[ppml] Posting of Legacy RSA and FAQ
Ted Mittelstaedt
tedm at ipinc.net
Mon Oct 15 20:56:50 EDT 2007
- Previous message: [ppml] Posting of Legacy RSA and FAQ
- Next message: [ppml] Posting of Legacy RSA and FAQ
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>-----Original Message----- >From: Alexander, Daniel [mailto:Daniel_Alexander at cable.comcast.com] >Sent: Monday, October 15, 2007 3:40 PM >To: Ted Mittelstaedt; David S. Madole; ppml at arin.net >Subject: RE: [ppml] Posting of Legacy RSA and FAQ > > >Ted, > >I understand the scenario you are pointing out. What I'm curious about >is your assertion that all the Legacy holders will have the opportunity >to provide input to this modified RSA. On October 11th when ARIN put out it's Legacy RSA notification, I thought that it sounded arbitrary, that they were making a decision without Legacy or non-Legacy input. But then I read the ENTIRE notice and at the bottom it says: "...This legacy RSA will be described during presentations at the upcoming NANOG meeting, ARIN Public Policy Meeting, and ARIN Members meeting..." and the obvious point is that IF there would be NO input, then there would have been no point in "describing it during presentations" at the ARIN members meeting. This is a meeting that ARIN has already posted instructions on how to remotely access - ie: it's a public meeting. Clearly what is going on is a dog-and-pony show. ARIN is trotting out this legacy RSA document, version 1.0 if you will. The community will have an opportunity for review and comment during the meetings. ARIN very likely thinks it has anticipated all of the concerns that would be raised by Legacy and non-Legacy holders, and that is why they are not releasing a copy early - they want to make sure that they release the copy in a forum where they can answer a dozen or so RTFM-style questions, and everyone will get the benefit of the answers. If this question and answer period turns up concerns that need to be addressed - or the subsequent discussion that will undoubtedly occur here (and on NANOG's list) turns up concerns, then obviously no Legacy holder will sign until those are fixed - and ARIN certainly knows this, and will make changes. So we will see a revision 1.01, 1.02, 1.1 and so on. Then ARIN will trot around - non-publically of course - and try getting Legacy signatures, and that may prompt even more revisions. Eventually ARIN will get a document that enough Legacy holders are willing to sign that they will feel comfortable publishing it as a permanent "Legacy RSA" document on the ARIN website. It is THAT final document that I am saying is the "last chance" the Legacy holders have. I do NOT believe there will be any will to produce another that is significantly different from the first. If there was such a will then no Legacy would sign the first one - since they would be waiting for the next, and the next and so on, forever and ever. But, I DO think that during this time period after introduction that the Legacy holders - espically the ones with very large holdings which are the primary purpose we are wasting time on this in the first place - will have PLENTY of input. If, they haven't already, secretly, HAD input. Now I may be wrong and Dean may be right and ARIN may be composed of a bunch of intractable fools who are willing to cut off their nose to spite their face and be unwilling to listen to any Legacy holder concerns or make any changes - in which case this whole initative will go nowhere and 6 months from now we will all still be arguing over this. But fortunately, as I'm not employed by ARIN I am free to speculate and guess that ARIN has already been in talks with some Legacy holders already - something that no employee of ARIN could possibly confirm or deny - and that ARIN will be in further talks with Legacy holders under NDA in the future. And fortunately since I'm not a /8 Legacy holder, ARIN will not be making me sign an NDA so I am free to sit back and observe and comment on the political workings of large organizations. ;-) > Also about the assertion that if >a number of them do sign, the remaining ones are all of the opinion they >are turning their back on the RIR system. > Well, that kind of follows I think. I don't necessairly think this has the negative connotations though that some folks are attributing. Look at it another way. I own a car. I carry liability insurance only on it. I have "turned my back" on the Insurance company's system - which is everyone carries comprehensive, if they get in an accident they claim against their own policy, and the insurance companies just argue with each other. Thus, when I am rear-ended (which by the way has happened) then I am the one