.... just making sure! Thanks... billd > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Wednesday, November 20, 2002 12:48 PM > To: 'Bill Darte'; 'ppml at arin.net' > Subject: RE: [ppml] Policy Proposal 2002-1 > > > Items 1, 2, and 3 elicit fairly immediate responses, yes? The postal > solution would occur should the other three fail, and it > would be the last > step before consequences. The letter would serve as Notice > of Action by the > Registry. > > Stacy > > -----Original Message----- > From: Bill Darte [mailto:billd at cait.wustl.edu] > Sent: Wednesday, November 20, 2002 10:24 AM > To: 'Taylor, Stacy'; 'ppml at arin.net' > Subject: RE: [ppml] Policy Proposal 2002-1 > > > Is the "Request response withing 30days" associated only with > item 4 or all > of them??? > > billd > > > -----Original Message----- > > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > > Sent: Wednesday, November 20, 2002 10:33 AM > > To: 'ppml at arin.net' > > Subject: [ppml] Policy Proposal 2002-1 > > > > > > Hi Everyone, > > The language of the process of notifying lame in-addr.arpas > > is convoluted. > > Can we simplify it in this way? > > > > > > > > 1) E-mail the POC associated with the in-addr.arpa > > delegation from the ARIN database. > > 2) E-mail the POC associated with the ASN(s) originating > > the route in the global routing table. > > 3) Telephone any POC associated with the ASN or ARIN records. > > 4) Send postal mail any POC associated with the ASN or ARIN > > records. Request > > response within 30 days. > > > > > > Thanks, > > Stacy > > > > > From Michael.Dillon at radianz.com Wed Nov 20 14:13:21 2002 From: Michael.Dillon at radianz.com (Michael.Dillon at radianz.com) Date: Wed, 20 Nov 2002 19:13:21 +0000 Subject: [ppml] Re: Policy 2002-5 let's keep it simple? Message-ID: >I believe that making a start with an amnesty policy (perhaps wordsmithed) >is a good first step toward many potentially valuable future objectives you >itemize. >Simple to enact, simple to explain, simple to support.... and it achieves >direct and indirect good. I'm not going to answer all your other comments here. However, I have no objection to an amnesty policy that does NOT involve swapping of address blocks. If the amnesty policy improves the registration data then that is good. However if it changes the map of allocations then that is bad. A /24 in 66/8 is not the same as a swamp /24. Even though we do not control ISP filters, we know that they exist. Also, there are still people using classfull devices who cannot swap a swamp /24 with one from 66/8. If there is to be reorganization of swamp space and migration out of swamp space then we need to carefully think that out as a separate issue and it needs to be tied into some plan for reallocating that space. Until there is a coherent plan for this it is too early to worry about legal issues. So, if there is a program to contact legacy address block users in order to update their contact information, then I support it. If we need a carrot to encourage them then we should be looking at things like homeland security and retaining their usage rights, not block swapping. Homeland security suggests that we should limit unidentified use of the network because if you cannot identify the organization then you cannot determine if they are criminals of terrorists. At the very least we should demand that they give us some type of contact information. And nobody has the rights to use a portion of the shared global IPv4 address space forever without maintaining registration info any more than I have the right to the money in my bank account without maintaining registration info. If I move and don't tell the bank about my new address, after some period of time, they will try to contact me. If they fail to contact me they will set aside my money for some period of time as an unclaimed account and after that time expires, I will lose the right to spend that money. Why should IPv4 usage rights be any different? --Michael Dillon From John.Sweeting at teleglobe.com Wed Nov 20 15:12:07 2002 From: John.Sweeting at teleglobe.com (Sweeting, John) Date: Wed, 20 Nov 2002 15:12:07 -0500 Subject: [ppml] Policy 2002-5 Message-ID: <170E5E7779BCD3118C2A0008C7F40C1906E9BAFC@usresms03.teleglobe.com> Do you really see any problem with moving this forward? It is not meant to cure the world ills; only as one small positive step forward. -----Original Message----- From: Michael.Dillon at radianz.com [mailto:Michael.Dillon at radianz.com] Sent: Wednesday, November 20, 2002 12:52 PM To: ppml at arin.net Subject: Re: [ppml] Policy 2002-5 >Hi Everyone, >On the same vein, how do we feel about this rewording? Also, I again feel >that 12 months is way too long a time, especially if the organization is >already not using a part of the space. I think that we should set aside this issue until it can be more clearly formulated and discussed. One issue that I see is that this is trying to do two different things and I believe that we need two more focused policies to accomplish that. Firstly, we want to contact all legacy users of IPv4 space and get them to become part of the system, i.e. keep in touch and register their up to date contact information. Secondly, we want to organize the pre-ARIN IPv4 space in a more logical manner because we can probably achieve a higher usage rate by doing so. And maybe thirdly, we want legacy users to pay for service. At a minimum there is the in-addr.arpa service, but a case can be made for part of the routability attribute being provided by being legitimately registered with ARIN. Therefore, let's drop the specific proposal 2002-5 and let's begin to discuss how we can better address its contents in a more focused and coordinated way. I would suggest that there be a program to contact all holders of legacy IPv4 space and that we should tell them that they MUST register their contact information with their RIR or else relinquish their allocation. This is not a hardship for any address space holder. Some organizations may claim that their use of