ARIN-PPML Message

[arin-ppml] Fwd: Proposed Revision to 2007-14

Policy Proposal 2007-14: Resource Review Process has been revised. This
proposal is open for discussion on this mailing list and will be on the
agenda at the upcoming ARIN Public Policy Meeting.

The current policy proposal text is provided below and is also available
at: http://www.arin.net/policy/proposals/2007_14.html

Regards,

Member Services
American Registry for Internet Numbers (ARIN)


Owen DeLong wrote:
> Here is a revised 2007-14.  It attempts to incorporate the
> feedback received from ARIN XXI and the mailing list up
> to this point as well as feedback from ARIN staff and
> other contributors.
>
> ================================================
>
> Policy Proposal 2007-14
> Resource Review Process
>
> Author: Owen DeLong, Stephen Sprunk
>
> Proposal Version: 3.0
>
> Date: 14 August 2008
>
> Proposal type: modify
>
> Policy term: permanent
>
> Policy statement:
>
> Add the following to the NRPM:
>
> Resource Review
>
> 1. ARIN may review the current usage of any resources covered
> by an ARIN RSA within the terms of that RSA. The organization
> shall cooperate with any request from ARIN for reasonable related
> documentation.
>
> 2. ARIN may conduct such reviews:
>
> a. when any new resource is requested,
>
> b. whenever ARIN has reason to believe that the resources were
> originally obtained fraudulently, or
>
> c. at any other time without having to establish cause unless a prior
> review has been completed in the preceding 24 months.
>
> 3. ARIN shall communicate the results of the review to the organization.
>
> 4. Organizations found by ARIN to be substantially out of compliance
> with current ARIN policy shall be requested or required to return
> resources as needed to bring them into (or reasonably close to)  
> compliance.
>
> 4a. The extent to which an organization may remain out of compliance
> shall be based on the reasonable judgment of the ARIN staff and shall
> balance all facts known, including the organizations utilization rate,
> available address pool, and other factors as appropriate so as to avoid
> forcing returns which will result in near-term additional requests or
> unnecessary route de-aggregation.
>
> 4b. To the extent possible, entire blocks should be returned. Partial
> address blocks shall be returned in such a way that the portion retained
> will comprise a single aggregate block.
>
> 5. If the organization does not voluntarily return resources as
> requested, ARIN may revoke any resources issued by ARIN as required to
> bring the organization into overall compliance. ARIN shall follow the
> same guidelines for revocation that are required for voluntary return in
> the previous paragraph.
>
> 6. Except in cases of fraud, or intentional violations of policy, an
> organization shall be given a minimum of six months to effect a return.
> ARIN shall negotiate a longer term with the organization if ARIN
> believes the organization is working in good faith to substantially
> restore compliance and has a valid need for additional time to renumber
> out of the affected blocks.
>
> 7. ARIN shall continue to maintain the resource(s) while their return or
> revocation is pending, except any maintenance fees assessed during
> that period shall be calculated as if the return or revocation was  
> complete.
>
> 8. Legacy resources in active use, regardless of utilization, are not
> subject to revocation by ARIN. pursuant to this subsection. However, the
> utilization of legacy resources shall be considered during a review to
> assess overall compliance.
>
> 9. In considering compliance with policies which allow a timeframe (such
> as a requirement to assign some number of prefixes within 5 years)
> failure to comply cannot be measured until after the timeframe specified
> in the applicable policy has elapsed. Blocks subject to such a policy
> shall be assumed in compliance with that policy until such time as the
> specified time since issuance has elapsed.
>
> Delete NRPM sections 4.1.2, 4.1.3, 4.1.4
>
> Remove the sentence "In extreme cases, existing allocations may be
> affected." from NRPM section 4.2.3.1.
>
> Rationale:
>
> Under current policy and existing RSAs, ARIN has an unlimited authority
> to audit or review a resource holder's utilization for compliance at  
> any time
> and no requirement to communicate the results of any such review to the
> resource holder.
>
> This policy attempts to balance the needs of the community and the
> potential for abuse of process by ARIN in a way that better clarifies
> the purpose, scope, and capabilities of ARIN and codifies some  
> appropriate
> protections for resource holders while still preserving the ability for
> ARIN to address cases of fraud and abuse on an expedited basis.
>
> The intended nature of the review is to be no more invasive than
> what usually happens when an organization applies for additional
> resources. Additionally, paragraph 2c prevents ARIN from doing
> excessive without-cause reviews.
>
> The authors believe that this update addresses the majority of the
> feedback received from the community to date and addresses
> most of the concerns expressed.
>
> Owen
>
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>
>