filing the claim against the other carrier, and fighting with the other carrier when they almost automatically attempt to deny or reduce the claim (which by the way has happened, and yes I won and got the money I wanted, yadda yadda yadda) In short, I am taking the responsibility for what happens when I "turn my back" on the Insurance companies nice little system for handling claims between themselves. I am going into this with my eyes open. If Dean as a legacy holder wants to turn his back on ARIN that's fine with me. I presume he is fully aware of the consequences and lack of protection of NOT signing an RSA. The problem is that I'm not running around telling people to save money on their car insurance by carrying liability only and it is always going to be to their advantage. I'm not the Legacy holder running around telling other Legacy holders to turn their back on ARIN and not sign an RSA because it's always going to be to their advantage. Not like Dean and Randy. Do you get my drift, here? I read a lot from Dean and a few others about these so-called "rights" of the Legacy holders that are so all-fired important. But not once have I seen a word from him, particularly, about responsibility. >My concern is that many of the conversations on the list have tried to >simplify the topics down to an "us and them". It is not that simple, and >we need to avoid this tendency. There have been a number of Legacy >holders post to this list that are more than willing to try, and find a >middle ground that is a win-win for everyone, and this is just the first >step. It may not have been the intent, but I read your note as "you >better get on board, before the opportunity passes you by", which is not >the best approach. > Maybe not - but look here, what does it do to ARIN and the non-Legacy holders credibility to tell the Legacy holders lies? If this Legacy RSA is merely the first in a long series of version 1.X, 2.X 3.X and so on "Legacy RSA" that are going to come down the pike, then to be honest we should tell the Legacy holders this now, up front. "Wait for the best one" we should be saying. "You don't have to sign now if you don't like it, there will be a different one tomorrow" we should be saying. What does it do to our credibility to IMPLY that this is the final solution, then turn around and screw any Legacy holders that sign it next year with another Legacy RSA that has better terms? Do you see where this is going? The sentence from ARIN was: "...This legacy RSA also contractually promises ARIN Internet number resource policies adopted after the contract is signed will not lessen the legacy RSA address holder's contract rights... But, it DOES NOT say that it promises to NOT INCREASE the legacy RSA holders rights. In other words, it promises them that ARIN won't offer another policy change later that will roll back whatever rights they get from the Legacy RSA - but it leaves it open to release another RSA that -increases- rights for yet more Legacy holders? And the first Legacy holders that sign are going to be happy about that happening? You see, already ARIN's credibility is being risked by such sloppy language. Either the non-Legacy community makes a decision to create a fair "Legacy RSA" and offer it now, in good faith, or we don't do it AT ALL. To offer one now, ASSUMING that we are going to change it in the future - that will shoot ARIN's credibility into the toilet. ARIN will get a first batch of Legacy holders signed up - then the second ARIN tries offering another Legacy RSA that has substantively different terms, then ALL the Legacy holders that have not yet signed will just say screw ARIN, let's litigate. >Who are the admins for all legacy allocations? Are they authorized to >sign an RSA for said company? Has ARIN made the appropriate effort to >track down or verify the legacy allocation, before they are labelled as >advesarial? What is "the appropriate effort"? There is much work that >needs to be done before anyone is given a label, or a final option. > You are right - there are a lot of details to work out. That is even more the reason that for this to work ARIN is going to have to revise it after Legacy and non-Legacy input - and even more reason that once the revisions are completed and people have all had their say, that is MUST be etched in stone. The Legacy holders right NOW all feel that their assignments are etched in stone. ARIN CANNOT offer them something that is etched in quicksand and reasonably expect any of them to buy off on it. Ted
- Previous message: [ppml] Posting of Legacy RSA and FAQ
- Next message: [ppml] Posting of Legacy RSA and FAQ
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the PPML mailing list