the space is outside of the public Internet and therefore they should be left alone, however I disagree. They should still at minimum register their contact info and the status of the space. Whether or not they should legitimately continue to be given exclusive usage rights to the space is something that we should not be dealing with at all right now. We just need to know who has the usage rights to every single fragment of the IPv4 space. If, in fact, we are going to reorganize the layout of the legacy allocations such as the swamp, then I believe that we need more discussion and some joint action with the other RIRs. Any policy relating to this should be identically worded with all RIRs. I believe that it is a good idea to swap space only if the result is a less chaotic map of the IPv4 space at the level of RIR allocations to members. What I mean is that today we know that in certain ranges, the RIR allocated all blocks at /19 or larger. In other ranges the RIRs allocated at /20 or larger. If we can reorganize the swamp so that there are defined ranges in which all allocations are /21 or larger, /22 or larger, /23 or larger and /24 or larger then this would be a good thing. But we won't really know how big to make these ranges until we have an idea of who has legacy usage rights and still wishes to retain those rights. Also, once we decide to reorganize the space through swapping, we should have at least a rough plan for offering new allocations with the same sizes. And perhaps we should even be issuing smaller blocks than /24 in a defined range for small multihomed networks. And then there is payment for service which is an issue that strikes at the heart of what a registry is and what it does. Here, I believe we need a vision that goes beyond matters such as swamp cleaning in the IPv4 space but also encompasses the future when IPv6 is so widely deployed that we have decided to abandon the IPv4 space entirely. People will still be using IPv4 for lots of things but we won't have any need for a global registry for IPv4 anymore. At that time, I still see some value in having RIRs and I see that there are services for which fees should be paid. ARIN will still be the maintainer of the single authoritative database that identifies the organization which has legitimate rights of use for any specific IP address. For various reasons, I feel that ARIN should be flexing its muscle a little more in this area. One thing that I believe ARIN should do is to provide a new form of routing registry which identifies who has the usage rights to every block and which references any local routing registry which that rights holder may be operating. It should be possible for every network operator to verify their incoming route announcements by querying such a registry either in realtime or by mirroring the database. Whether or not anyone does in fact do such validation is not important nor is it important whether or not they trust ARIN well enough to hook the registry directly to their routers. The important issue here is that ARIN should make an authoritative database available for queries and mirroring and that ARIN should enforce this database by removing the data when an organization is no longer in good standing. In any case, it would be nice if you all would change the subject lines of any replies to this message because there are really 4 separate threads that could be started from these suggestions. Thanks. -- Michael Dillon From Stacy_Taylor at icgcomm.com Wed Nov 20 16:52:05 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Wed, 20 Nov 2002 14:52:05 -0700 Subject: [ppml] Policy 2002-5 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA01710897@denexg21.icgcomm.com> And, if we do move it forward, how do we feel about the rewording? Again, If an organization, whether a member or non-member, ISP or end-user, relinquishes a larger block of portable address space to ARIN, they shall be allowed to receive a smaller block, /24 or shorter, in exchange. The organization will not be required to justify their use of the new, smaller block. The organization must return the block to be exchanged within 12 months. ARIN staff shall, at their discretion, determine whether the smaller replacement block shall be a subnet of the returned block, or a block allocated from some different range. In the case of an organization name change for address resource records, ARIN's normal transfer policies will apply. If the exchanged address block was maintained in the ARIN database without maintenance fees, the replacement space shall be as well. Likewise, if the returned block had associated maintenance fees, then the replacement block shall also be subject to maintenance fees. -----Original Message----- From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] Sent: Wednesday, November 20, 2002 12:12 PM To: 'Michael.Dillon at radianz.com'; ppml at arin.net Subject: RE: [ppml] Policy 2002-5 Do you really see any problem with moving this forward? It is not meant to cure the world ills; only as one small positive step forward. -----Original Message----- From: Michael.Dillon at radianz.com [mailto:Michael.Dillon at radianz.com] Sent: Wednesday, November 20, 2002 12:52 PM To: ppml at arin.net Subject: Re: [ppml] Policy 2002-5 >Hi Everyone, >On the same vein, how do we feel about this rewording? Also, I again feel >that 12 months is way too long a time, especially if the organization is >already not using a part of the space. I think that we should set aside this issue until it can be more clearly formulated and discussed. One issue that I see is that this is trying to do two different things and I believe that we need two more focused policies to accomplish that. Firstly, we want to contact all legacy users of IPv4 space and get them to become part of the system, i.e. keep in touch and register their up to date contact information. Secondly, we want to organize the pre-ARIN IPv4 space in a more logical manner because we can probably achieve a higher usage rate by doing so. And maybe thirdly, we want legacy users to pay for service. At a minimum there is the in-addr.arpa service, but a case can be made for part of the routability attribute being provided by being legitimately registered with ARIN. Therefore, let's drop the specific proposal 2002-5 and let's begin to discuss how we can better address its contents in a more focused and coordinated way. I would suggest that there be a program to contact all holders of legacy IPv4 space and that we should tell them that they MUST register their contact information with their RIR or else relinquish their allocation. This is not a hardship for any address space holder. Some organizations may claim that their use of the space is outside of the public Internet and therefore they should be left alone, however I disagree. They should still at minimum register their contact info and the status of the space. Whether or not they should legitimately continue to be given exclusive usage rights to the space is something that we should not be dealing with at all right now. We just need to know who has the usage rights to every single fragment of the IPv4 space. If, in fact, we are going to reorganize the layout of the legacy allocations such as the swamp, then I believe that we need more discussion and some joint action with the other RIRs. Any policy relating to this should be identically worded with all RIRs. I believe that it is a good idea to swap space only if the result is a less chaotic map of the IPv4 space at the level of RIR allocations to members. What I mean is that today we know that in certain ranges, the RIR allocated all blocks at /19 or larger. In other ranges the RIRs allocated at /20 or larger. If we can reorganize the swamp so that there are defined ranges in which all allocations are /21 or larger, /22 or larger, /23 or larger and /24 or larger then this would be a good thing. But we won't really know how big to make these ranges until we have an idea of who has legacy usage rights and still wishes to retain those rights. Also, once we decide to reorganize the space through swapping, we should have at least a rough plan for offering new allocations with the same sizes. And perhaps we should even be issuing smaller blocks than /24 in a defined range for small multihomed networks. And then there is payment for service which is an issue that strikes at the heart of what a registry is and what it does. Here, I believe we need a vision that goes beyond matters such as swamp cleaning in the IPv4 space but also encompasses the future when IPv6 is so widely deployed that we have decided to abandon the IPv4 space entirely. People will still be using IPv4 for lots of things but we won't have any need for a global registry for IPv4 anymore. At that time, I still see some value in having RIRs and I see that there are services for which fees should be paid. ARIN will still be the maintainer of the single authoritative database that identifies the organization which has legitimate rights of use for any specific IP address. For various reasons, I feel that ARIN should be flexing its muscle a little more in this area. One thing that I believe ARIN should do is to provide a new form of routing registry which identifies who has the usage rights to every block and which references any local routing registry which that rights holder may be operating. It should be possible for every network operator to verify their incoming route announcements by querying such a registry either in realtime or by mirroring the database. Whether or not anyone does in fact do such validation is not important nor is it important whether or not they trust ARIN well enough to hook the registry directly to their routers. The important issue here is that ARIN should make an authoritative database available for queries and mirroring and that ARIN should enforce this database by removing the data when an organization is no longer in good standing. In any case, it would be nice if you all would change the subject lines of any replies to this message because there are really 4 separate threads that could be started from these suggestions. Thanks. -- Michael Dillon From billd at cait.wustl.edu Wed Nov 20 18:37:45 2002 From: billd at cait.wustl.edu (Bill Darte) Date: Wed, 20 Nov 2002 17:37:45 -0600 Subject: [ppml] Policy 2002-5 Message-ID: I'm not sure I like the sentence related to organization name change, but beyond that I thing we should resolve the 2 outstanding issues raised by Stacy and Michael....namely.... 12 months is too long (Stacy) and "If the amnesty policy improves the registration data then that is good. However if it changes the map of allocations then that is bad." (Michael).......... Can either (both) of you suggest alternative wording that addresses your concerns? billd > -----Original Message----- > From: Taylor, Stacy [mailto:Stacy_Taylor at icgcomm.com] > Sent: Wednesday, November 20, 2002 3:52 PM > To: ppml at arin.net > Subject: RE: [ppml] Policy 2002-5 > > > And, if we do move it forward, how do we feel about the rewording? > > Again, > > If an organization, whether a member or non-member, ISP or end-user, > relinquishes a larger block of portable address space to > ARIN, they shall be > allowed to receive a smaller block, /24 or shorter, in exchange. The > organization will not be required to justify their use of the > new, smaller > block. The organization must return the block to be > exchanged within 12 > months. ARIN staff shall, at their discretion, determine whether the > smaller replacement block shall be a subnet of the returned > block, or a > block allocated from some different range. In the case of an > organization > name change for address resource records, ARIN's normal > transfer policies > will apply. If the exchanged address block was maintained in the ARIN > database without maintenance fees, the replacement space > shall be as well. > Likewise, if the returned block had associated maintenance > fees, then the > replacement block shall also be subject to maintenance fees. > > -----Original Message----- > From: Sweeting, John [mailto:John.Sweeting at teleglobe.com] > Sent: Wednesday, November 20, 2002 12:12 PM > To: 'Michael.Dillon at radianz.com'; ppml at arin.net > Subject: RE: [ppml] Policy 2002-5 > > > Do you really see any problem with moving this forward? It is > not meant to > cure the world ills; only as one small positive step forward. > > -----Original Message----- > From: Michael.Dillon at radianz.com [mailto:Michael.Dillon at radianz.com] > Sent: Wednesday, November 20, 2002 12:52 PM > To: ppml at arin.net > Subject: Re: [ppml] Policy 2002-5 > > > >Hi Everyone, > >On the same vein, how do we feel about this rewording? > Also, I again > feel > >that 12 months is way too long a time, especially if the > organization is > >already not using a part of the space. > > I think that we should set aside this issue until it can be > more clearly > formulated and discussed. One issue that I see is that this > is trying to > do two different things and I believe that we need two more focused > policies to accomplish that. Firstly, we want to contact all > legacy users > of IPv4 space and get them to become part of the system, i.e. keep in > touch and register their up to date contact information. > Secondly, we want > to organize the pre-ARIN IPv4 space in a more logical manner > because we > can probably achieve a higher usage rate by doing so. And > maybe thirdly, > we want legacy users to pay for service. At a minimum there is the > in-addr.arpa service, but a case can be made for part of the > routability > attribute being provided by being legitimately registered with ARIN. > > Therefore, let's drop the specific proposal 2002-5 and let's begin to > discuss how we can better address its contents in a more focused and > coordinated way. > > I would suggest that there be a program to contact all > holders of legacy > IPv4 space and that we should tell them that they MUST register their > contact information with their RIR or else relinquish their > allocation. > This is not a hardship for any address space holder. Some > organizations > may claim that their use of the space is outside of the > public Internet > and therefore they should be left alone, however I disagree. > They should > still at minimum register their contact info and the status > of the space. > Whether or not they should legitimately continue to be given > exclusive > usage rights to the space is something that we should not be > dealing with > at all right now. We just need to know who has the usage > rights to every > single fragment of the IPv4 space. > > If, in fact, we are going to reorganize the layout of the legacy > allocations such as the swamp, then I believe that we need > more discussion > and some joint action with the other RIRs. Any policy > relating to this > should be identically worded with all RIRs. I believe that it > is a good > idea to swap space only if the result is a less chaotic map > of the IPv4 > space at the level of RIR allocations to members. What I mean is that > today we know that in certain ranges, the RIR allocated all > blocks at /19 > or larger. In other ranges the RIRs allocated at /20 or > larger. If we can > reorganize the swamp so that there are defined ranges in which all > allocations are /21 or larger, /22 or larger, /23 or larger > and /24 or > larger then this would be a good thing. But we won't really > know how big > to make these ranges until we have an idea of who has legacy > usage rights > and still wishes to retain those rights. Also, once we decide to > reorganize the space through swapping, we should have at > least a rough > plan for offering new allocations with the same sizes. And perhaps we > should even be issuing smaller blocks than /24 in a defined range for > small multihomed networks. > > And then there is payment for service which is an issue that > strikes at > the heart of what a registry is and what it does. Here, I > believe we need > a vision that goes beyond matters such as swamp cleaning in > the IPv4 space > but also encompasses the future when IPv6 is so widely > deployed that we > have decided to abandon the IPv4 space entirely. People will still be > using IPv4 for lots of things but we won't have any need for a global > registry for IPv4 anymore. > > At that time, I still see some value in having RIRs and I see > that there > are services for which fees should be paid. ARIN will still be the > maintainer of the single authoritative database that identifies the > organization which has legitimate rights of use for any specific IP > address. For various reasons, I feel that ARIN should be flexing its > muscle a little more in this area. One thing that I believe > ARIN should do > is to provide a new form of routing registry which identifies > who has the > usage rights to every block and which references any local routing > registry which that rights holder may be operating. It should > be possible > for every network operator to verify their incoming route > announcements by > querying such a registry either in realtime or by mirroring > the database. > Whether or not anyone does in fact do such validation is not > important nor > is it important whether or not they trust ARIN well enough to > hook the > registry directly to their routers. The important issue here > is that ARIN > should make an authoritative database available for queries > and mirroring > and that ARIN should enforce this database by removing the > data when an > organization is no longer in good standing. > > In any case, it would be nice if you all would change the > subject lines of > any replies to this message because there are really 4 > separate threads > that could be started from these suggestions. Thanks. > > -- Michael Dillon > From ddiller at cogentco.com Wed Nov 20 17:42:27 2002 From: ddiller at cogentco.com (Dave Diller) Date: Wed, 20 Nov 2002 17:42:27 -0500 Subject: [ppml] Policy 2002-5 References: <5BDB545714D0764F8452CC5A25DDEEFA01710897@denexg21.icgcomm.com> Message-ID: <3DDC0FD3.77A1620@cogentco.com> "Taylor, Stacy" wrote: > > And, if we do move it forward, how do we feel about the rewording? > > Again, > > If an organization, whether a member or non-member, ISP or end-user, > relinquishes a larger block of portable address space to ARIN, they shall be > allowed to receive a smaller block, /24 or shorter, in exchange. The > organization will not be required to justify their use of the new, smaller > block. The organization must return the block to be exchanged within 12 > months. ARIN staff shall, at their discretion, determine whether the > smaller replacement block shall be a subnet of the returned block, or a > block allocated from some different range. I'm OK with the above... > In the case of an organization > name change for address resource records, ARIN's normal transfer policies > will apply. Is there consensus that enough people will TRY to do an end-run around transfers to warrant this amendment? I feel it is superfluous and detracts from the focus of the policy. Transer policies are pretty much a 'superset' and shouldn't need to be pointed to in individual policies that are not explicitly dealing with transfers. They are ALWAYS in effect. :-) > If the exchanged address block was maintained in the ARIN > database without maintenance fees, the replacement space shall be as well. > Likewise, if the returned block had associated maintenance fees, then the > replacement block shall also be subject to maintenance fees. This is unclear, and clunky. Try... "If any of the relinquished blocks had associated maintenance fees, then the new block will be subject to the appropriate fees for that blocksize." This covers the following conditions: * Legacy /16 swapped for new /18, no fees charged. * Legacy /14 and new /17 swapped for new /15, charges _increase_ from Medium to Large (will this serve as a disincentive, do we want to consider any kind of amnesty from/limit to upcharges?) * Non-legacy /15 swapped for /16, charges _decrease_ from Large to Medium. (decrease in charges certainly can serve as incentive, but how many NON-legacy swaps will we realistically see?) I suppose the crux of it is that it isn't clear HOW the specific fees will be determined. It's clear that if you are paying them NOW you will with the new block, but I've seen no mention of how to handle classification changes. -Dave Diller From Stacy_Taylor at icgcomm.com Thu Nov 21 17:27:22 2002 From: Stacy_Taylor at icgcomm.com (Taylor, Stacy) Date: Thu, 21 Nov 2002 15:27:22 -0700 Subject: FW: [ppml] Policy 2002-5 Message-ID: <5BDB545714D0764F8452CC5A25DDEEFA017108A5@denexg21.icgcomm.com> I like Dave's wording for the pricing schedule. "Taylor, Stacy" wrote: > > And, if we do move it forward, how do we feel about the rewording? > > Again, > > If an organization, whether a member or non-member, ISP or end-user, > relinquishes a larger block of portable address space to ARIN, they shall be > allowed to receive a smaller block, /24 or shorter, in exchange. The > organization will not be required to justify their use of the new, smaller > block. The organization must return the block to be exchanged within 12 > months. ARIN staff shall, at their discretion, determine whether the > smaller replacement block shall be a subnet of the returned block, or a > block allocated from some different range. I'm OK with the above... > In the case of an organization > name change for address resource records, ARIN's normal transfer policies > will apply. Is there consensus that enough people will TRY to do an end-run around transfers to warrant this amendment? I feel it is superfluous and detracts from the focus of the policy. Transer policies are pretty much a 'superset' and shouldn't need to be pointed to in individual policies that are not explicitly dealing with transfers. They are ALWAYS in effect. :-) > If the exchanged address block was maintained in the ARIN > database without maintenance fees, the replacement space shall be as well. > Likewise, if the returned block had associated maintenance fees, then the > replacement block shall also be subject to maintenance fees. This is unclear, and clunky. Try... "If any of the relinquished blocks had associated maintenance fees, then the new block will be subject to the appropriate fees for that blocksize." This covers the following conditions: * Legacy /16 swapped for new /18, no fees charged. * Legacy /14 and new /17 swapped for new /15, charges _increase_ from Medium to Large (will this serve as a disincentive, do we want to consider any kind of amnesty from/limit to upcharges?) * Non-legacy /15 swapped for /16, charges _decrease_ from Large to Medium. (decrease in charges certainly can serve as incentive, but how many NON-legacy swaps will we realistically see?) I suppose the crux of it is that it isn't clear HOW the specific fees will be determined. It's clear that if you are paying them NOW you will with the new block, but I've seen no mention of how to handle classification changes. -Dave Diller From jmcburnett at msmgmt.com Fri Nov 29 18:08:39 2002 From: jmcburnett at msmgmt.com (McBurnett, Jim) Date: Fri, 29 Nov 2002 18:08:39 -0500 Subject: [ppml] Question? Message-ID: <390E55B947E7C848898AEBB9E50770600EB48A@msmdcfs01.msmgmt.com> All, I am not sure if this is th proper place or not to ask this but here goes.. When an ISP is given IP addresses are they not required to have the normal abuse@ and security@ and postmaster@ addresses? I have a security issue with a remote ISP, and they do not have any of these.. only the contact email for IP admin. Suggestions? and shouldn't there be a policy on this? if there isn't one already that is... Thanks, Jim From stevek at onshore.com Fri Nov 29 19:50:28 2002 From: stevek at onshore.com (Steve Kent) Date: Fri, 29 Nov 2002 18:50:28 -0600 (CST) Subject: [ppml] Question? In-Reply-To: <390E55B947E7C848898AEBB9E50770600EB48A@msmdcfs01.msmgmt.com> Message-ID: There is no RR requirement; however, rfc.2142 states that an actively maintained abuse address must exist. I would suggest you do a whois lookup on the domain and mail the tech contact. If that fails try the tech contact for the block. You may also want to file a report with http://www.rfc-ignorant.org/ Personally, I don't believe the RR should get involved in policing such things . . . --sjk On Fri, 29 Nov 2002, McBurnett, Jim wrote: > All, > I am not sure if this is th proper place or not to ask this but here goes.. > > When an ISP is given IP addresses are they not required to have the normal abuse@ and security@ and postmaster@ addresses? > > I have a security issue with a remote ISP, and they do not have any of these.. only the contact email for IP admin. > > Suggestions? > > and shouldn't there be a policy on this? if there isn't one already that is... > > > Thanks, > Jim > _____________________________________ Steven Kent Senior Network Engineer onShore, Inc. 312.850.5200 From jmcburnett at msmgmt.com Fri Nov 29 20:04:18 2002 From: jmcburnett at msmgmt.com (McBurnett, Jim) Date: Fri, 29 Nov 2002 20:04:18 -0500 Subject: [ppml] Question? Message-ID: <390E55B947E7C848898AEBB9E50770600EB48B@msmdcfs01.msmgmt.com> Thanks, Well for the record here is the rather interesting story.. 1. The whois contact replied to my email. He no longer works for the company. 2. I have submitted it to the site as you noted. I must ask however, shouldn't the RR be involved when the IPADMIN technical contact for a block of IP's has changed over 60 days ago and the record not changed? When an ARIN.NET staff member see's this I will forward the IPBLOCK info to you, as I am not sure where it should go. Later, Jim -----Original Message----- From: Steve Kent [mailto:stevek at onshore.com] Sent: Friday, November 29, 2002 7:50 PM To: McBurnett, Jim Cc: ppml at arin.net Subject: Re: [ppml] Question? There is no RR requirement; however, rfc.2142 states that an actively maintained abuse address must exist. I would suggest you do a whois lookup on the domain and mail the tech contact. If that fails try the tech contact for the block. You may also want to file a report with http://www.rfc-ignorant.org/ Personally, I don't believe the RR should get involved in policing such things . . . --sjk On Fri, 29 Nov 2002, McBurnett, Jim wrote: > All, > I am not sure if this is th proper place or not to ask this but here goes.. > > When an ISP is given IP addresses are they not required to have the normal abuse@ and security@ and postmaster@ addresses? > > I have a security issue with a remote ISP, and they do not have any of these.. only the contact email for IP admin. > > Suggestions? > > and shouldn't there be a policy on this? if there isn't one already that is... > > > Thanks, > Jim > _____________________________________ Steven Kent Senior Network Engineer onShore, Inc. 312.850.5200 From jrace at attglobal.net Fri Nov 29 23:34:56 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Sat, 30 Nov 2002 11:34:56 +0700 Subject: [ppml] Question? Message-ID: <200211300435.gAU4ZHYm003599@smtp1.arin.net> On Fri, 29 Nov 2002 18:08:39 -0500, McBurnett, Jim wrote: >When an ISP is given IP addresses are they not required to have the normal abuse@ and security@ and postmaster@ addresses? >>I have a security issue with a remote ISP, and they do not have any of these.. only the contact email for IP admin. >>Suggestions? >>and shouldn't there be a policy on this? if there isn't one already that is... Note: RFC822 requires all domains exchanging e-mail to have a address which is to be read by a person. RFC2142 states they SHOULD have an address. -RFC822: 6.3. RESERVED ADDRESS It often is necessary to send mail to a site, without know- ing any of its valid addresses. For example, there may be mail system dysfunctions, or a user may wish to find out a person's correct address, at that site. This standard specifies a single, reserved mailbox address (local-part) which is to be valid at each site. Mail sent to that address is to be routed to a person responsible for the site's mail system or to a person with responsibility for general site operation. The name of the reserved local-part address is: Postmaster so that "Postmaster at domain" is required to be valid. Note: This reserved local-part must be matched without sensi- tivity to alphabetic case, so that "POSTMASTER", "postmas- ter", and even "poStmASteR" is to be accepted. Jim, Separately I am sending you my private reference file on RFCs. The relevant RFC states that EVERY system exchanging mail MUST have a case-insensitive address, and a HUMAN must read the mail. Systems possibly emitting spam are recommended to enable an address as current best practice. However, the system falls down on enforcement. I am currently having a controversy with APNIC about Chinanet, which enables but bounces all the mail. I asked APNIC to discipline this miscreant and was told (just yesterday!): Thank you for your concern; however, APNIC has no control over how any network in the Asia Pacific region implements its email addressing system. If there is a problem with invalid contacts listed in the APNIC Whois Database, please feel free to report those. However, any invalid addresses that are not listed in the APNIC Whois Database are outside APNIC's control. In other words, APNIC assumes no responsibility for destructive or hostile use of the address space for which it has a duty of care. It is a suicidal policy about which the last word has not been said. In view of the Pilate-like attitude of the (ir)responsible bodies, the victims have resorted to self-help. You may nominate the miscreant for the RFC-Ignorant blocklist, which has the eventual effect of getting his attention when his subs can't send mail. You should raise the details of this matter on Spam-L which has a wealth of smart minds who are also responsible persons. Jeffrey Race From jrace at attglobal.net Fri Nov 29 23:38:53 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Sat, 30 Nov 2002 11:38:53 +0700 Subject: [ppml] Question? Message-ID: <200211300439.gAU4d5Ym003664@smtp1.arin.net> On Fri, 29 Nov 2002 18:50:28 -0600 (CST), Steve Kent wrote: >I don't believe the RR should get >involved in policing such things . . . So who should? If your answer is no one, then we get the law of the jungle, which describes the spammer's paradise we have now. Jeffrey Race From randy at psg.com Fri Nov 29 23:46:18 2002 From: randy at psg.com (Randy Bush) Date: Fri, 29 Nov 2002 20:46:18 -0800 Subject: [ppml] Question? References: <200211300439.gAU4d5Ym003664@smtp1.arin.net> Message-ID: >> I don't believe the RR should get involved in policing such >> things . . . > So who should? call the net police randy From brian at meganet.net Fri Nov 29 23:49:02 2002 From: brian at meganet.net (Brian Wallingford) Date: Fri, 29 Nov 2002 23:49:02 -0500 (EST) Subject: [ppml] Question? In-Reply-To: <200211300439.gAU4d5Ym003664@smtp1.arin.net> Message-ID: On Sat, 30 Nov 2002, Dr. Jeffrey Race wrote: :On Fri, 29 Nov 2002 18:50:28 -0600 (CST), Steve Kent wrote: : :>I don't believe the RR should get :>involved in policing such things . . . : :So who should? If your answer is no one, then we get the law :of the jungle, which describes the spammer's paradise we have :now. I'd be happy with simply requiring that a legit _current_ technical POC be maintained. This may very well be the case already, but it's been quite some time since I've reviewed such. And, my answer is "no one". If you're unhappy with a given network's policies (or lack thereof), you need not accept traffic from them. That's as much regulation as I'm interested in seeing. cheers, brian From jrace at attglobal.net Fri Nov 29 23:59:44 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Sat, 30 Nov 2002 11:59:44 +0700 Subject: [ppml] Question? Message-ID: <200211300459.gAU4xqYm003879@smtp1.arin.net> On Fri, 29 Nov 2002 23:49:02 -0500 (EST), Brian Wallingford wrote: >And, my answer is "no one". If you're unhappy with a given network's >policies (or lack thereof), you need not accept traffic from them. That's >as much regulation as I'm interested in seeing. Like most people, I don't run my own mail server, so your suggestion is useless for most victims. I talked to my local ISP about blocking all mail from Red China but they refused. Your approach is resulting in the destruction of e-mail as a viable communication mechanism. Is THAT what you are interested in seeing? Jeffrey Race From kapil at kapilville.com Sat Nov 30 00:14:05 2002 From: kapil at kapilville.com (* KAPIL *) Date: Fri, 29 Nov 2002 23:14:05 -0600 Subject: [ppml] Question? In-Reply-To: <200211300459.gAU4xqYm003879@smtp1.arin.net> Message-ID: I agree with the Doc.....maybe 10 years ago it would have been possible to just say no to traffic from networks that ticket you off...but the internet is too huge now, too commercial with too many AOL users. Email needs to work...reliably.....just like the U.S.P.S.....not perfect but close enough. In all honesty, blocking traffic from China or any other country is not a viable option....so we need to work together to make our internet a better place. ------------------------- Stand Up For Free Speech http://www.eff.org -----Original Message----- From: owner-ppml at arin.net [mailto:owner-ppml at arin.net] On Behalf Of Dr. Jeffrey Race Sent: Friday, November 29, 2002 11:00 PM To: Brian Wallingford Cc: McBurnett, Jim; ppml at arin.net; Steve Kent Subject: Re: [ppml] Question? On Fri, 29 Nov 2002 23:49:02 -0500 (EST), Brian Wallingford wrote: >And, my answer is "no one". If you're unhappy with a given network's >policies (or lack thereof), you need not accept traffic from them. That's >as much regulation as I'm interested in seeing. Like most people, I don't run my own mail server, so your suggestion is useless for most victims. I talked to my local ISP about blocking all mail from Red China but they refused. Your approach is resulting in the destruction of e-mail as a viable communication mechanism. Is THAT what you are interested in seeing? Jeffrey Race From brian at meganet.net Sat Nov 30 00:01:01 2002 From: brian at meganet.net (Brian Wallingford) Date: Sat, 30 Nov 2002 00:01:01 -0500 (EST) Subject: [ppml] Question? In-Reply-To: <200211300453.gAU4rWS21739@pop.meganet.net> Message-ID: On Sat, 30 Nov 2002, Dr. Jeffrey Race wrote: :On Fri, 29 Nov 2002 23:49:02 -0500 (EST), Brian Wallingford wrote: :>And, my answer is "no one". If you're unhappy with a given network's :>policies (or lack thereof), you need not accept traffic from them. :That's :>as much regulation as I'm interested in seeing. : :Like most people, I don't run my own mail server, so your suggestion :is useless for most victims. I talked to my local ISP about :blocking all mail from Red China but they refused. : :Your approach is resulting in the destruction of e-mail as :a viable communication mechanism. Is THAT what you are interested :in seeing? Pardons. Considering the audience, I assumed that this discussion was ARIN-centric. As that is apparently not the case, you've chosen an inappropriate forum. From jrace at attglobal.net Sat Nov 30 01:44:25 2002 From: jrace at attglobal.net (Dr. Jeffrey Race) Date: Sat, 30 Nov 2002 13:44:25 +0700 Subject: [ppml] Question? Message-ID: <200211300644.gAU6iZYm004612@smtp1.arin.net> On Fri, 29 Nov 2002 23:14:05 -0600, * KAPIL * wrote: >.so we need to work together to make >our internet a better place. Fine, I agree. However everything that the psychologists and sociologists know about human behavior says that cooperation in large groups entails enforcement for non-compliance. So let us get past the platitudes about "let us all feel good together" and ask the only relevant question: What is the enforcement mechanism for antisocial behavior destructive of the internet as a communication mechanism? Remember, all present methods (from the old feel-good days of engineers working together) have failed disastrously. Spam is increase by tens of percentage points per quarter. What is your _mechanism_ for enforcement please? I have an open mind. Jeffrey Race From cottay at qconline.com Sat Nov 30 12:08:51 2002 From: cottay at qconline.com (GCottay) Date: Sat, 30 Nov 2002 11:08:51 -0600 Subject: [ppml] Question? In-Reply-To: <200211300439.gAU4d5Ym003664@smtp1.arin.net> Message-ID: It seems to me Jeffrey poses an important question to which regional registries might eventually be part of at least some partial answer, but only a part. Groups such as the Internet Engineering Task Force (IETF), Internet Engineering Steering Group (IESG), Internet Architecture Board (IAB), Internet Assigned Number Authority (IANA) and the Internet Research Task Force (IRTF), and its Steering Group(IRSG) would all seem to have essential roles. Along with other permutations and combinations of the alphabet. http://www.ietf.org/ http://www.ietf.org/iesg.html http://www.iab.org/iab/ http://www.iana.org/ http://www.irtf.org/ As to actual policing, I would be prejudiced in favor of leaving that to the police with due process in the court system based on laws passed by legislators even though that has proven a right messy system. This contribution from the nearly half-vast wisdom of George Cottay. > >I don't believe the RR should get > >involved in policing such things . . . > > So who should? If your answer is no one, then we get the law > of the jungle, which describes the spammer's paradise we have > now. > > > Jeffrey Race > From jmcburnett at msmgmt.com Sat Nov 30 12:45:43 2002 From: jmcburnett at msmgmt.com (McBurnett, Jim) Date: Sat, 30 Nov 2002 12:45:43 -0500 Subject: [ppml] Question? Message-ID: <390E55B947E7C848898AEBB9E50770600EB490@msmdcfs01.msmgmt.com> TO all this I have to say: Who better to enforce a corrective action that the suppliers of the very addresses that allow the abusers to exist? Company A abuses, get a slap on the wrist, and goes on, abuses again, another slap. They are big and don't care. Now Company A, which is an ISP, will need more addresses sooner or later. Instead of a slap on the wrist, just freeze all future allocations and allotments. Of course, this will have to be defined as to when and how to freeze, and even what is the "freezing trigger". But a Strict policy will even the playing field. And this policy will effect all of the companies customers, making them toe the line. And for those that are so big, that they don't need more IP addresses: in their next renewal of any service (AS, IP lease etc) a new clause will add the possibility of increased charges for their current services. Consider this: In the US, a person convicted of a DUI can get off rather easily, pay a little money, maybe some jail time, and then do it again. And we have a high occurrence rate. In a number of foreign countries the penalty is so high that there is a near zero occurrence rate. And I am sure that the question after this is: how does this apply? Compare that to the our state of affairs. For those that don't see SPAM-L, here it is: We have ZERO punitive or other responses to SPAM, security and abuse issues. And we have RAMPANT amounts of each. I have seen at least 3 people named on that list for repetively being a nuisance to the Internet users. They know there is not a "punishment" for them. Here is a policy from an ISP I know: Unsolicited Bulk E-mail ("Spam") cleanup: You will be charged $300.00 + $5.00 per message sent + $100.00 per complaint received by us. What I propose is that everyone take a step back and forget the "perfect world" idea that we don't need enforcement or more regulations. Let's just start a committee of a few folks from each RIR, the IETF, IANA, and a few other organizations and fix this. Yeah I know a committee may weaken this whole concept, but if we don't put it to a committee many people will feel that they had no say and dig in to fight it. I see this problem as a cancer, fight it now and we might have a winnable fight, wait 6 months, a year or IPv6 and just prepare for euthanasia. Well as one other list member has put it: This is my 2 cents worth, for what it's worth. Jim -----Original Message----- From: GCottay [mailto:cottay at qconline.com] Sent: Saturday, November 30, 2002 12:09 PM To: ppml at arin.net Subject: RE: [ppml] Question? It seems to me Jeffrey poses an important question to which regional registries might eventually be part of at least some partial answer, but only a part. Groups such as the Internet Engineering Task Force (IETF), Internet Engineering Steering Group (IESG), Internet Architecture Board (IAB), Internet Assigned Number Authority (IANA) and the Internet Research Task Force (IRTF), and its Steering Group(IRSG) would all seem to have essential roles. Along with other permutations and combinations of the alphabet. http://www.ietf.org/ http://www.ietf.org/iesg.html http://www.iab.org/iab/ http://www.iana.org/ http://www.irtf.org/ As to actual policing, I would be prejudiced in favor of leaving that to the police with due process in the court system based on laws passed by legislators even though that has proven a right messy system. This contribution from the nearly half-vast wisdom of George Cottay. > >I don't believe the RR should get > >involved in policing such things . . . > > So who should? If your answer is no one, then we get the law > of the jungle, which describes the spammer's paradise we have > now. > > > Jeffrey Race > From jmcburnett at msmgmt.com Sat Nov 30 16:55:54 2002 From: jmcburnett at msmgmt.com (McBurnett, Jim) Date: Sat, 30 Nov 2002 16:55:54 -0500 Subject: [ppml] Question? Message-ID: <390E55B947E7C848898AEBB9E50770602F28CE@msmdcfs01.msmgmt.com> You know that is a novel IDEA. BUT what if I just visit your site and don't want any more contact. Your emailing visitors without a request true list is just what this discussion is all about.. I guess if you had a store front business and I walked in, you would pick my pocket get my address and send a salesmen to my door just because I visited your office and yu want to "reach" me? This is too much. Dr. Race. Opinions? Jim -----Original Message----- From: OneStopFS at aol.com [mailto:OneStopFS at aol.com] Sent: Saturday, November 30, 2002 4:42 PM To: McBurnett, Jim Subject: Re: [ppml] Question? We want to reach the viewers of our site. -------------- next part -------------- An HTML attachment was scrubbed... URL: