From bill at herrin.us Mon Feb 1 00:16:54 2010 From: bill at herrin.us (William Herrin) Date: Mon, 1 Feb 2010 00:16:54 -0500 Subject: [arin-ppml] Draft Policy 2010-2: /24 End User Minimum Assignment Unit - Correct Title In-Reply-To: References: <4B58C4A5.2000406@arin.net> <9BD4795A-4AC5-43A3-AA9D-215C622BA71C@delong.com> <3c3e3fca1001290818r77d06748o9d86cc67465a09ff@mail.gmail.com> <62CFC76A-D302-426F-92B2-26BCC51C4BFE@delong.com> <3c3e3fca1001291157s1c4b9c68rf4f78578ac0aa4d1@mail.gmail.com> <3c3e3fca1001291721j637e073bwb7c0865aad9282c9@mail.gmail.com> Message-ID: <3c3e3fca1001312116h724abab0tfe47132534f2b921@mail.gmail.com> On Sun, Jan 31, 2010 at 11:59 PM, Owen DeLong wrote: > On Jan 29, 2010, at 5:21 PM, William Herrin wrote: >> That's one reason why letting the ISP decide whether or not to give >> you a /24 suppresses abuse. >> > I suppose that depends on how you define abuse. ?If you ask the ISP > and they refuse, but, you have a legitimate reason for wanting to > multihome, isn't that another form of abuse? Hi Owen, Not if your multihoming is two phone lines and a pair of $10 dialups, no. Introducing a route into the DFZ isn't a God-given right sanctified in the 42nd amendment. It's a privilege you pay hard cash for and not everyone who can vend it chooses to. I'd bet that the number of above-board providers who are willing to provide you with BGP service but are unwilling to assign a /24 is vanishingly small. That could well change after free pool depletion but if this proposal achieves consensus then we'll have headed off that worry before it can become a problem. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From Daniel_Alexander at Cable.Comcast.com Mon Feb 1 00:27:09 2010 From: Daniel_Alexander at Cable.Comcast.com (Alexander, Daniel) Date: Mon, 1 Feb 2010 00:27:09 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:Customer Confidentiality - Time Sensitive In-Reply-To: References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net><4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu><4B63865F.7070608@ipinc.net><3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com><4B65DB30.6080200@umn.edu><3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> Message-ID: <997BC128AE961E4A8B880CD7442D9480126F3EFA@NJCHLEXCMB01.cable.comcast.com> Bill H, I usually try to avoid posting as I'm more interested in hearing the opinions of the community, and having that feedback evolve my own thoughts as to how the AC should be advising the Board. Your frustration is noted, however and I will try and sum up a few thoughts without being too redundant to the conversation. When it comes to swips and whois, I think we keep trying to revise the how without ever coming to terms with the what or why. Not that this is a bad thing. Sometimes one leads to the other. Who are we trying to contact with this directory and why? The primary reason for a swip record is for a contact in the event of an issue. My opinion is it should not need to be a contact of who's host is using the IP. The contact should be one that can respond in a timely manner if there is an issue with the host. That could be the end user or the upstream ISP who made the assignment and is responsible for the allocation it was given. The focus should be on who has the ability to respond instead of the who it was assigned to. I question the opinion that if you are using IP resources your information should be listed. This leads to an inconsistency in the approach as most of the end users are not listed. (DHCP, /30's, residential, etc) Are we trying to use swips for abuse contacts, or are we trying to mimic a phone directory? I don't think the latter is a practical approach. Some have voiced the opinion of using swips as a means of reporting utilization to ARIN. I think this use of swips had its day, but has become outdated and unreliable. Each member organization is under RSA with ARIN and there are any number of means to understand an allocations utilization other than swips. The trick is what options an organization would have available and how that would remain transparent to the community. My opinion is that we should do away with prefix size requirements, the focus on which end users should be listed, and with what data. I think the focus of swips should be on who is able to effectively respond to an issue. When it comes to reporting utilization, or responding to law enforcement, these issues should be approached from completely new and different means, and we should not try and force these solutions into a system that was never designed to accommodate them. My two cents. Dan Alexander ARIN AC -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Bill Sandiford Sent: Sunday, January 31, 2010 8:40 PM To: 'William Herrin'; David Farmer Cc: John Curran; arin-ppml at arin.net Subject: Re: [arin-ppml] Petition Underway - Policy Proposal 95:Customer Confidentiality - Time Sensitive William Herrin wrote: > > > Marla Azinger. Last PPML post September 2009 > Stacy Hughes. Last PPML post September 2009 > Heather Schiller. Last PPML post: July 2009 > Dan Alexander. Last PPML post: June 2009 > Bill Sandiford. Posted a message on the PPML exactly once. > Marc Crandall. Has he *ever* participated on the PPML? > Tom Zeller. No participation identified in the last decade of PPML > archives. > Hi Bill: I can't speak for any of the others, but I have only sat on the AC for a grand total of 31 days now. After being elected, I decided that I was going observe for a little while before getting vocal. I felt it was prudent to do so. I also found that while observing, Scott, Owen, and David usually ask a lot of the questions that I would ask anyways. I'm not about to repeat those questions ad nauseum just to increase my "post count". The fact that I have not been *posting* does not mean that I (or the others for that matter) haven't spent a considerable amount of time *reading* the emails of others that are sent to PPML. By my count there have been ~350 emails since January 31st alone, the reading of which takes a considerable amount of time. I also appreciate that there are people like yourself that have spent the same amount of time reading and participating as well. To summarize, just because I'm not posting, does not mean I'm not doing my job as an AC member. I'm reading, gauging community opinion/consensus, and taking that feedback into consideration when the AC meets in order to create/advance good policy. I look forward to meeting you and others of the community at the upcoming PPM in Toronto (my home town). Regards, Bill Sandiford _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From farmer at umn.edu Mon Feb 1 00:32:10 2010 From: farmer at umn.edu (David Farmer) Date: Sun, 31 Jan 2010 23:32:10 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: References: Message-ID: <4B66675A.6080206@umn.edu> Hannigan, Martin wrote: > > David, > > Have you actually read the "new" PDP? > > Best, > > Martin Yes, several times and I have listened to several other people's interpretations of it, there are some issues that are not as clear cut as some might think. The question at hand here is, there is no specific deadline or time frame in the PDP for the AC to move a proposal from an Policy Proposal accepted on to the AC docket to a Draft Policy. In theory by the letter of the PDP, the AC could accept a proposal on to its docket and not ever move it to Draft policy. Then is the lack of moving a Policy Proposal to Draft Policy an action taken by the AC that would be petitionable, and if so when? If I remember correctly, the AC came to the conclusion that when the AC decides that we were not going to move a policy forward to draft policy in time for a PPM that we would announce that as an action taken by the AC with the intent that it would be petitionable, this seems to follow the spirit of the PDP. I don't think it is reasonable for the lack of action by the AC to be petitionable at any time, the AC does need a chance to do its job and to manage its workflow. But, at the same time the AC shouldn't be allowed to sit on a proposal forever either. At some point the lack of action is an action, it seems reasonable for that point to be when a proposal is not going to make it to a PPM as a Draft Policy for adoption discussion. However, this is not explicitly covered in the PDP. > ----- Original Message ----- > From: David Farmer > To: William Herrin > Cc: John Curran ; arin-ppml at arin.net > Sent: Sun Jan 31 19:50:31 2010 > Subject: Re: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive > > William Herrin wrote: >> On Sun, Jan 31, 2010 at 2:34 PM, David Farmer wrote: >>> I would like to point out that PP#95 was originally put forward in June >>> 2009, the AC decided it wouldn't be part of the Dearborn PPM, I supported >>> this as I thought we had more important thins to work on. It became clear >>> that we the AC wasn't not going to have something ready for the Toronto PPM. >>> I therefore supported abandoning the proposal, at this time because it >>> didn't make sense to me for us to keep it on our docket and not actually >>> make any progress on it. >> How is that delay possible anyway? Section 2.2 in the PDP reads in part: >> >> "Council must make a decision regarding any policy proposal at their >> next regularly scheduled meeting that occurs after the Advisory >> Council receives the Clarity and Understanding Report from staff. If >> the period before the next regularly scheduled meeting is less than 10 >> days, then the period may be extended to the subsequent regularly >> scheduled meeting, but the period shall not be extended beyond 45 >> days." >> >> I haven't examined the schedule in detail but it seems to me that more >> time than that has elapsed since June 2009. Bill, I just realized I didn't actually answer your question, or at least as directly as I could have. The AC accepted the proposal on to its docket per the terms of the section you quoted. But we said we would not have a Draft Policy ready for Dearborn, and this was noted as a petitionable action in the notice I pointed out below. I don't know how I missed it the first time, but it was there like I said it should be. Earlier in 2.2 it says; "The Advisory Council develops a draft policy. During this effort they may take any action such as rewrite, abandon, merge various proposals, or use a proposal as an idea to generate a draft policy." Which is consistent with the action we took at our last meeting that initiated this petition. In theory the AC could have said we still want to work on it but won't have a Draft Policy for Toronto, delaying again. But, I think abandoning it was more honest to the community. However, delaying again may have been a politically wiser move, it is at least possible if the AC sent the message that we still want to work on it, that a petition may not have been initiated or would have failed to gain sufficient support. > It was publicly announced, see: > > http://lists.arin.net/pipermail/arin-ppml/2009-June/014661.html > > I thought it was announced at some point that this was petitionable, but > I can't seem to find it. If it wasn't that was probably a mistake on > our part, but I don't believe there was any intent to deceive anyone. > The PDP is just a year old and we haven't figured it all out yet. -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== From owen at delong.com Mon Feb 1 00:32:26 2010 From: owen at delong.com (Owen DeLong) Date: Sun, 31 Jan 2010 21:32:26 -0800 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net> <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> Message-ID: On Jan 31, 2010, at 8:35 AM, William Herrin wrote: > On Sun, Jan 31, 2010 at 2:15 AM, Owen DeLong wrote: >> On Jan 29, 2010, at 5:07 PM, Ted Mittelstaedt wrote: >>> Of course it did. The success of the petition means one thing - that >>> the AC made a bad decision. >> >> I disagree. I think the AC made the absolutely correct decision and that >> the petition means that 10 or more members of the community disagree >> with the AC's decision sufficiently strongly that they successfully >> petitioned it. That's how the process is supposed to work. There's >> nothing wrong with it. > > Hi Owen, > > That depends whether this one incident becomes a pattern. One incident > standing alone means the process is working as intended. A pattern of > incidents, should one develop, would mean that the AC is suppressing > public participation. > > Something to consider the next time you vote to abandon a policy > simply because you think it's "bad." That isn't what you were elected > to do. > Bill, The AC was elected to help develop good, technically sound policy. We do have an obligation to focus our efforts on the things we think have the greatest potential for becoming that. As such, it is absolutely appropriate for the AC to abandon policies which we feel do not meet the tests of: + Good policy + Technically Sound + Supported by the Community I will not vote to abandon a policy merely because I disagree with the policy. (If that were the case, I would have been trying to abandon many more policies.) I will vote to abandon a policy if I believe the policy to be: + Detrimental to the ARIN community + Technically infeasible + Malformed to the point of being incomprehensible or non-implementable. + Overwhelmingly opposed by the community Otherwise, even if I don't like the policy, I will vote to bring it to the floor. Owen From marty at akamai.com Mon Feb 1 00:41:21 2010 From: marty at akamai.com (Martin Hannigan) Date: Mon, 1 Feb 2010 00:41:21 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <4B66675A.6080206@umn.edu> References: <4B66675A.6080206@umn.edu> Message-ID: On Feb 1, 2010, at 12:32 AM, David Farmer wrote: > Hannigan, Martin wrote: > > > > David, > > > > Have you actually read the "new" PDP? > > > > Best, > > > > Martin > > Yes, several times and I have listened to several other people's > interpretations of it, there are some issues that are not as clear cut > as some might think. > This has been the case with many PDP's over the years. > > The question at hand here is, there is no specific deadline or time > frame in the PDP for the AC to move a proposal from an Policy Proposal > accepted on to the AC docket to a Draft Policy. In theory by the > letter > of the PDP, the AC could accept a proposal on to its docket and not > ever > move it to Draft policy. Then is the lack of moving a Policy Proposal > to Draft Policy an action taken by the AC that would be petitionable, > and if so when? > > Perhaps that was intentional? > If I remember correctly, the AC came to the conclusion that when the > AC > decides that we were not going to move a policy forward to draft > policy > in time for a PPM that we would announce that as an action taken by > the > AC with the intent that it would be petitionable, this seems to follow > the spirit of the PDP. > > I don't think it is reasonable for the lack of action by the AC to be > petitionable at any time, the AC does need a chance to do its job > and to > manage its workflow. > Perhaps that's a feature of the PDP and not a bug? The reason I mentioned this was because I was surprised. You spend a LOT of time posting, but then when the tough questions arose you pointed at the PDP and claimed deficiencies. I found that interesting. Best, Martin From bill at herrin.us Mon Feb 1 01:03:31 2010 From: bill at herrin.us (William Herrin) Date: Mon, 1 Feb 2010 01:03:31 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net> <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> Message-ID: <3c3e3fca1001312203i2c5141depf3d4e6d13213c1d6@mail.gmail.com> On Mon, Feb 1, 2010 at 12:32 AM, Owen DeLong wrote: > ? ? ? ?The AC was elected to help develop good, technically sound > policy. Owen, The AC was elected first and foremost to be shepherds of the bottom-up public-originated policy development process. Advising whether a particular proposal is "good, technically sound policy" is supposed to be the very last step, not the first. Moving it to the front violates, disrupts and eventually destroys the bottom-up character of the process. Welcome to corruption 101. It starts with a conflict of interest and a sense of entitlement born of expertise and honest, earnest work. From there it's one short slide after another down the long and slippery slope. > I will vote to abandon a policy if I believe the policy to be: > ? ? ? ?+ ? ? ? Technically infeasible > ? ? ? ?+ ? ? ? Malformed to the point of being incomprehensible > ? ? ? ? ? ? ? ?or non-implementable. > ? ? ? ?+ ? ? ? Overwhelmingly opposed by the community Reasonable. > + Detrimental to the ARIN community Out of order. This does not belong in your evaluation prior to the board-recommendation phase. You're supposed to help proposal authors produce the best proposal possible that's consistent with their intentions and then encourage community comment. Instead you cut them off at the knees. The "advise" in "advisory council" isn't an artifact and the board isn't the group that needs your advice. You won't see it. You never do. But in your unsubtle way you have, I hope, exhibited the error for others. Because it isn't your error alone. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From mysidia at gmail.com Mon Feb 1 01:06:30 2010 From: mysidia at gmail.com (James Hess) Date: Mon, 1 Feb 2010 00:06:30 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:Customer Confidentiality - Time Sensitive In-Reply-To: <997BC128AE961E4A8B880CD7442D9480126F3EFA@NJCHLEXCMB01.cable.comcast.com> References: <02c701caa054$b71df010$2559d030$@net> <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu> <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <997BC128AE961E4A8B880CD7442D9480126F3EFA@NJCHLEXCMB01.cable.comcast.com> Message-ID: <6eb799ab1001312206t6a1ee92fm71cd24334f2dd8fa@mail.gmail.com> On Sun, Jan 31, 2010 at 11:27 PM, Alexander, Daniel wrote: [snip] .. Information doesn't have to be provided with SWIP. The ARIN NRPM provides that a provider can offer re-assignment information via a RWHOIS. server The NRPM doesn't actually specify what type of contact information the RWHOIS server has to provide. If a providers' RWHOIS server only provided a 'name' for the contact, the 'usefulness' of the RWHOIS server would be limited. However, the NRPM doesn't list "attributes that have to be populated" for each record. Perhaps someone could point to the current clause in the NRPM that would be violated by a RWHOIS server that did not provide e-mail or phone number for a contact? .. > Who are we trying to contact with this directory and why? The primary > reason for a swip record is for a contact in the event of an issue. My > opinion is it should not need to be a contact of who's host is using the > IP. The contact should be one that can respond in a timely manner if No, there are multiple kinds of contacts in the directory. "An issue" is probably the most common reason that information is to be looked up and actually used, but that doesn't mean it is the primary reason the record is there. Another reason is to provide public accountability for IP re-assignment. Just an 'organization name' is not sufficient for that: names can be made up or fictional, ARIN looking up public records requires more details than a name. If they have to "ask" for the information, that implies ARIN doesn't even have information required to audit re-assignments -- going through the trouble to "ask" for basic contact information increases costs for ARIN, and for ISPs. Re-assignment information allows an organization to easily "prove" they are a legitimate user of those ip addresses. Other internet users can more easily investigate allegations that someone has "hijacked a range of IP addresses", or decide which user is legitimate, or a secondary ISP of end users' network may require their contact appears in WHOIS, before they will initially allow the end-user network to announce that prefix to the ISP for multi-homing. One of the contact addresses provided with the WHOIS directory should reach the network manager for the network involved, a person with the ability and authority to disconnect a host in the block in question from the network, without the collateral damage of disconnecting other important parts of the network. -- -J From bill at herrin.us Mon Feb 1 01:06:22 2010 From: bill at herrin.us (William Herrin) Date: Mon, 1 Feb 2010 01:06:22 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:Customer Confidentiality - Time Sensitive In-Reply-To: <997BC128AE961E4A8B880CD7442D9480126F3EFA@NJCHLEXCMB01.cable.comcast.com> References: <02c701caa054$b71df010$2559d030$@net> <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu> <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <997BC128AE961E4A8B880CD7442D9480126F3EFA@NJCHLEXCMB01.cable.comcast.com> Message-ID: <3c3e3fca1001312206h4471ae86k3122373318742cb5@mail.gmail.com> On Mon, Feb 1, 2010 at 12:27 AM, Alexander, Daniel wrote: > Who are we trying to contact with this directory and why? The primary > reason for a swip record is for a contact in the event of an issue. My > opinion is it should not need to be a contact of who's host is using the > IP. The contact should be one that can respond in a timely manner if > there is an issue with the host. That could be the end user or the > upstream ISP who made the assignment and is responsible for the > allocation it was given. The focus should be on who has the ability to > respond instead of the who it was assigned to. Hi Dan, Good to see you again. Respectfully, the primary reason for SWIP is and has always been public accountability. Emergency contact is a valuable benefit but it's no more SWIP's purpose than hunting is the purpose of the second amendment. Find me a process of *public* accountability that beats SWIP and I'll jump on the ditch-SWIP bandwagon. Good luck. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From Daniel_Alexander at Cable.Comcast.com Mon Feb 1 01:30:53 2010 From: Daniel_Alexander at Cable.Comcast.com (Alexander, Daniel) Date: Mon, 1 Feb 2010 01:30:53 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:Customer Confidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001312206h4471ae86k3122373318742cb5@mail.gmail.com> References: <02c701caa054$b71df010$2559d030$@net> <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu> <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <997BC128AE961E4A8B880CD7442D9480126F3EFA@NJCHLEXCMB01.cable.comcast.com> <3c3e3fca1001312206h4471ae86k3122373318742cb5@mail.gmail.com> Message-ID: <997BC128AE961E4A8B880CD7442D9480126F3F03@NJCHLEXCMB01.cable.comcast.com> Hey Bill, This is my last post tonight. I'm on EST time and it's late. I have a question on your last post. If it is all about public accountability, then why do you think we draw the lines where we do? Why is a commercial network behind a /30 less accountable than one with a /29? Why are residential hosts less accountable then commercial hosts? I know they are loaded questions, but it concerns me when we draw these lines in policy. This also touches on Leo's posts about IPv6, in that I question if swips are a viable means of accountability. Have a good night. Dan -----Original Message----- From: wherrin at gmail.com [mailto:wherrin at gmail.com] On Behalf Of William Herrin Sent: Monday, February 01, 2010 1:06 AM To: Alexander, Daniel Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Petition Underway - Policy Proposal 95:Customer Confidentiality - Time Sensitive On Mon, Feb 1, 2010 at 12:27 AM, Alexander, Daniel wrote: > Who are we trying to contact with this directory and why? The primary > reason for a swip record is for a contact in the event of an issue. My > opinion is it should not need to be a contact of who's host is using the > IP. The contact should be one that can respond in a timely manner if > there is an issue with the host. That could be the end user or the > upstream ISP who made the assignment and is responsible for the > allocation it was given. The focus should be on who has the ability to > respond instead of the who it was assigned to. Hi Dan, Good to see you again. Respectfully, the primary reason for SWIP is and has always been public accountability. Emergency contact is a valuable benefit but it's no more SWIP's purpose than hunting is the purpose of the second amendment. Find me a process of *public* accountability that beats SWIP and I'll jump on the ditch-SWIP bandwagon. Good luck. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From farmer at umn.edu Mon Feb 1 01:45:03 2010 From: farmer at umn.edu (David Farmer) Date: Mon, 01 Feb 2010 00:45:03 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: References: <4B66675A.6080206@umn.edu> Message-ID: <4B66786F.1060902@umn.edu> Martin Hannigan wrote: > > On Feb 1, 2010, at 12:32 AM, David Farmer wrote: > >> Hannigan, Martin wrote: >> > >> > David, >> > >> > Have you actually read the "new" PDP? >> > >> > Best, >> > >> > Martin >> >> Yes, several times and I have listened to several other people's >> interpretations of it, there are some issues that are not as clear cut >> as some might think. >> > > This has been the case with many PDP's over the years. It is the case with most policy and processes, they almost always leave a lot to interpretation. >> The question at hand here is, there is no specific deadline or time >> frame in the PDP for the AC to move a proposal from an Policy Proposal >> accepted on to the AC docket to a Draft Policy. In theory by the letter >> of the PDP, the AC could accept a proposal on to its docket and not ever >> move it to Draft policy. Then is the lack of moving a Policy Proposal >> to Draft Policy an action taken by the AC that would be petitionable, >> and if so when? >> >> > > Perhaps that was intentional? Could be. >> If I remember correctly, the AC came to the conclusion that when the AC >> decides that we were not going to move a policy forward to draft policy >> in time for a PPM that we would announce that as an action taken by the >> AC with the intent that it would be petitionable, this seems to follow >> the spirit of the PDP. >> >> I don't think it is reasonable for the lack of action by the AC to be >> petitionable at any time, the AC does need a chance to do its job and to >> manage its workflow. >> > > Perhaps that's a feature of the PDP and not a bug? I believe it is a feature and it is not a bug, but it is not well understood by most people. > The reason I mentioned this was because I was surprised. You spend a LOT > of time posting, but then when the tough questions arose you pointed at > the PDP and claimed deficiencies. I found that interesting. I assume you mean this comment "The PDP is just a year old and we haven't figured it all out yet." If not, please help me understand what comment I made that made you think I claimed the PDP had deficiencies. My intent, wasn't that there was anything wrong with the PDP. It was since much of what it really means is left to interpretation, we haven't explored all or even very many of the corner cases, and set precedent for dealing with them. That is what I meant by, "The PDP is just a year old and we haven't figured it all out yet." As for the tough questions, I supported abandoning the proposal because the AC was not making progress on it that we said we would. I therefore, believed the best course of action was to abandon it allowing for the community to petition and have it succeed or fail. If the petition had failed, I had no doubt that a new proposal would have come along and maybe it would have been a better one. As has been mentioned on PPML by others, customer privacy should be driven by the customer's interest not the ISP's interest. This proposal seems to protect the ISP's interest and not necessarily the customer's. When I voted to accept the proposal on the the docket originally, it was in the intent that we the AC would work on this, looking at the issue from an IPv6 perspective. That hasn't happened, and I'm not sure it is going to happen in the short term, so when it was recommended that we abandon this proposal by the AC shepherd, I supported that idea. > Best, > > Martin > > -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== From bill at herrin.us Mon Feb 1 01:59:12 2010 From: bill at herrin.us (William Herrin) Date: Mon, 1 Feb 2010 01:59:12 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:Customer Confidentiality - Time Sensitive In-Reply-To: <997BC128AE961E4A8B880CD7442D9480126F3F03@NJCHLEXCMB01.cable.comcast.com> References: <02c701caa054$b71df010$2559d030$@net> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu> <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <997BC128AE961E4A8B880CD7442D9480126F3EFA@NJCHLEXCMB01.cable.comcast.com> <3c3e3fca1001312206h4471ae86k3122373318742cb5@mail.gmail.com> <997BC128AE961E4A8B880CD7442D9480126F3F03@NJCHLEXCMB01.cable.comcast.com> Message-ID: <3c3e3fca1001312259g6c074dbvaaf4561761e078e4@mail.gmail.com> On Mon, Feb 1, 2010 at 1:30 AM, Alexander, Daniel wrote: > This is my last post tonight. I'm on EST time and it's late. I have a > question on your last post. If it is all about public accountability, > then why do you think we draw the lines where we do? Why is a commercial > network behind a /30 less accountable than one with a /29? Why are > residential hosts less accountable then commercial hosts? I know they > are loaded questions, but it concerns me when we draw these lines in > policy. This also touches on Leo's posts about IPv6, in that I question > if swips are a viable means of accountability. Hi Dan, Surely you don't mean to suggest that SWIP is arbitrary and capricious? So it is. SWIP is to accountability what democracy is to governance: the worst possible form except for everything else we've considered. SWIP isn't perfect. It isn't even particularly good. But as long as we're doing needs-based allocation, SWIP more or less gets the accountability job done. Show me an alternative whose structure has a history of success in other applications. I've no love for SWIP. It was a pain in the rump back when I was responsible for the operations of an ISP. You might recall that my proposal 103 would have eliminated it in IPv6. But to accomplish that I had to change the address allocation criteria to something invulnerable to fraud. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From mysidia at gmail.com Mon Feb 1 02:34:15 2010 From: mysidia at gmail.com (James Hess) Date: Mon, 1 Feb 2010 01:34:15 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:Customer Confidentiality - Time Sensitive In-Reply-To: <997BC128AE961E4A8B880CD7442D9480126F3F03@NJCHLEXCMB01.cable.comcast.com> References: <02c701caa054$b71df010$2559d030$@net> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu> <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <997BC128AE961E4A8B880CD7442D9480126F3EFA@NJCHLEXCMB01.cable.comcast.com> <3c3e3fca1001312206h4471ae86k3122373318742cb5@mail.gmail.com> <997BC128AE961E4A8B880CD7442D9480126F3F03@NJCHLEXCMB01.cable.comcast.com> Message-ID: <6eb799ab1001312334r1100307er970801c5432d2bc7@mail.gmail.com> wrote: > This is my last post tonight. I'm on EST time and it's late. I have a > question on your last post. If it is all about public accountability, > then why do you think we draw the lines where we do? Why is a commercial > network behind a /30 less accountable than one with a /29? Why are > residential hosts less accountable then commercial hosts? I know they > are loaded questions, but it concerns me when we draw these lines in "Hosts" aren't accountable. It is administrators of networks that are accountable. Information is supposed to still be kept using SWIP or the form 4.2.3.7.5. The utilization criterion required to properly justify a /30 is so trivial, that the public basically need not be concerned with the individual user's information, providing the ISP is not systemically cooperating in allocating one individual many /30s. ISPs often do not assign residential users permanent IP space, instead they get dynamic allocated an IP. The paperwork required to update POCs would be unreasonable. Also there are privacy concerns that lead a good ISP to avoid SWIP'ing residential users if possible -- a residential user often does not have such a thing as suitable business contact information. There is an expectation that businesses can always be contacted, a duty can reasonably be imposed on them to hire or make an existing contact available, but residential user information might be otherwise unavailable, and can be used to invade personal privacy of real people. It is unreasonable to require a residential end user to 'hire out' someone to serve as a POC for their one host. There are lines drawn, but /29 or larger appears to the reasonable place. It essentially allows max of 4 user IPs, or 1 point-to-point link for a user, without requiring SWIP. -- -J From gbonser at seven.com Mon Feb 1 02:49:55 2010 From: gbonser at seven.com (George Bonser) Date: Sun, 31 Jan 2010 23:49:55 -0800 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:CustomerConfidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001312259g6c074dbvaaf4561761e078e4@mail.gmail.com> References: <02c701caa054$b71df010$2559d030$@net> <4B63865F.7070608@ipinc.net><3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu><3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <997BC128AE961E4A8B880CD7442D9480126F3EFA@NJCHLEXCMB01.cable.comcast.com><3c3e3fca1001312206h4471ae86k3122373318742cb5@mail.gmail.com> <997BC128AE961E4A8B880CD7442D9480126F3F03@NJCHLEXCMB01.cable.comcast.com> <3c3e3fca1001312259g6c074dbvaaf4561761e078e4@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F74FB@RWC-EX1.corp.seven.com> > > Show me an alternative whose structure has a history of success in > other applications. I've no love for SWIP. It was a pain in the rump > back when I was responsible for the operations of an ISP. You might > recall that my proposal 103 would have eliminated it in IPv6. But to > accomplish that I had to change the address allocation criteria to > something invulnerable to fraud. > > Regards, > Bill Herrin An alternative is a layer of abstraction where the information you are given depends on who you are and what you are looking for. ARIN would have all of the detailed information but there is no reason that one should be able to easily trawl whois for a providers block and collect all their SWIPs. I just haven't figured out how such a thing would be implemented yet. SWIP information is VERY useful to me on a regular basis. When I am white listing a partner's space, I can easily find their network assignments or at least know how big a block they have surrounding the specific IPs they have given me. I don't allocate space but discovering a partner's allocated space is useful to me. By "partner" I mean someone who we are providing services for ... a customer. What I need to do is enter that organization's handle and get back their network assignments. I don't need to work through their upstream's address space to figure out who all their SWIPS are. I also often need to know who the contact is for a specific IP. We might have a problem with someone's POP3 or IMAP server. That is a common issue where by default they allow only some small number of concurrent connections. But maybe our connections on behalf of their users exceed that so I need to contact them to increase the number of connections we are allowed. Stuff like that happens fairly frequently and getting their transit provider's contact info is going to make my life more difficult because there isn't a darned thing the transit provider is going to be able to do for me except give me the information I should have already had. So as a normal day to day requirement, I use the SWIP information to gauge customer network assignments for traffic policy (at least as a starting point) and for contact information to get problems fixed. This proposal would make that more difficult. What needs to be figured out is a way to give specific information to specific requests but to deny casual perusal of the database yet in a way that lends itself to automation and does not cause undue additional work on the part of ARIN. From farmer at umn.edu Mon Feb 1 04:03:33 2010 From: farmer at umn.edu (David Farmer) Date: Mon, 01 Feb 2010 03:03:33 -0600 Subject: [arin-ppml] Policy Proposal 107: Rework of IPv6 assignment criteria - Updated text In-Reply-To: <4B5AA539.7000404@umn.edu> References: <4B4FA35F.9070804@arin.net> <4B5AA539.7000404@umn.edu> Message-ID: <4B6698E5.3060004@umn.edu> As a result of the staff clarity review the text these has been a number for minor changes and the following major changes. Text that were basically operational suggestions were moved to a Note at the end of the appropriate section. Additionally, examples of reasonable justifications have been added to sections 6.5.8.2.c and 6.5.8.3.b. Finally, this proposal eliminates the customer count as part of the criteria for a community network that was originally in 2008-3. Feed back please. ---- Template: ARIN-POLICY-PROPOSAL-TEMPLATE-2.0 1. Policy Proposal Name: Rework of IPv6 assignment criteria 2. Proposal Originator a. name: David Farmer b. email: farmer at umn.edu c. telephone: 612-812-9952 d. organization: University of Minnesota 3. Proposal Version: 3.0 4. Date: 2/1/2010 5. Proposal type: modify new, modify, or delete. 6. Policy term: Permanent temporary, permanent, or renewable. 7. Policy statement: 6.5.8. Initial assignments 6.5.8.1. Initial assignment size Organizations that meet at least one of the following criteria are eligible to receive a minimum assignment of /48. Requests for larger initial assignments, reasonably justified with supporting documentation, will be evaluated based on the number of sites and the number of subnets needed to support a site. Organizations may request up to a /48 for each site in their network, with the overall allocation rounded up to the next whole prefix only as necessary. A subnet plan demonstrating a utilization of 33,689 or more subnets within a site is necessary to justify an additional /48 for any individual site, beyond this the 0.94 HD-Ratio metric of the number of subnets is used. All assignments shall be made from distinctly identified prefixes, with each assignment receiving a reservation for growth of at least a /44. Such reservations are not guaranteed and ARIN, at its discretion, may assign them to other organizations at any time. Note: Organizations with multiple sites are encouraged to consider the use /56s for smaller satellite sites. 6.5.8.2. Criteria for initial assignment to Internet connected end-users Organizations may justify an initial assignment for connecting their own network to the IPv6 Internet, with an intent to provide global reachability for the assignment within 12 months, and for addressing devices directly attached to their network infrastructure, by meeting one of the following additional criteria: a. Having a previously justified IPv4 end-user assignment from ARIN or one of its predecessor registries, or; b. Currently being IPv6 Multihomed or immediately becoming IPv6 Multihomed and using an assigned valid global AS number, or; c. By providing a reasonable technical justification indicating why other IPv6 addresses from an ISP or other LIR are unsuitable and a plan detailing the utilization of sites and subnets for one, two and five year periods. Examples of justifications for why addresses from an ISP or other LIR may be unsuitable include, but are not limited to: ? An organization that operates infrastructure critical to life safety or the functioning of society, has justification based on the fact that renumbering would have a broader than expected impact than simply the number of hosts involved. These would include; hospitals, fire fighting, police, emergency response, power or energy distribution, water or waste treatment, traffic management and control, etc? ? Regardless of the number of hosts involved, an organization has justification if renumbering would affect 1000 or more individuals either internal or external to the organization. 6.5.8.3 Criteria for initial assignment to non-connected networks Organizations may justify an initial assignment for operating their own non-connected IPv6 network and for addressing devices directly attached to their network infrastructure, by meeting one of the following additional criteria: a. Having a previously justified IPv4 end-users assignment from ARIN or one of its predecessor registries, or; b. By providing a reasonable technical justification indicating why an assignment for a non-connected networks is necessary, including the intended purpose for the assignment, and describing the network infrastructure the assignment will be used to support. Justification must include why Unique Local IPv6 Unicast Addresses (ULA) is unsuitable and a plan detailing the utilization of sites and subnets for one, two and five year periods. Examples of justifications for why ULA may be unsuitable include, but are not limited to: ? The need for authoritative delegation of reverse DNS, including documentation way this is necessary. ? The need for documented uniqueness, beyond the statistical uniqueness provided by ULA, including documentation way this is necessary. ? A documented need to connect with other networks connected to or not connected to the Internet NOTE: Organizations are encouraged to consider the use of ULA, for non-connected networks, see RFC 4193 for details. 6.5.8.4 Criteria for initial assignment to Community Networks Organizations may justify an initial assignment for operating a Community Network by documenting that they meet the criteria specified in section 2.11. A Community Network is considered a single site and a larger initial assignment may only be justified based on the number of subnets necessary to serve the community in question. 6.5.9. Subsequent assignments Subsequent assignments may be made when the need for additional sites or subnets are justified with reasonable supporting documentation. When possible, subsequent assignments will be made from an adjacent address block. Organizations may request up to a /48 for each site in their network, with the overall allocation rounded up to the next whole prefix only as necessary. A subnet plan demonstrating a utilization of 33,689 or more subnets within a site is necessary to justify an additional /48 for any individual site, beyond this the 0.94 HD-Ratio metric of the number of subnets is used. Note: Organizations with multiple sites are encouraged to consider the use /56s for smaller satellite sites. Delete current 6.5.9 Community Network Assignments as it is incorporated in 6.5.8.4. 8. Rationale: This proposal provides a complete rework of the IPv6 end-user assignment criteria, removing the dependency on IPv4 policy, while maintaining many of the basic concepts contained in the current policies. The order of the subsections of 6.5.8 was rearranged moving the initial assignment size to 6.5.8.1 and subsequent assignments to 6.5.9. This will facilitate adding future criteria without additional renumbering of current policies. The initial assignment criteria include the following general concepts: ? When Internet connectivity is use to justify resources it is implied the resources should be advertised to the Internet, within some reasonable time frame after they are received. ? IPv4 resources may be use to justify the need for IPv6 resources. ? Internet multihoming is sufficient justification for an end-user assignment in and of itself. ? Other Internet connected end-users must justify why an ISP or LIR assignment is not sufficient for their needs. ? Non-connected networks must describe the purpose and network infrastructure the assignment will be supporting, including why ULA is not sufficient for their needs. ? Organizations with multiple sites are allowed to request a /48 for each site, with a suggestion to use /56s for smaller sites. ? While HD-Ratio is not completely eliminated it really only applies to situations that an individual site of an organization needs more that a /48. ? Community networks are assumed to justify an assignment in and of themselves, but they should be considered a single site, otherwise they should get an ISP allocation. 9. Timetable for implementation: Immediate END OF TEMPLATE -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== From bicknell at ufp.org Mon Feb 1 09:15:22 2010 From: bicknell at ufp.org (Leo Bicknell) Date: Mon, 1 Feb 2010 06:15:22 -0800 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001312032raec9c5ek7478e2444c584c25@mail.gmail.com> References: <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu> <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <4B662557.5000202@umn.edu> <3c3e3fca1001312032raec9c5ek7478e2444c584c25@mail.gmail.com> Message-ID: <20100201141522.GA91915@ussenterprise.ufp.org> In a message written on Sun, Jan 31, 2010 at 11:32:10PM -0500, William Herrin wrote: > I'm not trying to single out anyone, but frankly I'm frustrated by the > AC's collective behavior this past year and I doubt I'm the only one. > I'd be far more sympathetic if all the quiet work outside the public > eye resulted more and better advice for proposal authors from among > the general public, and less suppression of proposals not written by > members of the AC itself. I won't comment on the merits of your argument, but I will comment on one small aspect, "the quiet work outside the public eye." I would favor having AC meetings "open to the public". To be clear, the public would be in listen only mode, they could not participate in any way, shape, or form. This would allow interesting parties (including proposal authors) to know the exact discussion around their proposal in real time rather than getting edited minutes a month or more later. This should foster much faster turn around of policy proposals. Additionally, it would give the public more insight into what the AC members are doing, which might help them choose who to elect. Sunshine can fix either of the problems here; if the AC is run amock the public will see it, and if in fact they are doing a good job, the public will also see that. -- Leo Bicknell - bicknell at ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available URL: From michael.dillon at bt.com Mon Feb 1 09:47:45 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Mon, 1 Feb 2010 14:47:45 -0000 Subject: [arin-ppml] Draft Policy 2010-1: Waiting List for Unmet IPv4 Requests In-Reply-To: <6B297B2D-4DB6-4D38-A5A6-AD75596DC7BF@delong.com> Message-ID: <28E139F46D45AF49A31950F88C49745804FF8903@E03MVZ2-UKDY.domain1.systemhost.net> > > I suggest that it is not ARIN's business to decide what > better serves > > the community, since ARIN is not lord and master of the > community, but > > its servant. ARIN should only try to be reasonably fair, not make > > heroic efforts whose outcome could be worse, and whose outcome is > > certainly unknowable. > > > ARIN is the community's steward over the address space and it > is absolutely ARIN's role to balance the needs of the various > stakeholders in the community and develop policies that meet > the communities consensus of what best meets the community's > need with the application of sound judgment by those elected > by the community to that consensus. That is a very paternalistic attitude. ARIN is not the boss of us. It is only a forum in which the stakeholders themselves can balance their needs. If the stakeholders fail to come to agreement then ARIN should not act independently to impose a solution. ARIN is fundamentally a bottom-up creature of self-regulation among the stakeholders. > The idea of fair depends a great deal on perspective in the > case in question. If you are the guy asking for a /14, then, > fair is to give you all the pieces necessary for you to have > address space equivalent to the /14. If your the guy who put > in the request for a /24 30 seconds after the guy who asked > for the /14, your idea of fair might be a bit different. ARIN simply does not have the information to know which outcome is more fair. It is not ARIN's job to be judge and jury over the last few crumbs. There is a bigger picture that does not involve the aberrations of squabbles over the last few crumbs of IPv4 adress space. > > Far better for them to get down to the rag market and > haggle over the > > price of an old silk dress that could be reworked into a silk purse. > > > Who are you to decide which is better for them? Why should > ARIN decide on their behalf? ARIN is deciding on ARIN's behalf that it does not want to sit in the middle and arbitrate squabbles over the last few crumbs. ARIN's main job is not to hand out address blocks but to evaluate applications and decide how many IP addresses are justified. Then, if there are some on the shelf, ARIN hands out an appropriately sized block. When the shelf becomes bare, ARIN should resist expanding it's activities, and stick to evaluating applications, and recording records. > That's one strategy option. Not necessarily the only strategy. > Clearly it's the one you think is best, but, like LDAP, it is > not necessarily the best answer for everyone in every case. No, I do not think hunting for transfer blocks is best since I don't believe that many people will e successful. The best strategy is to deploy IPv6 and completely avoid the runout mess. > Thought exercise: Under your proposed method, where does one > draw the line between DoS and legitimate efforts to have your > request hit the lottery? How many lottery tickets should > someone be allowed to request per what unit of time? One. The fact is that ARIN should not play this game. Today, you only should apply for IP addresses once per year, or more. There is no good reason for that basic model to change. Yes, we may shorten time periods so that everyone has to apply once per 3 months, but once your application is approved, we should not create reasons to encourage more applications. If you didn't get your full justified allocation, then the mechanisms for handing over addresses need to be handled in an orderly fashion so that people are not encouraged to bombard ARIN's systems in the hopes of winning a lottery. --Michael Dillon From michael.dillon at bt.com Mon Feb 1 10:14:17 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Mon, 1 Feb 2010 15:14:17 -0000 Subject: [arin-ppml] Policy Proposal 95: Customer Confidentiality In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F74D3@RWC-EX1.corp.seven.com> Message-ID: <28E139F46D45AF49A31950F88C49745804FF89AC@E03MVZ2-UKDY.domain1.systemhost.net> > Exactly. Unless the provider is doing 100% managed services > for all hosts in that net block, calling the provider is > usually a waste of time. What if that block of IP addresses > is actually in use in someone else's colo or back at the > customer's office? What is the provider going to do except > (hopefully) give you the information you should have already > been able to get. And what if it is midnight local on a > weekend? Is the person on duty going to know that they are > even allowed to give out the customer contact info? > > There are so many problems with this at so many levels for no > other reason than to protect someone's customer list and > absolutely no benefit to any other segment of the community. Fact is that to solve the kind of issues that are under discussion all you need is a phone number. You don't need to know the customer's name or their physical location. --Michael Dillon From michael.dillon at bt.com Mon Feb 1 10:41:05 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Mon, 1 Feb 2010 15:41:05 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <66FAFE30-CC74-48CC-A4F2-4B62CD57B65C@delong.com> Message-ID: <28E139F46D45AF49A31950F88C49745804FF8A35@E03MVZ2-UKDY.domain1.systemhost.net> > So you run their antivirus software and clean their machines > if they get infected? If it's that level of managed service, > then, arguably their machines are part of your infrastructure > from an administrative perspective. If you are the end-user, > you don't need to swip the space as a customer assignment. > If someone else administers the machines, then, that someone > else should be on the SWIP. And what happens when that "someone else"'s 10th grade English class is interrupted by your phone call about a possible botnet infection on his uncle's server? Let's be realistic here. This is not the Internet of 1990 where everything was in a big building owned by a big organization that was paying big bucks for the underlying IT infrastructure that was connected to the Internet. --Michael Dillon From michael.dillon at bt.com Mon Feb 1 10:43:59 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Mon, 1 Feb 2010 15:43:59 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> Message-ID: <28E139F46D45AF49A31950F88C49745804FF8A3F@E03MVZ2-UKDY.domain1.systemhost.net> > I'm not so concerned about you but what about the the half of > the AC who can't even find time to participate on PPML? It's their job to do the AC stuff, not spend time posting on PPML trying to influence the AC stuff. Most of the stakeholders in ARIN have no presence at all on PPML, but they still have representation on the AC. --Michael Dillon From michael.dillon at bt.com Mon Feb 1 11:01:30 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Mon, 1 Feb 2010 16:01:30 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001312203i2c5141depf3d4e6d13213c1d6@mail.gmail.com> Message-ID: <28E139F46D45AF49A31950F88C49745804FF8A9B@E03MVZ2-UKDY.domain1.systemhost.net> > The AC was elected first and foremost to be shepherds of the > bottom-up public-originated policy development process. Uhhh... the bylaws say this: Function. The Advisory Council shall act in an advisory capacity to the Board of Trustees on matters as the Board of Trustees may, from time to time, request involving Internet numbering resource policies and related matters. The President of ARIN shall be the primary point of contact between the Advisory Council and the Board of Trustees. > Welcome to corruption 101. It starts with a conflict of > interest and a sense of entitlement born of expertise and > honest, earnest work. From there it's one short slide after > another down the long and slippery slope. Uhh... Wikipedia has this to say about this classical informal fallacy: --Michael Dillon P.S. ARIN is what it is, not what you or anyone else imagine it to be. From marty at akamai.com Mon Feb 1 11:03:11 2010 From: marty at akamai.com (Martin Hannigan) Date: Mon, 1 Feb 2010 11:03:11 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <20100201141522.GA91915@ussenterprise.ufp.org> References: <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu> <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <4B662557.5000202@umn.edu> <3c3e3fca1001312032raec9c5ek7478e2444c584c25@mail.gmail.com> <20100201141522.GA91915@ussenterprise.ufp.org> Message-ID: <95A6D1C0-FB8F-43D9-B24C-58ACF9C50225@akamai.com> On Feb 1, 2010, at 9:15 AM, Leo Bicknell wrote: > In a message written on Sun, Jan 31, 2010 at 11:32:10PM -0500, > William Herrin wrote: >> I'm not trying to single out anyone, but frankly I'm frustrated by >> the >> AC's collective behavior this past year and I doubt I'm the only one. >> I'd be far more sympathetic if all the quiet work outside the public >> eye resulted more and better advice for proposal authors from among >> the general public, and less suppression of proposals not written by >> members of the AC itself. [ clip ] > > I won't comment on the merits of your argument, but I will comment > on one small aspect, "the quiet work outside the public eye." > > I would favor having AC meetings "open to the public". To be clear, > the public would be in listen only mode, they could not participate > in any way, shape, or form. +1 From michael.dillon at bt.com Mon Feb 1 11:06:32 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Mon, 1 Feb 2010 16:06:32 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:CustomerConfidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001312206h4471ae86k3122373318742cb5@mail.gmail.com> Message-ID: <28E139F46D45AF49A31950F88C49745804FF8AB3@E03MVZ2-UKDY.domain1.systemhost.net> > Respectfully, the primary reason for SWIP is and has always > been public accountability. I dispute that the primary reason for SWIP has always been public accountability. I will agree that this was the original reason for SWIP back when the ARPANET was spending public monies which had to be accounted for. But since that time, the ARPANET has become the Internet, and the Internet has become commercialised to the extent that "accounting for public monies" is not a concern for us any more. That would still be a concern for the various organizations on the Internet who spend public monies, of course, but the core infrastructure is thoroughly privatised at this point. We really need to make a clean break with the past and ask ourselves what achievable public benefits can be served by a whois directory and stop moaning and wishing about how it could have been if only we had not evolved to the point where we find ourselves today. --Michael Dillon From michael.dillon at bt.com Mon Feb 1 11:16:10 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Mon, 1 Feb 2010 16:16:10 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:CustomerConfidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001312259g6c074dbvaaf4561761e078e4@mail.gmail.com> Message-ID: <28E139F46D45AF49A31950F88C49745804FF8AE1@E03MVZ2-UKDY.domain1.systemhost.net> > SWIP isn't perfect. It isn't even particularly good. But as > long as we're doing needs-based allocation, SWIP more or less > gets the accountability job done. > > Show me an alternative whose structure has a history of > success in other applications. CSV files work fine here. Just dump all the assignment info right down to the last /32 into a CSV file and attach it to an email to the ARIN hostmaster. We've used this to justify several /15 or /16 allocations. The point is that ARIN evaluates your usage, not the entries in its SWIP database, which may be less than accurate due to the /29 rule among other things. A dump from the operational database tends to be the most accurate. SWIP has nothing to do with justifying a needs based allocation. The public whois directory has nothing to do with any internal ARIN activities. --Michael Dillon From michael.dillon at bt.com Mon Feb 1 11:22:24 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Mon, 1 Feb 2010 16:22:24 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal95:CustomerConfidentiality - Time Sensitive In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F74FB@RWC-EX1.corp.seven.com> Message-ID: <28E139F46D45AF49A31950F88C49745804FF8B03@E03MVZ2-UKDY.domain1.systemhost.net> > I just haven't figured out how such a thing > would be implemented yet. ARIN has. It's called a separate data store. The hostmasters currently have access, under NDA, to lots of confidential information that even their own supervisors have no right to access. This is the way that it should be. > SWIP information is VERY useful to me on a regular basis. > When I am white listing a partner's space, I can easily find > their network assignments or at least know how big a block > they have surrounding the specific IPs they have given me. I > don't allocate space but discovering a partner's allocated > space is useful to me. By "partner" I mean someone who we > are providing services for ... a customer. You could also phone them and ask for this. > I also often need to know who the contact is for a specific > IP. We might have a problem with someone's POP3 or IMAP > server. Now you have justified publishing some phone numbers and email addresses in WHOIS. Not names, addresses or anything else. > What needs to be figured out is a way to give specific > information to specific requests but to deny casual perusal > of the database yet in a way that lends itself to automation > and does not cause undue additional work on the part of ARIN. Don't record anything that will not be published in the whois directory, and most especially, do not record any information that does not have a defined and agreed upon public use. --Michael Dillon From kkargel at polartel.com Mon Feb 1 12:29:38 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Mon, 1 Feb 2010 11:29:38 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <065001caa14b$9a626800$cf273800$@net> References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net> <4B636B12.6090603@ipinc.net> <05a901caa13b$4cd154d0$e673fe70$@net> <4B637523.1070708@ipinc.net> <05da01caa140$e111f5f0$a335e1d0$@net> <4B6384A4.4040304@ipinc.net> <065001caa14b$9a626800$cf273800$@net> Message-ID: <8695009A81378E48879980039EEDAD28876D3F96@MAIL1.polartel.local> > Not all of them. I have a customer, {redacted}. It's a photography > studio run by two people. They colo a server with me and have a /29. I > have > to SWIP their information even though they are the last people that should > be called if there's an issue and would just end up calling me anyway. > In this case whoever takes care of their networks is their agent and should be listed directly as their tech and abuse PoC's. Or am I wrong? From gbonser at seven.com Mon Feb 1 13:26:12 2010 From: gbonser at seven.com (George Bonser) Date: Mon, 1 Feb 2010 10:26:12 -0800 Subject: [arin-ppml] Petition Underway - PolicyProposal95:CustomerConfidentiality - Time Sensitive In-Reply-To: <28E139F46D45AF49A31950F88C49745804FF8B03@E03MVZ2-UKDY.domain1.systemhost.net> References: <5A6D953473350C4B9995546AFE9939EE081F74FB@RWC-EX1.corp.seven.com> <28E139F46D45AF49A31950F88C49745804FF8B03@E03MVZ2-UKDY.domain1.systemhost.net> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F750E@RWC-EX1.corp.seven.com> > > You could also phone them and ask for this. > > > I also often need to know who the contact is for a specific > > IP. We might have a problem with someone's POP3 or IMAP > > server. > > Now you have justified publishing some phone numbers and email > addresses in WHOIS. Not names, addresses or anything else. Provided I can use that phone number to get a list of all their SWIPs so I can check to see if I have also been having trouble with connections to servers that might be in other subnets, or if I have been blocking connection attempts from their other subnets, then fine. In other words, I need to know: Who owns an IP address that I am having trouble with. What other network assignments do they have so I can "fix" problems that might be happening with the same operator in other network segments. Just having a phone number is going to be a pain in the rear end. Who am I going to be talking to? Is it someone with barely a clue who has simply leased a handful of servers from some rental outfit in a colo? Or is it a well established telecom? With just a phone number, that is going to be hard to tell. My first question is going to be "who are you"? Followed by "what other network assignments do you have so we can fix this problem in a more global sense?". WHOIS currently gives me this information. What I do NOT need is the ability to "walk" through an upstream transit provider's SWIPS to find them all out. But I DO need as much information as I can get for a specific end user to include who they are, who their contact is, and what other networks they have assigned to them. From kkargel at polartel.com Mon Feb 1 13:34:23 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Mon, 1 Feb 2010 12:34:23 -0600 Subject: [arin-ppml] Petition Underway - PolicyProposal95:CustomerConfidentiality - Time Sensitive In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F750E@RWC-EX1.corp.seven.com> References: <5A6D953473350C4B9995546AFE9939EE081F74FB@RWC-EX1.corp.seven.com> <28E139F46D45AF49A31950F88C49745804FF8B03@E03MVZ2-UKDY.domain1.systemhost.net> <5A6D953473350C4B9995546AFE9939EE081F750E@RWC-EX1.corp.seven.com> Message-ID: <8695009A81378E48879980039EEDAD28876D3F9D@MAIL1.polartel.local> > > What I do NOT need is the ability to "walk" through an upstream transit > provider's SWIPS to find them all out. But I DO need as much information > as I can get for a specific end user to include who they are, who their > contact is, and what other networks they have assigned to them. > > So are you suggesting that we limit the '>' operator in the whois search when the customer is an ISP or greater? I am not saying whether that would be good or bad, just asking for clarification. From gbonser at seven.com Mon Feb 1 13:43:19 2010 From: gbonser at seven.com (George Bonser) Date: Mon, 1 Feb 2010 10:43:19 -0800 Subject: [arin-ppml] Petition Underway -PolicyProposal95:CustomerConfidentiality - Time Sensitive In-Reply-To: <8695009A81378E48879980039EEDAD28876D3F9D@MAIL1.polartel.local> References: <5A6D953473350C4B9995546AFE9939EE081F74FB@RWC-EX1.corp.seven.com><28E139F46D45AF49A31950F88C49745804FF8B03@E03MVZ2-UKDY.domain1.systemhost.net> <5A6D953473350C4B9995546AFE9939EE081F750E@RWC-EX1.corp.seven.com> <8695009A81378E48879980039EEDAD28876D3F9D@MAIL1.polartel.local> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7512@RWC-EX1.corp.seven.com> > So are you suggesting that we limit the '>' operator in the whois > search when the customer is an ISP or greater? > > I am not saying whether that would be good or bad, just asking for > clarification. That might be a very reasonable answer. I have no need to know who all of a provider's netblocks downstream assignments belong to. Knowing at the very highest level what a provider's aggregate block assignment is might be helpful in some cases when I am troubleshooting routing issues (hmm, I seem to be having a routing loop whenever I am trying to communicate with a user in zippy-super-clueful-isp's address space.) or some such. But yeah, removing that option would probably not impact my operations. I can't recall when I have ever needed to use it for normal operations for a provider net block. From michael.dillon at bt.com Mon Feb 1 14:46:20 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Mon, 1 Feb 2010 19:46:20 -0000 Subject: [arin-ppml] Petition Underway - PolicyProposal95:CustomerConfidentiality - Time Sensitive In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F750E@RWC-EX1.corp.seven.com> Message-ID: <28E139F46D45AF49A31950F88C49745804FF8C6D@E03MVZ2-UKDY.domain1.systemhost.net> > What I do NOT need is the ability to "walk" through an > upstream transit provider's SWIPS to find them all out. But I > DO need as much information as I can get for a specific end > user to include who they are, who their contact is, and what > other networks they have assigned to them. So, what I am hearing from you is that you do not want a whois directory, you want an application where you can put in an IP address and the app will give you a page with all the information that ARIN has related to the owners of that address including other blocks that they use, their upstream's contact info, the upstream of their upstream's contact info and so on. The ARIN suggestion box is over that way: I don't like to use a sledge hammer to solve a problem that requires a screwdriver. --Michael Dillon From gbonser at seven.com Mon Feb 1 15:51:19 2010 From: gbonser at seven.com (George Bonser) Date: Mon, 1 Feb 2010 12:51:19 -0800 Subject: [arin-ppml] Petition Underway -PolicyProposal95:CustomerConfidentiality - Time Sensitive In-Reply-To: <28E139F46D45AF49A31950F88C49745804FF8C6D@E03MVZ2-UKDY.domain1.systemhost.net> References: <5A6D953473350C4B9995546AFE9939EE081F750E@RWC-EX1.corp.seven.com> <28E139F46D45AF49A31950F88C49745804FF8C6D@E03MVZ2-UKDY.domain1.systemhost.net> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7522@RWC-EX1.corp.seven.com> > So, what I am hearing from you is that you do not want a > whois directory, you want an application where you can > put in an IP address and the app will give you a page with > all the information that ARIN has related to the owners > of that address including other blocks that they use, > their upstream's contact info, the upstream of their upstream's > contact info and so on. No. What you are hearing me say is that things work just fine the way they are right now with whois. I can get all the information I currently need from whois and Proposal 95 would break that. The only benefit Proposal 95 offers is protection of customer lists. I could support a proposal that protects the customer lists while also protects my being able to do what I need to do. Blocking of the > operator for that one type of query would not impact my ability to get my work done and would make it harder for sales drones to walk provider address space. From mueller at syr.edu Mon Feb 1 16:56:05 2010 From: mueller at syr.edu (Milton L Mueller) Date: Mon, 1 Feb 2010 16:56:05 -0500 Subject: [arin-ppml] Policy Proposal 95: Customer Confidentiality In-Reply-To: <3c3e3fca1001290836l1775d9c5ta0fbfba5d1231228@mail.gmail.com> References: <02c701caa054$b71df010$2559d030$@net> <8695009A81378E48879980039EEDAD28876D3F77@MAIL1.polartel.local> <4B621114.3050808@ipinc.net> <4B6212D0.4000404@gmail.com> <38dd4e411001281504r2b805200w10ed8534cd615670@mail.gmail.com> <38dd4e411001290001i3ddf5004u6e9a4ee0c25bfecf@mail.gmail.com> <3c3e3fca1001290836l1775d9c5ta0fbfba5d1231228@mail.gmail.com> Message-ID: <75822E125BCB994F8446858C4B19F0D701C7AB37F5@SUEX07-MBX-04.ad.syr.edu> > -----Original Message----- > [mailto:arin-ppml-bounces at arin.net] On Behalf Of William Herrin > Sent: Friday, January 29, 2010 11:36 AM > > It's a fact that transparency requires reporting sufficient for > members of the general public to audit process should they desire to > do so. This is not a fact but a very complex (possibly justified) intepretation, the validity of which rests almost entirely on how you define "reporting," and "sufficient." > It's a fact that ISP address allocations are strictly dependent on > downstream assignments. > > It's a fact that an audit can't positively confirm the accuracy of an > end-user assignment without checking with the end-user. But this fact does not necessarily imply a generalized capability of any member of the public to check with the end user. There are other mechanisms of doing audits. > It's thus a conclusion resting solely on fact that transparency in the > allocation process requires members of the general public to be able > to contact the end-users to whom portions of the finite resource are > assigned. Here you've equated the ability to "audit process" with the ability of any member of the general public, for any reason, at any time, to directly contact an end user. Not a logically valid equation, as far as I can tell. By the way, the finitness of the resource is completely irrelevant to this discussion. Printer ink is scarce, too, but that doesn't give you the right to demand that OfficeMax give you the information needed to ring me up whenever I replace the cartridge on my HP 1012. > The only way you get rid of this, as a matter of fact, is by unifying > the allocation and assignment policies and moving to an assignment > criteria that's not based on downstream assignment count for > justification. That's an interesting thought. Please keep moving in that direction. Milton Mueller Professor, Syracuse University School of Information Studies XS4All Professor, Delft University of Technology ------------------------------ Internet Governance Project: http://internetgovernance.org From mueller at syr.edu Mon Feb 1 17:05:16 2010 From: mueller at syr.edu (Milton L Mueller) Date: Mon, 1 Feb 2010 17:05:16 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001312203i2c5141depf3d4e6d13213c1d6@mail.gmail.com> References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net> <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <3c3e3fca1001312203i2c5141depf3d4e6d13213c1d6@mail.gmail.com> Message-ID: <75822E125BCB994F8446858C4B19F0D701C7AB37F6@SUEX07-MBX-04.ad.syr.edu> > -----Original Message----- > From: arin-ppml-bounces at arin.net > [mailto:arin-ppml-bounces at arin.net] On Behalf Of William Herrin > > > + Detrimental to the ARIN community > > Out of order. This does not belong in your evaluation prior to the > board-recommendation phase. +1 From mueller at syr.edu Mon Feb 1 17:07:17 2010 From: mueller at syr.edu (Milton L Mueller) Date: Mon, 1 Feb 2010 17:07:17 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <20100201141522.GA91915@ussenterprise.ufp.org> References: <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu> <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <4B662557.5000202@umn.edu> <3c3e3fca1001312032raec9c5ek7478e2444c584c25@mail.gmail.com> <20100201141522.GA91915@ussenterprise.ufp.org> Message-ID: <75822E125BCB994F8446858C4B19F0D701C7AB37F7@SUEX07-MBX-04.ad.syr.edu> Great proposal, Leo! > -----Original Message----- > I would favor having AC meetings "open to the public". To be clear, > the public would be in listen only mode, they could not participate > in any way, shape, or form. > > This would allow interesting parties (including proposal authors) > to know the exact discussion around their proposal in real time > rather than getting edited minutes a month or more later. This should > foster much faster turn around of policy proposals. Additionally, > it would give the public more insight into what the AC members are > doing, which might help them choose who to elect. > > Sunshine can fix either of the problems here; if the AC is run amock > the public will see it, and if in fact they are doing a good job, > the public will also see that. From mueller at syr.edu Mon Feb 1 16:33:01 2010 From: mueller at syr.edu (Milton L Mueller) Date: Mon, 1 Feb 2010 16:33:01 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <05a901caa13b$4cd154d0$e673fe70$@net> References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net> <4B636B12.6090603@ipinc.net> <05a901caa13b$4cd154d0$e673fe70$@net> Message-ID: <75822E125BCB994F8446858C4B19F0D701C7AB37F4@SUEX07-MBX-04.ad.syr.edu> I support the petition to give Policy Proposal 95 due consideration. Milton Mueller Professor, Syracuse University School of Information Studies XS4All Professor, Delft University of Technology ------------------------------ Internet Governance Project: http://internetgovernance.org > > > John Curran wrote: > > ARIN Community - > > > > I am reposting this Petition Announcement under a distinct subject > > line as otherwise not all mailing list participants may recognize > > that this process is underway. This is neither a statement for or > > against the petition, and all statements of support posted under > > the original thread or this one will be counted in the total. > > > > /John > > > > John Curran > > President and CEO > > ARIN > > > > On Jan 28, 2010, at 5:02 PM, Member Services wrote: > > > >> With the message below a petition has started regarding the ARIN > >> Advisory Council's decision to abandon Proposal 95: Customer > >> Confidentiality. ARIN staff posted on 21 January 2010 to > PPML that the > >> ARIN Advisory Council (AC) had decided to abandon the proposal. > >> > >> If successful, this petition will change Proposal 95 into > a Draft Policy > >> which will be published for discussion and review by the > community on > >> the PPML and at the Public Policy Meeting in April. If the petition > >> fails, the proposal will be closed. > >> > >> For this petition to be successful, it will need > statements of support > >> from at least 10 different people from 10 different > organizations. If > >> you wish to support this petition, post a statement of > support to PPML > >> on this thread. Point of contact information is required, > either to the > >> entire PPML or with a follow up post to petition at arin.net > with full POC > >> information (name, organization, street address, email, phone). > >> > >> The duration of the petition is five business days; it > will end on 4 > >> February 2010. ARIN staff will post the result of the > petition to PPML. > >> > >> For more information on starting and participating in > petitions, see PDP > >> Petitions at: https://www.arin.net/policy/pdp_petitions.html > >> > >> The proposal text is below and at: > >> https://www.arin.net/policy/proposals/index.html > >> > >> The ARIN Policy Development Process can be found at: > >> https://www.arin.net/policy/pdp.html > >> > >> Regards, > >> > >> Member Services > >> American Registry for Internet Numbers (ARIN) > >> > >> ##### > >> > >> Aaron Wendel wrote: > >>> I do not feel the AC should abandon Policy Proposal 95: Customer > >>> Confidentiality. I formally petition to move the > following text forward > for > >>> discussion on the list and at the next Public Policy > Meeting. I would > >>> appreciate it if anyone this policy applies to would > support moving this > >>> proposal forward by posting statements in support of the > petition to > this > >>> list. > >>> > >>> 1. Policy Proposal Name: Customer Confidentiality > >>> > >>> 2. Proposal Originator: Aaron Wendel > >>> > >>> 3. Proposal Version: 2.0 > >>> > >>> 4. Date: 10 June 2009 > >>> > >>> 5. Proposal type: new > >>> > >>> 6. Policy term: permanent > >>> > >>> 7. Policy statement: > >>> > >>> ISPs may choose to enter the customer's name along with the ISP's > >>> address and phone number in reassignments and > reallocations in lieu of > >>> the customer's address and phone number. The customer's actual > >>> information must be provided to ARIN on request and will > be held in the > >>> strictest confidence. > >>> > >>> 8. Rationale: > >>> > >>> Version 2.0 clarifies the need for the customer name to > remain in the > >>> SWIP and RWHOIS information. > >>> > >>> Customer contact lists are one of the most proprietary > and confidential > >>> pieces of information in any business. The requirements > for ISPs to > >>> publish those lists via SWIP or RWHOIS runs contrary to > good business > >>> practices and invites competitors and others to solicit > both individuals > >>> and companies receiving reassignments and sub allocations > from upstream > >>> providers. > >>> > >>> 9. Timetable for implementation: immediate > >>> > >>> Aaron Wendel Wholesale Internet, Inc. 324 E. 11th St. Suite 1000 > >>> Kansas City, MO 64106 > >>> 816-256-3031 > >>> > >>> _______________________________________________ > >>> PPML > >>> You are receiving this message because you are subscribed to > >>> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > >>> Unsubscribe or manage your mailing list subscription at: > >>> http://lists.arin.net/mailman/listinfo/arin-ppml > >>> Please contact info at arin.net if you experience any issues. > >>> > >>> > >> > >> > >> _______________________________________________ > >> PPML > >> You are receiving this message because you are subscribed to > >> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > >> Unsubscribe or manage your mailing list subscription at: > >> http://lists.arin.net/mailman/listinfo/arin-ppml > >> Please contact info at arin.net if you experience any issues. > > > > _______________________________________________ > > PPML > > You are receiving this message because you are subscribed to > > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > > Unsubscribe or manage your mailing list subscription at: > > http://lists.arin.net/mailman/listinfo/arin-ppml > > Please contact info at arin.net if you experience any issues. > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 9.0.733 / Virus Database: 271.1.1/2648 - Release > Date: 01/29/10 > 03:08:00 > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > From steve at ibctech.ca Mon Feb 1 20:29:59 2010 From: steve at ibctech.ca (Steve Bertrand) Date: Mon, 01 Feb 2010 20:29:59 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <28E139F46D45AF49A31950F88C49745804FF8A35@E03MVZ2-UKDY.domain1.systemhost.net> References: <28E139F46D45AF49A31950F88C49745804FF8A35@E03MVZ2-UKDY.domain1.systemhost.net> Message-ID: <4B678017.7060300@ibctech.ca> michael.dillon at bt.com wrote: > >> So you run their antivirus software and clean their machines >> if they get infected? If it's that level of managed service, >> then, arguably their machines are part of your infrastructure >> from an administrative perspective. If you are the end-user, >> you don't need to swip the space as a customer assignment. >> If someone else administers the machines, then, that someone >> else should be on the SWIP. > > And what happens when that "someone else"'s 10th grade English > class is interrupted by your phone call about a possible botnet > infection on his uncle's server? ...then the IP was SWIP'ed to a school, and the uncle shouldn't have a server within the school network IP allocation. If he does, then the school PoC is responsible, unless the school assigned a /29 to the uncle. > Let's be realistic here. This is not the Internet of 1990 where > everything was in a big building owned by a big organization that > was paying big bucks for the underlying IT infrastructure that > was connected to the Internet. ...I want to know how to get a hold of the person/people who are managing the machines that are addressed. If you house machines within someone else's ARIN space that requires a /29 or larger, your info should be on it. If 'uncle's' information is on the SWIP, then he should be responsible, disruption to his English class is irrelevant. Steve From steve at ibctech.ca Mon Feb 1 20:34:20 2010 From: steve at ibctech.ca (Steve Bertrand) Date: Mon, 01 Feb 2010 20:34:20 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <4B636B12.6090603@ipinc.net> References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net> <4B636B12.6090603@ipinc.net> Message-ID: <4B67811C.1040208@ibctech.ca> Ted Mittelstaedt wrote: > > So far I count 12 solid supporters of the petition. > > They are: > > jay at handynetworks.com // Handy Networks LLC > joe at joesdatacenter.com // Joe's Datacenter, LLC > network at dimenoc.com //DimeNoc AS33182 > bicknell at ufp.org - bicknell at ufp.org - CCIE 3440 > spamfree at wansecurity.com Robert Smith, CISSP WANSecurity, Inc. > dsd at carpathiahost.com Carpathia Hosting, Inc > thorsten.ziegler at 1and1.com 1&1 Internet, AS8560 > lar at mwtcorp.net ARIN ORG: CBS-129 > bill at herrin.us AS 11875 > stephen.r.middleton at verizon.com Verizon Services Operations > raul at datavo.com Datavo / AS26773 > tony at lava.net LavaNet > > > The following people stated they supported the policy but they > didn't state that they supported the petition > > todd at kcix.net > > The following people supported the petition but didn't identify > who they represent: > > rudi.daniel at gmail.com > marty at akamai.com > rob at lagniappeinternet.com > > Naturally the AC will need to make the "official" determination > but it looks like we will be discussing this. fwiw, I officially support the petition, and the process. We'll deal with the potential policy once it is re-introduced. Steve Bertrand, AS14270, eagle.ca Internet Services, SBE96-ARIN. Steve From steve at ibctech.ca Mon Feb 1 20:44:56 2010 From: steve at ibctech.ca (Steve Bertrand) Date: Mon, 01 Feb 2010 20:44:56 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net> <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> Message-ID: <4B678398.3050106@ibctech.ca> Owen DeLong wrote: > > On Jan 29, 2010, at 5:07 PM, Ted Mittelstaedt wrote: >> Of course it did. The success of the petition means one thing - that >> the AC made a bad decision. >> > I disagree. I think the AC made the absolutely correct decision and that > the petition means that 10 or more members of the community disagree > with the AC's decision sufficiently strongly that they successfully > petitioned > it. That's how the process is supposed to work. There's nothing wrong > with it. > > I think in the end, it is likely that the community as a whole will uphold > the AC's decision, but, in this case, there's enough dissent that it merits > consideration of the full community and that's what is happening. >> >> My only observation on this is that I think if the AC had been >> more specific (and long) on the explanation of why it was dropped >> that people might not have supported the petition. >> > Perhaps. I guess there's a question of resource allocation there in terms > of how much AC time should be spent justifying a decision to abandon > vs. focusing on things still on the docket. I'm not saying we did the > absolutely correct thing in this case, merely that there is a tradeoff to > be considered that isn't part of your previous paragraph. Out of curiosity, is the AC able to focus on the other items on the docket with all of this going on? I mean... this is the first real test. What kind of impact and/or disruption has this caused, if any? It may be worth documenting. >From early experience, how is this conundrum affecting the normal policy process from progressing normally? Is it having an effect? Steve From steve at ibctech.ca Mon Feb 1 23:19:37 2010 From: steve at ibctech.ca (Steve Bertrand) Date: Mon, 01 Feb 2010 23:19:37 -0500 Subject: [arin-ppml] Policy Proposal 95: Customer Confidentiality In-Reply-To: <064a01caa14a$9a8f12c0$cfad3840$@net> References: <02c701caa054$b71df010$2559d030$@net><8695009A81378E48879980039EEDAD28876D3F77@MAIL1.polartel.local><4B621114.3050808@ipinc.net> <4B6212D0.4000404@gmail.com><38dd4e411001281504r2b805200w10ed8534cd615670@mail.gmail.com><38dd4e411001290001i3ddf5004u6e9a4ee0c25bfecf@mail.gmail.com> <6eb799ab1001291617v486e484jfe3fb2dcbdbd2151@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F74D3@RWC-EX1.corp.seven.com> <060b01caa144$66614820$3323d860$@net> <5A6D953473350C4B9995546AFE9939EE081F74E2@RWC-EX1.corp.seven.com> <064a01caa14a$9a8f12c0$cfad3840$@net> Message-ID: <4B67A7D9.6090105@ibctech.ca> Aaron Wendel wrote: > Ok. How would you change the wording to reflect that? ...if you are delegated a /29 or larger, your info is in the SWIP. If the 'operator' of the systems that are assigned the addresses within that /29 are that of the assigning ISP, then the ISP's contact information will be placed *along side* that of the current address holder. If someone requires information on the aggregate address holder, they will use WHOIS to find that information. Steve From michael.dillon at bt.com Tue Feb 2 06:26:05 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Tue, 2 Feb 2010 11:26:05 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <4B678017.7060300@ibctech.ca> Message-ID: <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> > > And what happens when that "someone else"'s 10th grade > English class > > is interrupted by your phone call about a possible botnet > infection on > > his uncle's server? > > ...then the IP was SWIP'ed to a school, and the uncle > shouldn't have a server within the school network IP allocation. A 10th grade kid's extracurricular activities have nothing whatsoever to do with the school's network. We've already been told that this is a small photography business that has a server colocated with their local ISP. Since the business owners are experts in photography, it is reasonable to assume that the server and networking expertise comes from outside the photography business. Since it is a very small business, it is reasonable to assume that they hire tech support as and when needed, not on retainer and not on-call 24x7. It is also reasonable to assume that they would shop around for the best price for said tech support and a 10th-grade nephew is highly likely to fit the profile of cheap tech support. However, said 10th grade nephew has other obligations such as attending school, and keeping their mobile phone turned off while on the school premises. Why on earth do you want to polute the whois directory with thousands of phone numbers for 10th grader's mobile phones? And the number of such tech support people is growing at the same time that their age is dropping. I would not be surprised to learn that their are 8th graders now looking after colocated servers, or VPS root servers. > > Let's be realistic here. This is not the Internet of 1990 where > > everything was in a big building owned by a big > organization that was > > paying big bucks for the underlying IT infrastructure that was > > connected to the Internet. > > ...I want to know how to get a hold of the person/people who > are managing the machines that are addressed. Then the whois directory needs a system for recording stuff like: "Technical contact is attending school between the hours of 8:30 to 4:30 EST, Mondays thru Fridays. Saturdays from 10:00 to 12:00 he is playing baseball. Contactable at (604)555-1234 other times except when he is on a hot date which is most likely Thursday thru Saturday evenings EST." If you have a look through the RIPE database you will see that they do have long complicated notes about who and how to contact various support departments, although I've never seen one quite like the above example. I really do not understand why people do not support the basic and fundamental principle of only recording contact information in the whois directory for people who are READY, WILLING and ABLE to TAKE ACTION when contacted. What good is it to have mobile numbers that ring through to voicemail or contact people who, although they set up the server themselves 3 months ago, have more or less forgotten all the technical details that they barely grasped in the first place. It really should be up to ISPs to manage their customers, and the rest of us should contact the ISPs who have 24x7 support people who are READY, WILLING and ABLE to TAKE ACTION when contacted. If this were the standard way to do things, then ISP contracts would have standard clauses that allow them to unplug servers until the owner can be contacted and arrangements made to clean up the problems. As for servers that are not accepting incoming email or similar things, that is not your problem and it is not ARIN's problem. We can't boil the sea. --Michael Dillon From vaughn at swiftsystems.com Tue Feb 2 07:52:05 2010 From: vaughn at swiftsystems.com (Vaughn Thurman - Swift Systems) Date: Tue, 2 Feb 2010 07:52:05 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> References: <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> Message-ID: As a regional ISP with a mix of colo customers ranging from real big- co's to ma-pa-co's all the way down to the "someday we are going to be..." futon-co's, I wholly agree that IP sub allocation contact data should be discretionary to the ISP. Some would say "you just don't want your competitors looking up the phone numbers for your client's tech contacts if you ever have an outage" and I would honestly answer, well yeah, that too! But honestly, other than that there would actually be no use to reaching out to many of my customers "tech" contacts, so why do this? They are not all here (in colo) just because our air conditioning and power are well conditioned, and facilities secure. They are here so that if they get into trouble of various kinds we can help them because we are reachable. Calling them only delays this process by the extra steps of reaching them first. What if they change thier number and forget to let us know? Believe me, for the orgs large enough to handle these issues there is a mutual and natural incentive to put thier contact data into the swip. Leave the discretion where it belongs IMHO in the hands of the people who have always made this community work, the ISPs. Best regards, Vaughn Sent from my iPhone On Feb 2, 2010, at 6:26 AM, wrote: >>> And what happens when that "someone else"'s 10th grade >> English class >>> is interrupted by your phone call about a possible botnet >> infection on >>> his uncle's server? >> >> ...then the IP was SWIP'ed to a school, and the uncle >> shouldn't have a server within the school network IP allocation. > > A 10th grade kid's extracurricular activities have nothing > whatsoever to do with the school's network. We've already > been told that this is a small photography business that > has a server colocated with their local ISP. Since the > business owners are experts in photography, it is reasonable > to assume that the server and networking expertise comes > from outside the photography business. Since it is a very > small business, it is reasonable to assume that they hire > tech support as and when needed, not on retainer and not > on-call 24x7. It is also reasonable to assume that they > would shop around for the best price for said tech support > and a 10th-grade nephew is highly likely to fit the profile > of cheap tech support. However, said 10th grade nephew has > other obligations such as attending school, and keeping their > mobile phone turned off while on the school premises. > > Why on earth do you want to polute the whois directory with > thousands of phone numbers for 10th grader's mobile phones? > And the number of such tech support people is growing at the > same time that their age is dropping. I would not be surprised > to learn that their are 8th graders now looking after colocated > servers, or VPS root servers. > >>> Let's be realistic here. This is not the Internet of 1990 where >>> everything was in a big building owned by a big >> organization that was >>> paying big bucks for the underlying IT infrastructure that was >>> connected to the Internet. >> >> ...I want to know how to get a hold of the person/people who >> are managing the machines that are addressed. > > Then the whois directory needs a system for recording stuff like: > "Technical contact is attending school between the hours of > 8:30 to 4:30 EST, Mondays thru Fridays. Saturdays from 10:00 to > 12:00 he is playing baseball. Contactable at (604)555-1234 > other times except when he is on a hot date which is most > likely Thursday thru Saturday evenings EST." > > If you have a look through the RIPE database you will see that > they do have long complicated notes about who and how to contact > various support departments, although I've never seen one quite > like the above example. > > I really do not understand why people do not support the basic > and fundamental principle of only recording contact information > in the whois directory for people who are READY, WILLING and ABLE > to TAKE ACTION when contacted. What good is it to have mobile > numbers that ring through to voicemail or contact people who, > although they set up the server themselves 3 months ago, have > more or less forgotten all the technical details that they barely > grasped in the first place. It really should be up to ISPs to > manage their customers, and the rest of us should contact the > ISPs who have 24x7 support people who are READY, WILLING and ABLE > to TAKE ACTION when contacted. If this were the standard way > to do things, then ISP contracts would have standard clauses > that allow them to unplug servers until the owner can be contacted > and arrangements made to clean up the problems. > > As for servers that are not accepting incoming email or similar > things, that is not your problem and it is not ARIN's problem. > We can't boil the sea. > > --Michael Dillon > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. From john.sweeting at twcable.com Tue Feb 2 08:13:47 2010 From: john.sweeting at twcable.com (Sweeting, John) Date: Tue, 2 Feb 2010 08:13:47 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <4B678398.3050106@ibctech.ca> Message-ID: Steve, In answer to your question, yes the AC has continued to stay focused on the business at hand. The petition itself has not been a distraction and although some of the posts not dealing directly with the petition may seem to be a distraction we, the AC, have actually used them to discuss how to make the PDP better moving forward. Over the last 5 days the AC has edited and submitted 3 proposals to ARIN for legal and staff review and there has been 1 additional proposal submitted that should be posted later today. We are on a tight schedule for the Toronto meeting and really cannot afford to be distracted. To be perfectly honest the Petition Process is a very important part of the new PDP and the use of it is fully supported. Thanks for giving me the opportunity to address this issue. -john ++++++ On 2/1/10 8:44 PM, "Steve Bertrand" wrote: Owen DeLong wrote: > > On Jan 29, 2010, at 5:07 PM, Ted Mittelstaedt wrote: >> Of course it did. The success of the petition means one thing - that >> the AC made a bad decision. >> > I disagree. I think the AC made the absolutely correct decision and that > the petition means that 10 or more members of the community disagree > with the AC's decision sufficiently strongly that they successfully > petitioned > it. That's how the process is supposed to work. There's nothing wrong > with it. > > I think in the end, it is likely that the community as a whole will uphold > the AC's decision, but, in this case, there's enough dissent that it merits > consideration of the full community and that's what is happening. >> >> My only observation on this is that I think if the AC had been >> more specific (and long) on the explanation of why it was dropped >> that people might not have supported the petition. >> > Perhaps. I guess there's a question of resource allocation there in terms > of how much AC time should be spent justifying a decision to abandon > vs. focusing on things still on the docket. I'm not saying we did the > absolutely correct thing in this case, merely that there is a tradeoff to > be considered that isn't part of your previous paragraph. Out of curiosity, is the AC able to focus on the other items on the docket with all of this going on? I mean... this is the first real test. What kind of impact and/or disruption has this caused, if any? It may be worth documenting. >From early experience, how is this conundrum affecting the normal policy process from progressing normally? Is it having an effect? Steve _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. From info at arin.net Tue Feb 2 09:46:05 2010 From: info at arin.net (Member Services) Date: Tue, 02 Feb 2010 09:46:05 -0500 Subject: [arin-ppml] Policy Proposal 108: Eliminate the term license in the NRPM Message-ID: <4B683AAD.4020502@arin.net> ARIN received the following policy proposal and is posting it to the Public Policy Mailing List (PPML) in accordance with Policy Development Process. This proposal is in the first stage of the Policy Development Process. ARIN staff will perform the Clarity and Understanding step. Staff does not evaluate the proposal at this time, their goal is to make sure that they understand the proposal and believe the community will as well. Staff will report their results to the ARIN Advisory Council (AC) within 10 days. The AC will review the proposal at their next regularly scheduled meeting (if the period before the next regularly scheduled meeting is less than 10 days, then the period may be extended to the subsequent regularly scheduled meeting). The AC will decide how to utilize the proposal and announce the decision to the PPML. In the meantime, the AC invites everyone to comment on the proposal on the PPML, particularly their support or non-support and the reasoning behind their opinion. Such participation contributes to a thorough vetting and provides important guidance to the AC in their deliberations. Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html The ARIN Policy Development Process can be found at: https://www.arin.net/policy/pdp.html Mailing list subscription information can be found at: https://www.arin.net/mailing_lists/ Regards, Member Services American Registry for Internet Numbers (ARIN) ## * ## Policy Proposal 108: Eliminate the term license in the NRPM Proposal Originator: David Farmer Proposal Version: 1.0 Date: 2 February 2010 Proposal type: modify Policy term: Permanent Policy statement: Delete section 6.4.1 and replace with a new section; 1.1 Number resources are not property To serve the interests of the Internet community as a whole, number resources are not property (real, personal, or intellectual). The allocation and assignment of IP addresses, ASNs, and other number resources are subject to the terms of the ARIN Registration Services Agreement, the policies in this document, and any amendments as may be made to either one. Modify section 11.4 by removing ?on a lease/license basis?, leaving the following; 11.4 Resource Allocation Term and Renewal The Numbering Resources are allocated for a period of one year. The allocation can be renewed on application to ARIN providing information as per Detail One. The identity and details of the applicant and the allocated Numbering Resources will be published under the conditions of ARIN's normal publication policy. At the end of the experiment, resources allocated under this policy will be returned to the available pool. Rationale: As part of the discussion of Policy Proposal #106 the issue of the use of the term ?license? in section 6.4.1 and that it is not likely in harmony with the ARIN Registration Services Agreement was recognized. The AC feels that this issue is important enough to make it a separate Draft Policy that stands on its own. This section could not be fixed by simple editorial changes and it requires a complete rewrite in order to fix the issues. It was further recognized that the concept that ?Number resources are not property? is not exclusively an IPv6 issue and should be moved out of section 6, so that it is clear that it applies to all number resources. Finally, the rest of the NRPM was searched for any additional uses of the term ?license?. One additional use was found in section 11.4, in this case deleting it and a few other words surrounding it, fixes the issue without significantly changing the meaning of the section. Timetable for implementation: Immediate From cengel at sponsordirect.com Tue Feb 2 11:07:44 2010 From: cengel at sponsordirect.com (Chris Engel) Date: Tue, 2 Feb 2010 11:07:44 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: Message-ID: Michael Dillon wrote: "I really do not understand why people do not support the basic and fundamental principle of only recording contact information in the whois directory for people who are READY, WILLING and ABLE to TAKE ACTION when contacted. " Michael is absolutely correct in this. The idea that the business/end user contact listed will be some-one who is ready/willing/able to take action on an issue 24/7/365 is simply a pipe dream.... it's not going to happen. Even for REAL Enterprises (i.e. not your mom & pop shops) only the very large ones are going to have a PUBLICALY listed contact number that is manned round the clock. Very few have NOC coverage that is 24/7/365. With my company....which is definately a real enterprise... you'll see our business contact info listed. If you hit those, you are NOT going to get a response outside of normal business hours. I'm not going to put my cell-phone/home-phone number on ANY of those public listings...nor would I ask any Tech that works for me to do the same. Now, my Service Providers do have 24/7/365 NOC's and they DO have a contact list with our home/cell phone numbers. They even have an escalation list so they know who to try first, and who next if they can't get a response. They are the ones that are perfectly suited to act as Gatekeepers to determine whether a situation really warrants an emergency phone call or whether contact can wait for normal business hours. So if it's 2:00 AM on Sunday morning and some-one is getting hit by a DoS attack from our Network...by jingo, they'll get ahold of one of us....but if it's an offer for Cheap Web Hosting in India (and yes we have gotten those that we KNOW, due to the address used, came in through WHOIS listings)...well that doesn't really need some-one to be woken out of bed to answer. For most companies, it actualy makes alot more sense to be listing thier service providers contact info then thier own (if the service provider allows it). Christopher Engel From kkargel at polartel.com Tue Feb 2 11:17:35 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Tue, 2 Feb 2010 10:17:35 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: References: Message-ID: <8695009A81378E48879980039EEDAD28876D3FBE@MAIL1.polartel.local> > > For most companies, it actualy makes alot more sense to be listing thier > service providers contact info then thier own (if the service provider > allows it). > I completely agree with this, allowing the proviso that it is the customers decision, not the ISP's decision. I as an ISP will certainly advise my customers on the best way to go, and that advise will be different for the barber shop than it is for the manufacturing plant with a tech staff. In the end though, when I SWIP IP's to a customer they are now the proprietor of those IP's and I need to follow their instructions on how those IP's are registered. If my customer requests that I be the tech or abuse contact and they are paying me money then I will happily do so. If they want to be the contact then that is how it will be. We can certainly steer our customers toward a path, but it is not ethical to assume we are smarter than they are and know what they want. The matter of PoC contacts is a simple fill-in-the-blank question (with an option to insert ISP?) on whatever form or conversation you use when you arrange a >/29 assignment to your customer. This does not have to be an onerous task. From bill at herrin.us Tue Feb 2 11:27:35 2010 From: bill at herrin.us (William Herrin) Date: Tue, 2 Feb 2010 11:27:35 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <20100201141522.GA91915@ussenterprise.ufp.org> References: <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <4B65DB30.6080200@umn.edu> <3c3e3fca1001311327n634300far14067c7e5a2657e@mail.gmail.com> <4B662557.5000202@umn.edu> <3c3e3fca1001312032raec9c5ek7478e2444c584c25@mail.gmail.com> <20100201141522.GA91915@ussenterprise.ufp.org> Message-ID: <3c3e3fca1002020827o14dd2f13w7166d9e491bf6272@mail.gmail.com> On Mon, Feb 1, 2010 at 9:15 AM, Leo Bicknell wrote: > I would favor having AC meetings "open to the public". ?To be clear, > the public would be in listen only mode, they could not participate > in any way, shape, or form. > > Sunshine can fix either of the problems here; if the AC is run amock > the public will see it, and if in fact they are doing a good job, > the public will also see that. At the cost of a new problem: restricting the free discussion between AC members. I would hope we can find a way to hold the members of the AC more accountable for their choices without having to hold every word they utter up for scrutiny. Better yet, I'd like to see the board adjust the AC's process so that they focus on their roles as *advisers* leaving fewer decisions for which significant scrutiny is required. The AC should be advising, not deciding. Deciding is what we have the BoT for. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From cengel at sponsordirect.com Tue Feb 2 11:53:56 2010 From: cengel at sponsordirect.com (Chris Engel) Date: Tue, 2 Feb 2010 11:53:56 -0500 Subject: [arin-ppml] Policy Proposal 95: Customer Confidentiality In-Reply-To: Message-ID: Milton L Mueller wrote: "> It's a fact that an audit can't positively confirm the accuracy of an > end-user assignment without checking with the end-user. But this fact does not necessarily imply a generalized capability of any member of the public to check with the end user. There are other mechanisms of doing audits." Milton is absolutely correct here as well. So through a public lookup you know that ACME, inc has been assigned X number of IP addresses. As a member of the general public, how does that actualy help you determine whether that assignment is justified or not? A member of the general public may never have heard of ACME, Inc before and wonder why they should possibly get so many IP's....but they may have just signed a private contract to host all web services for Microsoft. You can't really expect that ACME has to divulge all the details of it's private contracts to anyone that calls them on the phone. ARIN's staff needs that info, because it's THIER job to justify the IP assignment...not John Smith's....and it's ARIN's staff that gets access to that INFO...under proper confidentialty rules. So I'm not really sure of the utility of "public accountability" under such a scenerio. ARIN's accountable to the public for good management of a public resource. The people who request address space from ARIN are accountable to ARIN for utilizing that space in accordance with the justifications they provided for getting it. It's ARIN staff, not the public who actualy have the mechanisms to determine that. The public isn't really going to have the ability to determine whether ACME, inc is a legitimate business under private contracts to provide a huge number of services....or just a shell corporation being run out of some guys basement that's hoarding IP's to try to lease them out later. Christopher Engel From bill at herrin.us Tue Feb 2 11:52:32 2010 From: bill at herrin.us (William Herrin) Date: Tue, 2 Feb 2010 11:52:32 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: References: Message-ID: <3c3e3fca1002020852q22a3626ct8ae1fa8790bcb961@mail.gmail.com> On Tue, Feb 2, 2010 at 11:07 AM, Chris Engel wrote: > Michael Dillon wrote: > >> "I really do not understand why people do not support >> the basic and fundamental principle of only recording >> contact information in the whois directory for people >> who are READY, WILLING and ABLE to TAKE ACTION >> when contacted. " > > Michael is absolutely correct in this. The idea that the >business/end user contact listed will be some-one who >is ready/willing/able to take action on an issue 24/7/365 >is simply a pipe dream.... it's not going to happen. Chris, Whatever happened to the concept of administrative and technical contacts where the administrative contact was capable of dealing with administrative issues associated with the entity and the technical contact was capable of dealing with technical issues associated with the entity's network? I have issues with Joe of the bot-infestation that his ISP is probably better geared to chase down but I also have issues with Joe the /14-holding florist that I want to discuss with Joe directly. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From jcurran at arin.net Tue Feb 2 12:35:18 2010 From: jcurran at arin.net (John Curran) Date: Tue, 2 Feb 2010 12:35:18 -0500 Subject: [arin-ppml] Petition Successful - Policy Proposal 95: Customer Confidentiality Message-ID: <807A78B5-10A0-4CEC-B7D8-8FA829879BC8@arin.net> The petition received the required number of statements of support and is therefore successful. The proposal will be posted as Draft Policy for discussion and review by the community on the Public Policy Mailing List and at the Public Policy Meeting in April. Thank you, /John John Curran President and CEO ARIN From cengel at sponsordirect.com Tue Feb 2 12:52:58 2010 From: cengel at sponsordirect.com (Chris Engel) Date: Tue, 2 Feb 2010 12:52:58 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <3c3e3fca1002020852q22a3626ct8ae1fa8790bcb961@mail.gmail.com> Message-ID: Bill Herrin wrote: "Chris, Whatever happened to the concept of administrative and technical contacts where the administrative contact was capable of dealing with administrative issues associated with the entity and the technical contact was capable of dealing with technical issues associated with the entity's network? I have issues with Joe of the bot-infestation that his ISP is probably better geared to chase down but I also have issues with Joe the /14-holding florist that I want to discuss with Joe directly." Bill, That's great...but I'm not sure how exactly having Joe's contact info really helps you determine whether his /14 is justified? As a member of the general public... you can't FORCE Joe to speak with you, right? As a member of the general public... you can't FORCE Joe to answer questions about how he is using that address space...or even reasonably expect him to answer if his use involves confidential business practices... after-all how does Joe know your not helping a competitor fish for information on his business plans? He may even be under a confidentiality agreement himself which governs who/under what purposes he can reveal information about his services. As a member of the general public.... if Joe is a private corporation, you don't even know how large his business is or how many computer/network assets he actually has or even what he utilizes them for. As a member of the general public.... if Joe decides to feed you a fish story...your means of vetting it are really quite limited...unless he's totally inept at scamming. As a member of the general public.... You can't actually take any IP's Joe has away from him, can you? That would be ARIN's job. As a matter of practicality, about the only real use I can see you for having Joe's contact info in THAT regards is if Joe's ISP assigned him a vastly larger network space then was justified..... and Joe really didn't know anything about it. Even then, it's not like the ISP can actually do anything with that space as long as it's assigned to Joe....and it would mean that Arin's staff was pretty darn asleep at the wheel.... if you as a member of the general public can catch something like that with only cursorary investigative abilities. Furthermore, even the rationale for an ISP wanting to hoard IP's pretty much goes away under IPv6 doesn't it? In other words, I can see a legitimate case usage for wanting the info under such a scenario...but in terms of practicality it strikes me as even far more limited then the counter-case of mapping a competitors customer list or other privacy concerns. I'm not adverse to having customer contact info published under the Administrative section but I DO think it aught to be the customers prerogative to determine if they are listed there or not.... at least as long as it's a public DB that allows anonymous look-ups. If you have to give up your own info to get info on somebody else...I could maybe see the case being otherwise. I could also see maybe exceptions for really large assignments... but practically what use is it to have a listing for every single /28 or /29 that's out there. Are you really going to check out each one as a member of the general public? Honestly, I don't see the listing or not listing as that critical of an issue....but in the absence of a compelling use case for information needing to be public..... I prefer erring on the side of privacy. Just my preferences as a member of the general internet using community. I don't think the world will end or anything like that if the info is public...but if I'm given a preference...privacy is where my priority would fall. Christopher Engel From kkargel at polartel.com Tue Feb 2 12:59:31 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Tue, 2 Feb 2010 11:59:31 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: References: <3c3e3fca1002020852q22a3626ct8ae1fa8790bcb961@mail.gmail.com> Message-ID: <8695009A81378E48879980039EEDAD28876D3FCA@MAIL1.polartel.local> > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of Chris Engel > Sent: Tuesday, February 02, 2010 11:53 AM > To: 'William Herrin' > Cc: arin-ppml at arin.net > Subject: Re: [arin-ppml] Petition Underway - Policy Proposal 95 > > Bill Herrin wrote: > > "Chris, > > Whatever happened to the concept of administrative and technical contacts > where the administrative contact was capable of dealing with > administrative issues associated with the entity and the technical contact > was capable of dealing with technical issues associated with the entity's > network? > > I have issues with Joe of the bot-infestation that his ISP is probably > better geared to chase down but I also have issues with Joe the /14- > holding florist that I want to discuss with Joe directly." > > > Bill, > > That's great...but I'm not sure how exactly having Joe's contact info > really helps you determine whether his /14 is justified? > There are other administrative reasons for speaking to a domain holder. It could be that based on traffic you see on your network you want to set up a peering or other cooperative relationship more appropriate for an admin contact than a tech contact. You may have legal reasons to talk to the company that have nothing to do with netops. From info at arin.net Tue Feb 2 13:09:34 2010 From: info at arin.net (Member Services) Date: Tue, 02 Feb 2010 13:09:34 -0500 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality Message-ID: <4B686A5E.9090503@arin.net> Draft Policy 2010-3 Customer Confidentiality Draft Policy 2010-3 comes from the successful petition of "Policy Proposal 95: Customer Confidentiality." The draft policy is being posted for adoption discussion on the PPML and at the Public Policy Meeting in Toronto in April. The text of this draft policy is under the control of the petitioner, Aaron Wendel, until the conclusion of the Public Policy Meeting. Draft Policy 2010-3 is below and can be found at: https://www.arin.net/policy/proposals/2010_3.html You are encouraged to discuss Draft Policy 2010-3 on the PPML prior to the April Public Policy Meeting. Both the discussion on the list and at the meeting will be used by the ARIN Advisory Council to determine the community consensus for adopting this as policy. The ARIN Policy Development Process can be found at: https://www.arin.net/policy/pdp.html Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html Regards, Member Services American Registry for Internet Numbers (ARIN) ## * ## Draft Policy 2010-3 Customer Confidentiality Version/Date: 2 February 2010 Policy statement: ISPs may choose to enter the customer's name along with the ISP's address and phone number in reassignments and reallocations in lieu of the customer's address and phone number. The customer's actual information must be provided to ARIN on request and will be held in the strictest confidence. Rationale: Version 2.0 clarifies the need for the customer name to remain in the SWIP and RWHOIS information. Customer contact lists are one of the most proprietary and confidential pieces of information in any business. The requirements for ISPs to publish those lists via SWIP or RWHOIS runs contrary to good business practices and invites competitors and others to solicit both individuals and companies receiving reassignments and sub allocations from upstream providers. Timetable for implementation: immediate From bill at herrin.us Tue Feb 2 13:18:34 2010 From: bill at herrin.us (William Herrin) Date: Tue, 2 Feb 2010 13:18:34 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: References: <3c3e3fca1002020852q22a3626ct8ae1fa8790bcb961@mail.gmail.com> Message-ID: <3c3e3fca1002021018t358ce58dy49b8044d9de355ad@mail.gmail.com> On Tue, Feb 2, 2010 at 12:52 PM, Chris Engel wrote: > Bill Herrin wrote: >> I have issues with Joe of the bot-infestation that >>his ISP is probably better geared to chase down >>but I also have issues with Joe the /14-holding >>florist that I want to discuss with Joe directly." > > That's great...but I'm not sure how exactly having >Joe's contact info really helps you determine >whether his /14 is justified? Chris, If Joe, allegedly assigned a /14 from his ISP, is a neighborhood florist and he responds "What's the Internet?" then my audit is basically done and it's time to report the ISP's fraud to ARIN. If his reasons for the /14 are moderately plausible and I get the same result with the other half-dozen suspicious looking assignments then I'm basically done as well, though for the opposite reason. The problem is: Joe's /14 assignment can't look suspicious or look any other way if it's public listing is permissibly redacted to "ISP Customer." There are, of course, other values to an administrative contact. You are, for example, not a common carrier. If your customer is hiding behind your identity as an ISP, you could end up responsible for accepting legal notice on his behalf. Is your legal department staffed adequately to avoid missteps in that process that will get you sued by the complainant, your customer or both? Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From kkargel at polartel.com Tue Feb 2 13:26:27 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Tue, 2 Feb 2010 12:26:27 -0600 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality Message-ID: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> Now that the petition has moved forward I do have some further comments on this proposal. I do not think that ARIN is in the business of defending the secrecy of customer lists. Keeping your customers should be a matter of competitive pricing and quality of service, not sequestering your customers in a closet or keeping them in a walled garden. Free enterprise is part and parcel of doing business on the internet. Hiding community members from contact by prospective service offerings is not included anywhere in the ARIN mission statement that I could see. From jcurran at arin.net Tue Feb 2 13:49:06 2010 From: jcurran at arin.net (John Curran) Date: Tue, 2 Feb 2010 13:49:06 -0500 Subject: [arin-ppml] Notes on the current ARIN Policy Development Process In-Reply-To: <3c3e3fca1001312203i2c5141depf3d4e6d13213c1d6@mail.gmail.com> References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net> <4B636B12.6090603@ipinc.net> <4B638058.7010500@umn.edu> <4B63865F.7070608@ipinc.net> <3c3e3fca1001310835n4fc264edjeb1bcb9441151f29@mail.gmail.com> <3c3e3fca1001312203i2c5141depf3d4e6d13213c1d6@mail.gmail.com> Message-ID: On Feb 1, 2010, at 4:03 PM, William Herrin wrote: > > On Mon, Feb 1, 2010 at 12:32 AM, Owen DeLong wrote: >> The AC was elected to help develop good, technically sound >> policy. > > Owen, > > The AC was elected first and foremost to be shepherds of the bottom-up > public-originated policy development process. Advising whether a > particular proposal is "good, technically sound policy" is supposed to > be the very last step, not the first. Moving it to the front violates, > disrupts and eventually destroys the bottom-up character of the > process. At the end of 2008, the ARIN Board of Trustees adopted an updated Policy Development Process (PDP) which gave ARIN Advisory Council more freedom in handling policy proposals. The revision to the PDP was made after presentation of the proposed changes in the Denver Public Policy Meeting in April 2008, and then after a public call for comments. You can view the full explanation of the changes here: The revised PDP places policy proposals and draft policies under the purview of the AC as opposed to the proposal submitter, and made clear that the AC has the authority edit/merge/abandon policy proposals as needed to come up with draft policies which fair and technically sound. The result of the AC's work then goes to the PPML and the Public Policy Meeting for consideration by the community (full process is available here: ) This change was made to insure that draft policies are technically sound, not duplicative, and consistent with the policy framework. It is hoped that the AC output will be Draft Policies which are strong candidates for adoption and will gain community support as a result during the PPML and Public Policy Meeting discussion. It was recognized that this revision to the PDP places significant control in the hands of the ARIN AC, and hence the petition process was made prominent in the revised PDP to allow any AC action to be petitioned via only 10 members of the community. This is a very low threshold intentionally, so that community could readily bring a matter to the PPML and next Public Policy Meeting. It does not indicate that the AC failed in any manner, but only that an action taken by the AC may warrant further consideration. As this is the first time we're exercising this process, we also taking notes as to the process itself in addition to the results. The Policy Development process is not static, and there's already some thought that we should look at another update based on the experiences and lessons learned with the new PDP to date. If there are specific suggestions that people have which they have not already posted, you may send them to me directly at any time. Of course, there will also be a similar community presentation of any revised PDP and that will also offer another opportunity to provide feedback in a public manner. I post this message to PPML in order to make sure that everyone is aware of these changes, and encourage folks to continue with the important discussions of the policy proposals and drafts which are before us. Thanks! /John John Curran President and CEO ARIN From kkargel at polartel.com Tue Feb 2 13:53:13 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Tue, 2 Feb 2010 12:53:13 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <3c3e3fca1002021018t358ce58dy49b8044d9de355ad@mail.gmail.com> References: <3c3e3fca1002020852q22a3626ct8ae1fa8790bcb961@mail.gmail.com> <3c3e3fca1002021018t358ce58dy49b8044d9de355ad@mail.gmail.com> Message-ID: <8695009A81378E48879980039EEDAD28876D3FCC@MAIL1.polartel.local> > There are, of course, other values to an administrative contact. You > are, for example, not a common carrier. If your customer is hiding > behind your identity as an ISP, you could end up responsible for > accepting legal notice on his behalf. Is your legal department staffed > adequately to avoid missteps in that process that will get you sued by > the complainant, your customer or both? > > Regards, > Bill Herrin One current and active example of this is the flurry of Digital Millenium Copyright Act (DMCA) activity. While there are protections for ISP's under Title II (OCILLA) of that act it *could* be interpreted by the provisions in this act that (as Bill inferred) if you are sequestering your customer then you are assuming the responsibility and/or liability under DMCA. At the very least by that act you are assuming the responsibility to proxy actionable notices to your customer, and if you fail in that responsibility you may assume liabilities. This is for better legal minds than mine to determine, but it makes me wonder. IANAL (I AM NOT A LAWYER) From craig.finseth at state.mn.us Tue Feb 2 13:45:17 2010 From: craig.finseth at state.mn.us (Craig Finseth) Date: Tue, 2 Feb 2010 12:45:17 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <8695009A81378E48879980039EEDAD28876D3FBE@MAIL1.polartel.local> (message from Kevin Kargel on Tue, 2 Feb 2010 10:17:35 -0600) References: <8695009A81378E48879980039EEDAD28876D3FBE@MAIL1.polartel.local> Message-ID: <201002021845.o12IjH5k025052@inana.itg.state.mn.us> Kevin Kargel write: > For most companies, it actualy makes alot more sense to be listing thier > service providers contact info then thier own (if the service provider > allows it). > I completely agree with this, allowing the proviso that it is the customers decision, not the ISP's decision. I as an ISP will certainly advise my customers on the best way to go, and that advise will be different for the barber shop than it is for the manufacturing plant with a tech staff. In the end though, when I SWIP IP's to a customer they are now the proprietor of those IP's and I need to follow their instructions on how those IP's are registered. If my customer requests that I be the tech or abuse contact and they are paying me money then I will happily do so. If they want to be the contact then that is how it will be. We can certainly steer our customers toward a path, but it is not ethical to assume we are smarter than they are and know what they want. The matter of PoC contacts is a simple fill-in-the-blank question (with an option to insert ISP?) on whatever form or conversation you use when you arrange a >/29 assignment to your customer. This does not have to be an onerous task. ------------------------------ I think Kevin's words bear repeating: his summary of the situation is succint and clear and I agree with it 100%. Craig From cengel at sponsordirect.com Tue Feb 2 14:24:50 2010 From: cengel at sponsordirect.com (Chris Engel) Date: Tue, 2 Feb 2010 14:24:50 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <3c3e3fca1002021018t358ce58dy49b8044d9de355ad@mail.gmail.com> Message-ID: Bill Herrin wrote: "There are, of course, other values to an administrative contact. You are, for example, not a common carrier. If your customer is hiding behind your identity as an ISP, you could end up responsible for accepting legal notice on his behalf. Is your legal department staffed adequately to avoid missteps in that process that will get you sued by the complainant, your customer or both?" Bill, That is a great arguement for an ISP WANTING to tell a customer "You must make your admin contact available for public listing as part of the Terms of our service agreement". However why is it ARIN's mission to mandate via policy that decision for BOTH the ISP and the Client. Shouldn't the decision be left in the hands of the parties actualy affected by that decision. I mean if the ISP WANTs to accept responsability for things like relaying Take Down Notices and the client WANT's them to do it...who is ARIN to dictate to them that they can't have that arrangement? By that same token, if I'm something like an ASP (we actually happen to fall into that category) and as part of our application, we provide our customers the ability to send out e-mail from the application.... and some-one finds something ACTIONABLE in one of our clients use of that function (sending e-mail). Then, if the plaintiff has no other way of tracing the origin of that e-mail other then IP...we, as the ASP WILL be getting the initial Legal Notice related to that use anyway...and be responsible for the legal issues in handling/responding/forwarding that NOTICE. Does that mean that ARIN's policy should REQUIRE that we publish in a public database for anonymous lookup every single customer who uses our application and presumably also publish in that same DB the info to track each use of the application to them? If NOT, then why should it insist that an ISP must essentialy do the same thing? As I see it, only 2 things really fall under ARIN's mandate.... 1) Making sure that the use of public address space is fair and equitable. 2) Making sure that every public IP address can be tracked to some ENTITY responsible for answering for it's use. In the case you brought up it would be.... The ISP is the answerable party.... it may be acting as an Agent for the actual end user...but how is that any different from an ASP....or even one of those companies that rents office space/services acting as an Agent for an actual end user of it's services? Again, if both the Service Provider and the Client are willing to have the Service Provider act as an agent for the client.... why should policy dictate that they can't? Heck, if some-one wants to list in WHOIS the admin contact info for thier lawyers office....and thier lawyer is willing to do it...why should ARIN dictate that they can't? Christopher Engel From cengel at sponsordirect.com Tue Feb 2 14:39:57 2010 From: cengel at sponsordirect.com (Chris Engel) Date: Tue, 2 Feb 2010 14:39:57 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: Message-ID: Kevin Kargel wrote: "Now that the petition has moved forward I do have some further comments on this proposal. I do not think that ARIN is in the business of defending the secrecy of customer lists. Keeping your customers should be a matter of competitive pricing and quality of service, not sequestering your customers in a closet or keeping them in a walled garden. Free enterprise is part and parcel of doing business on the internet. Hiding community members from contact by prospective service offerings is not included anywhere in the ARIN mission statement that I could see." Kevin, Could you point to the portion of ARIN's mission statement that covers regulating who a community member may be permited to have act as an agent for them? Christopher Engel From gbonser at seven.com Tue Feb 2 14:40:14 2010 From: gbonser at seven.com (George Bonser) Date: Tue, 2 Feb 2010 11:40:14 -0800 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of Kevin Kargel > Sent: Tuesday, February 02, 2010 10:26 AM > Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality > > Hiding community members from contact by prospective service offerings > is not included anywhere in the ARIN mission statement that I could > see. My feeling as well. But in addition, I would want to make sure that there is a technical POC listed for whoever is the one that actually has "enable"/"root"/"administrator" access to the gear I am communicating with. I don't care if it is the ISP or the end user's IT staff, but I want to make sure that there is a technical contact listed that can actually do something about a problem. I don't want to call an ISP who has no access to the mail/DNS server or router or whatever on that user's network. That is a waste of time for both of us. We run a very lean shop and I don't have a couple of hours to open tickets and wait for a response just to get a contact that I should have been able to obtain from whois. I believe that is the purpose of it to begin with. If you are not going to put the end user's info in whois, there is no sense having whois at all. Incorrect information or information that points to someone who can't help me is worse than useless. I would rather have nothing than have a pointer to a time sink. People should be talking to me when there is a problem and not talking to our finance department or CTO because an SMPP bind with someone's SMSC is failing, for example. I certainly don't want them calling the upstream who SWIPed us the subnet because there is nothing they are going to be able to do about it. They should be able to notice there is a problem, look up the IP address, see the technical POC, send an email or call, and get some kind of a response from someone who is likely to be able to solve or at least troubleshoot the problem. And I want to be able to do the same in the other direction. Whois, for the most part, does that today and saves me time. I am not interested in protecting someone's customer list as a higher priority than getting meaningful work done but don't mind some mechanism of protecting them provided it doesn't make life more difficult for everyone else. Not allowing the ">" operator on certain whois queries might be a way to start. From kkargel at polartel.com Tue Feb 2 14:40:25 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Tue, 2 Feb 2010 13:40:25 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: References: <3c3e3fca1002021018t358ce58dy49b8044d9de355ad@mail.gmail.com> Message-ID: <8695009A81378E48879980039EEDAD28876D3FD2@MAIL1.polartel.local> > > Again, if both the Service Provider and the Client are willing to have the > Service Provider act as an agent for the client.... why should policy > dictate that they can't? > > Heck, if some-one wants to list in WHOIS the admin contact info for thier > lawyers office....and thier lawyer is willing to do it...why should ARIN > dictate that they can't? > > I agree with this, though it is the customer's decision. I can see the point that today the customer may make that decision by deciding whether to use an ISP that SWIPs or one that doesn't.. Personally I would like to see wording to the effect that: The contact information for the customer MUST be entered UNLESS directed by the customer to enter the information for a designated agent as *PoC The intent is to make entering something functional mandatory, to have the actual customer information preferred, but to allow a customer designated agent. The customer designated agent could certainly be the ISP *if* the customer directs it to be so, it could also be their netops contracter, their help desk or their attorney. Let's avoid SHOULD or MAY in the actual wording. SHOULD and MAY are no-ops. From rudi.daniel at gmail.com Tue Feb 2 14:36:10 2010 From: rudi.daniel at gmail.com (Rudolph Daniel) Date: Tue, 2 Feb 2010 15:36:10 -0400 Subject: [arin-ppml] Draft policy 2010-3 Message-ID: <8aeeaff61002021136o4b83ca7t2b82f8be997bbd7a@mail.gmail.com> "The customer's actual information must be provided to ARIN on request and will be held in the strictest confidence." The wording of 2010-3: I think that the "on request" should be a mandatory requirement. ARIN should not have to request it. RD > > Draft Policy 2010-3 > Customer Confidentiality > > Draft Policy 2010-3 comes from the successful petition of "Policy > Proposal 95: Customer Confidentiality." The draft policy is being posted > for adoption discussion on the PPML and at the Public Policy Meeting in > Toronto in April. The text of this draft policy is under the control of > the petitioner, Aaron Wendel, until the conclusion of the Public Policy > Meeting. > > Draft Policy 2010-3 is below and can be found at: > https://www.arin.net/policy/proposals/2010_3.html > > You are encouraged to discuss Draft Policy 2010-3 on the PPML prior to > the April Public Policy Meeting. Both the discussion on the list and > at the meeting will be used by the ARIN Advisory Council to determine > the community consensus for adopting this as policy. > > The ARIN Policy Development Process can be found at: > https://www.arin.net/policy/pdp.html > > Draft Policies and Proposals under discussion can be found at: > https://www.arin.net/policy/proposals/index.html > > Regards, > > Member Services > American Registry for Internet Numbers (ARIN) > > > ## * ## > > > Draft Policy 2010-3 > Customer Confidentiality > > Version/Date: 2 February 2010 > > Policy statement: > > ISPs may choose to enter the customer's name along with the ISP's > address and phone number in reassignments and reallocations in lieu of > the customer's address and phone number. The customer's actual > information must be provided to ARIN on request and will be held in the > strictest confidence. > > Rationale: > > Version 2.0 clarifies the need for the customer name to remain in the > SWIP and RWHOIS information. > > Customer contact lists are one of the most proprietary and confidential > pieces of information in any business. The requirements for ISPs to > publish those lists via SWIP or RWHOIS runs contrary to good business > practices and invites competitors and others to solicit both individuals > and companies receiving reassignments and sub allocations from upstream > providers. > > Timetable for implementation: immediate > > > > > > > > > > ------------------------------ > > Message: 5 > Date: Tue, 2 Feb 2010 13:18:34 -0500 > From: William Herrin > To: Chris Engel > Cc: "arin-ppml at arin.net" > Subject: Re: [arin-ppml] Petition Underway - Policy Proposal 95 > Message-ID: > <3c3e3fca1002021018t358ce58dy49b8044d9de355ad at mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > On Tue, Feb 2, 2010 at 12:52 PM, Chris Engel > wrote: > > Bill Herrin wrote: > >> I have issues with Joe of the bot-infestation that > >>his ISP is probably better geared to chase down > >>but I also have issues with Joe the /14-holding > >>florist that I want to discuss with Joe directly." > > > > That's great...but I'm not sure how exactly having > >Joe's contact info really helps you determine > >whether his /14 is justified? > > Chris, > > If Joe, allegedly assigned a /14 from his ISP, is a neighborhood > florist and he responds "What's the Internet?" then my audit is > basically done and it's time to report the ISP's fraud to ARIN. > > If his reasons for the /14 are moderately plausible and I get the same > result with the other half-dozen suspicious looking assignments then > I'm basically done as well, though for the opposite reason. > > > The problem is: Joe's /14 assignment can't look suspicious or look any > other way if it's public listing is permissibly redacted to "ISP > Customer." > > > There are, of course, other values to an administrative contact. You > are, for example, not a common carrier. If your customer is hiding > behind your identity as an ISP, you could end up responsible for > accepting legal notice on his behalf. Is your legal department staffed > adequately to avoid missteps in that process that will get you sued by > the complainant, your customer or both? > > Regards, > Bill Herrin > > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > > > ------------------------------ > > Message: 6 > Date: Tue, 2 Feb 2010 12:26:27 -0600 > From: Kevin Kargel > To: "'ppml at arin.net'" > Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality > Message-ID: > <8695009A81378E48879980039EEDAD28876D3FCB at MAIL1.polartel.local> > Content-Type: text/plain; charset="us-ascii" > > Now that the petition has moved forward I do have some further comments on > this proposal. > > I do not think that ARIN is in the business of defending the secrecy of > customer lists. Keeping your customers should be a matter of competitive > pricing and quality of service, not sequestering your customers in a closet > or keeping them in a walled garden. Free enterprise is part and parcel of > doing business on the internet. > > Hiding community members from contact by prospective service offerings is > not included anywhere in the ARIN mission statement that I could see. > > > > > > ------------------------------ > > Message: 7 > Date: Tue, 2 Feb 2010 13:49:06 -0500 > From: John Curran > To: William Herrin > Cc: "arin-ppml at arin.net" > Subject: [arin-ppml] Notes on the current ARIN Policy Development > Process > Message-ID: > Content-Type: text/plain; charset="us-ascii" > > On Feb 1, 2010, at 4:03 PM, William Herrin wrote: > > > > On Mon, Feb 1, 2010 at 12:32 AM, Owen DeLong wrote: > >> The AC was elected to help develop good, technically sound > >> policy. > > > > Owen, > > > > The AC was elected first and foremost to be shepherds of the bottom-up > > public-originated policy development process. Advising whether a > > particular proposal is "good, technically sound policy" is supposed to > > be the very last step, not the first. Moving it to the front violates, > > disrupts and eventually destroys the bottom-up character of the > > process. > > At the end of 2008, the ARIN Board of Trustees adopted an updated > Policy Development Process (PDP) which gave ARIN Advisory Council > more freedom in handling policy proposals. The revision to the PDP > was made after presentation of the proposed changes in the Denver > Public Policy Meeting in April 2008, and then after a public call > for comments. You can view the full explanation of the changes here: > > > The revised PDP places policy proposals and draft policies under the > purview of the AC as opposed to the proposal submitter, and made clear > that the AC has the authority edit/merge/abandon policy proposals as > needed to come up with draft policies which fair and technically sound. > The result of the AC's work then goes to the PPML and the Public Policy > Meeting for consideration by the community (full process is available > here: ) > > This change was made to insure that draft policies are technically > sound, not duplicative, and consistent with the policy framework. > It is hoped that the AC output will be Draft Policies which are > strong candidates for adoption and will gain community support as > a result during the PPML and Public Policy Meeting discussion. > > It was recognized that this revision to the PDP places significant > control in the hands of the ARIN AC, and hence the petition process > was made prominent in the revised PDP to allow any AC action to be > petitioned via only 10 members of the community. This is a very > low threshold intentionally, so that community could readily bring > a matter to the PPML and next Public Policy Meeting. It does not > indicate that the AC failed in any manner, but only that an action > taken by the AC may warrant further consideration. As this is the > first time we're exercising this process, we also taking notes as > to the process itself in addition to the results. > > The Policy Development process is not static, and there's already > some thought that we should look at another update based on the > experiences and lessons learned with the new PDP to date. If > there are specific suggestions that people have which they have > not already posted, you may send them to me directly at any time. > Of course, there will also be a similar community presentation > of any revised PDP and that will also offer another opportunity > to provide feedback in a public manner. > > I post this message to PPML in order to make sure that everyone > is aware of these changes, and encourage folks to continue with > the important discussions of the policy proposals and drafts > which are before us. > > Thanks! > /John > > John Curran > President and CEO > ARIN > > > > > > > > ------------------------------ > > Message: 8 > Date: Tue, 2 Feb 2010 12:53:13 -0600 > From: Kevin Kargel > To: 'William Herrin' , 'Chris Engel' > > Cc: "'arin-ppml at arin.net'" > Subject: Re: [arin-ppml] Petition Underway - Policy Proposal 95 > Message-ID: > <8695009A81378E48879980039EEDAD28876D3FCC at MAIL1.polartel.local> > Content-Type: text/plain; charset="us-ascii" > > > There are, of course, other values to an administrative contact. You > > are, for example, not a common carrier. If your customer is hiding > > behind your identity as an ISP, you could end up responsible for > > accepting legal notice on his behalf. Is your legal department staffed > > adequately to avoid missteps in that process that will get you sued by > > the complainant, your customer or both? > > > > Regards, > > Bill Herrin > > > One current and active example of this is the flurry of Digital Millenium > Copyright Act (DMCA) activity. While there are protections for ISP's under > Title II (OCILLA) of that act it *could* be interpreted by the provisions in > this act that (as Bill inferred) if you are sequestering your customer then > you are assuming the responsibility and/or liability under DMCA. At the > very least by that act you are assuming the responsibility to proxy > actionable notices to your customer, and if you fail in that responsibility > you may assume liabilities. > > This is for better legal minds than mine to determine, but it makes me > wonder. > > IANAL (I AM NOT A LAWYER) > > > > > ------------------------------ > > _______________________________________________ > ARIN-PPML mailing list > ARIN-PPML at arin.net > http://lists.arin.net/mailman/listinfo/arin-ppml > > End of ARIN-PPML Digest, Vol 56, Issue 10 > ***************************************** > -- Rudi Daniel e Business Consultant http://www.svgpso.org http://oecstimes.wordpress.com ?The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts.? - Bertrand Russell -------------- next part -------------- An HTML attachment was scrubbed... URL: From kkargel at polartel.com Tue Feb 2 14:46:29 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Tue, 2 Feb 2010 13:46:29 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: References: Message-ID: <8695009A81378E48879980039EEDAD28876D3FD3@MAIL1.polartel.local> > > Kevin, > > Could you point to the portion of ARIN's mission statement that covers > regulating who a community member may be permited to have act as an agent > for them? > > > > Christopher Engel > No. From bill at herrin.us Tue Feb 2 14:47:41 2010 From: bill at herrin.us (William Herrin) Date: Tue, 2 Feb 2010 14:47:41 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: References: Message-ID: <3c3e3fca1002021147x510b431dge9297ab458e85a01@mail.gmail.com> On Tue, Feb 2, 2010 at 2:39 PM, Chris Engel wrote: > Could you point to the portion of ARIN's mission > statement that covers regulating who a community > member may be permited to have act as an agent for them? Chris, I would have no problem with allowing small consumers of IP addresses to instruct the ISP to serve as his SWIP POC so long as the -default- action was open publication. I don't see any compelling cause to deny individuals consuming less than a /24 the right to retain their privacy when they strongly desire to do so. I wouldn't want to see it made a routine either-or decision, though. Perhaps pair it with a dollar annual fee so that a customer who doesn't care one way or the other participates in the SWIP system instead of avoiding it. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From marty at akamai.com Tue Feb 2 14:52:43 2010 From: marty at akamai.com (Martin Hannigan) Date: Tue, 2 Feb 2010 14:52:43 -0500 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <4B686A5E.9090503@arin.net> References: <4B686A5E.9090503@arin.net> Message-ID: On Feb 2, 2010, at 1:09 PM, Member Services wrote: [ clip ] > > Draft Policy 2010-3 > Customer Confidentiality > > Version/Date: 2 February 2010 > > Policy statement: > > ISPs may choose to enter the customer's name along with the ISP's > address and phone number in reassignments and reallocations in lieu of > the customer's address and phone number. If city, state, and zip (equivalents for non US) were added to this that I might support it. We can already nail them down to their neighborhoods with geo-location. Omitting the pinpoint address seems reasonable. I think maintaining a minimum level of neutrality is healthy in this case. While some of our participants would like to use us to control their competition I don't think that we should take the bait. I think that we should instead be reasonable and make some simple modifications that will raise the difficulty level to that off other existing methods for engaging in competitive conduct. > The customer's actual > information must be provided to ARIN on request and will be held in > the > strictest confidence. This is not workable from my perspective. I see no reason to insert ARIN in the loop and this will only introduce confusion. Some will think that they can now refuse to service subpoenas for subscriber information and deflect them to ARIN. I would also think (only because I have significant experience in this area, IANAL) that this may not be CALEA compliant if implemented with this activity. Even though our job is not to minimize liability for people that don't do it themselves, I think that rejecting this proposal based on this section alone is prudent for the good of all. Finally if implemented as is, this will raise ARIN's costs and ultimately be unfairly distributed to the rest of us through our annual fees. I would support this proposal if: 1. Add city, state and zip (equivalents for non US locations) 2. Removed ARIN, Inc. requirements related to address (with)holding 3. Was sound from a regulatory perspective including items 1 and 2 Best, Martin From cgrundemann at gmail.com Tue Feb 2 15:05:50 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Tue, 2 Feb 2010 13:05:50 -0700 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> Message-ID: <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> On Tue, Feb 2, 2010 at 12:40, George Bonser wrote: > > >> -----Original Message----- >> From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] > On >> Behalf Of Kevin Kargel >> Sent: Tuesday, February 02, 2010 10:26 AM >> Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality >> >> Hiding community members from contact by prospective service offerings >> is not included anywhere in the ARIN mission statement that I could >> see. > > My feeling as well. ?But in addition, I would want to make sure that > there is a technical POC listed for whoever is the one that actually has > "enable"/"root"/"administrator" access to the gear I am communicating > with. ?I don't care if it is the ISP or the end user's IT staff, but I > want to make sure that there is a technical contact listed that can > actually do something about a problem. > > I don't want to call an ISP who has no access to the mail/DNS server or > router or whatever on that user's network. That is a waste of time for > both of us. ?We run a very lean shop and I don't have a couple of hours > to open tickets and wait for a response just to get a contact that I > should have been able to obtain from whois. ?I believe that is the > purpose of it to begin with. ?If you are not going to put the end user's > info in whois, there is no sense having whois at all. ?Incorrect > information or information that points to someone who can't help me is > worse than useless. ?I would rather have nothing than have a pointer to > a time sink. > > People should be talking to me when there is a problem and not talking > to our finance department or CTO because an SMPP bind with someone's > SMSC is failing, for example. ?I certainly don't want them calling the > upstream who SWIPed us the subnet because there is nothing they are > going to be able to do about it. > > They should be able to notice there is a problem, look up the IP > address, see the technical POC, send an email or call, and get some kind > of a response from someone who is likely to be able to solve or at least > troubleshoot the problem. ?And I want to be able to do the same in the > other direction. +1 whois must contain valid contact information for the person/entity directly responsible for the host(s) using a given IP. I oppose this and any other policy which undermines this fundamental requirement. ~Chris > > Whois, for the most part, does that today and saves me time. > > I am not interested in protecting someone's customer list as a higher > priority than getting meaningful work done but don't mind some mechanism > of protecting them provided it doesn't make life more difficult for > everyone else. ?Not allowing the ">" operator on certain whois queries > might be a way to start. > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org From gbonser at seven.com Tue Feb 2 15:12:40 2010 From: gbonser at seven.com (George Bonser) Date: Tue, 2 Feb 2010 12:12:40 -0800 Subject: [arin-ppml] Draft policy 2010-3 In-Reply-To: <8aeeaff61002021136o4b83ca7t2b82f8be997bbd7a@mail.gmail.com> References: <8aeeaff61002021136o4b83ca7t2b82f8be997bbd7a@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7563@RWC-EX1.corp.seven.com> And does "strictest confidence" mean nobody can access it? If so, does ARIN want to troubleshoot problems concerning those "strictly confidential" networks out there? Or at least place itself in the middle of such troubleshooting or injecting itself in the middle of disputes concerning nefarious network activity? From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Rudolph Daniel Sent: Tuesday, February 02, 2010 11:36 AM To: arin-ppml at arin.net Subject: [arin-ppml] Draft policy 2010-3 "The customer's actual information must be provided to ARIN on request and will be held in the strictest confidence." The wording of 2010-3: I think that the "on request" should be a mandatory requirement. ARIN should not have to request it. RD -------------- next part -------------- An HTML attachment was scrubbed... URL: From rudi.daniel at gmail.com Tue Feb 2 15:22:17 2010 From: rudi.daniel at gmail.com (Rudolph Daniel) Date: Tue, 2 Feb 2010 16:22:17 -0400 Subject: [arin-ppml] Draft policy 2010-3 In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F7563@RWC-EX1.corp.seven.com> References: <8aeeaff61002021136o4b83ca7t2b82f8be997bbd7a@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7563@RWC-EX1.corp.seven.com> Message-ID: <8aeeaff61002021222i372b9371pa1a1d51086d72b5f@mail.gmail.com> Does the strictly confidence mean, no arbitrary free public access? if so then there would have to be some procedure for access to the information. Correct me if I am mistaken but I dont think ARIN is in the network trouble shooting business. But it should have as much information as possible on its assignments. RD On Tue, Feb 2, 2010 at 4:12 PM, George Bonser wrote: > And does ?strictest confidence? mean nobody can access it? If so, does > ARIN want to troubleshoot problems concerning those ?strictly confidential? > networks out there? Or at least place itself in the middle of such > troubleshooting or injecting itself in the middle of disputes concerning > nefarious network activity? > > > > > > > > *From:* arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] *On > Behalf Of *Rudolph Daniel > *Sent:* Tuesday, February 02, 2010 11:36 AM > *To:* arin-ppml at arin.net > *Subject:* [arin-ppml] Draft policy 2010-3 > > > > "The customer's actual information must be provided to ARIN on requestand will be held in the strictest confidence." > > > > The wording of 2010-3: I think that the "on request" should be a mandatory > requirement. ARIN should not have to request it. > > > > RD > -- Rudi Daniel e Business Consultant http://www.svgpso.org http://oecstimes.wordpress.com ?The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts.? - Bertrand Russell -------------- next part -------------- An HTML attachment was scrubbed... URL: From gbonser at seven.com Tue Feb 2 15:29:11 2010 From: gbonser at seven.com (George Bonser) Date: Tue, 2 Feb 2010 12:29:11 -0800 Subject: [arin-ppml] Draft policy 2010-3 In-Reply-To: <8aeeaff61002021222i372b9371pa1a1d51086d72b5f@mail.gmail.com> References: <8aeeaff61002021136o4b83ca7t2b82f8be997bbd7a@mail.gmail.com><5A6D953473350C4B9995546AFE9939EE081F7563@RWC-EX1.corp.seven.com> <8aeeaff61002021222i372b9371pa1a1d51086d72b5f@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7569@RWC-EX1.corp.seven.com> The notion of "strictly confidential" end users somehow seems to go against the entire fundamental idea that the Internet is a community resource. It does not belong to the ISP or to the end user. The best analogy for this that I can think if is some apartment building owner demanding that all of his residents have his name and phone number listed in directory assistance because some other apartment building owner keeps calling them offering them better deals on rent. From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Rudolph Daniel Sent: Tuesday, February 02, 2010 12:22 PM To: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft policy 2010-3 Does the strictly confidence mean, no arbitrary free public access? if so then there would have to be some procedure for access to the information. Correct me if I am mistaken but I dont think ARIN is in the network trouble shooting business. But it should have as much information as possible on its assignments. RD On Tue, Feb 2, 2010 at 4:12 PM, George Bonser wrote: And does "strictest confidence" mean nobody can access it? If so, does ARIN want to troubleshoot problems concerning those "strictly confidential" networks out there? Or at least place itself in the middle of such troubleshooting or injecting itself in the middle of disputes concerning nefarious network activity? From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Rudolph Daniel Sent: Tuesday, February 02, 2010 11:36 AM To: arin-ppml at arin.net Subject: [arin-ppml] Draft policy 2010-3 "The customer's actual information must be provided to ARIN on request and will be held in the strictest confidence." The wording of 2010-3: I think that the "on request" should be a mandatory requirement. ARIN should not have to request it. RD -- Rudi Daniel e Business Consultant http://www.svgpso.org http://oecstimes.wordpress.com "The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts." - Bertrand Russell -------------- next part -------------- An HTML attachment was scrubbed... URL: From cengel at sponsordirect.com Tue Feb 2 15:34:24 2010 From: cengel at sponsordirect.com (Chris Engel) Date: Tue, 2 Feb 2010 15:34:24 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: Message-ID: Kevin Kargel wrote: "Personally I would like to see wording to the effect that: The contact information for the customer MUST be entered UNLESS directed by the customer to enter the information for a designated agent as *PoC" The wording I would like to see would probably be something along the lines of - In cases of an assignment of less then /24 (or IPv6 Equivalent), contact information for a CONSENTING agent MAY be substituted for the assignee if mutually agreed upon by both service provider and assignee. Party responsible for entering SWIP/WHOIS data must confirm said agents consent to be listed and that contact information is accurate at time of submission. Listed party is responsible for notifying service provider of any changes in consent or contact information. In the event that no mutually agreement can be reached or consent or contact information cannot be verified or the assignment is of /24 or greater contact information of the assignee MUST be used. That should cover Bills public interest usage case of an ISP trying to park a significant assignment on some small end user. It should also insure that who-ever is designated as agent knows and agrees that they are an agent..... and it should give the ISP the option to say "No we really don't want to deal with all this hassle, if you want to use us...we are going to list you." In which case, a client who doesn't like it can say "Fine, we're going with an ISP who offers that service". It also spells out who's responsible for what if everything goes to pot. In other words, it gets ARIN out of the business of mandating decisions for people where parties can work something else out between themselves.... but still insures that there is SOME-ONE willing to take responsbility for being assocaited with the address. Christopher Engel From rudi.daniel at gmail.com Tue Feb 2 15:34:35 2010 From: rudi.daniel at gmail.com (Rudolph Daniel) Date: Tue, 2 Feb 2010 16:34:35 -0400 Subject: [arin-ppml] Draft policy 2010-3 In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F7569@RWC-EX1.corp.seven.com> References: <8aeeaff61002021136o4b83ca7t2b82f8be997bbd7a@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7563@RWC-EX1.corp.seven.com> <8aeeaff61002021222i372b9371pa1a1d51086d72b5f@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7569@RWC-EX1.corp.seven.com> Message-ID: <8aeeaff61002021234wd5e222r8a7da1ad4edfa30@mail.gmail.com> I dont have an unalterable position on 2010-3, I think it deserves discussion. I prefer to have an open discussion than to stay with the status quo. And I would agree that we should view this as pertaining to ipv6. Lets us see what comes out of it. RD On Tue, Feb 2, 2010 at 4:29 PM, George Bonser wrote: > The notion of ?strictly confidential? end users somehow seems to go > against the entire fundamental idea that the Internet is a community > resource. It does not belong to the ISP or to the end user. > > > > The best analogy for this that I can think if is some apartment building > owner demanding that all of his residents have his name and phone number > listed in directory assistance because some other apartment building owner > keeps calling them offering them better deals on rent. > > > > > > > > *From:* arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] *On > Behalf Of *Rudolph Daniel > *Sent:* Tuesday, February 02, 2010 12:22 PM > > *To:* arin-ppml at arin.net > *Subject:* Re: [arin-ppml] Draft policy 2010-3 > > > > Does the strictly confidence mean, no arbitrary free public access? if so > then there would have to be some procedure for access to the information. > Correct me if I am mistaken but I dont think ARIN is in the network trouble > shooting business. But it should have as much information as possible on its > assignments. > > RD > > > > On Tue, Feb 2, 2010 at 4:12 PM, George Bonser wrote: > > And does ?strictest confidence? mean nobody can access it? If so, does > ARIN want to troubleshoot problems concerning those ?strictly confidential? > networks out there? Or at least place itself in the middle of such > troubleshooting or injecting itself in the middle of disputes concerning > nefarious network activity? > > > > > > > > *From:* arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] *On > Behalf Of *Rudolph Daniel > *Sent:* Tuesday, February 02, 2010 11:36 AM > *To:* arin-ppml at arin.net > *Subject:* [arin-ppml] Draft policy 2010-3 > > > > "The customer's actual information must be provided to ARIN on requestand will be held in the strictest confidence." > > > > The wording of 2010-3: I think that the "on request" should be a mandatory > requirement. ARIN should not have to request it. > > > > RD > > > > > -- > Rudi Daniel > e Business Consultant > http://www.svgpso.org > http://oecstimes.wordpress.com > ?The whole problem with the world is that fools and fanatics are always so > certain of themselves, but wiser people so full of doubts.? - Bertrand > Russell > -- Rudi Daniel e Business Consultant http://www.svgpso.org http://oecstimes.wordpress.com ?The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts.? - Bertrand Russell -------------- next part -------------- An HTML attachment was scrubbed... URL: From bicknell at ufp.org Tue Feb 2 15:36:22 2010 From: bicknell at ufp.org (Leo Bicknell) Date: Tue, 2 Feb 2010 12:36:22 -0800 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> Message-ID: <20100202203622.GA66264@ussenterprise.ufp.org> In a message written on Tue, Feb 02, 2010 at 01:05:50PM -0700, Chris Grundemann wrote: > whois must contain valid contact information for the person/entity > directly responsible for the host(s) using a given IP. I oppose this > and any other policy which undermines this fundamental requirement. [snip] > @ChrisGrundemann > weblog.chrisgrundemann.com > www.burningwiththebush.com > www.coisoc.org % dig +short weblog.chrisgrundemann.com 173.14.10.9 % whois -h whois.arin.net "GTS-Castle Rock-CO-2013227" CustName: GTS-Castle Rock-CO-2013227 Address: Private City: Private StateProv: CO PostalCode: 99999 Country: US RegDate: 2009-07-08 Updated: 2009-07-08 NetRange: 173.14.10.8 - 173.14.10.15 CIDR: 173.14.10.8/29 NetName: GTS-CASTLE-ROCK-CO-2013227 NetHandle: NET-173-14-10-8-1 Parent: NET-173-14-0-0-1 NetType: Reassigned Comment: RegDate: 2009-07-08 Updated: 2009-07-08 RAbuseHandle: NAPO-ARIN RAbuseName: Network Abuse and Policy Observance RAbusePhone: +1-856-317-7272 RAbuseEmail: abuse at comcast.net OrgAbuseHandle: NAPO-ARIN OrgAbuseName: Network Abuse and Policy Observance OrgAbusePhone: +1-856-317-7272 OrgAbuseEmail: abuse at comcast.net OrgTechHandle: IC161-ARIN OrgTechName: Comcast Cable Communications Inc OrgTechPhone: +1-856-317-7200 OrgTechEmail: CNIPEO-Ip-registration at cable.comcast.com Your host is in a /29 in the database, and you say the person directly responsible is a fundamental requirement; yet you are not listed. Indeed, I downloaded bulk whois and did this check several years ago. I point you to https://www.arin.net/participate/meetings/reports/ARIN_XVIII/PDF/thursday/WHOIS_Bicknell.pdf. Did you know there were 104,511 netblocks at the same street address! Whee! Turns out it was the street address of PacBell's HQ. So if you want to assert that having contact information is a fundamental requirement then I'm afraid to say by 2006 (when I did that presentation) a good percentage of the SWIP's arlready were missing such information. I believe since then the growth has continued in that direction. -- Leo Bicknell - bicknell at ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available URL: From Ed.Wrona at aeroflex.com Tue Feb 2 15:50:20 2010 From: Ed.Wrona at aeroflex.com (Wrona, Ed) Date: Tue, 2 Feb 2010 15:50:20 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: References: Message-ID: <29CA5C46-5E45-4498-BB9F-673B65CE2792@aeroflex.com> Chris Your comments below echo my situation exactly and I am sitting here now thinking about I am wondering, however, is it by design that you have left the business contact info in whois, even though as you say, there will be response during off-hours ? -Ed Wrona On Feb 2, 2010, at 11:08 AM, "Chris Engel" wrote: > Michael Dillon wrote: > > "I really do not understand why people do not support the basic and > fundamental principle of only recording contact information in the > whois directory for people who are READY, WILLING and ABLE to TAKE > ACTION when contacted. " > > > Michael is absolutely correct in this. The idea that the business/ > end user contact listed will be some-one who is ready/willing/able > to take action on an issue 24/7/365 is simply a pipe dream.... it's > not going to happen. Even for REAL Enterprises (i.e. not your mom & > pop shops) only the very large ones are going to have a PUBLICALY > listed contact number that is manned round the clock. Very few have > NOC coverage that is 24/7/365. > > With my company....which is definately a real enterprise... you'll > see our business contact info listed. If you hit those, you are NOT > going to get a response outside of normal business hours. I'm not > going to put my cell-phone/home-phone number on ANY of those public > listings...nor would I ask any Tech that works for me to do the same. > > Now, my Service Providers do have 24/7/365 NOC's and they DO have a > contact list with our home/cell phone numbers. They even have an > escalation list so they know who to try first, and who next if they > can't get a response. They are the ones that are perfectly suited to > act as Gatekeepers to determine whether a situation really warrants > an emergency phone call or whether contact can wait for normal > business hours. So if it's 2:00 AM on Sunday morning and some-one > is getting hit by a DoS attack from our Network...by jingo, they'll > get ahold of one of us....but if it's an offer for Cheap Web Hosting > in India (and yes we have gotten those that we KNOW, due to the > address used, came in through WHOIS listings)...well that doesn't > really need some-one to be woken out of bed to answer. > > For most companies, it actualy makes alot more sense to be listing > thier service providers contact info then thier own (if the service > provider allows it). > > > > Christopher Engel > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > Notice: This e-mail is intended solely for use of the individual or entity to which it is addressed and may contain information that is proprietary, privileged, company confidential and/or exempt from disclosure under applicable law. If the reader is not the intended recipient or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If this communication has been transmitted from a U.S. location it may also contain data subject to the International Traffic in Arms Regulations or U.S. Export Administration Regulations and cannot be disseminated, distributed or copied to foreign nationals, residing in the U.S. or abroad, without the prior approval of the U.S. Department of State or appropriate export licensing authority. If you have received this communication in error, please notify the sender by reply e-mail or collect telephone call and del ete or destroy all copies of this e-mail message, any physical copies made of this e-mail message and/or any file attachment(s). From Ed.Wrona at aeroflex.com Tue Feb 2 15:52:03 2010 From: Ed.Wrona at aeroflex.com (Wrona, Ed) Date: Tue, 2 Feb 2010 15:52:03 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <29CA5C46-5E45-4498-BB9F-673B65CE2792@aeroflex.com> References: <29CA5C46-5E45-4498-BB9F-673B65CE2792@aeroflex.com> Message-ID: > Sorry bout that. Chris : > Your comments below echo my situation exactly and I am sitting > here now thinking about changing our info. > > I am wondering, however, is it by design that you have left the > business contact info in whois, even though as you say, there will > be NO response during off-hours ? -Ed Wrona On Feb 2, 2010, at 3:50 PM, "Wrona, Ed" wrote: > Chris > > > > -Ed Wrona > > On Feb 2, 2010, at 11:08 AM, "Chris Engel" > wrote: > >> Michael Dillon wrote: >> >> "I really do not understand why people do not support the basic and >> fundamental principle of only recording contact information in the >> whois directory for people who are READY, WILLING and ABLE to TAKE >> ACTION when contacted. " >> >> >> Michael is absolutely correct in this. The idea that the business/ >> end user contact listed will be some-one who is ready/willing/able >> to take action on an issue 24/7/365 is simply a pipe dream.... it's >> not going to happen. Even for REAL Enterprises (i.e. not your mom & >> pop shops) only the very large ones are going to have a PUBLICALY >> listed contact number that is manned round the clock. Very few >> have NOC coverage that is 24/7/365. >> >> With my company....which is definately a real enterprise... you'll >> see our business contact info listed. If you hit those, you are NOT >> going to get a response outside of normal business hours. I'm not >> going to put my cell-phone/home-phone number on ANY of those public >> listings...nor would I ask any Tech that works for me to do the same. >> >> Now, my Service Providers do have 24/7/365 NOC's and they DO have a >> contact list with our home/cell phone numbers. They even have an >> escalation list so they know who to try first, and who next if they >> can't get a response. They are the ones that are perfectly suited >> to act as Gatekeepers to determine whether a situation really >> warrants an emergency phone call or whether contact can wait for >> normal business hours. So if it's 2:00 AM on Sunday morning and >> some-one is getting hit by a DoS attack from our Network...by >> jingo, they'll get ahold of one of us....but if it's an offer for >> Cheap Web Hosting in India (and yes we have gotten those that we >> KNOW, due to the address used, came in through WHOIS >> listings)...well that doesn't really need some-one to be woken out >> of bed to answer. >> >> For most companies, it actualy makes alot more sense to be listing >> thier service providers contact info then thier own (if the service >> provider allows it). >> >> >> >> Christopher Engel >> >> _______________________________________________ >> PPML >> You are receiving this message because you are subscribed to >> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >> Unsubscribe or manage your mailing list subscription at: >> http://lists.arin.net/mailman/listinfo/arin-ppml >> Please contact info at arin.net if you experience any issues. >> Notice: This e-mail is intended solely for use of the individual or entity to which it is addressed and may contain information that is proprietary, privileged, company confidential and/or exempt from disclosure under applicable law. If the reader is not the intended recipient or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If this communication has been transmitted from a U.S. location it may also contain data subject to the International Traffic in Arms Regulations or U.S. Export Administration Regulations and cannot be disseminated, distributed or copied to foreign nationals, residing in the U.S. or abroad, without the prior approval of the U.S. Department of State or appropriate export licensing authority. If you have received this communication in error, please notify the sender by reply e-mail or collect telephone call and del ete or destroy all copies of this e-mail message, any physical copies made of this e-mail message and/or any file attachment(s). From cgrundemann at gmail.com Tue Feb 2 15:52:04 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Tue, 2 Feb 2010 13:52:04 -0700 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <20100202203622.GA66264@ussenterprise.ufp.org> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> Message-ID: <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> On Tue, Feb 2, 2010 at 13:36, Leo Bicknell wrote: > In a message written on Tue, Feb 02, 2010 at 01:05:50PM -0700, Chris Grundemann wrote: >> whois must contain valid contact information for the person/entity >> directly responsible for the host(s) using a given IP. I oppose this >> and any other policy which undermines this fundamental requirement. > [snip] >> @ChrisGrundemann >> weblog.chrisgrundemann.com >> www.burningwiththebush.com >> www.coisoc.org > > % dig +short weblog.chrisgrundemann.com > 173.14.10.9 > % whois -h whois.arin.net "GTS-Castle Rock-CO-2013227" > > CustName: ? GTS-Castle Rock-CO-2013227 > Address: ? ?Private > City: ? ? ? Private > StateProv: ?CO > PostalCode: 99999 > Country: ? ?US > RegDate: ? ?2009-07-08 > Updated: ? ?2009-07-08 > > NetRange: ? 173.14.10.8 - 173.14.10.15 > CIDR: ? ? ? 173.14.10.8/29 > NetName: ? ?GTS-CASTLE-ROCK-CO-2013227 > NetHandle: ?NET-173-14-10-8-1 > Parent: ? ? NET-173-14-0-0-1 > NetType: ? ?Reassigned > Comment: > RegDate: ? ?2009-07-08 > Updated: ? ?2009-07-08 > > RAbuseHandle: NAPO-ARIN > RAbuseName: ? Network Abuse and Policy Observance > RAbusePhone: ?+1-856-317-7272 > RAbuseEmail: ?abuse at comcast.net > > OrgAbuseHandle: NAPO-ARIN > OrgAbuseName: ? Network Abuse and Policy Observance > OrgAbusePhone: ?+1-856-317-7272 > OrgAbuseEmail: ?abuse at comcast.net > > OrgTechHandle: IC161-ARIN > OrgTechName: ? Comcast Cable Communications Inc > OrgTechPhone: ?+1-856-317-7200 > OrgTechEmail: ?CNIPEO-Ip-registration at cable.comcast.com > > Your host is in a /29 in the database, and you say the person > directly responsible is a fundamental requirement; yet you are not > listed. I agree - I think that Comcast should require an abuse and technical contact and published that info, they did not. > > Indeed, I downloaded bulk whois and did this check several years > ago. ?I point you to > https://www.arin.net/participate/meetings/reports/ARIN_XVIII/PDF/thursday/WHOIS_Bicknell.pdf. > > Did you know there were 104,511 netblocks at the same street address! > Whee! ?Turns out it was the street address of PacBell's HQ. > > So if you want to assert that having contact information is a > fundamental requirement then I'm afraid to say by 2006 (when I did > that presentation) a good percentage of the SWIP's arlready were > missing such information. ?I believe since then the growth has > continued in that direction. Agreed again - I think whois is in pretty sorry shape at the moment (for more than one reason); but should we respond by throwing our hands up and codifying bad behavior - or by addressing the problem? ~Chris > > -- > ? ? ? Leo Bicknell - bicknell at ufp.org - CCIE 3440 > ? ? ? ?PGP keys at http://www.ufp.org/~bicknell/ > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org From bicknell at ufp.org Tue Feb 2 16:29:03 2010 From: bicknell at ufp.org (Leo Bicknell) Date: Tue, 2 Feb 2010 13:29:03 -0800 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> Message-ID: <20100202212903.GA70818@ussenterprise.ufp.org> In a message written on Tue, Feb 02, 2010 at 01:52:04PM -0700, Chris Grundemann wrote: > Agreed again - I think whois is in pretty sorry shape at the moment > (for more than one reason); but should we respond by throwing our > hands up and codifying bad behavior - or by addressing the problem? While we clearly disagree on the desired outcome, it appears we both agree that the current situation is absurd. I have consistenly supported proposals to remove this information from whois, and I have also written and spent several years propmoting my own policy in this space (2005-2) which was subsequently abandoned. I have yet to see anyone on the other side of this issue propose any method of "addressing the problem" from the other side, that is tightening requirements such that someone is required to be listed. Please understand this is why I find such positions hypocritical. While I would disgree with tightening requirements, I would respect those making the argument that such requirments were "fundamental" if they were pushing policy initatives to make that actually be the case. Using such forceful language to oppose policy when it is known not to represent the status quo and also when not working to change the status quo leaves the impression that the convictions on that point are weak, or nonexistant. I think ARIN just has the whois thing plain wrong. Allocations and assignments made from ARIN should have regularized information published on them by ARIN. Everything below that should be optional, as decided by the ISP and the customer. More to the point, it should be more open than the current system, a-la what RIPE does. If the customer and the ISP want to put a 20 page missive in whois listing every employee with phone, e-mail, cell, facebook page, and favorite color, great! If they want to not be listed, and have their ISP take calls, great! -- Leo Bicknell - bicknell at ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available URL: From john.sweeting at twcable.com Tue Feb 2 16:52:12 2010 From: john.sweeting at twcable.com (Sweeting, John) Date: Tue, 2 Feb 2010 16:52:12 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <3c3e3fca1001312032raec9c5ek7478e2444c584c25@mail.gmail.com> Message-ID: Hi Bill, First and foremost on behalf of the AC I would like to thank you for your commitment and dedication to the Internet community. You have been one of the biggest contributors to the policy process and many of your ideas are reflected in the current proposals and draft policies that the AC is working on. PP 106 is a direct result of your efforts on PP 103 and hopefully we are capturing some of the spirit and intent of your proposal. The new PDP is very different from the old IRPEP and it has taken time for everyone to adapt to the differences. We are continuously looking to improve and welcome all feedback on the job we are doing. I can tell you that every single member of the AC spends many hours each month working to improve policy as well as recommend new policies that will be of benefit to the community. Members of the AC have different approaches to participation - my personal preference is to *not* post very often and then only to help guide discussion as I would like my opinion to be formed by what I read as well as by my past experience and current knowledge. I assure you that as the Chair I read every post to PPML and that the expectation is that the AC members that shepherd proposals read every post pertinent to their assigned proposals. Most AC members read every post. In short, it's not fair to evaluate AC members' participation on the basis of the number of posts they make to PPML. In addressing your research on the proposals that have been abandoned over the last 18 months I would say that this was in no way intended to be a personal slight and that the AC will attempt to be sensitive to this concern in the future. Please continue to contribute and please feel free to contact me anytime that you see fit. Best Regards, John +++++++++ On 1/31/10 11:32 PM, "William Herrin" wrote: On Sun, Jan 31, 2010 at 7:50 PM, David Farmer wrote: > William Herrin wrote: >> Do you realize that only five of the fifteen of you have participated >> in the PUBLIC policy mailing list this month? > > I'll just point out not everyone participates in the same way, and this is a > good thing, there are other roles to play than opinionated guy who shoots > his mouth off a lot, that I some time play. We do need quite contemplative > thinkers too. I believe the AC is a well rounded group and there are many > different roles to be played on the AC. I don't think it would serve the > community well if we all thought and acted the same. I can tell you that > all of the people on your list above have contributed in their own ways, > even if it wasn't to post to PPML. David, I'm not trying to single out anyone, but frankly I'm frustrated by the AC's collective behavior this past year and I doubt I'm the only one. I'd be far more sympathetic if all the quiet work outside the public eye resulted more and better advice for proposal authors from among the general public, and less suppression of proposals not written by members of the AC itself. Take an instructive look at the proposals abandoned prior to formal discussion over the past 18 months: First, the ones authored by the members of the AC: 96. Abandoned because it was process rather than policy. Referred to the ARIN President for further action. 91. Abandoned without comment, presumably because it was principally a challenge to a Board of Trustees action. I note that it was abandoned despite significant support for the proposal among the community. 87. Abandoned after ARIN staff procedures were altered to accomplish the same result. 85: Abandoned in favor of proposal 91 by the same AC member. Now look at the difference with the ones authored by the general public: 104, 103: Abandoned because "the AC could not support this proposal in its current form" 100: Abandoned without comment as the AC advanced a similar proposal written by one of its members. 98: Abandoned because "the proposal is overly complicated." 95: Abandoned because it resembles a proposal defeated half a decade ago. 92: Abandoned because "The AC [...] does not believe that the problem addressed is immediate nor of sufficient scope" 88: Abandoned without comment. 86: Abandoned on the grounds that modifications to the policy development process can not be made through the policy development process. 83: Abandoned "seeing little support and a large amount of opposition on PPML." Have I painted a clear enough picture or do I need to spell it out? The insiders' right to advance a proposal is almost undisputed while the evaluation of bottom-up policy has progressed from "seeing little [public] support" to "the AC could not support." The BoT has thrown you a nasty conflict of interest by having you sit in judgment on your own proposals as well as those from the general public . Quite frankly you are, as a group, handling it poorly. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. From cgrundemann at gmail.com Tue Feb 2 17:15:21 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Tue, 2 Feb 2010 15:15:21 -0700 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <20100202212903.GA70818@ussenterprise.ufp.org> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> <20100202212903.GA70818@ussenterprise.ufp.org> Message-ID: <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> On Tue, Feb 2, 2010 at 14:29, Leo Bicknell wrote: > In a message written on Tue, Feb 02, 2010 at 01:52:04PM -0700, Chris Grundemann wrote: >> Agreed again - I think whois is in pretty sorry shape at the moment >> (for more than one reason); but should we respond by throwing our >> hands up and codifying bad behavior - or by addressing the problem? > > While we clearly disagree on the desired outcome, it appears we > both agree that the current situation is absurd. > > I have consistenly supported proposals to remove this information > from whois, and I have also written and spent several years propmoting > my own policy in this space (2005-2) which was subsequently abandoned. > > I have yet to see anyone on the other side of this issue propose > any method of "addressing the problem" from the other side, that > is tightening requirements such that someone is required to be > listed. > > Please understand this is why I find such positions hypocritical. > While I would disgree with tightening requirements, I would respect > those making the argument that such requirments were "fundamental" > if they were pushing policy initatives to make that actually be the > case. ?Using such forceful language to oppose policy when it is > known not to represent the status quo and also when not working to > change the status quo leaves the impression that the convictions > on that point are weak, or nonexistant. See policy 2008-7 (and the surrounding discussions), my first step in addressing the problems, as I see them, with our current use of whois. Although I am not prepared to lay out a plan for addressing the whole system in this message - you can be assured that my convictions are real. The status quo does not necessarily (and often does not at all) represent the ideal or the intended. The original intent of whois was to register everyone who was able to pass traffic across the Internet[1]. The required information was name, physical address, phone number and network mailbox. Obviously we can not (and do not want) to register every cell-phone user or PC owner. We do still want to be able to contact network administrators who actually have the ability to make changes on the network in question though. In some cases, this is an ISP but in most cases involving an end-user who is a business, it is the end-user. ~Chris [1] See "WHO SHOULD BE IN THE DATA BASE" in RFC 812 and RFC 954 > I think ARIN just has the whois thing plain wrong. ?Allocations and > assignments made from ARIN should have regularized information > published on them by ARIN. ?Everything below that should be optional, > as decided by the ISP and the customer. ?More to the point, it > should be more open than the current system, a-la what RIPE does. > If the customer and the ISP want to put a 20 page missive in whois > listing every employee with phone, e-mail, cell, facebook page, and > favorite color, great! ?If they want to not be listed, and have > their ISP take calls, great! > > -- > ? ? ? Leo Bicknell - bicknell at ufp.org - CCIE 3440 > ? ? ? ?PGP keys at http://www.ufp.org/~bicknell/ > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org From tony at lava.net Tue Feb 2 17:34:33 2010 From: tony at lava.net (Antonio Querubin) Date: Tue, 2 Feb 2010 12:34:33 -1000 (HST) Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> <20100202212903.GA70818@ussenterprise.ufp.org> <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> Message-ID: On Tue, 2 Feb 2010, Chris Grundemann wrote: > want) to register every cell-phone user or PC owner. We do still want > to be able to contact network administrators who actually have the > ability to make changes on the network in question though. In some > cases, this is an ISP but in most cases involving an end-user who is a > business, it is the end-user. Those who can make the best informed decision about that are really the ISP and end-user. The current two sizes fits all policy still leaves the ISP in a quandary when the end-user is an at-home business. Antonio Querubin 808-545-5282 x3003 e-mail/xmpp: tony at lava.net From bicknell at ufp.org Tue Feb 2 17:49:25 2010 From: bicknell at ufp.org (Leo Bicknell) Date: Tue, 2 Feb 2010 14:49:25 -0800 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> <20100202212903.GA70818@ussenterprise.ufp.org> <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> Message-ID: <20100202224925.GA76402@ussenterprise.ufp.org> In a message written on Tue, Feb 02, 2010 at 03:15:21PM -0700, Chris Grundemann wrote: > See policy 2008-7 (and the surrounding discussions), my first step in > addressing the problems, as I see them, with our current use of whois. > Although I am not prepared to lay out a plan for addressing the whole > system in this message - you can be assured that my convictions are > real. 2008-7 is a bit messy due to the merged proposals, but it seems to me the general concepts at work there are orthogonal to the ones we are discussing at this instance. The recent petition and related discussion is about who should or should not be listed in the database. 2008-7 addresses making sure the info in the database stays up to date post that decision, and what action we take if we find it out of date. > The status quo does not necessarily (and often does not at all) > represent the ideal or the intended. The original intent of whois was > to register everyone who was able to pass traffic across the > Internet[1]. The required information was name, physical address, Let me quote the passage from RFC 954 for others they don't have to go look it up: WHO SHOULD BE IN THE DATABASE DCA requests that each individual with a directory on an ARPANET or MILNET host, who is capable of passing traffic across the DoD Internet, be registered in the NIC WHOIS Database. MILNET TAC users must be registered in the database. I want to point out, at that time substantially all of the network was directly paid for by government contract, so the government was asking for full documentation of who was benefiting from the use of public funds. Indeed, I believe to some degree this is required by Government purchasing rules (that they disclose who receives the funding). As a result I'm dubious this historical artifact has anything to do with the privately run, privately paid for network run by RIR's, and not the DoD that we have today. > ability to make changes on the network in question though. In some > cases, this is an ISP but in most cases involving an end-user who is a > business, it is the end-user. Actually, in many cases it is both. When Grandma's PC is infected with a virus and made part of a botnet there are multiple solutions. Calling Grandma and explaining the situation and having her fix her machine might work. Calling her ISP, and having them disconnect her box, or put it in a quaranteen VLAN and then working with her might work as well. What I advocate is that the RIR's allow the users and ISP's to choose. If Grandma buys from Joes Bait and Internet on the $1.99 a month budget plan, he may list her and not even pick up the phone. If she buys PlatinumCo's $499 a month hyperpeed premium Internet they may send her the PC, manage it remotely for her, and guarantee it to be virus free. They may want to list themselves as the right contact. I don't understand how Stewardship requires us to pick one business model over the over. -- Leo Bicknell - bicknell at ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available URL: From gbonser at seven.com Tue Feb 2 17:51:23 2010 From: gbonser at seven.com (George Bonser) Date: Tue, 2 Feb 2010 14:51:23 -0800 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local><5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com><443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com><20100202203622.GA66264@ussenterprise.ufp.org><443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com><20100202212903.GA70818@ussenterprise.ufp.org><443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7585@RWC-EX1.corp.seven.com> > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of Antonio Querubin > Sent: Tuesday, February 02, 2010 2:35 PM > To: Chris Grundemann > Cc: ppml at arin.net > Subject: Re: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality > > On Tue, 2 Feb 2010, Chris Grundemann wrote: > > > want) to register every cell-phone user or PC owner. We do still want > > to be able to contact network administrators who actually have the > > ability to make changes on the network in question though. In some > > cases, this is an ISP but in most cases involving an end-user who is > a > > business, it is the end-user. I don't believe there is a need to get beyond the realm of common sense. I would not expect private users of internet services to be listed. I would, however, expect users who provide Internet services for the general public and manage those services to be listed. My cell phone is not delivering Internet services and neither is my home network so neither should require listing. From cgrundemann at gmail.com Tue Feb 2 17:54:56 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Tue, 2 Feb 2010 15:54:56 -0700 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F7585@RWC-EX1.corp.seven.com> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> <20100202212903.GA70818@ussenterprise.ufp.org> <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7585@RWC-EX1.corp.seven.com> Message-ID: <443de7ad1002021454r22bd6c17l628daaebbbe65d1b@mail.gmail.com> On Tue, Feb 2, 2010 at 15:51, George Bonser wrote: > > >> -----Original Message----- >> From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] > On >> Behalf Of Antonio Querubin >> Sent: Tuesday, February 02, 2010 2:35 PM >> To: Chris Grundemann >> Cc: ppml at arin.net >> Subject: Re: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality >> >> On Tue, 2 Feb 2010, Chris Grundemann wrote: >> >> > want) to register every cell-phone user or PC owner. We do still > want >> > to be able to contact network administrators who actually have the >> > ability to make changes on the network in question though. In some >> > cases, this is an ISP but in most cases involving an end-user who is >> a >> > business, it is the end-user. > > I don't believe there is a need to get beyond the realm of common sense. > I would not expect private users of internet services to be listed. ?I > would, however, expect users who provide Internet services for the > general public and manage those services to be listed. > > My cell phone is not delivering Internet services and neither is my home > network so neither should require listing. > That was my point as well - we no longer need ALL users of the Internet listed but we do need those who are directly responsible for managing networks to be listed. > > From rwsiv at ETRN.com Tue Feb 2 18:07:26 2010 From: rwsiv at ETRN.com (Robert Sanderson) Date: Tue, 02 Feb 2010 17:07:26 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive In-Reply-To: <4B67811C.1040208@ibctech.ca> References: <02c701caa054$b71df010$2559d030$@net> <4B62098C.60606@arin.net> <4B636B12.6090603@ipinc.net> <4B67811C.1040208@ibctech.ca> Message-ID: <4B68B02E.2070005@ETRN.com> Ted Mittelstaedt wrote: > So far I count 12 solid supporters of the petition. > > They are: > > jay at handynetworks.com // Handy Networks LLC > joe at joesdatacenter.com // Joe's Datacenter, LLC > network at dimenoc.com //DimeNoc AS33182 > bicknell at ufp.org - bicknell at ufp.org - CCIE 3440 > spamfree at wansecurity.com Robert Smith, CISSP WANSecurity, Inc. > dsd at carpathiahost.com Carpathia Hosting, Inc > thorsten.ziegler at 1and1.com 1&1 Internet, AS8560 > lar at mwtcorp.net ARIN ORG: CBS-129 > bill at herrin.us AS 11875 > stephen.r.middleton at verizon.com Verizon Services Operations > raul at datavo.com Datavo / AS26773 > tony at lava.net LavaNet > > > The following people stated they supported the policy but they > didn't state that they supported the petition > > todd at kcix.net > > The following people supported the petition but didn't identify > who they represent: > > rudi.daniel at gmail.com > marty at akamai.com > rob at lagniappeinternet.com > > Naturally the AC will need to make the "official" determination > but it looks like we will be discussing this. > I officially support the petition, and the process. Robert Sanderson, AS15041, ARIN ORG: ETRNC, RWS40-ARIN -Bob From cgrundemann at gmail.com Tue Feb 2 18:55:49 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Tue, 2 Feb 2010 16:55:49 -0700 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <20100202224925.GA76402@ussenterprise.ufp.org> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> <20100202212903.GA70818@ussenterprise.ufp.org> <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> <20100202224925.GA76402@ussenterprise.ufp.org> Message-ID: <443de7ad1002021555m431ded34hf8f1bb8e07740f0a@mail.gmail.com> On Tue, Feb 2, 2010 at 15:49, Leo Bicknell wrote: > In a message written on Tue, Feb 02, 2010 at 03:15:21PM -0700, Chris Grundemann wrote: >> See policy 2008-7 (and the surrounding discussions), my first step in >> addressing the problems, as I see them, with our current use of whois. >> Although I am not prepared to lay out a plan for addressing the whole >> system in this message - you can be assured that my convictions are >> real. > > 2008-7 is a bit messy due to the merged proposals, but it seems to > me the general concepts at work there are orthogonal to the ones > we are discussing at this instance. > > The recent petition and related discussion is about who should or > should not be listed in the database. 2008-7 addresses making sure > the info in the database stays up to date post that decision, and > what action we take if we find it out of date. Correct, I believe that whois data should be both complete and accurate; 2008-7 addresses the latter, here we discuss the former. > >> The status quo does not necessarily (and often does not at all) >> represent the ideal or the intended. The original intent of whois was >> to register everyone who was able to pass traffic across the >> Internet[1]. The required information was name, physical address, > > Let me quote the passage from RFC 954 for others they don't have > to go look it up: > > WHO SHOULD BE IN THE DATABASE > > DCA requests that each individual with a directory on an ARPANET > or MILNET host, who is capable of passing traffic across the DoD > Internet, be registered in the NIC WHOIS Database. MILNET TAC users > must be registered in the database. > > I want to point out, at that time substantially all of the network > was directly paid for by government contract, so the government was > asking for full documentation of who was benefiting from the use > of public funds. Indeed, I believe to some degree this is required > by Government purchasing rules (that they disclose who receives the > funding). > > As a result I'm dubious this historical artifact has anything to > do with the privately run, privately paid for network run by RIR's, > and not the DoD that we have today. Ok lets get more recent, this is from RFC 2050 "Internet Registry IP Allocation Guidelines:" 2.2 Submission of Reassignment Information It is imperative that reassignment information be submitted in a prompt and efficient manner to facilitate database maintenance and ensure database integrity. Therefore, assignment information must be submitted to the regional registry immediately upon making the assignment. The following reasons necessitate transmission of the reassignment information: a) to provide operational staff with information on who is using the network number and to provide a contact in case of operational/security problems, b) to ensure that a provider has exhausted a majority of its current CIDR allocation, thereby justifying an additional allocation, c) to assist in IP allocation studies. Procedures for submitting the reassignment information will be determined by each regional registry based on its unique requirements. All sub-registries (ISPs, Local registries, etc.) must register with their respective regional registry to receive information regarding reassignment guidelines. No additional CIDR blocks will be allocated by the regional registry or upstream providers until approximately 80% of all reassignment information has been submitted. > >> ability to make changes on the network in question though. In some >> cases, this is an ISP but in most cases involving an end-user who is a >> business, it is the end-user. > > Actually, in many cases it is both. When Grandma's PC is infected > with a virus and made part of a botnet there are multiple solutions. > Calling Grandma and explaining the situation and having her fix her > machine might work. Calling her ISP, and having them disconnect > her box, or put it in a quaranteen VLAN and then working with her > might work as well. > > What I advocate is that the RIR's allow the users and ISP's to > choose. If Grandma buys from Joes Bait and Internet on the $1.99 > a month budget plan, he may list her and not even pick up the phone. > If she buys PlatinumCo's $499 a month hyperpeed premium Internet > they may send her the PC, manage it remotely for her, and guarantee > it to be virus free. They may want to list themselves as the right > contact. A very nice corner-case. I will assume that Grandma has a /29 (or larger) and cede that there must be a SWIP and that the proper technical/abuse contact is in fact PlatinumCo. A similar scenario might be if Grandma buys from Joes B&E and then hires ManageCo to install and maintain her PC/Network - in this case ManageCO is very likely the proper technical/abuse contact and I agree that Grandma should be free to designate them as such. I also don't think that current policy precludes this - maybe I missed the part that says every POC must be Grandma (or even in her direct employ; contractors, etc are often made POCs I assume). There is of course more than one reason to list end-users in whois, my primary concern (and the one that I have raised so far) is with valid technical and abuse contacts. The other two raised in RFC 2050 above are; justification of efficient use and research data. The second and third apply more directly in your scenario. Justification of efficient use can be handled by DP 2010-3's inclusion of the line: "The customer's actual information must be provided to ARIN on request..." For now we will ignore the increased burden this likely puts on ARIN staff when evaluating new requests. Access to information for IP allocation (and other similar) studies is not well served by private data however. It is in the best interest of the Internet for it to be studied and I think that we should facilitate that whenever possible. > > I don't understand how Stewardship requires us to pick one business > model over the over. We should not pick one business model over another, we should write clear policy that avoids impinging upon any responsible model. Asking for a valid POC at the entity controlling a network does nothing to establish or impede anyone's business model, with the possible exception of those bad actors who have cause to remain unknown (namely so they can jump from block to block causing mischief). Recording general customer data in whois does not stop either of the models you suggested above from operating either. I am far from convinced that having this data in whois has any negative impact, other than maybe a bit of extra spam - which is an except-able price for the rewards of a proper whois database, IMHO. ~Chris > > -- > Leo Bicknell - bicknell at ufp.org - CCIE 3440 > PGP keys at http://www.ufp.org/~bicknell/ > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org From lar at mwtcorp.net Tue Feb 2 18:56:53 2010 From: lar at mwtcorp.net (lar at mwtcorp.net) Date: Tue, 02 Feb 2010 16:56:53 -0700 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> Message-ID: > > I do not think that ARIN is in the business of defending the secrecy of >customer lists. Keeping your customers should be a matter of competitive >pricing and quality of service, not sequestering your customers in a closet >or keeping them in a walled garden. Free enterprise is part and parcel of >doing business on the internet. ARIN should not be in the business of telling every ISP how to run the day-to-day operations of their business. Each has their own strategies and it's none of any of our business what they are. Free enterprise means that everyone may enter the marketplace and attempt to gather customers to them. Existing organizations can use any lawful means to keep existing customers. You or I may not like some of those practices but free means free. There needs to be some overriding issue that outweighs all normal considerations before a group like ARIN should impact the internal operations of the associated enterprises. The scarcity of IPV4 was and is such a issue. That justifies ARIN requiring ISP's to disclose enough information to determine that each is utilizing the scarce resource in a responsible manner. That does not in my opinion justify requiring making that information public.As an ISP I am exposed to the public and must be accountable, that goes with the teritory, but if I assign ip addresses for lawful use to a law enforcement agency, or a battered women's home, or runaway children's home (the list goes on and on) each has valid reasons why they don't want even their names associated with the IP's they are using. Even an ongoing DOS attack (which is highly unlikely) does not justify the risks associated with the wrong people figuring out where that IP is at. 99.9% of the time it's no big deal but any policy that cannot easily deal with the 0.1% exception is bad policy and should not exist. That is my opinion of the current policy. This proposal, while not going far enough, is at least a step in the right direction. > Hiding community members from contact by prospective service offerings is >not included anywhere in the ARIN mission statement that I could see. > I don't seem to remember congress acting on the ARIN mission statement. It's a private mission statement and not law. It should not be tortured into having an opinion on each proposed policy. The longer I am on this list the more I am beginning to feel that ARIN is a growing bureaucracy that will become the enemy of ISP's and the internet community as a whole. Sometimes I think I'm watching an episode of "pinky and the brain" via email. > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. Larry Ash Network Administrator Mountain West Telephone 400 East 1st St. Casper, WY 82601 Office 307 233-8387 From kkargel at polartel.com Tue Feb 2 19:13:18 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Tue, 2 Feb 2010 18:13:18 -0600 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> Message-ID: <8695009A81378E48879980039EEDAD28876D3FDB@MAIL1.polartel.local> > > > > I do not think that ARIN is in the business of defending the secrecy of > >customer lists. Keeping your customers should be a matter of competitive > >pricing and quality of service, not sequestering your customers in a > closet > >or keeping them in a walled garden. Free enterprise is part and parcel > of > >doing business on the internet. > > ARIN should not be in the business of telling every ISP how to run the > day-to-day > operations of their business. Each has their own strategies and it's none > of > any of our business what they are. Free enterprise means that everyone may > enter the marketplace and attempt to gather customers to them. Existing > organizations > can use any lawful means to keep existing customers. You or I may not like > some of those practices but free means free. Umm, I think ARIN is precisely in the business of managing and shepherding IP addresses. If you don't want to follow the rules for that then you are just going to have to find a way to run your ISP without IP addresses. > > There needs to be some overriding issue that outweighs all normal > considerations > before a group like ARIN should impact the internal operations of the > associated > enterprises. > The scarcity of IPV4 was and is such a issue. That justifies ARIN > requiring > ISP's to > disclose enough information to determine that each is utilizing the scarce > resource > in a responsible manner. That does not in my opinion justify requiring > making that > information public.As an ISP I am exposed to the public and must be > accountable, > that goes with the teritory, but if I assign ip addresses for lawful use > to > a > law enforcement agency, or a battered women's home, or runaway children's > home > (the list goes on and on) each has valid reasons why they don't want even > their > names associated with the IP's they are using. Even an ongoing DOS attack > (which is highly unlikely) does not justify the risks associated with the > wrong > people figuring out where that IP is at. In associations that I have had with covert law enforcement and with organizations like abuse shelters (women's or otherwise) they have always had DBA names for registration of things like phone numbers, mailing addresses, email, etc.. I don't see why this would be any different.. > > 99.9% of the time it's no big deal but any policy that cannot easily deal > with the 0.1% exception is bad policy and should not exist. That > is my opinion of the current policy. Can you point me to a single policy in any organization that deals completely with 100% of any possible situation and does it fairly and optimally? > > This proposal, while not going far enough, is at least a step in the right > direction. > > > > Hiding community members from contact by prospective service offerings > is > >not included anywhere in the ARIN mission statement that I could see. > > > > I don't seem to remember congress acting on the ARIN mission statement. > It's > a private mission statement and not law. It should not be tortured into > having an opinion on each proposed policy. I don't see where anyone referred to any of this as a law. Do I understand you correctly as saying that ARIN should not have an opinion on each proposed policy? ARIN covers more territory than the USA.. Or are you saying that Canada and the Caribbean fall under US law? > > > The longer I am on this list the more I am beginning to feel that ARIN > is a growing bureaucracy that will become the enemy of ISP's and the > internet community as a whole. > > > Sometimes I think I'm watching an episode of "pinky and the brain" via > email. > > > > > > > _______________________________________________ > > PPML > > You are receiving this message because you are subscribed to > > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > > Unsubscribe or manage your mailing list subscription at: > > http://lists.arin.net/mailman/listinfo/arin-ppml > > Please contact info at arin.net if you experience any issues. > > Larry Ash > Network Administrator > Mountain West Telephone > 400 East 1st St. > Casper, WY 82601 > Office 307 233-8387 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. From tony at lava.net Tue Feb 2 19:45:32 2010 From: tony at lava.net (Antonio Querubin) Date: Tue, 2 Feb 2010 14:45:32 -1000 (HST) Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <8695009A81378E48879980039EEDAD28876D3FDB@MAIL1.polartel.local> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <8695009A81378E48879980039EEDAD28876D3FDB@MAIL1.polartel.local> Message-ID: On Tue, 2 Feb 2010, Kevin Kargel wrote: > shepherding IP addresses. If you don't want to follow the rules for > that then you are just going to have to find a way to run your ISP > without IP addresses. I would hope this discussion is about finding ways to CHANGE the rules to be more relevant, fair, and inclusive. Antonio Querubin 808-545-5282 x3003 e-mail/xmpp: tony at lava.net From bicknell at ufp.org Tue Feb 2 20:53:51 2010 From: bicknell at ufp.org (Leo Bicknell) Date: Tue, 2 Feb 2010 17:53:51 -0800 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <443de7ad1002021555m431ded34hf8f1bb8e07740f0a@mail.gmail.com> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> <20100202212903.GA70818@ussenterprise.ufp.org> <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> <20100202224925.GA76402@ussenterprise.ufp.org> <443de7ad1002021555m431ded34hf8f1bb8e07740f0a@mail.gmail.com> Message-ID: <20100203015351.GA86626@ussenterprise.ufp.org> In a message written on Tue, Feb 02, 2010 at 04:55:49PM -0700, Chris Grundemann wrote: > Correct, I believe that whois data should be both complete and > accurate; 2008-7 addresses the latter, here we discuss the former. For the record, I agree that whatever information the rules say should be in whois needs to be accurate and up to date. I support efforts to make it so. I will also note, one of the issues raised by staff is that with the current level of information there are man-years of work to verify it all. Turning that around, if we have less information in the database it's likely it can be verified more often, with less staff. I suppose that is a bit of a linkage, the more info in the database the harder it is to keep it all accurate. > Ok lets get more recent, this is from RFC 2050 "Internet Registry IP > Allocation Guidelines:" > > 2.2 Submission of Reassignment Information 2.2 covers that the ISP's must provide everything you quote to ARIN. There is no requirement expressed or implied that ARIN in turn provide all of that information to the public. But let's break these down step by step: > a) to provide operational staff with information on who is using > the network number and to provide a contact in case of > operational/security problems, This becomes the core of the argument. It is quite vague. I could argue that a record of the form "Cable Modem Customers in Detroit", "abuse at cableco.com" on a /20 satisifies this requirement. I could also argue that even in the case of DHCP /32 assignments in a cable network they need to be in whois so your operation staff knows "who is using the network number". I don't think the text really provides any strong guidence on the standard by which this point is met. A number of people have proposed standards over time, and the only one that makes any sense to me is to list the entity that is "ready, willing, and able" to handle operational issues. Unfortunately even on that standard I could make arguments for and against various folks. So, to our discussion above. I'd rather ISP's and End Users decide together who is, or is not listed. I'd then like ARIN to agressively test and verify that someone answer the phone, reply to the e-mail, etc. That is, the useful response indicates that the person listed is right, rather than any arbitrary standard. > b) to ensure that a provider has exhausted a majority of its > current CIDR allocation, thereby justifying an additional > allocation, Let's look at what is required of registries when making this determination, also from 2050: ] 3.2 Network Engineering Plans ] ] Before a registry makes an assignment, it must examine each address ] space request in terms of the requesting organization's networking ] plans. These plans should be documented, and the following information ] should be included: ] ] 1. subnetting plans, including subnet masks and number of hosts on ] each subnet for at least one year ] 2. a description of the network topology ] 3. a description of the network routing plans, including the routing ] protocols to be used as well as any limitations. [And more] So from an "audit" perspective, if you wanted to independantly reconstruct that the ISP was justified in assinging a netblown downstream you would need this documentation. AFAIK, there has never been any such documentation in WHOIS, and thus there has never been any way to perform an independant audit. Having tried to make sense of SWIP's in whois, I don't see how a third party, armed only with whois data, could verify justification in any way. > c) to assist in IP allocation studies. The vaguest of vague statements. Assist how much? Similar to point b, without the data you can't do full independant studies, so we're already in the weeds with respect to IP allocation studies. Providing an entry that a /24 is full of cable modem customers is "assisting". Providing /32 information is assisting. With no objective standard, there's no way to know what is "required". I honestly have no idea what to make of this requirement. > Justification of efficient use can be handled by DP 2010-3's inclusion > of the line: "The customer's actual information must be provided to > ARIN on request..." For now we will ignore the increased burden this > likely puts on ARIN staff when evaluating new requests. ARIN already collects information under NDA from those applying for addresses. All the diagrams and routing plans and such referenced in 2050 are supplied under NDA and never listed in WHOIS. I see no reason to change that. If ARIN wants to ask for the customer name and address under NDA, that's fine with me. It may be appropriate in many cases. > I am far from convinced that having this data in whois has any > negative impact, other than maybe a bit of extra spam - which is an > except-able price for the rewards of a proper whois database, IMHO. I suggest it has a chilling effect for a number of groups of people. It may prevent various classes of people from obtaining various classes of services. For instance, one of the things behind residential privacy was that a battered woman who's moved away from her spouse should be able to get Internet access without being listed in a public database. Another example is that America has a long history of protecting anonymous polticial speach, but if you have to be in a public database to host your web site then how can you have that? But all those aside, I think the real negative impact is on the quality of the data. ARIN staff provided an esimtate on simply e-mailing every contact in the database to see if the e-mail addresses worked, and IIRC it was 3 years! By putting so much data into whois we've created a gigantic mountain for a proposal like 2008-7. Rather than verifing all the records once a year at a reasonable cost, staff is predicting years of work and having to hire multiple FTE's to keep the data accurate. We're all going to pay for that in the form of increased fees. The devel will be in the details, but here's the compromise I am willing to support. If we can remove residential users from the database completely, and provide a formal framework for ISP's to indicate they are the abuse/noc contact for a downstream so it's clear in the public facing database then I can support expending much more staff effort on verifing that e-mail addresses and phone numbers work on a regular basis. So yes, there will be less data in the database, but it will be orders of magnitude more likely to be correct and verified on a regular basis. Is there some middle ground there? -- Leo Bicknell - bicknell at ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available URL: From mysidia at gmail.com Tue Feb 2 21:30:43 2010 From: mysidia at gmail.com (James Hess) Date: Tue, 2 Feb 2010 20:30:43 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> References: <4B678017.7060300@ibctech.ca> <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> Message-ID: <6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> On Tue, Feb 2, 2010 at 5:26 AM, wrote: > A 10th grade kid's extracurricular activities have nothing > whatsoever to do with the school's network. We've already > been told that this is a small photography business that > has a server colocated with their local ISP. Since the _A server colocated with their local ISP_ stop. One server does not justify a /29, it doesn't have to be SWIP'ed or listed in WHOIS. > business owners are experts in photography, it is reasonable > to assume that the server and networking expertise comes > from outside the photography business. [...] Yes. And part of that "networking expertise" includes providing someone to contact about abuse and other abuses. > tech support as and when needed, not on retainer and not > on-call 24x7. It is also reasonable to assume that they If they are not on-call 24x7, then the contact information provided should be contact information that goes to a "Voicemail service" when the contact is not on call. It is not an issue with the registry if someone chose to provide a phone number capable of disrupting an off-call admin. Generally, the phone numbers used should be ones that belong to the organization, that only work when an admin is available. Important networks should have someone on call 24x7. > Why on earth do you want to polute the whois directory with > thousands of phone numbers for 10th grader's mobile phones? This is a classic example of a straw man argument. In no way, shape or form, does current policy imply polluting the directory with 10th graders' mobile phone numbers. Nothing says mobile phones must be in the directory. No ARIN policy says that contacts must be reachable 24x7, or that mobile phone numbers must be provided. It is advisable that someone be available to answer the phone 24x7 for the contact number, for important networks, it is not required. The contact doesn't have to be one person, and hiring or otherwise providing contacts is part of the cost you bear in connecting to the internet. Even if your network is too small for a SWIP or WHOIS listing to be required, legitimate ISPs/collocation providers always require a phone number. And the collocated server adminned by the 10th grader might get turned off, if the number provided to the ISP does not get answered, even without SWIP listings of contacts. > Then the whois directory needs a system for recording stuff like: > "Technical contact is attending school between the hours of > 8:30 to 4:30 EST, Mondays thru Fridays. Saturdays from 10:00 to > 12:00 he is playing baseball. Contactable at (604)555-1234 > other times except when he is on a hot date which is most > likely Thursday thru Saturday evenings EST." That's called unpredictable availability of the technical contact. It is not suitable for important networks, but there is no ARIN rule against it. The dedicated 'phone number' provided to ARIN for WHOIS can simply contain a voicemail message explaining it, when called while the contact is out. I believe there is a "Comment:" attribute provided by WHOIS. It could be populated via SWIP, or the ISP could populate its whois server with that. -- -J From bicknell at ufp.org Tue Feb 2 21:46:19 2010 From: bicknell at ufp.org (Leo Bicknell) Date: Tue, 2 Feb 2010 18:46:19 -0800 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> References: <4B678017.7060300@ibctech.ca> <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> <6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> Message-ID: <20100203024619.GA91971@ussenterprise.ufp.org> In a message written on Tue, Feb 02, 2010 at 08:30:43PM -0600, James Hess wrote: > _A server colocated with their local ISP_ stop. One server does not > justify a /29, it doesn't have to be SWIP'ed or listed in WHOIS. Actually.... I have seen some colo ISP's that put every customer in a separate VLAN. Typically they feed these two two routers, running VRRP or HSRP. So a single server needs a subnet with space for 4 devices, router1, router2, virtual gateway, and server IP address. The smallest subnet that can do that is a /29. So, it is possible for a single colocated server to consume a /29. Not everyone does it that way, of course. -- Leo Bicknell - bicknell at ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available URL: From mysidia at gmail.com Tue Feb 2 21:58:20 2010 From: mysidia at gmail.com (James Hess) Date: Tue, 2 Feb 2010 20:58:20 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: References: <3c3e3fca1002020852q22a3626ct8ae1fa8790bcb961@mail.gmail.com> Message-ID: <6eb799ab1002021858w52c817adlfc660f66e429e49e@mail.gmail.com> On Tue, Feb 2, 2010 at 11:52 AM, Chris Engel wrote: > Bill Herrin wrote: > "Chris, > That's great...but I'm not sure how exactly having Joe's contact info really helps you determine whether his /14 is justified? > As a member of the general public... you can't FORCE Joe to speak with you, right? You can't FORCE him to physically. But when Joe wants to peer with your network or get transit from you, your contact can ask his contact a few questions before you agree to let him link up with you and announce that /24. Networks are not islands. Joe's network is not a self-contained entity like a private castle. Members of the public have to be willing to interact with Joe's network, e.g. other networks have to let Joe's traffic pass through, for Joe to have connectivity using that IP space. If many members of the public decide that Joe is not legitimate, and they will block his use of those addresses, and refuse to peer with him and receive that /24 prefix, then Joe will have limited or no connectivity. You can use WHOIS contacts to assist in investigating Joe's claim that his organization has been assigned this /24. WHOIS may also be used by DNSBLs investigating reports that usages of certain IP ranges are 'hijacked'. Joe can't simply enter demonstrably false info into the WHOIS database and expect there to never ever be any negative consequences as a result of that. The fact the data is public could serve as a deterrant to entering obviously false info. -- -J From gbonser at seven.com Tue Feb 2 22:00:22 2010 From: gbonser at seven.com (George Bonser) Date: Tue, 2 Feb 2010 19:00:22 -0800 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:CustomerConfidentiality - Time Sensitive In-Reply-To: <20100203024619.GA91971@ussenterprise.ufp.org> References: <4B678017.7060300@ibctech.ca><28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net><6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> <20100203024619.GA91971@ussenterprise.ufp.org> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F759D@RWC-EX1.corp.seven.com> > > So, it is possible for a single colocated server to consume a /29. > Not everyone does it that way, of course. > > -- > Leo Bicknell - bicknell at ufp.org - CCIE 3440 > PGP keys at http://www.ufp.org/~bicknell/ It is possible for a PROVIDER to consume a /29 in providing a single server. The end user isn't issued a /29 for addressing their machines. The end user in this case is issued a single IP address. I am sure we can all make up wacky corner cases or twist things around but that isn't what is at issue here, nobody expects perfection under all cases. From joe at joesdatacenter.com Tue Feb 2 22:11:40 2010 From: joe at joesdatacenter.com (Joe Morgan) Date: Tue, 2 Feb 2010 21:11:40 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <20100203024619.GA91971@ussenterprise.ufp.org> References: <4B678017.7060300@ibctech.ca> <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> <6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> <20100203024619.GA91971@ussenterprise.ufp.org> Message-ID: <38dd4e411002021911r777165ecxe2361d0a86e6b3c3@mail.gmail.com> The colo industry or dedicated server industry almost always gives at least a /29. Most customers will need multiple ips for things like name servers, ssl certs, ect. I believe I can safely say that it is almost a industry standard. I can tell you from my experience the customer is not going to be nearly as responsive as I am to security or abuse complaints. I would much rather be able to put my contact information for abuse than the customers for multiple reasons. My company watches the abuse system 24/7 365 and needs to know about all security or abuse complaints. If the customer is directly contacted then how am I going to know that there is somebody on my network violating my AUP? If you cannot get the abuse contact to answer your complaints your just going to end up sending the complaint to me anyway. I really cannot see how the address of phone number helps in verifying accurate data, that can be just as accurate or inaccurate as a company name. If you try and contact a customer and are unsatisfied or cannot verify the data your just going to end up contacting me about it. If I put my contact information down at least I know that I am doing my part and providing accurate contact information so abuse and security complaints can be handled quickly. At the end of the day I am ultimately responsible for what happens on my network and I have the best idea of what or how abuse should be handled so why shouldn't I be in charge of deciding what that contact information is. I think part of the problem is that people just want to get there noses in other peoples business and for some reason feel that it is there right to know my customers information. I really don't see why anyone needs to know my customer list besides me. On Tue, Feb 2, 2010 at 8:46 PM, Leo Bicknell wrote: > In a message written on Tue, Feb 02, 2010 at 08:30:43PM -0600, James Hess wrote: >> _A server colocated with their local ISP_ ? stop. One server does not >> justify a /29, ?it doesn't have to be SWIP'ed or listed in WHOIS. > > Actually.... > > I have seen some colo ISP's that put every customer in a separate > VLAN. ?Typically they feed these two two routers, running VRRP or > HSRP. ?So a single server needs a subnet with space for 4 devices, > router1, router2, virtual gateway, and server IP address. ?The > smallest subnet that can do that is a /29. > > So, it is possible for a single colocated server to consume a /29. > Not everyone does it that way, of course. > > -- > ? ? ? Leo Bicknell - bicknell at ufp.org - CCIE 3440 > ? ? ? ?PGP keys at http://www.ufp.org/~bicknell/ > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- Thank You, Joe Morgan Joe's Datacenter, LLC http://joesdatacenter.com From gbonser at seven.com Tue Feb 2 22:21:01 2010 From: gbonser at seven.com (George Bonser) Date: Tue, 2 Feb 2010 19:21:01 -0800 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:CustomerConfidentiality - Time Sensitive In-Reply-To: <38dd4e411002021911r777165ecxe2361d0a86e6b3c3@mail.gmail.com> References: <4B678017.7060300@ibctech.ca><28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net><6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com><20100203024619.GA91971@ussenterprise.ufp.org> <38dd4e411002021911r777165ecxe2361d0a86e6b3c3@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F759F@RWC-EX1.corp.seven.com> > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of Joe Morgan > Sent: Tuesday, February 02, 2010 7:12 PM > To: arin-ppml at arin.net > Subject: Re: [arin-ppml] Petition Underway - Policy Proposal > 95:CustomerConfidentiality - Time Sensitive > > I can tell you from my experience the > customer is not going to be nearly as responsive as I am to security > or abuse complaints. Being responsive is a good thing. But can you actually DO anything about it? Again, I am mainly talking about someone who was SWIPed a /24 or better but doesn't even announce it to you anymore. They might have some colo space with you and maintain a relationship, but that specific network is possibly in a different facility and the traffic possibly doesn't even go through you. You might answer your phone, but can you actually do anything? And the extent to which the user is responsive or not might have different consequence depending on the reason I am trying to contact them. If they are losing traffic, it is their loss if they aren't responsive. If they are engaged in nefarious activity and aren't responsive, I want to know what other blocks they have so I can monitor those as well. And I want to know who they are so when they move out of your net into someone else's, I can follow where they go. > I would much rather be able to put my contact > information for abuse than the customers for multiple reasons. I have no problem with you putting your contact in for the abuse contact. That might be a great idea. But when it comes to the technical contact, I want the person with "enable" and "root" on their stuff. If that is you, then by all means put your name in the tech contact, too. From mysidia at gmail.com Tue Feb 2 22:21:27 2010 From: mysidia at gmail.com (James Hess) Date: Tue, 2 Feb 2010 21:21:27 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <38dd4e411002021911r777165ecxe2361d0a86e6b3c3@mail.gmail.com> References: <4B678017.7060300@ibctech.ca> <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> <6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> <20100203024619.GA91971@ussenterprise.ufp.org> <38dd4e411002021911r777165ecxe2361d0a86e6b3c3@mail.gmail.com> Message-ID: <6eb799ab1002021921u4c910e11mbd84e8fee2b1078e@mail.gmail.com> On Tue, Feb 2, 2010 at 9:11 PM, Joe Morgan wrote: > The colo industry or dedicated server industry almost always gives at > least a /29. Most customers will need multiple ips for things like I'm under the impression the colo industry usually re-assigns a /29 to itself, and sub-delegates several IP addresses from that /29 to the customer. Unless there is a customer router involved, the entire block has not been subdelegated. > almost a industry standard. ?I can tell you from my experience the > customer is not going to be nearly as responsive as I am to security > or abuse complaints. I would much rather be able to put my contact Most abuse complaints will get addressed to the upstream too. I've seen e-mail abuse complaints before, and senders are usually very liberal in whom they CC. The upstream providers, and sometimes even ARIN itself are almost always Cc'd. > information for abuse than the customers for multiple reasons. My > company watches the abuse system 24/7 365 and needs to know about all > security or abuse complaints. If the customer is directly contacted > then how am I going to know that there is somebody on my network By listing yourself as the official abuse contact when SWIP'ing. Or on your RWHOIS server, where you have more direct control of what gets listed. Include the item as one of the terms of the collocation agreement, that you will provide the 24x7 abuse contact for the IP space, and that the customer must provide you as one as well. If an ISP wishes to do this, the current text of the NRPM does not stop or prevent the ISP from including themselves as an additional contact on the SWIP record. -- -Mysid From joe at joesdatacenter.com Tue Feb 2 22:21:54 2010 From: joe at joesdatacenter.com (Joe Morgan) Date: Tue, 2 Feb 2010 21:21:54 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <6eb799ab1002021858w52c817adlfc660f66e429e49e@mail.gmail.com> References: <3c3e3fca1002020852q22a3626ct8ae1fa8790bcb961@mail.gmail.com> <6eb799ab1002021858w52c817adlfc660f66e429e49e@mail.gmail.com> Message-ID: <38dd4e411002021921l24aa32f8tc94f1c2f073a4bd7@mail.gmail.com> > WHOIS may also be used by DNSBLs investigating reports that usages of > certain IP ranges are 'hijacked'. > > Joe can't simply enter demonstrably false info into the WHOIS > database and expect there to never ever be any negative consequences > as a result of that. > > The fact the data is public could serve as a deterrant to entering > obviously false info. Just my 2 cents I have had DNSBLS been mistaken by trying to piece together information by scanning swips or rdns and not directly contacting me. I have seen them claim to know that a customer is a spammer or is using a false name without knowing any information about when the customer went online or if I have already removed a old customer that violated my AUP. Just because DNSBLS use this information does not mean its there right or that they even do a accurate job. I could also argue that because the information is public it makes it more likely that people would try and hide or falsify it. On Tue, Feb 2, 2010 at 8:58 PM, James Hess wrote: > On Tue, Feb 2, 2010 at 11:52 AM, Chris Engel > wrote: > Bill Herrin wrote: >> "Chris, >> That's great...but I'm not sure how exactly having Joe's contact info really helps you determine whether his /14 is justified? >> As a member of the general public... you can't FORCE Joe to speak with you, right? > > You can't FORCE him to physically. ? ?But ?when ?Joe wants to peer > with your network or get transit from you, ?your contact can ask his > contact a few questions ?before you agree to let him link up with you > and announce that /24. > > Networks are not islands. ? ?Joe's network is not a self-contained > entity like a private ?castle. ? ?Members of the public have to be > willing to interact with Joe's network, ? e.g. other networks have to > let Joe's traffic pass through, ?for Joe to have connectivity using > that IP space. > > If many members of the public decide that Joe is not legitimate, and > they will block his use of those addresses, and refuse to peer with > him and receive that /24 prefix, ?then ?Joe ?will have limited or no > connectivity. > > > > You can use WHOIS contacts to assist in investigating Joe's claim that > his organization ?has been assigned this /24. > > WHOIS may also be used by DNSBLs investigating reports that usages of > certain IP ranges are 'hijacked'. > > Joe ?can't simply enter ?demonstrably ?false ?info into the WHOIS > database and expect there to never ever be any negative consequences > as a result of that. > > The fact the data is public could serve as a deterrant to entering > obviously false info. > > -- > -J > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- Thank You, Joe Morgan Joe's Datacenter, LLC http://joesdatacenter.com From scottleibrand at gmail.com Tue Feb 2 22:28:00 2010 From: scottleibrand at gmail.com (Scott Leibrand) Date: Tue, 02 Feb 2010 19:28:00 -0800 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:CustomerConfidentiality - Time Sensitive In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F759D@RWC-EX1.corp.seven.com> References: <4B678017.7060300@ibctech.ca><28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net><6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> <20100203024619.GA91971@ussenterprise.ufp.org> <5A6D953473350C4B9995546AFE9939EE081F759D@RWC-EX1.corp.seven.com> Message-ID: <4B68ED40.9080409@gmail.com> On 2/2/2010 7:00 PM, George Bonser wrote: >> So, it is possible for a single colocated server to consume a /29. >> Not everyone does it that way, of course. >> >> Leo Bicknell - bicknell at ufp.org - CCIE 3440 >> >> > It is possible for a PROVIDER to consume a /29 in providing a single > server. The end user isn't issued a /29 for addressing their machines. > The end user in this case is issued a single IP address. > The end user may not use more than a single address in that case, but they will be assigned the entire /29, and it should be SWIP'd to them (or entered in rwhois). If they add a second server in the same VLAN, it will be added to that /29, but the assignment will not change. If I, as a colo provider, didn't SWIP customers like this their entire /29, I may not be able to meet 80% utilization thresholds. For purposes of calculating utilization, however, the /29 is considered 100% utilized as long as it was properly justified, could not be met with a smaller subnet, and is properly SWIP'd (or rwhois'd). -Scott From gbonser at seven.com Tue Feb 2 23:07:28 2010 From: gbonser at seven.com (George Bonser) Date: Tue, 2 Feb 2010 20:07:28 -0800 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:CustomerConfidentiality - Time Sensitive In-Reply-To: <4B68ED40.9080409@gmail.com> References: <4B678017.7060300@ibctech.ca><28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net><6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> <20100203024619.GA91971@ussenterprise.ufp.org><5A6D953473350C4B9995546AFE9939EE081F759D@RWC-EX1.corp.seven.com> <4B68ED40.9080409@gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F75A2@RWC-EX1.corp.seven.com> > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of Scott Leibrand > Sent: Tuesday, February 02, 2010 7:28 PM > To: arin-ppml at arin.net > Subject: Re: [arin-ppml] Petition Underway - Policy Proposal > 95:CustomerConfidentiality - Time Sensitive > > On 2/2/2010 7:00 PM, George Bonser wrote: > >> So, it is possible for a single colocated server to consume a /29. > >> Not everyone does it that way, of course. > >> > >> Leo Bicknell - bicknell at ufp.org - CCIE 3440 > >> > >> > > It is possible for a PROVIDER to consume a /29 in providing a single > > server. The end user isn't issued a /29 for addressing their > machines. > > The end user in this case is issued a single IP address. > > > > The end user may not use more than a single address in that case, but > they will be assigned the entire /29, and it should be SWIP'd to them > (or entered in rwhois). If they add a second server in the same VLAN, > it will be added to that /29, but the assignment will not change. If all they have is a single IP address, then I am probably not going to be trying to contact them anyway. But if you don't have root on that server, listing you as the technical POC is a waste of your time and mine. But that is what I consider a corner case because most of the IP addresses are on your routers in that one special case, not their gear so it is a gray area and, in my opinion, an interesting but distracting case in the overall scope of this discussion. From bill at herrin.us Tue Feb 2 23:40:59 2010 From: bill at herrin.us (William Herrin) Date: Tue, 2 Feb 2010 23:40:59 -0500 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <20100203015351.GA86626@ussenterprise.ufp.org> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> <20100202212903.GA70818@ussenterprise.ufp.org> <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> <20100202224925.GA76402@ussenterprise.ufp.org> <443de7ad1002021555m431ded34hf8f1bb8e07740f0a@mail.gmail.com> <20100203015351.GA86626@ussenterprise.ufp.org> Message-ID: <3c3e3fca1002022040ma34e9afvf883d5c82fb25883@mail.gmail.com> On Tue, Feb 2, 2010 at 8:53 PM, Leo Bicknell wrote: > In a message written on Tue, Feb 02, 2010 at 04:55:49PM -0700, Chris Grundemann wrote: >> Correct, I believe that whois data should be both complete and >> accurate; 2008-7 addresses the latter, here we discuss the former. > > For the record, I agree that whatever information the rules say should > be in whois needs to be accurate and up to date. ?I support efforts to > make it so. > > I will also note, one of the issues raised by staff is that with the > current level of information there are man-years of work to verify it > all. I don't particularly want to pay ARIN to audit me and require me to spend more money proving the legitimacy of my IP address consumption. I'm just cheap that way. Our system is far more cost-effective and a lot less of a hassle if ARIN instead presumes truthfulness on the part of its registrants and reacts to complaints from the self-appointed community watchdogs who invariably manage to notice and bust the folks doing wrong. Thing is, community watchdogs can't catch bad guys from a void: they have to have data that can be verified or refuted. Perhaps a *fair* solution is that ISPs who would rather suffer penetrating annual audits purchased by ARIN at the ISP's expense can forgo publishing customer information via SWIP while those who place their information in the public's hands remain relieved of that burden. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From dogwallah at gmail.com Wed Feb 3 00:06:33 2010 From: dogwallah at gmail.com (McTim) Date: Wed, 3 Feb 2010 08:06:33 +0300 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> Message-ID: On Tue, Feb 2, 2010 at 11:05 PM, Chris Grundemann wrote: > > +1 > > whois must contain valid contact information for the person/entity > directly responsible for the host(s) using a given IP. I oppose this > and any other policy which undermines this fundamental requirement. +1 -- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel From gbonser at seven.com Wed Feb 3 02:16:41 2010 From: gbonser at seven.com (George Bonser) Date: Tue, 2 Feb 2010 23:16:41 -0800 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <3c3e3fca1002022040ma34e9afvf883d5c82fb25883@mail.gmail.com> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org><443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> <20100202212903.GA70818@ussenterprise.ufp.org><443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> <20100202224925.GA76402@ussenterprise.ufp.org><443de7ad1002021555m431ded34hf8f1bb8e07740f0a@mail.gmail.com> <20100203015351.GA86626@ussenterprise.ufp.org> <3c3e3fca1002022040ma34e9afvf883d5c82fb25883@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F75AA@RWC-EX1.corp.seven.com> > Perhaps a *fair* solution is that ISPs who would rather suffer > penetrating annual audits purchased by ARIN at the ISP's expense can > forgo publishing customer information via SWIP while those who place > their information in the public's hands remain relieved of that > burden. > > Regards, > Bill Herrin For me the judgment call seems fairly simple. >From the standpoint of someone who isn't a commercial ISP what benefit does this proposal offer me? What is the value of that benefit? What is the benefit to the community at large of the proposal? What is the value of that benefit? What is the cost to the community of the proposal? What is the cost to me of the proposal? And then the question of whether to support it or not is weighed. I keep coming up with little/no benefit, high cost. From mysidia at gmail.com Wed Feb 3 02:54:03 2010 From: mysidia at gmail.com (James Hess) Date: Wed, 3 Feb 2010 01:54:03 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95:CustomerConfidentiality - Time Sensitive In-Reply-To: <4B68ED40.9080409@gmail.com> References: <4B678017.7060300@ibctech.ca> <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> <6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> <20100203024619.GA91971@ussenterprise.ufp.org> <5A6D953473350C4B9995546AFE9939EE081F759D@RWC-EX1.corp.seven.com> <4B68ED40.9080409@gmail.com> Message-ID: <6eb799ab1002022354q29e029i6d89302cb15022b@mail.gmail.com> On Tue, Feb 2, 2010 at 9:28 PM, Scott Leibrand wrote: > On 2/2/2010 7:00 PM, George Bonser wrote: > If I, as a colo provider, didn't SWIP customers like this their entire /29, > I may not be able to meet 80% utilization thresholds. ?For purposes of > calculating utilization, however, the /29 is considered 100% utilized as It's possible to keep record of utilization using the form in sec. 4.2.3.7.5 of the NRPM without SWIPing -- where a full /29 block is not re-assigned. SWIPs submitted to ARIN are not (or should not) be your only records or way of keeping proper information about re-assignments for justifying additional allocation requests, since most ISPs and end-users will have some allocations or assignments of blocks smaller than /29. e,g it might look like City Which IP Addresses Assigned No. of Internal Machines Purpose: (CITY) *192.0.0.0 1 Collocated 192.0.0.1 (Customer 192.0.0.2 Name) - 192.0.0.3 4 customer IPs 192.0.0.4 4 provider 192.0.0.5 IPs 192.0.0.6 *192.0.0.7 So, you have 4 IPs that are part of the service provider's network 192.0.0.0 and 192.0.0.7 broadcast addresses required for your router, plus your 2 router IPs for their servers to use as gateway. Then 4 customer IPs, for their server. It may be more convenient to just SWIP the entire /29, provider IPs and all.. but then again, this will show the customer as 'responsible' for some collocation provider router IPs then, which might be undesirable. In this case... you have 100% utilized the /29. You assigned 4 IPs to your equipment, and you delegated an address block equivalent in allocation size of a /30 to the user (probably 192.0.0.3 to 6). The end-user's network block is smaller than a /29, so no SWIP would be required under NRPM 4.2.3.7.2. Your router on your premises... and your inefficiency. Now if you peered with a customer router over a /30, and forwarded a /29, that would indicate reassignment of a full /29. -- -J From michael.dillon at bt.com Wed Feb 3 07:57:13 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Wed, 3 Feb 2010 12:57:13 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: Message-ID: <28E139F46D45AF49A31950F88C4974580507AE81@E03MVZ2-UKDY.domain1.systemhost.net> > With my company....which is definately a real enterprise... > you'll see our business contact info listed. If you hit > those, you are NOT going to get a response outside of normal > business hours. This implies that everything is fine DURING business hours. But that is not so. If the business is in Quebec, then during business hours it will likely be answered in French, and if you don't speak French, there will be a failure to communicate. Even in the USA, there are businesses where people speak only Spanish or some other language. Even a manned phone number is not a magic bullet now that the Internet has grown to embrace all aspects of human society. I wouldn't be surprised to find that Innuit-owned businesses in Nunavut are online with their own colocated server down south. Anyone you know who speaks Inuinnaqtun? --Michael Dillon From michael.dillon at bt.com Wed Feb 3 08:07:58 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Wed, 3 Feb 2010 13:07:58 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <201002021845.o12IjH5k025052@inana.itg.state.mn.us> Message-ID: <28E139F46D45AF49A31950F88C4974580507AEB4@E03MVZ2-UKDY.domain1.systemhost.net> > In the end though, when I SWIP IP's to a customer they are now the > proprietor of those IP's and I need to follow their instructions on > how those IP's are registered. If my customer requests that I be > the tech or abuse contact and they are paying me money then I will > happily do so. If they want to be the contact then that is how it > will be. This describes a customer who is READY and WILLING to act upon communications about network issues. It does not include ABLE, but in any case, I would not want to see the ISP making the determination whether their customer is ABLE or not. That should be done by ARIN, perhaps simply by testing the contact info every 6 months. If they respond, then assume that they are ABLE to act. --Michael Dillon From michael.dillon at bt.com Wed Feb 3 08:14:58 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Wed, 3 Feb 2010 13:14:58 -0000 Subject: [arin-ppml] Draft policy 2010-3 In-Reply-To: <8aeeaff61002021136o4b83ca7t2b82f8be997bbd7a@mail.gmail.com> Message-ID: <28E139F46D45AF49A31950F88C4974580507AEC9@E03MVZ2-UKDY.domain1.systemhost.net> > "The customer's actual information must be provided to ARIN > on request and will be held in the strictest confidence." > > > The wording of 2010-3: I think that the "on request" should > be a mandatory requirement. ARIN should not have to request it. ARIN policy should not dictate staff processes. The process in question is for the hostmaster to send an email saying that the application was received but they would like to see a full list of all assignments down to the last /32. A short time later, the applicant sends a CSV file and the total man-hours spent on this "on request" business is about 5 minutes. I know this because I have received several such requests. It's not a problem and it is unrelated to policy. --Michael Dillon From jmaimon at chl.com Wed Feb 3 08:55:50 2010 From: jmaimon at chl.com (Joe Maimon) Date: Wed, 03 Feb 2010 08:55:50 -0500 Subject: [arin-ppml] Policy Proposal 108: Eliminate the term license in the NRPM In-Reply-To: <4B683AAD.4020502@arin.net> References: <4B683AAD.4020502@arin.net> Message-ID: <4B698066.6010604@chl.com> I support this policy proposal, as it conforms to my viewpoint that numbers cannot confer rights of property in any way, allocations are only an entry in a database operated and owned by a registrar and any impact registrars have on the configuration of routers and hosts and the operating of networks is due to consensus and not force of law. While my viewpoint would favor stronger language on the subject than is contained in the proposal, it is a significant step in the right direction. Thanks David. Joe Member Services wrote: > ARIN received the following policy proposal and is posting it to the > Public Policy Mailing List (PPML) in accordance with Policy Development > Process. > > This proposal is in the first stage of the Policy Development Process. > ARIN staff will perform the Clarity and Understanding step. Staff does > not evaluate the proposal at this time, their goal is to make sure that > they understand the proposal and believe the community will as well. > Staff will report their results to the ARIN Advisory Council (AC) within > 10 days. > > The AC will review the proposal at their next regularly scheduled > meeting (if the period before the next regularly scheduled meeting is > less than 10 days, then the period may be extended to the subsequent > regularly scheduled meeting). The AC will decide how to utilize the > proposal and announce the decision to the PPML. > > In the meantime, the AC invites everyone to comment on the proposal on > the PPML, particularly their support or non-support and the reasoning > behind their opinion. Such participation contributes to a thorough > vetting and provides important guidance to the AC in their deliberations. > > Draft Policies and Proposals under discussion can be found at: > https://www.arin.net/policy/proposals/index.html > > The ARIN Policy Development Process can be found at: > https://www.arin.net/policy/pdp.html > > Mailing list subscription information can be found > at: https://www.arin.net/mailing_lists/ > > Regards, > > Member Services > American Registry for Internet Numbers (ARIN) > > > ## * ## > > > Policy Proposal 108: Eliminate the term license in the NRPM > > Proposal Originator: David Farmer > > Proposal Version: 1.0 > > Date: 2 February 2010 > > Proposal type: modify > > Policy term: Permanent > > Policy statement: > > Delete section 6.4.1 and replace with a new section; > > 1.1 Number resources are not property > > To serve the interests of the Internet community as a whole, number > resources are not property (real, personal, or intellectual). The > allocation and assignment of IP addresses, ASNs, and other number > resources are subject to the terms of the ARIN Registration Services > Agreement, the policies in this document, and any amendments as may be > made to either one. > > Modify section 11.4 by removing ?on a lease/license basis?, leaving the > following; > > 11.4 Resource Allocation Term and Renewal > > The Numbering Resources are allocated for a period of one year. The > allocation can be renewed on application to ARIN providing information > as per Detail One. The identity and details of the applicant and the > allocated Numbering Resources will be published under the conditions of > ARIN's normal publication policy. At the end of the experiment, > resources allocated under this policy will be returned to the available > pool. > > Rationale: > > As part of the discussion of Policy Proposal #106 the issue of the use > of the term ?license? in section 6.4.1 and that it is not likely in > harmony with the ARIN Registration Services Agreement was recognized. > The AC feels that this issue is important enough to make it a separate > Draft Policy that stands on its own. > > This section could not be fixed by simple editorial changes and it > requires a complete rewrite in order to fix the issues. It was further > recognized that the concept that ?Number resources are not property? is > not exclusively an IPv6 issue and should be moved out of section 6, so > that it is clear that it applies to all number resources. > > Finally, the rest of the NRPM was searched for any additional uses of > the term ?license?. One additional use was found in section 11.4, in > this case deleting it and a few other words surrounding it, fixes the > issue without significantly changing the meaning of the section. > > Timetable for implementation: Immediate > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > > From kkargel at polartel.com Wed Feb 3 11:29:45 2010 From: kkargel at polartel.com (Kevin Kargel) Date: Wed, 3 Feb 2010 10:29:45 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <28E139F46D45AF49A31950F88C4974580507AEB4@E03MVZ2-UKDY.domain1.systemhost.net> References: <201002021845.o12IjH5k025052@inana.itg.state.mn.us> <28E139F46D45AF49A31950F88C4974580507AEB4@E03MVZ2-UKDY.domain1.systemhost.net> Message-ID: <8695009A81378E48879980039EEDAD28876D3FE6@MAIL1.polartel.local> > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of michael.dillon at bt.com > Sent: Wednesday, February 03, 2010 7:08 AM > To: arin-ppml at arin.net > Subject: Re: [arin-ppml] Petition Underway - Policy Proposal 95 > > > > > In the end though, when I SWIP IP's to a customer they are now the > > proprietor of those IP's and I need to follow their instructions on > > how those IP's are registered. If my customer requests that I be > > the tech or abuse contact and they are paying me money then I will > > happily do so. If they want to be the contact then that is how it > > will be. > > This describes a customer who is READY and WILLING to act upon > communications about network issues. It does not include ABLE, but > in any case, I would not want to see the ISP making the determination > whether their customer is ABLE or not. That should be done by ARIN, > perhaps simply by testing the contact info every 6 months. If they > respond, then assume that they are ABLE to act. Wow. Thinking how much that would cost or what sort of staff it would take.. To pull random meaningless numbers out of my {hat} if there were 12000 PoC's and it took two minutes to check each PoC that would be about 10 man weeks (400 man hours) of ARIN staff and long distance time for each pass if everything went perfectly. I suspect there are many more Poc's than that. It's a nice idea but I don't see how it would be workable. Personally I would not gripe too hard if there were a semi-annual refresh email with a 'click to verify' link that updated an entry in the PoC record. Even that would add up to a lot of time invested by the community but not too bad individually. Kevin From rudi.daniel at gmail.com Wed Feb 3 11:45:42 2010 From: rudi.daniel at gmail.com (Rudolph Daniel) Date: Wed, 3 Feb 2010 12:45:42 -0400 Subject: [arin-ppml] ARIN-PPML Digest, Vol 56, Issue 18 In-Reply-To: References: Message-ID: <8aeeaff61002030845w147ec89ek4b72fac22221a71d@mail.gmail.com> My take on this is not whether there is whois info or not. whois info is a must have. And accurate whois information is important to ARIN. The system we create for collecting that info is in question as is ...what info. is available to whom. Where a reallocation has an isp (for eg) as a contact because the isp agrees to be, my thinking is that ARIN needs to have all the info. on the reallocation and in many cases, the information available to the public is not as detailed as the info. which is available to ARIN. We also need to decide on the level of accuracy required for ARIN records and that ultimately determines what we put in place. I think I'm getting the view that the current whois database is a little way off the required standard?? And there would seem to be much use of the or maybe abuse of the current system as suggested by the 2006 audit. RD > Message: 5 > Date: Wed, 3 Feb 2010 08:06:33 +0300 > From: McTim > To: Chris Grundemann > Cc: ppml at arin.net > Subject: Re: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality > Message-ID: > > Content-Type: text/plain; charset=ISO-8859-1 > > On Tue, Feb 2, 2010 at 11:05 PM, Chris Grundemann > wrote: > > > > > +1 > > > > whois must contain valid contact information for the person/entity > > directly responsible for the host(s) using a given IP. I oppose this > > and any other policy which undermines this fundamental requirement. > > +1 > > -- > Cheers, > > McTim > "A name indicates what we seek. An address indicates where it is. A > route indicates how we get there." Jon Postel > > > ------------------------------ > > Message: 6 > Date: Tue, 2 Feb 2010 23:16:41 -0800 > From: "George Bonser" > To: "William Herrin" , > Subject: Re: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality > Message-ID: > <5A6D953473350C4B9995546AFE9939EE081F75AA at RWC-EX1.corp.seven.com> > Content-Type: text/plain; charset="us-ascii" > > > Perhaps a *fair* solution is that ISPs who would rather suffer > > penetrating annual audits purchased by ARIN at the ISP's expense can > > forgo publishing customer information via SWIP while those who place > > their information in the public's hands remain relieved of that > > burden. > > > > Regards, > > Bill Herrin > > For me the judgment call seems fairly simple. > > >From the standpoint of someone who isn't a commercial ISP > > what benefit does this proposal offer me? > What is the value of that benefit? > > What is the benefit to the community at large of the proposal? > What is the value of that benefit? > > What is the cost to the community of the proposal? > > What is the cost to me of the proposal? > > > And then the question of whether to support it or not is weighed. I > keep coming up with little/no benefit, high cost. > > > > > ------------------------------ > > Message: 7 > Date: Wed, 3 Feb 2010 01:54:03 -0600 > From: James Hess > To: Scott Leibrand > Cc: arin-ppml at arin.net > Subject: Re: [arin-ppml] Petition Underway - Policy Proposal > 95:CustomerConfidentiality - Time Sensitive > Message-ID: <6eb799ab1002022354q29e029i6d89302cb15022b at mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > On Tue, Feb 2, 2010 at 9:28 PM, Scott Leibrand > wrote: > > On 2/2/2010 7:00 PM, George Bonser wrote: > > If I, as a colo provider, didn't SWIP customers like this their entire > /29, > > I may not be able to meet 80% utilization thresholds. ?For purposes of > > calculating utilization, however, the /29 is considered 100% utilized as > > It's possible to keep record of utilization using the form in sec. > 4.2.3.7.5 of the NRPM without SWIPing -- where a full /29 block > is not re-assigned. > > SWIPs submitted to ARIN are not (or should not) be your only > records or way of keeping proper information about re-assignments for > justifying additional allocation requests, since most ISPs and > end-users will have some allocations or assignments of blocks smaller > than /29. > e,g it might look like > > City Which IP Addresses Assigned No. of Internal Machines > Purpose: > (CITY) *192.0.0.0 1 > Collocated > 192.0.0.1 > (Customer > 192.0.0.2 > Name) - > 192.0.0.3 > 4 customer IPs > 192.0.0.4 > 4 provider > 192.0.0.5 > IPs > 192.0.0.6 > *192.0.0.7 > > So, you have 4 IPs that are part of the service provider's > network 192.0.0.0 and 192.0.0.7 broadcast addresses required for > your router, plus your 2 router IPs for their servers to use as > gateway. Then 4 customer IPs, for their server. > > It may be more convenient to just SWIP the entire /29, provider IPs and > all.. > but then again, this will show the customer as 'responsible' for > some collocation provider router IPs then, which might be > undesirable. > > > In this case... you have 100% utilized the /29. > You assigned 4 IPs to your equipment, and you delegated an address > block equivalent in allocation size of a /30 to the user (probably > 192.0.0.3 to 6). > > The end-user's network block is smaller than a /29, so no SWIP > would be required under NRPM 4.2.3.7.2. > > Your router on your premises... and your inefficiency. > Now if you peered with a customer router over a /30, and forwarded a > /29, that would indicate reassignment of a full /29. > > > -- > -J > > > ------------------------------ > > _______________________________________________ > ARIN-PPML mailing list > ARIN-PPML at arin.net > http://lists.arin.net/mailman/listinfo/arin-ppml > > End of ARIN-PPML Digest, Vol 56, Issue 18 > ***************************************** > -- Rudi Daniel e Business Consultant http://www.svgpso.org http://oecstimes.wordpress.com ?The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts.? - Bertrand Russell -------------- next part -------------- An HTML attachment was scrubbed... URL: From gbonser at seven.com Wed Feb 3 11:52:54 2010 From: gbonser at seven.com (George Bonser) Date: Wed, 3 Feb 2010 08:52:54 -0800 Subject: [arin-ppml] ARIN-PPML Digest, Vol 56, Issue 18 In-Reply-To: <8aeeaff61002030845w147ec89ek4b72fac22221a71d@mail.gmail.com> References: <8aeeaff61002030845w147ec89ek4b72fac22221a71d@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F75B2@RWC-EX1.corp.seven.com> There is to some extent some community self-auditing that is done. If one needs to contact an operator and discovers that the contact information is incorrect, maybe that one could be flagged somehow for audit as opposed to doing a blanket audit of all of them. A top to bottom audit would take considerable human resources and most of them would probably be correct anyway. And most of those that are incorrect would be people who aren't having issues. A lot of time would be spent locating and correcting records that aren't causing a problem. The ones that are related to some sort of issue AND are incorrect would tend to surface rather quickly and people would find them in the course of their normal operations. From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Rudolph Daniel Sent: Wednesday, February 03, 2010 8:46 AM To: arin-ppml at arin.net Subject: Re: [arin-ppml] ARIN-PPML Digest, Vol 56, Issue 18 My take on this is not whether there is whois info or not. whois info is a must have. And accurate whois information is important to ARIN. The system we create for collecting that info is in question as is ...what info. is available to whom. Where a reallocation has an isp (for eg) as a contact because the isp agrees to be, my thinking is that ARIN needs to have all the info. on the reallocation and in many cases, the information available to the public is not as detailed as the info. which is available to ARIN. We also need to decide on the level of accuracy required for ARIN records and that ultimately determines what we put in place. I think I'm getting the view that the current whois database is a little way off the required standard?? And there would seem to be much use of the or maybe abuse of the current system as suggested by the 2006 audit. RD -------------- next part -------------- An HTML attachment was scrubbed... URL: From rudi.daniel at gmail.com Wed Feb 3 13:34:57 2010 From: rudi.daniel at gmail.com (Rudolph Daniel) Date: Wed, 3 Feb 2010 14:34:57 -0400 Subject: [arin-ppml] Proposal 2010-3-ARIN-PPML Digest Message-ID: <8aeeaff61002031034o57a244e8ufb5b55b8d60eba9d@mail.gmail.com> In the light of the sheer size of the database, and increasing numbers of records, I cannot disagree. I was also reminded by a friend yesterday that the definition of Privacy is undergoing substantial change in both Government and Private sector spheres and the use of Social networks is I think responsible for a need to rethink what we mean by it. ARIN then as a community resource should be the preferred trusted custodian of all levels of privacy pertaining to number resources and determine policy for levels of access in the interests of the community. RD > > There is to some extent some community self-auditing that is done. > > > > If one needs to contact an operator and discovers that the contact > information is incorrect, maybe that one could be flagged somehow for > audit as opposed to doing a blanket audit of all of them. A top to > bottom audit would take considerable human resources and most of them > would probably be correct anyway. And most of those that are incorrect > would be people who aren't having issues. A lot of time would be spent > locating and correcting records that aren't causing a problem. > > > > The ones that are related to some sort of issue AND are incorrect would > tend to surface rather quickly and people would find them in the course > of their normal operations. > > > > > > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of Rudolph Daniel > Sent: Wednesday, February 03, 2010 8:46 AM > To: arin-ppml at arin.net > Subject: Re: [arin-ppml] ARIN-PPML Digest, Vol 56, Issue 18 > > > > My take on this is not whether there is whois info or not. whois info is > a must have. And accurate whois information is important to ARIN. > > > > The system we create for collecting that info is in question as is > ...what info. is available to whom. Where a reallocation has an isp (for > eg) as a contact because the isp agrees to be, my thinking is that ARIN > needs to have all the info. on the reallocation and in many cases, the > information available to the public is not as detailed as the info. > which is available to ARIN. > > We also need to decide on the level of accuracy required for ARIN > records and that ultimately determines what we put in place. I think > I'm getting the view that the current whois database is a little way off > the required standard?? And there would seem to be much use of the or > maybe abuse of the current system as suggested by the 2006 audit. > > RD > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.arin.net/pipermail/arin-ppml/attachments/20100203/696711f5/attachment-0001.html > > > > ------------------------------ > > _______________________________________________ > ARIN-PPML mailing list > ARIN-PPML at arin.net > http://lists.arin.net/mailman/listinfo/arin-ppml > > End of ARIN-PPML Digest, Vol 56, Issue 20 > ***************************************** > -- Rudi Daniel e Business Consultant http://www.svgpso.org http://oecstimes.wordpress.com ?The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts.? - Bertrand Russell -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgrundemann at gmail.com Wed Feb 3 14:03:42 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Wed, 3 Feb 2010 12:03:42 -0700 Subject: [arin-ppml] Draft Policy 2010-3: Customer Confidentiality In-Reply-To: <20100203015351.GA86626@ussenterprise.ufp.org> References: <8695009A81378E48879980039EEDAD28876D3FCB@MAIL1.polartel.local> <5A6D953473350C4B9995546AFE9939EE081F7561@RWC-EX1.corp.seven.com> <443de7ad1002021205i1499fb5fga44d45291caba9fb@mail.gmail.com> <20100202203622.GA66264@ussenterprise.ufp.org> <443de7ad1002021252k1b7fd888w2efaf10d653f94e4@mail.gmail.com> <20100202212903.GA70818@ussenterprise.ufp.org> <443de7ad1002021415p37ad217hf7b3502dfa77bedc@mail.gmail.com> <20100202224925.GA76402@ussenterprise.ufp.org> <443de7ad1002021555m431ded34hf8f1bb8e07740f0a@mail.gmail.com> <20100203015351.GA86626@ussenterprise.ufp.org> Message-ID: <443de7ad1002031103ubba3039qa386823921787f04@mail.gmail.com> On Tue, Feb 2, 2010 at 18:53, Leo Bicknell wrote: > > The devel will be in the details, but here's the compromise I am > willing to support. ?If we can remove residential users from the > database completely, and provide a formal framework for ISP's to > indicate they are the abuse/noc contact for a downstream so it's > clear in the public facing database then I can support expending > much more staff effort on verifing that e-mail addresses and phone > numbers work on a regular basis. I just submitted a proposal that may meet both of our requirements for whois - keep an eye on the ppml, I will be very interested to get your take. ~Chris > > -- > ? ? ? Leo Bicknell - bicknell at ufp.org - CCIE 3440 > ? ? ? ?PGP keys at http://www.ufp.org/~bicknell/ > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org From charles at office.tcsn.net Wed Feb 3 17:35:40 2010 From: charles at office.tcsn.net (Charles O'Hern) Date: Wed, 03 Feb 2010 14:35:40 -0800 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> References: <4B678017.7060300@ibctech.ca> <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> <6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> Message-ID: <4B69FA3C.3040903@office.tcsn.net> In regards to Prop 95, it is my opinion that protecting the service provider from the possibility of customer 'theft' is insufficient grounds for obfuscating contact information for re-assigned IP networks. However, I do believe that the current specification is both insufficiently specific and overly restrictive in regards to the same re-assignment information. Not to pick on Mr. Hess, but his message brought up several good points for comment. Following those comments are my ideas on the issues with Whois re-assignment information. James Hess wrote: > _A server colocated with their local ISP_ stop. One server does not > justify a /29, it doesn't have to be SWIP'ed or listed in WHOIS. > Quite to the contrary, a single server chassis is perfectly capable of justifying more than the one address that a /30 would provide. A single chassis is not necessarily a single host. Its common practice for the co-location providers with which I have experience to provide at least a /29 for each colo customer, isolated by vlans and/or port isolation. YMMV. > Yes. And part of that "networking expertise" includes providing > someone to contact about abuse and other abuses. > Agreed, but... (jump down) >> tech support as and when needed, not on retainer and not >> on-call 24x7. It is also reasonable to assume that they >> > If they are not on-call 24x7, then the contact information provided > should be contact information that goes to a "Voicemail service" > when the contact is not on call. > If the EU is not capable of handling inquiries about network abuse, and they do not retain a consultant for the purpose (an expense that many if not most small businesses can not justify) then the only consistently available personnel who might be able to answer a query pertaining to network abuse would be those of the ISP providing the address space and the transit. (note that I am assuming a subnet smaller than /24 which can not be transit except through the re-assigning ISP.) > It is not an issue with the registry if someone chose to provide a > phone number capable of disrupting an off-call admin. Generally, > the phone numbers used should be ones that belong to the organization, > that only work when an admin is available. > > Important networks should have someone on call 24x7. > 'Important' is subjective (as are my opinions of course). Currently the only qualifier we have in the NRPM is a quantity: "/29 or larger blocks" mentioned in sections 4.2.2.1.2, 4.2.2.2.1, and 4.2.3.7.2. Perhaps this is the point to which a proposal to revise the Whois SWIP should be directed. Basically Sections 4.2.2.1.2, 4.2.2.2.1 and 4.2.3.7.2 divide all network re-assignment into two groups: ">= /29" and "< /29". What's becoming clear as I have read this thread and last years original thread on the original prop 95 is that there is a third class of networks smaller than a /24 that should perhaps be considered. Point 1: As, in common usage, the smallest network that can be advertised via BGP is a /24. Traffic originating from a re-assigned network smaller than /24 can not be transit independent of the ISP that re-assigned the subnet. Therefore it is certain that for networks smaller than /24, the ISP assigning that network has (a) contact information for the end user consistent with the needs of both providing such service and billing for such service, and (b) power over the routing of all data to or from the EU network. Point 2: Due to the proliferation of (or perceived need of) internet connectivity and presence at all levels of both business and personal interaction, it is my perception that in some cases the technical competence of the end user is insufficient to meet the needs of answering queries about their network operations. Point 3: End Users, whether residential or business, have a vested interest in their privacy and, within reason, should have the final say on whether their contact information is available on a global public listing. 'Within reason,' in this case, being directly related to the size and routing of the subnet assigned to them. Point 4: Accounting for utilization must still be included in any revision of sections 4.2.2.1.2, 4.2.2.2.1, 4.2.3, and any other pertinent sections of the NRPM. >From this I propose that there be three categories for re-assignment information. The specific bit boundaries defining the sizes of networks involved are mere suggestions. Large re-assignments, perhaps specified as "larger than /25": Both contact information _and_ statement of responsibility (and implied liability) for the conduct of connections required of the End User by the ISP for publication to the Whois database. Basically by requesting a network of such size the end user must agree to be the responsible party for traffic originating from the network and for having competent personnel, either on staff or on contract, to handle network operation and abuse issues. There may be a need here to forbid or restrict the ability of the ISP to be named as contractual administrative proxy for the EU. Neither the data transport ISP nor the re-assigning ISP are absolved of any other responsibilities in their respective roles. i.e "You (the EU) are a big part of the internet, and are responsible and accountable for the conduct of your network in our global community." Small re-assignments, perhaps specified as "/25 to /29": Contact information and network responsibility must be provided and assumed by the ISP providing the address space and transit _unless_ the end user requests to be the listed entity. ISP's are required to present the option to be listed to the EU. If the EU is the listed entity, the EU must also assume responsibility for the conduct of connections from their network and for providing competent personnel to handle network operation and abuse issues as per the section for "Large re-assignments". It is permissible for the ISP to require the EU to be the listed entity. If the EU is the listed entity, it is permissible for the ISP to be listed as a Technical or Abuse or other secondary contact, as long as the EU is still the Administrative contact and responsible party. Listing the EU as the responsible entity does not absolve the ISP of any other responsibilities as the data transport provider and holder of the assignment of the larger aggregate network. i.e. "You (the EU) are welcome to belong to the larger community if you so choose to accept the responsibility. (While you're at it subscribe to the PPML, we bark, but rarely bite.) If not, the global community will deal with your ISP, who will deal with you." Trivial re-assignments, smaller than the bottom of the 'small' range, do not require specific listing and are covered under the general listing for the ISP as the point of contact and responsible party for the larger aggregate network and implied transit provider. I submit that the specifics are probably a bit 'half-baked', and welcome any comments. The flames might help the crust harden. -- Charles O'Hern Network Operations TCSN - The Computer Shop Netlink 1306 Pine St. Paso Robles CA 93446 1-(805) 227-7000 1-(800) 974-DISK http://www.tcsn.net abuse at tcsn.net From mysidia at gmail.com Wed Feb 3 20:59:41 2010 From: mysidia at gmail.com (James Hess) Date: Wed, 3 Feb 2010 19:59:41 -0600 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <4B69FA3C.3040903@office.tcsn.net> References: <4B678017.7060300@ibctech.ca> <28E139F46D45AF49A31950F88C4974580507A221@E03MVZ2-UKDY.domain1.systemhost.net> <6eb799ab1002021830y793024fdsa3004563864a8e45@mail.gmail.com> <4B69FA3C.3040903@office.tcsn.net> Message-ID: <6eb799ab1002031759q25b99718s390ad9fabd11e8ad@mail.gmail.com> On Wed, Feb 3, 2010 at 4:35 PM, Charles O'Hern wrote: > Quite to the contrary, ?a single server chassis is perfectly capable of > justifying more than the one address that a /30 would provide. ?A single If there is an an Apache process and a Sendmail process on the same OS install, each each using a different host address from the IP-Aliased interfaces. Then it is two servers. Even if there is only one piece of metal powering these servers. >> Important networks should have someone on call 24x7. ? > 'Important' is subjective (as are my opinions of course). ?Currently the The matter of importance is to be judged by the network providing the contact. Important means: it would be at least as damaging or costly to the organization to have the upstream providers simply unplug the entire network due to a serious issue as it costs to have a 24x7 contact and operator able to properly address any issue that occurs during their off-hours. If the network does not reach that level of importance, then there should be no issue using an 8x5 contact. > Point 1: As, in common usage, the smallest network that can be > advertised via BGP is a /24. Traffic originating from a re-assigned > network smaller than /24 can not be transit independent of the ISP that This is not entirely the case. A /25 or smaller can be advertised, with the proper arrangements. Often just to the immediate upstream provider (and many their customers may accept). But if the end-user is multi-homed, with all major Tier 1s, they can arrange to have broad connectivity independent of their ISP, advertising only /25s. This may become more common after IPv4 exhaustion, and larger blocks are not easily available. -- -J From michael.dillon at bt.com Thu Feb 4 04:05:10 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Thu, 4 Feb 2010 09:05:10 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <8695009A81378E48879980039EEDAD28876D3FE6@MAIL1.polartel.local> Message-ID: <28E139F46D45AF49A31950F88C497458050D908D@E03MVZ2-UKDY.domain1.systemhost.net> > I suspect there are many more Poc's than that. It's a nice > idea but I don't see how it would be workable. Send out automated emails every 6 months with a personalised URL in each one. Ask them to click through to the web page, confirm their details, and maybe add in a survey question or two. If they don't do it within a week, send a reminder. After a week send another reminder to the slackers. And after yet another week, produce an exception report for staff to follow up however they see fit, which could mean that staff tell the automated process to tag all those slackers as "NO RESPONSE TO CONTACT SINCE 14Mar2010" or some such. A couple of man-hours to run the process every six months, and a bit of development work up front. I think that the idea is very WORKABLE and in fact, is pretty straightforward to implement and to run with. --Michael Dillon From john.sweeting at twcable.com Thu Feb 4 08:15:17 2010 From: john.sweeting at twcable.com (Sweeting, John) Date: Thu, 4 Feb 2010 08:15:17 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <6eb799ab1002031759q25b99718s390ad9fabd11e8ad@mail.gmail.com> Message-ID: Good morning All, Please use the current thread Draft Policy 2010-3: Customer Confidentiality for future posts either supporting or opposing this draft policy. It will make it far easier to judge the review the discussion while preparing for the upcoming PPM in Toronto. Also it would be a great help if you state your stance in the post. Thanks! -john +++++++++ On 2/3/10 8:59 PM, "James Hess" wrote: On Wed, Feb 3, 2010 at 4:35 PM, Charles O'Hern wrote: > Quite to the contrary, a single server chassis is perfectly capable of > justifying more than the one address that a /30 would provide. A single If there is an an Apache process and a Sendmail process on the same OS install, each each using a different host address from the IP-Aliased interfaces. Then it is two servers. Even if there is only one piece of metal powering these servers. >> Important networks should have someone on call 24x7. > 'Important' is subjective (as are my opinions of course). Currently the The matter of importance is to be judged by the network providing the contact. Important means: it would be at least as damaging or costly to the organization to have the upstream providers simply unplug the entire network due to a serious issue as it costs to have a 24x7 contact and operator able to properly address any issue that occurs during their off-hours. If the network does not reach that level of importance, then there should be no issue using an 8x5 contact. > Point 1: As, in common usage, the smallest network that can be > advertised via BGP is a /24. Traffic originating from a re-assigned > network smaller than /24 can not be transit independent of the ISP that This is not entirely the case. A /25 or smaller can be advertised, with the proper arrangements. Often just to the immediate upstream provider (and many their customers may accept). But if the end-user is multi-homed, with all major Tier 1s, they can arrange to have broad connectivity independent of their ISP, advertising only /25s. This may become more common after IPv4 exhaustion, and larger blocks are not easily available. -- -J _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. From dsd at carpathiahost.com Thu Feb 4 08:33:13 2010 From: dsd at carpathiahost.com (David Divins) Date: Thu, 4 Feb 2010 08:33:13 -0500 Subject: [arin-ppml] Petition Underway - Policy Proposal 95 In-Reply-To: <28E139F46D45AF49A31950F88C497458050D908D@E03MVZ2-UKDY.domain1.systemhost.net> References: <8695009A81378E48879980039EEDAD28876D3FE6@MAIL1.polartel.local> <28E139F46D45AF49A31950F88C497458050D908D@E03MVZ2-UKDY.domain1.systemhost.net> Message-ID: <0BA324910E97E54EBC94D0E358E63DB0197122A0@EX2K7VS02.4emm.local> Wasn't ARIN doing something similar as an Operation issue for WHOIS POC cleanup? -dsd David S. Divins Principal Engineer Carpathia Hosting, Inc. 43480 Yukon Dr., #200 Ashburn, VA ?20147 (703) 652-5955 www.carpathiahost.com ServerVault is now Carpathia Hosting! www.carpathiahosting.com? This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of michael.dillon at bt.com Sent: Thursday, February 04, 2010 4:05 AM To: arin-ppml at arin.net Subject: Re: [arin-ppml] Petition Underway - Policy Proposal 95 > I suspect there are many more Poc's than that. It's a nice > idea but I don't see how it would be workable. Send out automated emails every 6 months with a personalised URL in each one. Ask them to click through to the web page, confirm their details, and maybe add in a survey question or two. If they don't do it within a week, send a reminder. After a week send another reminder to the slackers. And after yet another week, produce an exception report for staff to follow up however they see fit, which could mean that staff tell the automated process to tag all those slackers as "NO RESPONSE TO CONTACT SINCE 14Mar2010" or some such. A couple of man-hours to run the process every six months, and a bit of development work up front. I think that the idea is very WORKABLE and in fact, is pretty straightforward to implement and to run with. --Michael Dillon _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From michael.dillon at bt.com Thu Feb 4 08:39:30 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Thu, 4 Feb 2010 13:39:30 -0000 Subject: [arin-ppml] Drawing a distinction In-Reply-To: <8aeeaff61002030845w147ec89ek4b72fac22221a71d@mail.gmail.com> Message-ID: <28E139F46D45AF49A31950F88C497458050D9598@E03MVZ2-UKDY.domain1.systemhost.net> > ... my thinking is that ARIN needs to have all the > info. on the reallocation and in many cases, the information > available to the public is not as detailed as the info. which > is available to ARIN. In the WHOIS policy that is under consideration, it would be useful to add some language to the policy that draws a clear distinction between information provided to ARIN for the purposes of publishing a WHOIS DIRECTORY and information provided to ARIN HOSTMASTERS, most probably UNDER NDA, for the purposes of ASSESSING AN APPLICATION. I believe that there is no need at present to change anything regarding the information used by ARIN HOSTMASTERS but because, historically, this information was part of the published information, I think that the new policy should draw a clear disctinction in the text, and then discuss things like the purpose of the WHOIS directory, what information MAY be published, what information MUST be published, and so on. In other words, this policy proposal provides an opportunity to clear up and clarify the policy around this issue so that any discussions regarding information used by the hostmasters can be deferred to another time. We may even discover a 3rd type of information to cover in the policy, for instance researchers. It was after a discussion with some people who had bonafide needs for research info that I came up with this rationale for including an "organizational type". i) The classification system for organization types has been intentionally left unspecified. Obviously, it needs to include "individual" as a type but it could include NAICS sector codes, e.g. "NAICS 25" is the construction industry. It could also include NTEE codes for non-profits e.g. "NTEE H" is Medical research. And it could include some simple codes like "Company", "Non-Profit", "Education", "Government" for users who don't know about the various classification systems. I could see the use of collecting this info separately, not for open publication, but for release to bonafide academic researchers and for inclusion in various ARIN stats reporting. It is neither whois info nor is it needed to assess an application. --Michael Dillon From michael.dillon at bt.com Thu Feb 4 08:42:39 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Thu, 4 Feb 2010 13:42:39 -0000 Subject: [arin-ppml] Proposal 2010-3-ARIN-PPML Digest In-Reply-To: <8aeeaff61002031034o57a244e8ufb5b55b8d60eba9d@mail.gmail.com> Message-ID: <28E139F46D45AF49A31950F88C497458050D95A7@E03MVZ2-UKDY.domain1.systemhost.net> > In the light of the sheer size of the database, and > increasing numbers of records, I cannot disagree. I was also > reminded by a friend yesterday that the definition of Privacy > is undergoing substantial change in both Government and > Private sector spheres and the use of Social networks is I > think responsible for a need to rethink what we mean by it. Yes, and one possible outcome is to say: In light of the fact that so much of this information is readily available elsewhere on the Internet, ARIN will no longer collect or publish x, y and z, but will focus solely on providing network technical contact info for those organizations for which it has a direct contractual relationship. --Michael Dillon From michael.dillon at bt.com Thu Feb 4 08:53:12 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Thu, 4 Feb 2010 13:53:12 -0000 Subject: [arin-ppml] Petition Underway - Policy Proposal 95: CustomerConfidentiality - Time Sensitive In-Reply-To: <4B69FA3C.3040903@office.tcsn.net> Message-ID: <28E139F46D45AF49A31950F88C497458050D95DA@E03MVZ2-UKDY.domain1.systemhost.net> > In regards to Prop 95, it is my opinion that protecting the > service provider from the possibility of customer 'theft' is > insufficient grounds for obfuscating contact information for > re-assigned IP networks. I agree with you but would like to note that you are only addressing the rationale of 2010-3, not the actual policy text itself. In spite of the fact that I agree with you, I still believe that the 2010-3 is a good change and should be implemented with a bit of wordsmithing such as removing the last sentence since ARIN hostmasters already sign NDAs which prohibit disclosing information. If I remember correctly, they are also prohibited from disclosing such info to the Board of Trustees, the Advisory Council, and all other ARIN staff including the supervisor of Registration Services who is their boss. > What's becoming clear as I have read this thread and last > years original thread on the original prop 95 is that there > is a third class of networks smaller than a /24 that should > perhaps be considered. And a 4th class where Joe Bloe, in his bedroom in the rooming house (or frat house) gets a full /48 assignment, just like the 200 acre, 27 building Ford factory across town. > Trivial re-assignments, smaller than the bottom of the > 'small' range, do not require specific listing and are > covered under the general listing for the ISP as the point of > contact and responsible party for the larger aggregate > network and implied transit provider. Sounds like all IPv6 assignments /48 or less, would not go into whois, which is not much different from saying that only organizations under contract with ARIN go into whois. I know people are focusing on the IPv4 policy, but it would be really, really nice to have one policy covering all resources, even including ASNs. I think that this is possible and I think that if the text presented to the meeting covers this possibility, it would open up people's thinking enough to break the logjam on whois policy. --Michael Dillon From mcr at sandelman.ca Thu Feb 4 06:30:16 2010 From: mcr at sandelman.ca (Michael Richardson) Date: Thu, 04 Feb 2010 06:30:16 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B563F50.1070306@umn.edu> References: <4B563F50.1070306@umn.edu> Message-ID: <9413.1265283016@marajade.sandelman.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "David" == David Farmer writes: David> At the Dearborn meeting I heard a lot of people say that ARIN David> shouldn't dictate routing policy. I personally would find it David> hard to reconcile that stance with the idea of ARIN assigning David> non-connected /48s from a separate block. At least without an David> RFC defining centrally assignable ULA addressing, then ARIN David> would not be defining it, the IETF would be, ARIN would only David> be implementing something defined by the IETF. I don't understand your view here. ARIN does define routing policy right now --- if you ask ARIN for address space, you get routable address space, and ARIN defines the policy by which you can get it. There is presently only one question I can ask, and one set of criteria I can satisfy. If I satisfy the criteria I get one thing: routable address space. How do you see it? What I liked about policy 103 was that it tried to remove ARIN as the arbitor of a single policy, and instead provide ARIN with a series of different policies which it could execute. The evident for which policy was executed is expressed in which block address space is allocated from. This makes it clear to the ISPs which set of criteria had been satified, leaving the ISPs able to formulate their own policies. yes, that likely leads to a more disconnected IPv6net than we had with IPv4net, but that's okay to me --- most enterprises' should be using PA prefixes to get youtube. It's all the other uses (some of which that we do not even know about yet), that enterprises need the other kinds of policies for. I suggest that fewer enterprises will need their own blocks in IPv6net than needed it in IPv4net. What I have been asking for is for a different policy that provides for a different kind of address space (at the request of the requestor...). If you are saying that ARIN can not make this decision with an IETF action, then okay --- the pushback I've gotten over the years from IETF is that this is an allocation policy matter, and I should talk to my RIR. As part of that, many have pointed out that RIPE is much more liberal with blocks than ARIN is. (I do not live in Europe or directly manage networks there, so I have no direct RIPE experience, only second-hand experience, including a few unrouted RIPE /48s which were just thrown at me to use in the past) - -- ] He who is tired of Weird Al is tired of life! | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ Kyoto Plus: watch the video then sign the petition. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Finger me for keys iQEVAwUBS2qvxoCLcPvd0N1lAQIEAAgAwiR86cY7Eo50rmnv9F3/eW6EXyuQ6S/F re7BmSfxOX4r/+9CHGVNDOmLy3GcwCIytndUuWVhJQwnlF7pojhzfpM4fH2BMn4q Se5/kVn3re7wZ/JvnSAhaO972un/ENB1kg6nZhLr2IVmqzeX6PgFz/OezyGO4El9 aQMaCJ/yWtuEW49cC+yL1Ru0VI76gpxPyHWuuC6O6+Kqpsg8uLa89n99r2XoOyy2 YfqW5Fp0LqiQadqSEZKsL+Hw0HyuCSY58G8HgQ8Isvlk6tzwzW+gTtHopnjHnWK+ izpcCn+1dKqRq4CfLpm9MgfaFL+N1THVELzrVK53phsK3AcxN21HvA== =KnwN -----END PGP SIGNATURE----- From info at arin.net Thu Feb 4 11:33:18 2010 From: info at arin.net (Member Services) Date: Thu, 04 Feb 2010 11:33:18 -0500 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements Message-ID: <4B6AF6CE.7000709@arin.net> ARIN received the following policy proposal and is posting it to the Public Policy Mailing List (PPML) in accordance with Policy Development Process. This proposal is in the first stage of the Policy Development Process. ARIN staff will perform the Clarity and Understanding step. Staff does not evaluate the proposal at this time, their goal is to make sure that they understand the proposal and believe the community will as well. Staff will report their results to the ARIN Advisory Council (AC) within 10 days. The AC will review the proposal at their next regularly scheduled meeting (if the period before the next regularly scheduled meeting is less than 10 days, then the period may be extended to the subsequent regularly scheduled meeting). The AC will decide how to utilize the proposal and announce the decision to the PPML. In the meantime, the AC invites everyone to comment on the proposal on the PPML, particularly their support or non-support and the reasoning behind their opinion. Such participation contributes to a thorough vetting and provides important guidance to the AC in their deliberations. Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html The ARIN Policy Development Process can be found at: https://www.arin.net/policy/pdp.html Mailing list subscription information can be found at: https://www.arin.net/mailing_lists/ Regards, Member Services American Registry for Internet Numbers (ARIN) ## * ## Policy Proposal 109: Standardize IP Reassignment Registration Requirements Proposal Originator: Chris Grundemann Proposal Version: 1.0 Date: 4 FEB 2010 Proposal type: Modify Policy term: Permanent Policy statement: ## Definitions ## - Add: 2.3. Organizational Information When required, organization Information must include at a minimum: Legal name, city, state, zip code equivalent and at least one valid technical or abuse POC; inclusion of street address is highly encouraged. The POC shall be designated by the organization and must include at least one verifiable email address, inclusion of a phone number is highly encouraged. ## IPv4 ## - Rename 4.2.3.7. "Reassignment information" to "Registration" - Rename 4.2.3.7.1. "Customer organization information" to "Reassignment Information" and replace text with: When an organization holding an IPv4 address allocation makes IPv4 address assignments, it must register reassignment information via SWIP or RWHOIS server. SWIP and RWHOIS reassignments shall include each client's organizational information, except where specifically exempted by this policy. - Replace 4.2.3.7.6. Residential Customer Privacy with: 4.2.3.7.6. Residential Subscribers 4.2.3.7.6.1. Residential Market Area In most cases, ISPs that have residential subscribers assign address space to the infrastructure to which their customers connect rather than to individual subscribers. This assignment information regarding each market area holding an address block should be registered with the network name used to identify each market area. Initial allocations are based on total number of homes that could purchase the service in a given market area. Each assignment to specific end-users of /29 and larger blocks still requires individual registration. 4.2.3.7.6.2. Residential Customer Privacy To maintain the privacy of their residential customers, an organization with downstream residential customers holding /29 and larger blocks may substitute that organization's name for the customer's name, e.g. 'Private Customer - XYZ Network', and the customer's street address may read 'Private Residence'. Each private downstream residential reassignment must have accurate upstream Abuse and Technical POCs visible on the WHOIS record for that block. - Strike section 4.2.6. "Cable Address Space Policy" ## IPv6 ## - Replace Section 6.5.5. with: 6.5.5. Registration 6.5.5.1. Reassignment information When an organization holding an IPv6 address allocation makes IPv6 address assignments, it must register reassignment information in a database, accessible by RIRs as appropriate (information registered by an RIR may be replaced by a distributed database for registering address management information in future). These reassignment registrations shall include each client's organizational information, except where specifically exempted by this policy. 6.5.5.2. /56 registered unit Information is registered in units of assigned /56 networks. When more than a /56 is assigned to a client organization, the assigning organization is responsible for ensuring that the address space is registered in an RIR database. 6.5.5.3. Submit within 7 days Any time an LIR receives a new block of address space, reassignment information should be submitted within 7 days of issuance of the new space. 6.5.5.4. Visible via WHOIS This information must be visible via WHOIS prior to submitting a request for a new allocation. For further information on reassigning IP address space, please see RFC 2050. 6.5.5.6. Residential Subscribers 6.5.5.6.1. Residential Market Area In most cases, ISPs that have residential subscribers assign address space to the infrastructure to which their customers connect rather than to individual subscribers. This assignment information regarding each market area holding an address block should be registered with the network name used to identify each market area. Initial allocations are based on total number of homes that could purchase the service in a given market area. Each assignment to specific end-users of /56 and larger blocks still requires individual registration. 6.5.5.6.2. Residential Customer Privacy To maintain the privacy of their residential customers, an organization with downstream residential customers holding /56 and larger blocks may substitute that organization's name for the customer's name, e.g. 'Private Customer - XYZ Network', and the customer's street address may read 'Private Residence'. Each private downstream residential reassignment must have accurate upstream Abuse and Technical POCs visible on the WHOIS record for that block. Rationale: This proposal intends to do several things: 1) Bring IPv4 and IPv6 policy more in line with each other to make the NRPM easier to understand and comply with - at least as it relates to reassignment information. 2) Specifically define what organizational information is required to be added to whois when reassignments are made to client organizations. 3) To specifically state that a client organization may designate the POC of their choice for any/all whois entries. This includes designating an upstream POC as their own prefered POC. 4) Expands the priviledges previously reserved solely for cable ISPs to all ISPs/LIRs with residential subscribers. Namely the ability to SWIP/RWHOIS an entire residential market area as one reassignment. It also expands this priviledge to IPv6 reasignments, instead of just IPv4 as it is now. Timetable for implementation: Immediate From packetgrrl at gmail.com Thu Feb 4 11:05:52 2010 From: packetgrrl at gmail.com (cja@daydream.com) Date: Thu, 4 Feb 2010 09:05:52 -0700 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <9413.1265283016@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> Message-ID: Michael, Per ARIN's Number Resource Policy Manual it says this: "4.1.1. Routability Provider independent (portable) addresses issued directly from ARIN or other Regional Registries are not guaranteed to be globally routable. Therefore, ISPs should consider the following order of priority when requesting IP address space: - Request IP address space from upstream provider - Request IP address space from provider's provider - Request IP address space from ARIN (not guaranteed to be globally routable)" Address allocations and assignments from ARIN are not guaranteed to be routable. -----Cathy On Thu, Feb 4, 2010 at 4:30 AM, Michael Richardson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > >>>>> "David" == David Farmer writes: > David> At the Dearborn meeting I heard a lot of people say that ARIN > David> shouldn't dictate routing policy. I personally would find it > David> hard to reconcile that stance with the idea of ARIN assigning > David> non-connected /48s from a separate block. At least without an > David> RFC defining centrally assignable ULA addressing, then ARIN > David> would not be defining it, the IETF would be, ARIN would only > David> be implementing something defined by the IETF. > > I don't understand your view here. > > ARIN does define routing policy right now --- if you ask ARIN for > address space, you get routable address space, and ARIN defines the > policy by which you can get it. There is presently only one question I > can ask, and one set of criteria I can satisfy. If I satisfy the > criteria I get one thing: routable address space. > > How do you see it? > > What I liked about policy 103 was that it tried to remove ARIN as the > arbitor of a single policy, and instead provide ARIN with a series of > different policies which it could execute. The evident for which policy > was executed is expressed in which block address space is allocated > from. > > This makes it clear to the ISPs which set of criteria had been satified, > leaving the ISPs able to formulate their own policies. yes, that > likely leads to a more disconnected IPv6net than we had with IPv4net, > but that's okay to me --- most enterprises' should be using PA prefixes > to get youtube. > > > It's all the other uses (some of which that we do not even know about > yet), that enterprises need the other kinds of policies for. I suggest > that fewer enterprises will need their own blocks in IPv6net than needed > it in IPv4net. > > What I have been asking for is for a different policy that provides for > a different kind of address space (at the request of the requestor...). > > If you are saying that ARIN can not make this decision with an IETF > action, then okay --- the pushback I've gotten over the years from IETF > is that this is an allocation policy matter, and I should talk to my > RIR. As part of that, many have pointed out that RIPE is much more > liberal with blocks than ARIN is. (I do not live in Europe or directly > manage networks there, so I have no direct RIPE experience, only > second-hand experience, including a few unrouted RIPE /48s which were > just thrown at me to use in the past) > > - -- > ] He who is tired of Weird Al is tired of life! | > firewalls [ > ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net > architect[ > ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device > driver[ > Kyoto Plus: watch the video > then sign the petition. > > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Finger me for keys > > iQEVAwUBS2qvxoCLcPvd0N1lAQIEAAgAwiR86cY7Eo50rmnv9F3/eW6EXyuQ6S/F > re7BmSfxOX4r/+9CHGVNDOmLy3GcwCIytndUuWVhJQwnlF7pojhzfpM4fH2BMn4q > Se5/kVn3re7wZ/JvnSAhaO972un/ENB1kg6nZhLr2IVmqzeX6PgFz/OezyGO4El9 > aQMaCJ/yWtuEW49cC+yL1Ru0VI76gpxPyHWuuC6O6+Kqpsg8uLa89n99r2XoOyy2 > YfqW5Fp0LqiQadqSEZKsL+Hw0HyuCSY58G8HgQ8Isvlk6tzwzW+gTtHopnjHnWK+ > izpcCn+1dKqRq4CfLpm9MgfaFL+N1THVELzrVK53phsK3AcxN21HvA== > =KnwN > -----END PGP SIGNATURE----- > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From marla.azinger at frontiercorp.com Thu Feb 4 11:29:21 2010 From: marla.azinger at frontiercorp.com (Azinger, Marla) Date: Thu, 4 Feb 2010 11:29:21 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <9413.1265283016@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> Message-ID: <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> Just trying to clarify a couple notes here. ARIN's charter does not included routing policy. It only includes the management and stewardship of IP Address Space. Also it does not guarantee that the address space you are allocated will be routable. That said, there have been times that address policy has been passed that crosses that line, includes routing policy and tries to dictate how networks should operate, and that is a big point of contention when it does. Lately several proposals have been submitted that attempt to write routing policy into the IP Address Policy. This needs to be debated heavily since its not in the Charter and it also makes the need for Network Operators to get involved on ppml to discuss the merits or lack thereof. Regards Marla Azinger Frontier Communications -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Michael Richardson Sent: Thursday, February 04, 2010 3:30 AM To: arin-ppml at arin.net Subject: Re: [arin-ppml] IPv6 Non-connected networks -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "David" == David Farmer writes: David> At the Dearborn meeting I heard a lot of people say that ARIN David> shouldn't dictate routing policy. I personally would find it David> hard to reconcile that stance with the idea of ARIN assigning David> non-connected /48s from a separate block. At least without an David> RFC defining centrally assignable ULA addressing, then ARIN David> would not be defining it, the IETF would be, ARIN would only David> be implementing something defined by the IETF. I don't understand your view here. ARIN does define routing policy right now --- if you ask ARIN for address space, you get routable address space, and ARIN defines the policy by which you can get it. There is presently only one question I can ask, and one set of criteria I can satisfy. If I satisfy the criteria I get one thing: routable address space. How do you see it? What I liked about policy 103 was that it tried to remove ARIN as the arbitor of a single policy, and instead provide ARIN with a series of different policies which it could execute. The evident for which policy was executed is expressed in which block address space is allocated from. This makes it clear to the ISPs which set of criteria had been satified, leaving the ISPs able to formulate their own policies. yes, that likely leads to a more disconnected IPv6net than we had with IPv4net, but that's okay to me --- most enterprises' should be using PA prefixes to get youtube. It's all the other uses (some of which that we do not even know about yet), that enterprises need the other kinds of policies for. I suggest that fewer enterprises will need their own blocks in IPv6net than needed it in IPv4net. What I have been asking for is for a different policy that provides for a different kind of address space (at the request of the requestor...). If you are saying that ARIN can not make this decision with an IETF action, then okay --- the pushback I've gotten over the years from IETF is that this is an allocation policy matter, and I should talk to my RIR. As part of that, many have pointed out that RIPE is much more liberal with blocks than ARIN is. (I do not live in Europe or directly manage networks there, so I have no direct RIPE experience, only second-hand experience, including a few unrouted RIPE /48s which were just thrown at me to use in the past) - -- ] He who is tired of Weird Al is tired of life! | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ Kyoto Plus: watch the video then sign the petition. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Finger me for keys iQEVAwUBS2qvxoCLcPvd0N1lAQIEAAgAwiR86cY7Eo50rmnv9F3/eW6EXyuQ6S/F re7BmSfxOX4r/+9CHGVNDOmLy3GcwCIytndUuWVhJQwnlF7pojhzfpM4fH2BMn4q Se5/kVn3re7wZ/JvnSAhaO972un/ENB1kg6nZhLr2IVmqzeX6PgFz/OezyGO4El9 aQMaCJ/yWtuEW49cC+yL1Ru0VI76gpxPyHWuuC6O6+Kqpsg8uLa89n99r2XoOyy2 YfqW5Fp0LqiQadqSEZKsL+Hw0HyuCSY58G8HgQ8Isvlk6tzwzW+gTtHopnjHnWK+ izpcCn+1dKqRq4CfLpm9MgfaFL+N1THVELzrVK53phsK3AcxN21HvA== =KnwN -----END PGP SIGNATURE----- _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From scottleibrand at gmail.com Thu Feb 4 11:41:46 2010 From: scottleibrand at gmail.com (Scott Leibrand) Date: Thu, 4 Feb 2010 08:41:46 -0800 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements In-Reply-To: <4B6AF6CE.7000709@arin.net> References: <4B6AF6CE.7000709@arin.net> Message-ID: <7B585B5D-AC81-4731-B3BF-7A07B6112E4B@gmail.com> I like it. For IPv6, should the cutoff be "more than a /56" or "/56 and larger blocks"? IMO more than /56 is better, but it needs to be made consistent. Thanks, Scott On Feb 4, 2010, at 8:33 AM, Member Services wrote: > ARIN received the following policy proposal and is posting it to the > Public Policy Mailing List (PPML) in accordance with Policy > Development > Process. > > This proposal is in the first stage of the Policy Development Process. > ARIN staff will perform the Clarity and Understanding step. Staff does > not evaluate the proposal at this time, their goal is to make sure > that > they understand the proposal and believe the community will as well. > Staff will report their results to the ARIN Advisory Council (AC) > within > 10 days. > > The AC will review the proposal at their next regularly scheduled > meeting (if the period before the next regularly scheduled meeting is > less than 10 days, then the period may be extended to the subsequent > regularly scheduled meeting). The AC will decide how to utilize the > proposal and announce the decision to the PPML. > > In the meantime, the AC invites everyone to comment on the proposal on > the PPML, particularly their support or non-support and the reasoning > behind their opinion. Such participation contributes to a thorough > vetting and provides important guidance to the AC in their > deliberations. > > Draft Policies and Proposals under discussion can be found at: > https://www.arin.net/policy/proposals/index.html > > The ARIN Policy Development Process can be found at: > https://www.arin.net/policy/pdp.html > > Mailing list subscription information can be found > at: https://www.arin.net/mailing_lists/ > > Regards, > > Member Services > American Registry for Internet Numbers (ARIN) > > > ## * ## > > > Policy Proposal 109: Standardize IP Reassignment Registration > Requirements > > Proposal Originator: Chris Grundemann > > Proposal Version: 1.0 > > Date: 4 FEB 2010 > > Proposal type: Modify > > Policy term: Permanent > > Policy statement: > > ## Definitions ## > > - Add: > > 2.3. Organizational Information > > When required, organization Information must include at a minimum: > Legal name, city, state, zip code equivalent and at least one valid > technical or abuse POC; inclusion of street address is highly > encouraged. The POC shall be designated by the organization and must > include at least one verifiable email address, inclusion of a phone > number is highly encouraged. > > ## IPv4 ## > > - Rename 4.2.3.7. "Reassignment information" to "Registration" > > - Rename 4.2.3.7.1. "Customer organization information" to > "Reassignment Information" and replace text with: > > When an organization holding an IPv4 address allocation makes IPv4 > address assignments, it must register reassignment information via > SWIP or RWHOIS server. SWIP and RWHOIS reassignments shall include > each client's organizational information, except where specifically > exempted by this policy. > > - Replace 4.2.3.7.6. Residential Customer Privacy with: > > 4.2.3.7.6. Residential Subscribers > > 4.2.3.7.6.1. Residential Market Area > > In most cases, ISPs that have residential subscribers assign address > space to the infrastructure to which their customers connect rather > than to individual subscribers. This assignment information regarding > each market area holding an address block should be registered with > the network name used to identify each market area. Initial > allocations are based on total number of homes that could purchase the > service in a given market area. Each assignment to specific end-users > of /29 and larger blocks still requires individual registration. > > 4.2.3.7.6.2. Residential Customer Privacy > > To maintain the privacy of their residential customers, an > organization with downstream residential customers holding /29 and > larger blocks may substitute that organization's name for the > customer's name, e.g. 'Private Customer - XYZ Network', and the > customer's street address may read 'Private Residence'. Each private > downstream residential reassignment must have accurate upstream Abuse > and Technical POCs visible on the WHOIS record for that block. > > - Strike section 4.2.6. "Cable Address Space Policy" > > ## IPv6 ## > > - Replace Section 6.5.5. with: > > 6.5.5. Registration > > 6.5.5.1. Reassignment information > > When an organization holding an IPv6 address allocation makes IPv6 > address assignments, it must register reassignment information in a > database, accessible by RIRs as appropriate (information registered by > an RIR may be replaced by a distributed database for registering > address management information in future). These reassignment > registrations shall include each client's organizational information, > except where specifically exempted by this policy. > > 6.5.5.2. /56 registered unit > > Information is registered in units of assigned /56 networks. When more > than a /56 is assigned to a client organization, the assigning > organization is responsible for ensuring that the address space is > registered in an RIR database. > > 6.5.5.3. Submit within 7 days > > Any time an LIR receives a new block of address space, reassignment > information should be submitted within 7 days of issuance of the new > space. > > 6.5.5.4. Visible via WHOIS > > This information must be visible via WHOIS prior to submitting a > request for a new allocation. For further information on reassigning > IP address space, please see RFC 2050. > > 6.5.5.6. Residential Subscribers > > 6.5.5.6.1. Residential Market Area > > In most cases, ISPs that have residential subscribers assign address > space to the infrastructure to which their customers connect rather > than to individual subscribers. This assignment information regarding > each market area holding an address block should be registered with > the network name used to identify each market area. Initial > allocations are based on total number of homes that could purchase the > service in a given market area. Each assignment to specific end-users > of /56 and larger blocks still requires individual registration. > > 6.5.5.6.2. Residential Customer Privacy > > To maintain the privacy of their residential customers, an > organization with downstream residential customers holding /56 and > larger blocks may substitute that organization's name for the > customer's name, e.g. 'Private Customer - XYZ Network', and the > customer's street address may read 'Private Residence'. Each private > downstream residential reassignment must have accurate upstream Abuse > and Technical POCs visible on the WHOIS record for that block. > > > Rationale: > > This proposal intends to do several things: > 1) Bring IPv4 and IPv6 policy more in line with each other to make the > NRPM easier to understand and comply with - at least as it relates to > reassignment information. > 2) Specifically define what organizational information is required to > be added to whois when reassignments are made to client organizations. > 3) To specifically state that a client organization may designate the > POC of their choice for any/all whois entries. This includes > designating an upstream POC as their own prefered POC. > 4) Expands the priviledges previously reserved solely for cable ISPs > to all ISPs/LIRs with residential subscribers. Namely the ability to > SWIP/RWHOIS an entire residential market area as one reassignment. It > also expands this priviledge to IPv6 reasignments, instead of just > IPv4 as it is now. > > Timetable for implementation: Immediate > > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. From mcr at sandelman.ca Thu Feb 4 12:23:29 2010 From: mcr at sandelman.ca (Michael Richardson) Date: Thu, 04 Feb 2010 12:23:29 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> Message-ID: <3995.1265304209@marajade.sandelman.ca> Can you give me an example of a piece of address space (IPv4 or IPv6) that ARIN has issued that turned out to not be routable on the DFZ? The only example I can see are some of the 69/8 and 70/8 (if I got those prefixes right), which many people had bogon filters for, and it took a few months for those filters to get completely removed. (Please ignore micro-allocations for IXs, which are often intended not to be routable, but often turn out to be easily routed) I understand covering-your-ass legalize in the document, but really, let's be pragmatic here. -- ] He who is tired of Weird Al is tired of life! | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ Kyoto Plus: watch the video then sign the petition. From packetgrrl at gmail.com Thu Feb 4 13:17:42 2010 From: packetgrrl at gmail.com (cja@daydream.com) Date: Thu, 4 Feb 2010 11:17:42 -0700 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3995.1265304209@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> <3995.1265304209@marajade.sandelman.ca> Message-ID: Michael, Sure I can give you an example. At one point the company I worked for received 24.0.0.0/14. It was not globally routable. For some time, I would say close to a year, Sprint would only listen to advertisements for 24.0.0.0/8. Everyone who had a block of net 24 would advertise that block as well as 24.0.0.0/8 and depending on the day and how lucky you were if Sprint preferred your advertisement to 24.0.0.0/8 then you could get to Sprint customers. The other issue regarding this block was that most of the world didn't have their routers configured to understand a subnet of a traditional "class A" block. So our NOC spent probably 1/2 it's time tracking down these sites and getting them to add the appropriate commands. It was a ton of fun! ----Cathy On Thu, Feb 4, 2010 at 10:23 AM, Michael Richardson wrote: > > Can you give me an example of a piece of address space (IPv4 or IPv6) > that ARIN has issued that turned out to not be routable on the DFZ? > > The only example I can see are some of the 69/8 and 70/8 (if I got those > prefixes right), which many people had bogon filters for, and it took a > few months for those filters to get completely removed. > > (Please ignore micro-allocations for IXs, which are often intended not > to be routable, but often turn out to be easily routed) > > I understand covering-your-ass legalize in the document, but really, > let's be pragmatic here. > > -- > ] He who is tired of Weird Al is tired of life! | > firewalls [ > ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net > architect[ > ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device > driver[ > Kyoto Plus: watch the video > then sign the petition. > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bill at herrin.us Thu Feb 4 14:42:15 2010 From: bill at herrin.us (William Herrin) Date: Thu, 4 Feb 2010 14:42:15 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B563F50.1070306@umn.edu> References: <4B563F50.1070306@umn.edu> Message-ID: <3c3e3fca1002041142w232dc952q8173dd1ccfed17db@mail.gmail.com> On Tue, Jan 19, 2010 at 6:25 PM, David Farmer wrote: > At the Dearborn meeting I heard a lot of people say that ARIN shouldn't > dictate routing policy. ?I personally would find it hard to reconcile that > stance with the idea of ARIN assigning non-connected /48s from a separate > block. At least without an RFC defining centrally assignable ULA addressing, > then ARIN would not be defining it, the IETF would be, ARIN would only be > implementing something defined by the IETF. Hi David, When ARIN assigns two different classes of use interspersed within the same address block, functionally they dictate that however service providers treat the one use, they will treat the other the same. If one use must be carried on the Internet by reasonable ISPs then ARIN has dictated that the other use will be carried too. In practical effect, ARIN has set the routing policy for that second class of use. Two obvious examples of this would be: Assigning /22's adjacent to /16's. ARIN's practice dictates that the /16's will be disaggregable by the assignee to /22 for TE purposes as well. Assigning multihomed and non-multihomed prefixes adjacent to each other. ARIN's practice dictates that the ISPs will not distinguish between routes announced by multihomed and single-homed entities. When folks say "ARIN shouldn't dictate routing policy," what they mean is, "ARIN should allocate address in a manner which makes it technically practical for ISPs to hang their own routing policies off the specific, major classes of use." Some vectors which create the major classes of use include: Aggregable (traffic engineering, single-homed downstream entities) / non-aggregable (distinct multihomed entitiy) Big / Small Residential / commercial / government My legal jurisdiction (aka country) / other jurisdiction Internet-connected / not internet connected Pay me / don't pay me Perhaps others can suggest some additional IP address use vectors which draw an important distinction with respect to desirable routing policy. > So what is the direction the community wants to go for IPv6 non-connected > networks? Published unique pool so that ISPs can assure that the non-connected networks stay non-connected, even if Jim's Bait and Network Services gets bribed to introduce a route. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From mcr at sandelman.ca Thu Feb 4 14:42:44 2010 From: mcr at sandelman.ca (Michael Richardson) Date: Thu, 04 Feb 2010 14:42:44 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> <3995.1265304209@marajade.sandelman.ca> Message-ID: <16258.1265312564@marajade.sandelman.ca> >>>>> "packetgrrl" == packetgrrl writes: packetgrrl> Sure I can give you an example. At one point the packetgrrl> company I worked for received 24.0.0.0/14. It was not packetgrrl> globally routable. For some time, I would say close to packetgrrl> a year, Sprint would only listen to advertisements for So, ARIN gave you a CIDR block when CIDR was still not yet "out there". It seems to me like this was a policy mistake --- a policy was rolled out before it the network was ready for it. -- ] He who is tired of Weird Al is tired of life! | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ Kyoto Plus: watch the video then sign the petition. From packetgrrl at gmail.com Thu Feb 4 14:45:54 2010 From: packetgrrl at gmail.com (cja@daydream.com) Date: Thu, 4 Feb 2010 12:45:54 -0700 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <16258.1265312564@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> <3995.1265304209@marajade.sandelman.ca> <16258.1265312564@marajade.sandelman.ca> Message-ID: Actually it wasn't a policy mistake. There had been a trial with subnets of "class A"s. They seemed to work but our network reached out to lots and lots more destinations by the sheer volume of our customers. So we had to pretty much fix the problem at thousands of little end sites. Also we had no control over (and neither does ARIN) the filtering policies of large ISPs. On Thu, Feb 4, 2010 at 12:42 PM, Michael Richardson wrote: > > >>>>> "packetgrrl" == packetgrrl writes: > packetgrrl> Sure I can give you an example. At one point the > packetgrrl> company I worked for received 24.0.0.0/14. It was not > packetgrrl> globally routable. For some time, I would say close to > packetgrrl> a year, Sprint would only listen to advertisements for > > So, ARIN gave you a CIDR block when CIDR was still not yet "out there". > > It seems to me like this was a policy mistake --- a policy was rolled out > before it the network was ready for it. > > -- > ] He who is tired of Weird Al is tired of life! | > firewalls [ > ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net > architect[ > ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device > driver[ > Kyoto Plus: watch the video > then sign the petition. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bicknell at ufp.org Thu Feb 4 14:54:58 2010 From: bicknell at ufp.org (Leo Bicknell) Date: Thu, 4 Feb 2010 11:54:58 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> <3995.1265304209@marajade.sandelman.ca> <16258.1265312564@marajade.sandelman.ca> Message-ID: <20100204195458.GA8137@ussenterprise.ufp.org> In a message written on Thu, Feb 04, 2010 at 12:45:54PM -0700, cja at daydream.com wrote: > little end sites. Also we had no control over (and neither does ARIN) > the filtering policies of large ISPs. There is a nuance in here that most people seem to ignore when making their point. ARIN does not control routing at any ISP. ARIN has an extremely large influence on ISP's routing policies. These two statements can be completely true at the same time. Sure, ARIN was not able to reach out to an ISP for you and wap them over the head with a stick to say "Route Cathy's network", so you're statement is 100% valid. However, there is also ample evidence that over time ISP's filtering policies tend to mirror ARIN's allocation guidelines. Indeed, the problem you describe has gone away as ISP's have mirrored ARIN's policies. Because of this situation, I argue it is extremely important for those making policy to consider the effects on routeability. Not because ARIN can take a stick to someone, but because it is highly likely to become the rule of the land over time by default. I also think there is a note of caution involved as well; the current system works well in part because over time ISP's policies mirror ARIN's. While that is not required, I believe it's relatively trival to show that if this were not the case costs for everyone would go up. ARIN would see more blocks returned and fraud in requests looking for routable blocks, ISP's and businesses would have to deal with those who received unroutable networks through ignorace or accident. Routablilty is one of many concerns when drafting policy. It should no more be ignored than it should be assumed to be the end-all be-all. -- Leo Bicknell - bicknell at ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available URL: From bill at herrin.us Thu Feb 4 15:43:04 2010 From: bill at herrin.us (William Herrin) Date: Thu, 4 Feb 2010 15:43:04 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> Message-ID: <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> On Thu, Feb 4, 2010 at 11:05 AM, cja at daydream.com wrote: > Per ARIN's Number Resource Policy Manual it says this: > "4.1.1. Routability > Address allocations and assignments from ARIN are not guaranteed to be > routable. Hi Cathy, I think what's starting to happen is that as a community we're recognizing that statement as a major and expensive cop-out. Sure, sure, ARIN's not legally liable if my addresses aren't routeable. But we all know, wink and nod, that we get addresses from ARIN *because* we can use them on the public Internet. So, why not fess up to the reality and either: 1. Make ARIN officially the routing policy arbiter for North America with appropriate care given to checks and balances, or 2. Adjust ARIN's process so that ISPs actually do control their own routing policies. On Thu, Feb 4, 2010 at 2:54 PM, Leo Bicknell wrote: > There is a nuance in here that most people seem to ignore when > making their point. > > ARIN does not control routing at any ISP. > > ARIN has an extremely large influence on ISP's routing policies. Hi Leo, The dozen major airlines exert somewhat more than an "extremely large influence" over the route I take from DC to Hawaii, and they don't have ARIN's geographic monopoly. He who controls the IP addresses controls the scope and shape of the choices that others can make with the IP addresses. That control can be used to create a rich wealth of reasonable choices or it can be used to narrow them to just a few. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From barbara.roseman at icann.org Thu Feb 4 16:14:57 2010 From: barbara.roseman at icann.org (Barbara Roseman) Date: Thu, 4 Feb 2010 13:14:57 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> Message-ID: <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> Bill and others, I think there's a subtle but important distinction that's being lost, and that Cathy and Marla tried to clarify. ARIN guarantees unique address allocations/assignments, much as IANA guarantees unique address allocations to the RIRs. Unique assignment does not mean that someone else hasn't already decided to use those addresses or to block those addresses through un-updated bogon filters. That is in large measure what is meant by not guaranteeing routeability of the addresses. ARIN, nor any other entity, can guarantee that all the other players will follow the rules. Additionally, and more controversially, ARIN does not set routing policy for any of the ISPs. As several have pointed out, there is an extremely strong influence by ARIN's allocation and assignment policies on how routing policy is managed, so that whenever ARIN drops the minimal allocation size, ISPs have to make decisions about routing those new smaller announcements, but there is no necessity for them to do so. Most will, because, as Leo pointed out, when you have /22s and /16s in the same netblock, it's hard to come up with TE rules that make a distinction, and that is why ISPs want to have full and frank discussions about the impact to routing whenever such policy is broached (as Marla said). All of this has been discussed many times. ARIN cannot set routing policy not only because it is not in scope, but because it does not have any authority over the ISPs/CPs who must make the final decisions about what they will and will not accept as routing announcements. -Barb On Feb 4, 2010, at 12:43 PM, William Herrin wrote: > On Thu, Feb 4, 2010 at 11:05 AM, cja at daydream.com wrote: >> Per ARIN's Number Resource Policy Manual it says this: >> "4.1.1. Routability >> Address allocations and assignments from ARIN are not guaranteed to be >> routable. > > Hi Cathy, > > I think what's starting to happen is that as a community we're > recognizing that statement as a major and expensive cop-out. Sure, > sure, ARIN's not legally liable if my addresses aren't routeable. But > we all know, wink and nod, that we get addresses from ARIN *because* > we can use them on the public Internet. > > So, why not fess up to the reality and either: > > 1. Make ARIN officially the routing policy arbiter for North America > with appropriate care given to checks and balances, or > 2. Adjust ARIN's process so that ISPs actually do control their own > routing policies. > > > On Thu, Feb 4, 2010 at 2:54 PM, Leo Bicknell wrote: >> There is a nuance in here that most people seem to ignore when >> making their point. >> >> ARIN does not control routing at any ISP. >> >> ARIN has an extremely large influence on ISP's routing policies. > > Hi Leo, > > The dozen major airlines exert somewhat more than an "extremely large > influence" over the route I take from DC to Hawaii, and they don't > have ARIN's geographic monopoly. > > He who controls the IP addresses controls the scope and shape of the > choices that others can make with the IP addresses. That control can > be used to create a rich wealth of reasonable choices or it can be > used to narrow them to just a few. > > Regards, > Bill Herrin > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. From Skeeve at eintellego.net Thu Feb 4 17:11:46 2010 From: Skeeve at eintellego.net (Skeeve Stevens) Date: Fri, 5 Feb 2010 09:11:46 +1100 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3995.1265304209@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> <3995.1265304209@marajade.sandelman.ca> Message-ID: <292AF25E62B8894C921B893B53A19D97396AF3312E@BUSINESSEX.business.ad> I am not sure about the ARIN experience with regards to 69/8 and 70/8, but in the APNIC region here we have had an extreme amount of pain over the last 10 years. Your suggestion that bogon filters were cleaned up after a couple of months is ridiculous as we have little way of measuring how many of those un-maintained filter lists are out there until there is a connectivity complaint. In essence, you have no idea how much this is hurting you until it actually does so. In APNIC, ranges such as 125/8 particularly hurt some of my customers as massive organisations such as PayPal took a VERY long time to remove filter lists - a year or more after it was allocated to our region and then allocated to LIR's. I recall this being a massive problem over a Christmas period for some ecommerce sites. Ranged that have been in use for 3-4 years still have the occasional problem with filter lists and the support burden on trying to track these issues down is quite significant. ...Skeeve -- Skeeve Stevens, CEO/Technical Director eintellego Pty Ltd - The Networking Specialists skeeve at eintellego.net / www.eintellego.net Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego -- NOC, NOC, who's there? > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of Michael Richardson > Sent: Friday, 5 February 2010 4:23 AM > To: arin-ppml at arin.net > Subject: Re: [arin-ppml] IPv6 Non-connected networks > > > Can you give me an example of a piece of address space (IPv4 or IPv6) > that ARIN has issued that turned out to not be routable on the DFZ? > > The only example I can see are some of the 69/8 and 70/8 (if I got > those > prefixes right), which many people had bogon filters for, and it took a > few months for those filters to get completely removed. > > (Please ignore micro-allocations for IXs, which are often intended not > to be routable, but often turn out to be easily routed) > > I understand covering-your-ass legalize in the document, but really, > let's be pragmatic here. > > -- > ] He who is tired of Weird Al is tired of life! | > firewalls [ > ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net > architect[ > ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device > driver[ > Kyoto Plus: watch the video > > then sign the petition. > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. From gbonser at seven.com Thu Feb 4 17:20:39 2010 From: gbonser at seven.com (George Bonser) Date: Thu, 4 Feb 2010 14:20:39 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7613@RWC-EX1.corp.seven.com> > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of William Herrin > > Hi Cathy, > > 1. Make ARIN officially the routing policy arbiter for North America > with appropriate care given to checks and balances, or > 2. Adjust ARIN's process so that ISPs actually do control their own > routing policies I believe case number 1 is actually, as you mention, the current default case in that routing policy must be adjusted in order to accommodate the address allocation policies of the RIRs Case number 2 would cause a problem because I could see the ISPs attempt to force customers to be "stickier" to their services or take traffic from a competitor (i.e. protecting their customer lists by an even greater degree). Once a network reaches some size, it is to the benefit of the network user to be multihomed and provider agnostic. The idea is to endeavor NOT to be sticky to any provider and take advantage of better pricing opportunities as they arise where they make business sense. The priorities of the ISP and the network provider are sometimes in opposite directions. The ISP wants to maximize revenues and not lose customers to competition. The user wants to get the best price/performance metric they can obtain which might be counter to the notion of being "sticky" to a provider unless that provider also offers additional services the user requires. It is only natural that the ISPs in a general sense are going to want to make it more difficult for customers to be agile while customers are going to want to be as flexible and agile as possible. It would seem that having someone in charge of the policy that does not stand to gain or lose financially from policy decisions would be in the best interests of everyone. From Skeeve at eintellego.net Thu Feb 4 17:23:56 2010 From: Skeeve at eintellego.net (Skeeve Stevens) Date: Fri, 5 Feb 2010 09:23:56 +1100 Subject: [arin-ppml] FW: [sig-policy] prop-083: Alternative criteria for subsequentIPv6 allocations Message-ID: <292AF25E62B8894C921B893B53A19D97396AF3312F@BUSINESSEX.business.ad> Hey all, Given the current topic of 'IPv6 Non-Connected Networks', I thought that I would let you know of a policy that is presently in discussion on the APNIC lists that I submitted. The crux is that even if aggregation of announcements as a policy is dropped, there is no policy that satisfies the need of LIR's to be able to build non-connected IPv6 networks in the APNIC region. With some basic justification, an LIR should be able to gain subsequent /32 allocations for the purpose of remaining 'as routable as possible'. While APNIC, like other RIR's do not set routing policy, they do heavily influence it. And while they cannot control the practice of community filtering lists based on their own allocation pools, they should not ignore the situation. Given that IPv6 is not a scarce resource and by no means am I suggesting we just burn it for the fun of it, this seems to be a philosophical debate rather than a technical one. This is due to that even if an LIR could de-aggregate its /32 to say, 8 /35's or 16 36's, these entries in the routing table would have the exact same result as if they had 16 * /32's. So due to this, the only restriction here is the pool allocation which the community filter lists are based on - which the RIR's essentially have created and now have the responsibility to consider. ...Skeeve -- Skeeve Stevens, CEO/Technical Director eintellego Pty Ltd - The Networking Specialists skeeve at eintellego.net / www.eintellego.net Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego -- NOC, NOC, who's there? From: sig-policy-bounces at lists.apnic.net [mailto:sig-policy-bounces at lists.apnic.net] On Behalf Of Terence Zhang YH(CNNIC) Sent: Wednesday, 3 February 2010 10:46 PM To: sig-policy at apnic.net Subject: [sig-policy] prop-083: Alternative criteria for subsequentIPv6 allocations Dear SIG members, The proposal, 'Alternative criteria for subsequent IPv6 allocations', has been sent to the Policy SIG for review. It will be presented at the Policy SIG at APNIC 29 in Kuala Lumpur, 1-5 March 2010. We invite you to review and comment on the proposal on the mailing list before the meeting. The comment period on the mailing list before an APNIC meeting is an important part of the policy development process. We encourage you to express your views on the proposal: - Do you support or oppose this proposal? - Does this proposal solve a problem you are experiencing? If so, tell the community about your situation. - Do you see any disadvantages in this proposal? - Is there anything in the proposal that is not clear? - What changes could be made to this proposal to make it more effective? Information about this and other policy proposals is available from: http://www.apnic.net/policy/proposals Randy, Ching-Heng, and Terence ___________________________________________________________________ prop-083-v001: Alternative criteria for subsequent IPv6 allocations ___________________________________________________________________ Author: Skeeve Stevens Version: 1 Date: 3 February 2010 1. Introduction ---------------- This is a proposal to enable current APNIC account holders with existing IPv6 allocations to receive subsequent IPv6 allocations from APNIC for use in networks that are not connected to the initial IPv6 allocation. 2. Summary of current problem ------------------------------ An APNIC account holder with an existing /32 IPv6 allocation (or larger) is unable to deaggregate that allocation into routes smaller than a /32 due to the community practice of 'filter blocking' or 'bogon lists' associated with RIR blocks which are known to have a minimum allocation size of /32 [1]. An LIR may want to build a network in a separate location and provide IPv6 connectivity; however, because the LIR risks routability problems if they deaggregate, they cannot use a subset of their initial allocation in the new location. For example: An ISP has a /32 allocation which they announce via an upstream in New Zealand. The ISP wants to build a new network in Singapore. The ISP's new network in Singapore is not connected to the existing New Zealand network and the ISP is using a local transit provider to obtain dual stacked connectivity. If the network was using IPv4 addresses, the ISP would usually be able to deaggregate their allocation and announce one part of the deaggregated range to the local transit provider. In IPv6, however, this is not possible due to 'community filtering' on ranges smaller than a /32. Such a filter may look like the following: ipv6 prefix-list ipv6-ebgp-strict permit 2400::/12 ge 19 le 32 This above statement in the IPv6 BGP filter recommendations would cause any announcements by an ISP which had an allocation, such as 2400:0000::/32, to announce smaller routes from that block, such as multiple /35s for example, to be filtered. In a default free situation, connectivity to the ISP would be problematic. Instead, the ISP needs to obtain a new /32 allocation to be able to have IPv6 connectivity in the new location with an independent (from their primary network) transit provider. 3. Situation in other RIRs --------------------------- AfriNIC, ARIN, LACNIC and RIPE currently have no similar policies or proposals. However, ARIN mailing lists are presently discussing this situation and there seems to be significant support. 4. Details of the proposal --------------------------- 4.1 It is proposed that alternative criteria be added to the subsequent IPv6 allocation policy [2] to allow current APNIC account holders with networks in multiple locations but without a connecting infrastructure to obtain IPv6 resources for each location. 4.2 To qualify for subsequent IPv6 allocations under the proposed alternative criteria, account holders must: - Be a current APNIC account holder with an existing IPv6 allocation - Be announcing its existing IPv6 allocation - Demonstrate that the LIR has additional networks that are not connected to the network announcing its existing IPv6 allocation 5. Advantages and disadvantages of the proposal ------------------------------------------------ 5.1 Advantages - This proposal enables current APNIC account holders to avoid problematic network design issues and policy issues related to deaggregation. - Current APNIC account holders will be able to acquire resources and announce them separately to transit providers in disparate locations. 5.2 Disadvantages - This proposal could cause faster consumption of IPv6 address space. However, given the size of the total IPv6 pool, the author of this proposal does not see this as a significant issue. 6. Effect on APNIC members --------------------------- APNIC members would be able to build networks in separate locations and obtain local IPv6 connectivity and announce their own resources. 7. Effect on NIRs ------------------ The proposal allows for NIRs to have the choice as to when to adopt this policy for their members. 8. References --------------- [1] For example, see "IPv6 BGP filter recommendations" http://www.space.net/~gert/RIPE/ipv6-filters.html [2] See section 5.2, "Subsequent Allocation Section" in "IPv6 Address Allocation and Assignment Policy" http://www.apnic.net/policy/ipv6-address-policy#5.2 _______________________________________________ -------------- next part -------------- An HTML attachment was scrubbed... URL: From Skeeve at eintellego.net Thu Feb 4 17:04:11 2010 From: Skeeve at eintellego.net (Skeeve Stevens) Date: Fri, 5 Feb 2010 09:04:11 +1100 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <9413.1265283016@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> Message-ID: <292AF25E62B8894C921B893B53A19D97396AF3312D@BUSINESSEX.business.ad> > ARIN does define routing policy right now --- if you ask ARIN for > address space, you get routable address space, and ARIN defines the > policy by which you can get it. There is presently only one question I > can ask, and one set of criteria I can satisfy. If I satisfy the > criteria I get one thing: routable address space. Hey Michael, I would like to understand what you mean 'you get routable address space'? Surely this should mean 'potentially routable space' ? As ARIN cannot guarantee the routability of any address space whatsoever. In the RIPE NCC and APNIC allocation policies they clearly state that they do not guarantee routability of any allocation as they can't control what everyone out there on the internet does, nor control the routing policies of any LIR. ...Skeeve -- Skeeve Stevens, CEO/Technical Director eintellego Pty Ltd - The Networking Specialists skeeve at eintellego.net / www.eintellego.net Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego -- NOC, NOC, who's there? From bill at herrin.us Thu Feb 4 17:37:41 2010 From: bill at herrin.us (William Herrin) Date: Thu, 4 Feb 2010 17:37:41 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> Message-ID: <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> On Thu, Feb 4, 2010 at 4:14 PM, Barbara Roseman wrote: > I think there's a subtle but important distinction > that's being lost, and that Cathy and Marla tried to clarify. Hi Barbara, If I understood the distinction that Cathy and Marla drew, the point they're making is that nowhere does ARIN say what routes an ISP has to carry. ARIN doesn't even say what routes an ISP ought to carry. Nor is there any other legal obligation which compels ISPs to carry any particular routes for addresses ARIN allocates. Like Verizon has done with IPv6 /48's, ISPs are welcome to disregard any routes they don't like for any reason at all. That they rarely exercise that choice means nothing more sinister than that routing the address ARIN allocates is good for business. Do you feel that's a reasonable re-statement of what they said? I'd hate to be obtuse about it, so if I'm missing the their point please help me understand. I think I understand the claim, but I dispute it. Cause and effect is no less potent for being indirect. The practicality of altering BGP routing activity based on a second feed of assignments matched to assignment classes is doubtful. Even if it could be done from a technical perspective, ARIN doesn't publish the criteria by which each registrant qualified for their addresses, so such a feed has no source for its content. Realistically, functionally, technically, the tools I as an operator have for implementing routing policy can only paint with a broad brush. Discard small announcements in this /8. Depreference that one. Unless ARIN classifies registrants in a manner consistent with those tools, my choices for routing policy devolve to two basic options: accept routes announcing ARIN IP addresses or don't. In other words, ARIN sets the routing policy for North America. Not explicitly, cleanly and openly, but haphazardly, indirectly and silently. The unspoken and unintentional yet cumulative net effect of ARIN's allocation practices make ISPs a mob-style offer they can't refuse: carry all of the addresses we approve or carry none of them and lose your business. At this point we're stuck with that for IPv4. The addresses are already deployed. With some mild adjustments to our allocation practices, we don't have to be stuck with that effect for IPv6. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From gbonser at seven.com Thu Feb 4 17:53:21 2010 From: gbonser at seven.com (George Bonser) Date: Thu, 4 Feb 2010 14:53:21 -0800 Subject: [arin-ppml] IPv6 Non-connected networks References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7619@RWC-EX1.corp.seven.com> " The priorities of the ISP and the network provider" should be "The priorities of the ISP and the network user" > -----Original Message----- > From: George Bonser > Sent: Thursday, February 04, 2010 2:21 PM > To: 'William Herrin'; arin-ppml at arin.net > Subject: RE: [arin-ppml] IPv6 Non-connected networks > > > > > -----Original Message----- > > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] > On > > Behalf Of William Herrin > > > > Hi Cathy, > > > > 1. Make ARIN officially the routing policy arbiter for North America > > with appropriate care given to checks and balances, or > > 2. Adjust ARIN's process so that ISPs actually do control their own > > routing policies > > I believe case number 1 is actually, as you mention, the current > default case in that routing policy must be adjusted in order to > accommodate the address allocation policies of the RIRs > > Case number 2 would cause a problem because I could see the ISPs > attempt to force customers to be "stickier" to their services or take > traffic from a competitor (i.e. protecting their customer lists by an > even greater degree). > > Once a network reaches some size, it is to the benefit of the network > user to be multihomed and provider agnostic. The idea is to endeavor > NOT to be sticky to any provider and take advantage of better pricing > opportunities as they arise where they make business sense. > > The priorities of the ISP and the network provider are sometimes in > opposite directions. The ISP wants to maximize revenues and not lose > customers to competition. The user wants to get the best > price/performance metric they can obtain which might be counter to the > notion of being "sticky" to a provider unless that provider also offers > additional services the user requires. It is only natural that the ISPs > in a general sense are going to want to make it more difficult for > customers to be agile while customers are going to want to be as > flexible and agile as possible. > > It would seem that having someone in charge of the policy that does not > stand to gain or lose financially from policy decisions would be in the > best interests of everyone. > From scottleibrand at gmail.com Thu Feb 4 18:30:29 2010 From: scottleibrand at gmail.com (Scott Leibrand) Date: Thu, 04 Feb 2010 15:30:29 -0800 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements In-Reply-To: <7B585B5D-AC81-4731-B3BF-7A07B6112E4B@gmail.com> References: <4B6AF6CE.7000709@arin.net> <7B585B5D-AC81-4731-B3BF-7A07B6112E4B@gmail.com> Message-ID: <4B6B5895.2090601@gmail.com> After getting a chance to read through the sections of the NRPM that would be removed by this policy, I have some additional feedback inline below... On 2/4/2010 8:41 AM, Scott Leibrand wrote: > I like it. > > For IPv6, should the cutoff be "more > than a /56" or "/56 and larger blocks"? IMO more than /56 is better, > but it needs to be made consistent. > > Thanks, > Scott > > On Feb 4, 2010, at 8:33 AM, Member Services wrote: > >> >> Policy statement: >> >> ## Definitions ## >> >> - Add: >> >> 2.3. Organizational Information >> >> When required, organization Information must include at a minimum: >> Legal name, city, state, zip code equivalent and at least one valid >> technical or abuse POC; inclusion of street address is highly >> encouraged. The POC shall be designated by the organization and must >> include at least one verifiable email address, inclusion of a phone >> number is highly encouraged. >> >> ## IPv4 ## >> >> - Rename 4.2.3.7. "Reassignment information" to "Registration" >> >> - Rename 4.2.3.7.1. "Customer organization information" to >> "Reassignment Information" and replace text with: >> >> When an organization holding an IPv4 address allocation makes IPv4 >> address assignments, it must register reassignment information via >> SWIP or RWHOIS server. SWIP and RWHOIS reassignments shall include >> each client's organizational information, except where specifically >> exempted by this policy. >> >> - Replace 4.2.3.7.6. Residential Customer Privacy with: >> >> 4.2.3.7.6. Residential Subscribers >> >> 4.2.3.7.6.1. Residential Market Area >> >> In most cases, ISPs that have residential subscribers assign address >> space to the infrastructure to which their customers connect rather >> than to individual subscribers. This assignment information regarding >> each market area holding an address block should be registered with >> the network name used to identify each market area. Initial >> allocations are based on total number of homes that could purchase the >> service in a given market area. Each assignment to specific end-users >> of /29 and larger blocks still requires individual registration. >> >> 4.2.3.7.6.2. Residential Customer Privacy >> >> To maintain the privacy of their residential customers, an >> organization with downstream residential customers holding /29 and >> larger blocks may substitute that organization's name for the >> customer's name, e.g. 'Private Customer - XYZ Network', and the >> customer's street address may read 'Private Residence'. Each private >> downstream residential reassignment must have accurate upstream Abuse >> and Technical POCs visible on the WHOIS record for that block. >> >> - Strike section 4.2.6. "Cable Address Space Policy" Most of 4.2.6 has been moved to the new 4.2.3.7.6 above. However, this portion has not: "Using SWIP or RWHOIS, cable ISPs must show that they have reassigned at least 80% of their current address space, with a 50 to 80% utilization rate, in order to request additional addresses." I think we need to preserve that, somehow, in order to allow cable ISPs to continue obtaining space as they do today. The intent of your proposal seems to be to provide the same standard to any org providing service to an entire market area. If that's what you want to do, then perhaps something like this should go into your 4.2.3.7.6 as well: "In order to obtain additional IPv4 addresses, ISPs assigning addresses by market area must show, using SWIP or RWHOIS, that they have reassigned at least 80% of their current address space, with a >50% utilization rate." -Scott >> >> ## IPv6 ## >> >> - Replace Section 6.5.5. with: >> >> 6.5.5. Registration >> >> 6.5.5.1. Reassignment information >> >> When an organization holding an IPv6 address allocation makes IPv6 >> address assignments, it must register reassignment information in a >> database, accessible by RIRs as appropriate (information registered by >> an RIR may be replaced by a distributed database for registering >> address management information in future). These reassignment >> registrations shall include each client's organizational information, >> except where specifically exempted by this policy. >> >> 6.5.5.2. /56 registered unit >> >> Information is registered in units of assigned /56 networks. When more >> than a /56 is assigned to a client organization, the assigning >> organization is responsible for ensuring that the address space is >> registered in an RIR database. >> >> 6.5.5.3. Submit within 7 days >> >> Any time an LIR receives a new block of address space, reassignment >> information should be submitted within 7 days of issuance of the new >> space. >> >> 6.5.5.4. Visible via WHOIS >> >> This information must be visible via WHOIS prior to submitting a >> request for a new allocation. For further information on reassigning >> IP address space, please see RFC 2050. >> >> 6.5.5.6. Residential Subscribers >> >> 6.5.5.6.1. Residential Market Area >> >> In most cases, ISPs that have residential subscribers assign address >> space to the infrastructure to which their customers connect rather >> than to individual subscribers. This assignment information regarding >> each market area holding an address block should be registered with >> the network name used to identify each market area. Initial >> allocations are based on total number of homes that could purchase the >> service in a given market area. Each assignment to specific end-users >> of /56 and larger blocks still requires individual registration. >> >> 6.5.5.6.2. Residential Customer Privacy >> >> To maintain the privacy of their residential customers, an >> organization with downstream residential customers holding /56 and >> larger blocks may substitute that organization's name for the >> customer's name, e.g. 'Private Customer - XYZ Network', and the >> customer's street address may read 'Private Residence'. Each private >> downstream residential reassignment must have accurate upstream Abuse >> and Technical POCs visible on the WHOIS record for that block. >> >> >> Rationale: >> >> This proposal intends to do several things: >> 1) Bring IPv4 and IPv6 policy more in line with each other to make the >> NRPM easier to understand and comply with - at least as it relates to >> reassignment information. >> 2) Specifically define what organizational information is required to >> be added to whois when reassignments are made to client organizations. >> 3) To specifically state that a client organization may designate the >> POC of their choice for any/all whois entries. This includes >> designating an upstream POC as their own prefered POC. >> 4) Expands the priviledges previously reserved solely for cable ISPs >> to all ISPs/LIRs with residential subscribers. Namely the ability to >> SWIP/RWHOIS an entire residential market area as one reassignment. It >> also expands this priviledge to IPv6 reasignments, instead of just >> IPv4 as it is now. >> >> Timetable for implementation: Immediate >> >> >> >> _______________________________________________ >> PPML >> You are receiving this message because you are subscribed to >> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >> Unsubscribe or manage your mailing list subscription at: >> http://lists.arin.net/mailman/listinfo/arin-ppml >> Please contact info at arin.net if you experience any issues. From cgrundemann at gmail.com Thu Feb 4 18:43:52 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Thu, 4 Feb 2010 16:43:52 -0700 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements In-Reply-To: <4B6B5895.2090601@gmail.com> References: <4B6AF6CE.7000709@arin.net> <7B585B5D-AC81-4731-B3BF-7A07B6112E4B@gmail.com> <4B6B5895.2090601@gmail.com> Message-ID: <443de7ad1002041543tc320bebh20bc781b39be9e7e@mail.gmail.com> On Thu, Feb 4, 2010 at 16:30, Scott Leibrand wrote: >>> >>> - Replace 4.2.3.7.6. Residential Customer Privacy with: >>> >>> 4.2.3.7.6. Residential Subscribers >>> >>> 4.2.3.7.6.1. Residential Market Area >>> >>> In most cases, ISPs that have residential subscribers assign address >>> space to the infrastructure to which their customers connect rather >>> than to individual subscribers. This assignment information regarding >>> each market area holding an address block should be registered with >>> the network name used to identify each market area. Initial >>> allocations are based on total number of homes that could purchase the >>> service in a given market area. Each assignment to specific end-users >>> of /29 and larger blocks still requires individual registration. >>> >>> 4.2.3.7.6.2. Residential Customer Privacy >>> >>> To maintain the privacy of their residential customers, an >>> organization with downstream residential customers holding /29 and >>> larger blocks may substitute that organization's name for the >>> customer's name, e.g. 'Private Customer - XYZ Network', and the >>> customer's street address may read 'Private Residence'. Each private >>> downstream residential reassignment must have accurate upstream Abuse >>> and Technical POCs visible on the WHOIS record for that block. >>> >>> - Strike section 4.2.6. "Cable Address Space Policy" > > Most of 4.2.6 has been moved to the new 4.2.3.7.6 above. ?However, this > portion has not: > > "Using SWIP or RWHOIS, cable ISPs must show that they have reassigned at > least 80% of their current address space, with a 50 to 80% utilization rate, > in order to request additional addresses." Good catch! I did not read that section carefully enough I think - somehow I thought that it was simply restating the common 80% rule, I did not notice the 50% to 80%. > I think we need to preserve that, somehow, in order to allow cable ISPs to > continue obtaining space as they do today. ?The intent of your proposal > seems to be to provide the same standard to any org providing service to an > entire market area. ?If that's what you want to do, then perhaps something > like this should go into your 4.2.3.7.6 as well: > > "In order to obtain additional IPv4 addresses, ISPs assigning addresses by > market area must show, using SWIP or RWHOIS, that they have reassigned at > least 80% of their current address space, with a >50% utilization rate." I agree. I will wait a day or two for additional comments before submitting a second version but something along those lines (if not those exact lines) will be included in version 2. ~Chris > > -Scott > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org From packetgrrl at gmail.com Thu Feb 4 19:09:47 2010 From: packetgrrl at gmail.com (cja@daydream.com) Date: Thu, 4 Feb 2010 17:09:47 -0700 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> Message-ID: Bill, I see what you're saying here but the reality for me was that for close to a year a very large ISP didn't pay attention to ARIN's allocation of parts of 24.0.0.0/8. They were big and I was little and so they won at least for a time. Their customers weren't complaining and so they had no need to accept my more specific route. Those of us with parts of 24.0.0.0/8 complained but since none of us were paying that large ISP we were ignored. I could see this happening again if for example the ARIN community decided on a policy that caused the global routing table to explode. Then ISPs would most likely filter to keep their routers from crashing and those super specific blocks wouldn't be routable. ARIN has no control over filtering/routing policies. At a recent NANOG there was a panel where ISPs in no uncertain terms told the community that they do not want ARIN policies to include anything about routing policy. I believe at this point that most of the RIRs have removed routing criteria from their IPv6 policies for that very reason. ----Cathy On Thu, Feb 4, 2010 at 3:37 PM, William Herrin wrote: > On Thu, Feb 4, 2010 at 4:14 PM, Barbara Roseman > wrote: > > I think there's a subtle but important distinction > > that's being lost, and that Cathy and Marla tried to clarify. > > Hi Barbara, > > If I understood the distinction that Cathy and Marla drew, the point > they're making is that nowhere does ARIN say what routes an ISP has to > carry. ARIN doesn't even say what routes an ISP ought to carry. Nor is > there any other legal obligation which compels ISPs to carry any > particular routes for addresses ARIN allocates. Like Verizon has done > with IPv6 /48's, ISPs are welcome to disregard any routes they don't > like for any reason at all. That they rarely exercise that choice > means nothing more sinister than that routing the address ARIN > allocates is good for business. > > Do you feel that's a reasonable re-statement of what they said? I'd > hate to be obtuse about it, so if I'm missing the their point please > help me understand. > > > I think I understand the claim, but I dispute it. > > Cause and effect is no less potent for being indirect. The > practicality of altering BGP routing activity based on a second feed > of assignments matched to assignment classes is doubtful. Even if it > could be done from a technical perspective, ARIN doesn't publish the > criteria by which each registrant qualified for their addresses, so > such a feed has no source for its content. > > Realistically, functionally, technically, the tools I as an operator > have for implementing routing policy can only paint with a broad > brush. Discard small announcements in this /8. Depreference that one. > Unless ARIN classifies registrants in a manner consistent with those > tools, my choices for routing policy devolve to two basic options: > accept routes announcing ARIN IP addresses or don't. > > In other words, ARIN sets the routing policy for North America. Not > explicitly, cleanly and openly, but haphazardly, indirectly and > silently. > > The unspoken and unintentional yet cumulative net effect of ARIN's > allocation practices make ISPs a mob-style offer they can't refuse: > carry all of the addresses we approve or carry none of them and lose > your business. > > At this point we're stuck with that for IPv4. The addresses are > already deployed. With some mild adjustments to our allocation > practices, we don't have to be stuck with that effect for IPv6. > > Regards, > Bill Herrin > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From barbara.roseman at icann.org Thu Feb 4 19:21:31 2010 From: barbara.roseman at icann.org (Barbara Roseman) Date: Thu, 4 Feb 2010 16:21:31 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> Message-ID: <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> Bill, I think that's a fair restatement of what I was saying, except you left out the part about uniqueness vs. routeability. My points were twofold: 1) ARIN can only offer unique registration of IP addresses, they cannot offer unique use of addresses -- nor can anyone else because Bad People tend to ignore the rules, and Ignorant People are, well, ignorant. 2) The ARIN community and the NANOG community have discussed repeatedly that it's not simple cause and effect from ARIN's allocation/assignment policies to operator's routing policies, though the influence is extreme. If the connectivity provider is large enough, as CJ notes, than they can do whatever they want. -Barb On Feb 4, 2010, at 2:37 PM, William Herrin wrote: > On Thu, Feb 4, 2010 at 4:14 PM, Barbara Roseman > wrote: >> I think there's a subtle but important distinction >> that's being lost, and that Cathy and Marla tried to clarify. > > Hi Barbara, > > If I understood the distinction that Cathy and Marla drew, the point > they're making is that nowhere does ARIN say what routes an ISP has to > carry. ARIN doesn't even say what routes an ISP ought to carry. Nor is > there any other legal obligation which compels ISPs to carry any > particular routes for addresses ARIN allocates. Like Verizon has done > with IPv6 /48's, ISPs are welcome to disregard any routes they don't > like for any reason at all. That they rarely exercise that choice > means nothing more sinister than that routing the address ARIN > allocates is good for business. > > Do you feel that's a reasonable re-statement of what they said? I'd > hate to be obtuse about it, so if I'm missing the their point please > help me understand. > > > I think I understand the claim, but I dispute it. > > Cause and effect is no less potent for being indirect. The > practicality of altering BGP routing activity based on a second feed > of assignments matched to assignment classes is doubtful. Even if it > could be done from a technical perspective, ARIN doesn't publish the > criteria by which each registrant qualified for their addresses, so > such a feed has no source for its content. > > Realistically, functionally, technically, the tools I as an operator > have for implementing routing policy can only paint with a broad > brush. Discard small announcements in this /8. Depreference that one. > Unless ARIN classifies registrants in a manner consistent with those > tools, my choices for routing policy devolve to two basic options: > accept routes announcing ARIN IP addresses or don't. > > In other words, ARIN sets the routing policy for North America. Not > explicitly, cleanly and openly, but haphazardly, indirectly and > silently. > > The unspoken and unintentional yet cumulative net effect of ARIN's > allocation practices make ISPs a mob-style offer they can't refuse: > carry all of the addresses we approve or carry none of them and lose > your business. > > At this point we're stuck with that for IPv4. The addresses are > already deployed. With some mild adjustments to our allocation > practices, we don't have to be stuck with that effect for IPv6. > > Regards, > Bill Herrin > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 From bill at herrin.us Thu Feb 4 20:13:58 2010 From: bill at herrin.us (William Herrin) Date: Thu, 4 Feb 2010 20:13:58 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> Message-ID: <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> On Thu, Feb 4, 2010 at 7:21 PM, Barbara Roseman wrote: > I think that's a fair restatement of what I was saying, >except you left out the part about uniqueness vs. >routeability. My points were twofold: > > 1) ARIN can only offer unique registration of IP >addresses, they cannot offer unique use of >addresses -- nor can anyone else because >Bad People tend to ignore the rules, and Ignorant >People are, well, ignorant. Hi Barbara, Okay. That reads as a reasonable statement to me. I don't follow how it bears on the routing policy issue. Or at least I don't see a way that ARIN could alter its process to make announcements inconsistent with the ARIN registrations easily filterable. If such a thing was possible, I'd surely want to see an ARIN policy proposal as, no doubt, would every ISP on the planet. > 2) The ARIN community and the NANOG community >have discussed repeatedly that it's not simple cause >and effect from ARIN's allocation/assignment policies >to operator's routing policies, though the influence is >extreme. If the connectivity provider is large enough, >as CJ notes, than they can do whatever they want. Okay. So because providers are already able, for a time, to make unreasonable choices which defy the defacto standards adopted by the overwhelming majority of their peers we should not adopt practices that enable more flexibility within the set of -reasonable- choices? I don't follow. On Thu, Feb 4, 2010 at 7:09 PM, cja at daydream.com wrote: > Bill, > I see what you're saying here but the reality for me was that for close to a > year a very large ISP didn't pay attention to ARIN's allocation of parts of > 24.0.0.0/8. They were big and I was little and so they won at least for a > time. That's disappointing in this day and age, but then we're talking about the same folks who thought their customers wouldn't cry bloody murder when they cut off communications with cogent. If you ever have problems with them carrying your routes again, drop me a line so I can start claiming service credits. That'll get their attention. :) > ARIN has no control over filtering/routing policies. At a recent NANOG > there was a panel where ISPs in no uncertain terms told the community that > they do not want ARIN policies to include anything about routing policy. I > believe at this point that most of the RIRs have removed routing criteria > from their IPv6 policies for that very reason. Hi Cathy, Poor control is not the same as no control and getting ARIN policy out of the way of ISPs setting routing policy is not the same as saying and doing nothing about routing policy. In a very real sense, addressing is routing is addressing. Each follows from the structure of the other. An addressing policy which does not impact routing policy is simply inconsistent with reality. I'll repeat that for emphasis: There's no such thing as addressing policy which does not impact routing policy. It can't exist. Thus the choices are: 1. Create an addressing policy which implicitly shapes routing policy through the accidents of its structure. 2. Create an addressing policy which is informed by and explicitly shapes a uniform routing policy. 3. Create an addressing policy which is an enabler for a broad range of rational routing policies and let the overall routing policy find its own equilibrium. What we do now is sometimes #1 and sometimes #2. For example: A. The unfilterability of traffic engineering is an accidental side-effect of CIDR address allocations. Because they're all mashed together in the same pool, operators can't tell the difference between easily filterable TE and unfilterable multihomed downstreams. B. Accepting /24 reassignments to multihomed customers regardless of size is informed by the /24 boundary present in DFZ routing policy. C. CIDR allocation (instead of simply assigning a linear range of addresses) is an explicit attempt to bring about aggregation within the routing system. It's routing policy directly encoded as addressing policy. I think we'd be wiser to pursue course #3: enable a broad range of sensible routing policies and then step back out of the way. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From packetgrrl at gmail.com Thu Feb 4 20:45:42 2010 From: packetgrrl at gmail.com (cja@daydream.com) Date: Thu, 4 Feb 2010 18:45:42 -0700 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> Message-ID: Bill, I argue that we do try our best to do #3 as you have defined it below "3. Create an addressing policy which is an enabler for a broad range of rational routing policies and let the overall routing policy find its own equilibrium." There is a balance, however. The needs of the ARIN community for assignments and allocations could easily be in conflict with routing needs. We have seen that over and over. For a while it was extremely apparent when we were running out of "class B" blocks and started allocating bit aligned blocks of "class Cs" but there was no CIDR. So the routing table exploded and the ISPs had to scramble around to deploy BGP that would handle huge blocks of "class Cs" It was a very unpleasant time and my customers at the time were not at all happy with the slowness of the network. When we moved the minimum allocation from a /19 to a /20 first we argued at length about the routing implications and then we actually watched the routing table over time to see the effects. There even used to be a Routing Table Measurement and Analysis (RTMA) working group as part of ARIN to bring routing table information to the community as a way to help with address policy decisions. With IPv4 address space running out I can easily see scenarios where the ARIN community will want assignments and/or allocations that directly conflict with routing. Some will gain consensus and some probably won't. WIth IPv6 we have in essence classfull addressing again. At some point will we relive these scenarios? Probably. It isn't that the ARIN community doesn't consider these things when developing good policy. These things are always discussed and considered but in the end addressing policy has to also meet the needs of the community. ARIN has meetings jointly with NANOG for that very reason. It is essential that addressing policy has input from the communities it affects. ----Cathy 010 at 6:13 PM, William Herrin wrote: > On Thu, Feb 4, 2010 at 7:21 PM, Barbara Roseman > wrote: > > I think that's a fair restatement of what I was saying, > >except you left out the part about uniqueness vs. > >routeability. My points were twofold: > > > > 1) ARIN can only offer unique registration of IP > >addresses, they cannot offer unique use of > >addresses -- nor can anyone else because > >Bad People tend to ignore the rules, and Ignorant > >People are, well, ignorant. > > Hi Barbara, > > Okay. That reads as a reasonable statement to me. I don't follow how > it bears on the routing policy issue. > > Or at least I don't see a way that ARIN could alter its process to > make announcements inconsistent with the ARIN registrations easily > filterable. If such a thing was possible, I'd surely want to see an > ARIN policy proposal as, no doubt, would every ISP on the planet. > > > > 2) The ARIN community and the NANOG community > >have discussed repeatedly that it's not simple cause > >and effect from ARIN's allocation/assignment policies > >to operator's routing policies, though the influence is > >extreme. If the connectivity provider is large enough, > >as CJ notes, than they can do whatever they want. > > Okay. So because providers are already able, for a time, to make > unreasonable choices which defy the defacto standards adopted by the > overwhelming majority of their peers we should not adopt practices > that enable more flexibility within the set of -reasonable- choices? I > don't follow. > > > On Thu, Feb 4, 2010 at 7:09 PM, cja at daydream.com > wrote: > > Bill, > > I see what you're saying here but the reality for me was that for close > to a > > year a very large ISP didn't pay attention to ARIN's allocation of parts > of > > 24.0.0.0/8. They were big and I was little and so they won at least for > a > > time. > > That's disappointing in this day and age, but then we're talking about > the same folks who thought their customers wouldn't cry bloody murder > when they cut off communications with cogent. If you ever have > problems with them carrying your routes again, drop me a line so I can > start claiming service credits. That'll get their attention. :) > > > > ARIN has no control over filtering/routing policies. At a recent NANOG > > there was a panel where ISPs in no uncertain terms told the community > that > > they do not want ARIN policies to include anything about routing policy. > I > > believe at this point that most of the RIRs have removed routing criteria > > from their IPv6 policies for that very reason. > > Hi Cathy, > > Poor control is not the same as no control and getting ARIN policy out > of the way of ISPs setting routing policy is not the same as saying > and doing nothing about routing policy. > > In a very real sense, addressing is routing is addressing. Each > follows from the structure of the other. An addressing policy which > does not impact routing policy is simply inconsistent with reality. > > I'll repeat that for emphasis: There's no such thing as addressing > policy which does not impact routing policy. It can't exist. > > Thus the choices are: > > 1. Create an addressing policy which implicitly shapes routing policy > through the accidents of its structure. > > 2. Create an addressing policy which is informed by and explicitly > shapes a uniform routing policy. > > 3. Create an addressing policy which is an enabler for a broad range > of rational routing policies and let the overall routing policy find > its own equilibrium. > > > What we do now is sometimes #1 and sometimes #2. For example: > > A. The unfilterability of traffic engineering is an accidental > side-effect of CIDR address allocations. Because they're all mashed > together in the same pool, operators can't tell the difference between > easily filterable TE and unfilterable multihomed downstreams. > > B. Accepting /24 reassignments to multihomed customers regardless of > size is informed by the /24 boundary present in DFZ routing policy. > > C. CIDR allocation (instead of simply assigning a linear range of > addresses) is an explicit attempt to bring about aggregation within > the routing system. It's routing policy directly encoded as addressing > policy. > > > I think we'd be wiser to pursue course #3: enable a broad range of > sensible routing policies and then step back out of the way. > > Regards, > Bill Herrin > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jlewis at lewis.org Thu Feb 4 22:17:13 2010 From: jlewis at lewis.org (Jon Lewis) Date: Thu, 4 Feb 2010 22:17:13 -0500 (EST) Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3995.1265304209@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> <3995.1265304209@marajade.sandelman.ca> Message-ID: On Thu, 4 Feb 2010, Michael Richardson wrote: > The only example I can see are some of the 69/8 and 70/8 (if I got those > prefixes right), which many people had bogon filters for, and it took a > few months for those filters to get completely removed. Have there not been similar issues with every Reserved -> Allocated transitioned /8 since 69/8? It was much more than "a few months" to get the majority of the outdated bogon filters removed. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ From bill at herrin.us Thu Feb 4 22:54:04 2010 From: bill at herrin.us (William Herrin) Date: Thu, 4 Feb 2010 22:54:04 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> Message-ID: <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> On Thu, Feb 4, 2010 at 8:45 PM, cja at daydream.com wrote: > I argue that we do try our best to do #3 as you have defined it below > ?? ? ?"3. Create an addressing policy which is an enabler for a broad range > ?? ? ?of rational routing policies and let the overall routing policy find > ?? ? ?its own equilibrium." Hi Cathy, What ARIN policy, past or current, would you cite as an example of enabling a wide range of possible, rational routing policies, from which the community coalesced on a particular one? Let's deconstruct it and see if it really followed course #3. > There is a balance, however. ?The needs of the ARIN community for > assignments and allocations could easily be in conflict with routing needs. > ?We have seen that over and over. ?For a while it was extremely apparent > when we were running out of "class B" blocks and started allocating bit > aligned blocks of "class Cs" but there was no CIDR. ?So the routing table > exploded and the ISPs had to scramble around to deploy BGP that would handle > huge blocks of "class Cs" ? ?It was a very unpleasant time and my customers > at the time were not at all happy with the slowness of the network. That balance, implemented at ARIN's level, is course #2: 2. Create an addressing policy which is informed by and explicitly shapes a uniform routing policy. As you say, we had one routing policy: classful. But we started running out of class-B's. So we switched to linear allocations of class C's (they weren't reliably bit aligned IIRC. You can still find examples in the swamp.). That nearly exploded the routing table. So the vendors rushed out CIDR in the routing protocols and we started allocating that way as well. There was no range of policies here. At each particular time exactly one policy was possible and those who didn't want to play were broken. > ?When we moved the minimum allocation from a /19 to a /20 first we argued at > length about the routing implications and then we actually watched the > routing table over time to see the effects. ? There even used to be a > Routing Table Measurement and Analysis (RTMA) working group as part of ARIN > to bring routing table information to the community as a way to help with > address policy decisions. Canonical example of path #2. Here''s how that would have gone if we'd been trying for path #3: Without estimating routing table impact, ARIN sets aside and publish a specific then-clean /8 for assignments without a minimum length. Assignments in all other ARIN spaces would continue to be /19 or larger. Assignments in the specific /8 would be /20 and shorter only. ARIN creates a template for ASes to submit their choice of the maximum prefix length they accept in that /8. ARIN compiles the results and publishes a regularly updated web page with the percentage of ASes supporting each prefix length as an FYI for folks requesting addresses so that they know before paying the likelyhood of their addresses being routed. See the difference between course #2 and course #3? In course #3 ARIN doesn't attempt to make a well-reasoned choice. There's no need. Instead, it seeks to provide ISPs and registrants with enough information for them to make well reasoned choices, and then ARIN steps back and the ISPs and registrants make whatever choices they darn well please. Initially you have a tug of war between ISPs and registrants but then it settles out where you have 98% adoption at one level, 80% adoption at the next and 25% beyond that. At this point you might say: "So what?'" Well, let's look at what happens next. On course #2, we know what happened next. We argued and debated some more and lowered end-user assignments to /22. Now we're arguing and debating some more and we'll lower multihomed end-user assignments to /24. On course #3, I'll have to spin a work of fiction and imagine how it might have all worked out. So, we have an unstable situation. Folks are holding or can easily get IP addresses that are 80% routeable. There's money on the table for someone who can figure out to get them to the other 20% of the Internet so that they can dump their ISP-assigned addresses. That's a recipe for innovation. Next step, some scrappy inventor figures out that if he can just introduce a single route for that /8, he can turn around and sell tunnels to everybody else so they can pick up that final 20%. Not to mention all the smaller assignments... He shops around and finds a tier 1 who'll do it. And he's in business. And guess what, in spite of the slowness from inefficient routing, it grows. What does he care whether you have a /24 or a /32? You're paying him at a markup so it's no skin off his back. Now, the other tier-1's don't like that one bit. Not one bit at all. Dude's stealing their bread! So, they start a joint venture to do the same thing, camp it at the major peering points (like MAE-East) and refuse to honor the /8 route if its announced from anybody else. Sorry dude! You want service in the small assignments, you pay the joint venture too. So now we can have networks of any size right down to /32 and the worst thing that happens is the packets take a side trip to one of the peering points. As inefficiency goes, that's pretty darn mild. But it isn't helpful to Joe. Joe has an ARIN /29, a DSL and a dialup as backup. The /29 works fine with his DSL but the dialup uses a dynamic IP address. If only there was a dyndns-like API where he could update the tunnels quickly with an arbitrary IP address... and he'd need a tunnel to a friendly ISP to let him source packets past the filter on the dynamic dialup too... Cool, so now we have failover from DSL using a $20 dialup using provider-independent IP addresses and the worst thing that happens is that our packets take a detour to the nearest major peering point. But you know, if we could get that tunnel API cut-over time from 60 seconds down to one or two seconds, we could put it on a laptop with some radio equipment and drive down the road with it. Latch on to the next tower before we release the trailing one, get a new dynamic IP and seamlessly move the tunnel forward... Of course, this is all a work of fiction. When changing the minimum allocation from /19 to /20, we might not have missed the opportunity for IP mobility that worked really well. This whole chain of events could easily have derailed at any step. Even if we'd been smart enough to offer assignments at any prefix length, we might not have been clever enough to contain them in a reasonably-sized space someone could offer a covering announcement for or collect AS data on who imposed what prefix length limits so that registrants could make informed choices about it. And just because we were that clever doesn't mean that the drop-off wouldn't be from 98% to 20% creating no demand or that the scrappy inventor would have found a tier-1 willing to accept the /8 announcement or found it affordable if he did. But it didn't derail at any step. It derailed at the step where instead of imagining an open-ended assignment process, we made a well-reasoned decision to lower the minimum assignment from /19 to /20. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From gbonser at seven.com Thu Feb 4 23:57:35 2010 From: gbonser at seven.com (George Bonser) Date: Thu, 4 Feb 2010 20:57:35 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org><3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org><3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> > > Now, the other tier-1's don't like that one bit. Not one bit at all. > Dude's stealing their bread! So, they start a joint venture to do the > same thing, camp it at the major peering points (like MAE-East) and > refuse to honor the /8 route if its announced from anybody else. Sorry > dude! You want service in the small assignments, you pay the joint > venture too. > Or, someone starts accepting the more specific routes without using the tunnels and their customers don't need to pay no steeenking tunnel broker which disrupts the entire scheme, another network does it, too, in order to compete with them and that entire tunnel jv blows up and everyone ends up accepting the more specifics. What it does is allows those who are willing to make an investment in routers with more resources (at least at their peering points) and can handle huge routing tables to be more desirable providers and it drives competition/innovation among the equipment vendors to ship gear that is able to handle larger routing tables because the vendors that do so get the business from the networks that want to offer that kind of service. This is really going to come to a head with people who want to dual-stack v4/v6 when v6 routes really start taking off. Most companies will be in both spaces. So on one hand we will see more smaller prefixes in v4 at the same time v6 prefixes are ramping up. Vendors better be working on providing gear with a lot more resources for routing and route caching than they are now. The major constraint right now on routing table size is really a hardware issue. We are all working around a hardware bottleneck that is just going to get worse. The vendor to market with routers that handle substantially larger routing tables without a huge increase in cost is going to be a winner, and it pays to be a winner. From bill at herrin.us Fri Feb 5 00:22:50 2010 From: bill at herrin.us (William Herrin) Date: Fri, 5 Feb 2010 00:22:50 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> References: <4B563F50.1070306@umn.edu> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> Message-ID: <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> On Thu, Feb 4, 2010 at 11:57 PM, George Bonser wrote: >> Now, the other tier-1's don't like that one bit. Not one bit at all. >> Dude's stealing their bread! So, they start a joint venture to do the >> same thing, camp it at the major peering points (like MAE-East) and >> refuse to honor the /8 route if its announced from anybody else. Sorry >> dude! You want service in the small assignments, you pay the joint >> venture too. > > Or, someone starts accepting the more specific routes without using the > tunnels and their customers don't need to pay no steeenking tunnel > broker which disrupts the entire scheme, another network does it, too, > in order to compete with them and that entire tunnel jv blows up and > everyone ends up accepting the more specifics. Hi George, Likely couldn't travel that path; each new provider that accepts the more specifics into his routing table only increases the percentage penetration. Catch ditch the tunnel JV until you have nearly 100% penetration and the cost of carrying all the routes in every router versus a fraction of just the small routes in each of the JV's routers is high enough to cost more than the small users are willing to pay. You could, however, implement a dynamic tunnel map-encap protocol like they've been discussing over in the RRG for the last couple of years and let the ASes start to deploy ingress tunnel routers to catch otherwise-unrouted packets for the /8 near their source and send them encapsulated to their current destinations. Many outcomes are possible; I'm not really looking to explore the whole field. My point was that I'd really like to see us stop suffering failures of imagination in the name of careful reason. ARIN has to be the moderating force on the routing table only because we've failed to imagine a individually driven process that renders the role unnecessary. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From owen at delong.com Fri Feb 5 00:38:03 2010 From: owen at delong.com (Owen DeLong) Date: Thu, 4 Feb 2010 21:38:03 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <9413.1265283016@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> Message-ID: On Feb 4, 2010, at 3:30 AM, Michael Richardson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > >>>>>> "David" == David Farmer writes: > David> At the Dearborn meeting I heard a lot of people say that ARIN > David> shouldn't dictate routing policy. I personally would find it > David> hard to reconcile that stance with the idea of ARIN assigning > David> non-connected /48s from a separate block. At least without an > David> RFC defining centrally assignable ULA addressing, then ARIN > David> would not be defining it, the IETF would be, ARIN would only > David> be implementing something defined by the IETF. > > I don't understand your view here. > > ARIN does define routing policy right now --- if you ask ARIN for > address space, you get routable address space, and ARIN defines the > policy by which you can get it. There is presently only one question I > can ask, and one set of criteria I can satisfy. If I satisfy the > criteria I get one thing: routable address space. > No. If you get space from ARIN now, it is up to the ISPs whether or not they will accept the route for it or not. For example, Verizon is currently rejecting all IPv6 /48 routes. Whether or not that is a good decision on their part has nothing to do with ARIN policy. There is nothing in ARIN policy that guarantees you can route any address or prefix issued by ARIN or that any ISP has to agree to route any address or prefix issued by ARIN. Each ISP can choose to set whatever routing policy they wish completely independent of ARIN address registration policy. ARIN guarantees uniqueness among a cooperating set of registration services (the RIR system, IANA, and ICANN). Routing is up to people who actually run routers. The internet works because a substantial portion of the people who run routers choose to route prefixes issued by ARIN amongst themselves and each other. However, nothing other than good will and the desire for a functioning system prevents any of them from choosing a completely independent set of registries for a completely separate namespace of similar-looking IP addresses. Nothing forces any of them to route any particular prefix issued by ARIN or even any set or subset of prefixes issued by ARIN. Owen From owen at delong.com Fri Feb 5 00:42:43 2010 From: owen at delong.com (Owen DeLong) Date: Thu, 4 Feb 2010 21:42:43 -0800 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements In-Reply-To: <4B6AF6CE.7000709@arin.net> References: <4B6AF6CE.7000709@arin.net> Message-ID: <3E54F9C2-FD20-43C2-8DEF-9A0FBACCB11B@delong.com> I'd like to see some wordsmithing to rectify the following: 6.5.5.2 ...registered via SWIP or RWHOIS. Otherwise, I could get behind this proposal and I think it is a much better policy than 2010-3. Owen From matthew at matthew.at Fri Feb 5 00:46:36 2010 From: matthew at matthew.at (Matthew Kaufman) Date: Thu, 04 Feb 2010 21:46:36 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> Message-ID: <4B6BB0BC.1000601@matthew.at> Owen DeLong wrote: > The internet works because a substantial portion of the people who > run routers choose to route prefixes issued by ARIN amongst themselves > and each other. However, nothing other than good will and the desire > for a functioning system prevents any of them from choosing a completely > independent set of registries for a completely separate namespace of > similar-looking IP addresses. Nothing forces any of them to route > any particular prefix issued by ARIN or even any set or subset of > prefixes issued by ARIN. > > Or to even cooperatively accept that IANA and/or ARIN's database of numbers is the one true database... Matthew Kaufman From owen at delong.com Fri Feb 5 00:46:25 2010 From: owen at delong.com (Owen DeLong) Date: Thu, 4 Feb 2010 21:46:25 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3995.1265304209@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> <3995.1265304209@marajade.sandelman.ca> Message-ID: <9B8043FF-EBC9-4BAF-AA06-170F9C9FA361@delong.com> Well, if you look in Verizon's routing table, you'll find that the following route is missing from their perspective on the DFZ: 2620:0:930::/48 There are many others, as well... Roughly 20% of the IPv6 routing table seen by other providers and their customers. The point is that ARIN does not dictate routing policy. Yes, so far, most ISPs choose to route most or all of what ARIN registers, but, there is nothing in ARIN policy compelling them to do so and they are free to change that decision at any time. Owen On Feb 4, 2010, at 9:23 AM, Michael Richardson wrote: > > Can you give me an example of a piece of address space (IPv4 or IPv6) > that ARIN has issued that turned out to not be routable on the DFZ? > > The only example I can see are some of the 69/8 and 70/8 (if I got those > prefixes right), which many people had bogon filters for, and it took a > few months for those filters to get completely removed. > > (Please ignore micro-allocations for IXs, which are often intended not > to be routable, but often turn out to be easily routed) > > I understand covering-your-ass legalize in the document, but really, > let's be pragmatic here. > > -- > ] He who is tired of Weird Al is tired of life! | firewalls [ > ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ > ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ > Kyoto Plus: watch the video > then sign the petition. > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. From packetgrrl at gmail.com Fri Feb 5 01:02:29 2010 From: packetgrrl at gmail.com (cja@daydream.com) Date: Thu, 4 Feb 2010 23:02:29 -0700 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> Message-ID: Bill, You are ARIN... everyone on this list is ARIN so if you want to see as you put it "My point was that I'd really like to see us stop suffering failures of imagination in the name of careful reason. ARIN has to be the moderating force on the routing table only because we've failed to imagine a individually driven process that renders the role unnecessary." Then submit policy proposals to help make that happen. The community makes the policies so if you want them to be different then submit what you want and help it gain support. Thanks ----Cathy On Thu, Feb 4, 2010 at 10:22 PM, William Herrin wrote: > On Thu, Feb 4, 2010 at 11:57 PM, George Bonser wrote: > >> Now, the other tier-1's don't like that one bit. Not one bit at all. > >> Dude's stealing their bread! So, they start a joint venture to do the > >> same thing, camp it at the major peering points (like MAE-East) and > >> refuse to honor the /8 route if its announced from anybody else. Sorry > >> dude! You want service in the small assignments, you pay the joint > >> venture too. > > > > Or, someone starts accepting the more specific routes without using the > > tunnels and their customers don't need to pay no steeenking tunnel > > broker which disrupts the entire scheme, another network does it, too, > > in order to compete with them and that entire tunnel jv blows up and > > everyone ends up accepting the more specifics. > > Hi George, > > Likely couldn't travel that path; each new provider that accepts the > more specifics into his routing table only increases the percentage > penetration. Catch ditch the tunnel JV until you have nearly 100% > penetration and the cost of carrying all the routes in every router > versus a fraction of just the small routes in each of the JV's routers > is high enough to cost more than the small users are willing to pay. > > You could, however, implement a dynamic tunnel map-encap protocol like > they've been discussing over in the RRG for the last couple of years > and let the ASes start to deploy ingress tunnel routers to catch > otherwise-unrouted packets for the /8 near their source and send them > encapsulated to their current destinations. Many outcomes are > possible; I'm not really looking to explore the whole field. > > My point was that I'd really like to see us stop suffering failures of > imagination in the name of careful reason. ARIN has to be the > moderating force on the routing table only because we've failed to > imagine a individually driven process that renders the role > unnecessary. > > Regards, > Bill Herrin > > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From gbonser at seven.com Fri Feb 5 01:25:03 2010 From: gbonser at seven.com (George Bonser) Date: Thu, 4 Feb 2010 22:25:03 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7632@RWC-EX1.corp.seven.com> > My point was that I'd really like to see us stop suffering failures of > imagination in the name of careful reason. ARIN has to be the > moderating force on the routing table only because we've failed to > imagine a individually driven process that renders the role > unnecessary. > > Regards, > Bill Herrin Hi Bill, And my point was that the size of the routing table is only an issue because of hardware vendors lack of resources in their gear. Having more resources available eliminates the entire issue. A disruptive player in the hardware market that introduces a router that can handle two or four or eight times the number of concurrent flows and routes as current gear would moot the point. We are expending a lot of energy because of router manufacturers unwillingness (I presume) to increase the amount of resources in the gear and we are looking for a way to route around that failure, so to speak. As soon as someone comes to market with gear that handles it at a reasonable price, the problem goes away. Can you think of a barrier to producing hardware with more resources other than the fact that they misjudged the growth requirements and don't want to obsolete their existing product until they get some more cash out of it? Taking a quick look at the Brocade XMR I see 10 million BGP routes, 1 million IPv4 routes in hardware (FIB), 240,000 IPv6 routes in hardware (FIB). One would think they would these days be able to quadruple that density on the same real estate these days and the issue goes away completely. (note, I believe that the v4/v6 routes is either/or not and). And for every v6 route in the FIB, I believe it costs you room for four v4 routes. So with current hardware as v6 grows and v4 grows on dual stacked gear, either we are going to have to go through weird contortions to get things to work or the vendors are going to have to produce more capable kit. At some point soon price/port/pps isn't going to be the constraining factor, it is going to be how many routes it can use. It isn't primarily a policy issue with the RIRs as it is a marketing issue with the hardware vendors. They can make this problem go away and at some point, someone will. George From owen at delong.com Fri Feb 5 01:29:09 2010 From: owen at delong.com (Owen DeLong) Date: Thu, 4 Feb 2010 22:29:09 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002041142w232dc952q8173dd1ccfed17db@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <3c3e3fca1002041142w232dc952q8173dd1ccfed17db@mail.gmail.com> Message-ID: <75F088EF-E8B5-46B5-BF57-209853386DD7@delong.com> > > > Assigning /22's adjacent to /16's. ARIN's practice dictates that the > /16's will be disaggregable by the assignee to /22 for TE purposes as > well. > An alternative way to view this is that ARIN does not facilitate discriminating against the /22 holders without also affecting the TE deaggregates of the larger players. > >> So what is the direction the community wants to go for IPv6 non-connected >> networks? > > Published unique pool so that ISPs can assure that the non-connected > networks stay non-connected, even if Jim's Bait and Network Services > gets bribed to introduce a route. > With all due respect, Bill, that's the direction you would like to go, but, not necessarily the direction the community wants to go. Much more input is required before a determination can be made which direction the community would like to go, in my opinion. Owen -------------- next part -------------- An HTML attachment was scrubbed... URL: From scottleibrand at gmail.com Fri Feb 5 02:20:28 2010 From: scottleibrand at gmail.com (Scott Leibrand) Date: Thu, 04 Feb 2010 23:20:28 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B563F50.1070306@umn.edu> <3c3e3fca1002041243y7d6b2ab8p4923863d41fb7c45@mail.gmail.com> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> Message-ID: <4B6BC6BC.4060007@gmail.com> On 2/4/2010 10:02 PM, cja at daydream.com wrote: > Bill, > > You are ARIN... everyone on this list is ARIN so if you want to see as > you put it > > "My point was that I'd really like to see us stop suffering failures of > imagination in the name of careful reason. ARIN has to be the > moderating force on the routing table only because we've failed to > imagine a individually driven process that renders the role > unnecessary." > > Then submit policy proposals to help make that happen. The community > makes the policies so if you want them to be different then submit > what you want and help it gain support. I think Bill did exactly that with proposal #103. #106 doesn't move us quite as far, but is moving in the same direction, I think. Once again, thanks, Bill, for being such a valuable contributor to the public policy process. -Scott > > Thanks > ----Cathy > > On Thu, Feb 4, 2010 at 10:22 PM, William Herrin > wrote: > > On Thu, Feb 4, 2010 at 11:57 PM, George Bonser > wrote: > >> Now, the other tier-1's don't like that one bit. Not one bit at > all. > >> Dude's stealing their bread! So, they start a joint venture to > do the > >> same thing, camp it at the major peering points (like MAE-East) and > >> refuse to honor the /8 route if its announced from anybody > else. Sorry > >> dude! You want service in the small assignments, you pay the joint > >> venture too. > > > > Or, someone starts accepting the more specific routes without > using the > > tunnels and their customers don't need to pay no steeenking tunnel > > broker which disrupts the entire scheme, another network does > it, too, > > in order to compete with them and that entire tunnel jv blows up and > > everyone ends up accepting the more specifics. > > Hi George, > > Likely couldn't travel that path; each new provider that accepts the > more specifics into his routing table only increases the percentage > penetration. Catch ditch the tunnel JV until you have nearly 100% > penetration and the cost of carrying all the routes in every router > versus a fraction of just the small routes in each of the JV's routers > is high enough to cost more than the small users are willing to pay. > > You could, however, implement a dynamic tunnel map-encap protocol like > they've been discussing over in the RRG for the last couple of years > and let the ASes start to deploy ingress tunnel routers to catch > otherwise-unrouted packets for the /8 near their source and send them > encapsulated to their current destinations. Many outcomes are > possible; I'm not really looking to explore the whole field. > > My point was that I'd really like to see us stop suffering failures of > imagination in the name of careful reason. ARIN has to be the > moderating force on the routing table only because we've failed to > imagine a individually driven process that renders the role > unnecessary. > > Regards, > Bill Herrin > > > > -- > William D. Herrin ................ herrin at dirtside.com > bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net > ). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you > experience any issues. > > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael.dillon at bt.com Fri Feb 5 08:12:53 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Fri, 5 Feb 2010 13:12:53 -0000 Subject: [arin-ppml] Policy Proposal 109: Standardize IP ReassignmentRegistration Requirements In-Reply-To: <4B6AF6CE.7000709@arin.net> Message-ID: <28E139F46D45AF49A31950F88C4974580513B8BB@E03MVZ2-UKDY.domain1.systemhost.net> > Policy Proposal 109: Standardize IP Reassignment Registration > Requirements Huh!? > - Add: > - Rename 4.2.3.7. "Reassignment information" to "Registration" > > - Rename 4.2.3.7.1. "Customer organization information" to > "Reassignment Information" and replace text with: > - Replace 4.2.3.7.6. Residential Customer Privacy with: > - Strike section 4.2.6. "Cable Address Space Policy" > - Replace Section 6.5.5. with: I'm still not sure what this policy proposal is trying to do or what is being changed. Clearly, the only way to figure this out is to compare the existing copious verbiage in the NRPM with the copious verbiage in this policy and I haven't time to do this right now. I am opposed to this proposal on the grounds of its complexity and the lack of clarity around what, if any, kind of problem it attempts to solve. --Michael Dillon From michael.dillon at bt.com Fri Feb 5 08:17:01 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Fri, 5 Feb 2010 13:17:01 -0000 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <2E2FECEBAE57CC4BAACDE67638305F1048526C4DC7@ROCH-EXCH1.corp.pvt> Message-ID: <28E139F46D45AF49A31950F88C4974580513B8CF@E03MVZ2-UKDY.domain1.systemhost.net> > This needs > to be debated heavily since its not in the Charter and On the contrary, it needs to be dropped or taken elsewhere since this list is for dicsussing ARIN policies, not potential charter changes. Perhaps the members list would be a better place to discuss changing ARIN's charter. >it > also makes the need for Network Operators to get involved on > ppml to discuss the merits or lack thereof. They are all members so this underscores that the ARIN members mailing list is the place for discussing whether or not ARIN policy should mandate routing practices. Until that happens, we should drop any such policies or at least delete any mention of mandating routing practices. --Michael Dillon From michael.dillon at bt.com Fri Feb 5 09:18:06 2010 From: michael.dillon at bt.com (michael.dillon at bt.com) Date: Fri, 5 Feb 2010 14:18:06 -0000 Subject: [arin-ppml] FW: [sig-policy] prop-083: Alternative criteria for subsequentIPv6 allocations In-Reply-To: <292AF25E62B8894C921B893B53A19D97396AF3312F@BUSINESSEX.business.ad> Message-ID: <28E139F46D45AF49A31950F88C4974580513B9E2@E03MVZ2-UKDY.domain1.systemhost.net> > The crux is that even if aggregation of announcements as a > policy is dropped, there is no policy that satisfies the need > of LIR's to be able to build non-connected IPv6 networks in > the APNIC region. > > With some basic justification, an LIR should be able to gain > subsequent /32 allocations for the purpose of remaining 'as > routable as possible'. I think you should consider some editing of your policy proposal because I can't understand it. But, above, you seem to be suggesting that a network operator who is operating multiple disconnected IPv6 networks should be able to get multiple discrete /32 allocations. This seems reasonable to me. However before making a final determination I would like to see some input from the operators of large Internet data centres. It seems to me that a data centre is rather like a multi-tenant building, and since a tenant in a multi-tenant building deserves a /48 assignment, it seems reasonable that a data centre operator should give everyone a /48. That means if you rent a cage, you get a /48, if you rent a rack you get a /48, and if you colocate a 1U server with a single ethernet connection, you get a /48. Let's face it, lots of these servers will have multiple cores and could be running dozens or hundreds of virtual machines with a complex internal network created by softrouters and softswitches. See and for examples of the kind of things that people are doing. Out of that analysis we might learn that a block size less than /32 would be more appropriate for these disconnected data centres. Perhaps a /36 per centre would work, and they could be allocated out of a block designated for /36 blocks. --Michael Dillon From farmer at umn.edu Fri Feb 5 09:55:58 2010 From: farmer at umn.edu (David Farmer) Date: Fri, 05 Feb 2010 08:55:58 -0600 Subject: [arin-ppml] FW: [sig-policy] prop-083: Alternative criteria for subsequentIPv6 allocations In-Reply-To: <292AF25E62B8894C921B893B53A19D97396AF3312F@BUSINESSEX.business.ad> References: <292AF25E62B8894C921B893B53A19D97396AF3312F@BUSINESSEX.business.ad> Message-ID: <4B6C317E.60209@umn.edu> Thanks for the pointer. But, this sounds more like ARIN 2009-5: IPv6 Multiple Discrete Networks to me. https://www.arin.net/policy/proposals/2009_5.html This was just implemented into ARIN's NRPM. https://www.arin.net/policy/nrpm.html#six_11 The intent of my question is how do we want to deal with networks that are not connected to the Internet. In other words, networks that have no intention of achieving global reachability but still many need or want globally unique addresses. ARIN specifically addresses a special case of what I am asking about in 6.10.2 Micro Allocation for Internal Infrastructure. Also, by the fact that current end-user assignments are based on IPv4 Policy, then section 4.3.5. Non-connected Networks allows such networks to get an IPv6 assignment. But, I believe we need to address this issue much more directly and cleanly than in current policy. Skeeve Stevens wrote: > Hey all, > > Given the current topic of 'IPv6 Non-Connected Networks', I thought that I would let you know of a policy that is presently in discussion on the APNIC lists that I submitted. > > The crux is that even if aggregation of announcements as a policy is dropped, there is no policy that satisfies the need of LIR's to be able to build non-connected IPv6 networks in the APNIC region. > > With some basic justification, an LIR should be able to gain subsequent /32 allocations for the purpose of remaining 'as routable as possible'. > > While APNIC, like other RIR's do not set routing policy, they do heavily influence it. And while they cannot control the practice of community filtering lists based on their own allocation pools, they should not ignore the situation. > > Given that IPv6 is not a scarce resource and by no means am I suggesting we just burn it for the fun of it, this seems to be a philosophical debate rather than a technical one. This is due to that even if an LIR could de-aggregate its /32 to say, 8 /35's or 16 36's, these entries in the routing table would have the exact same result as if they had 16 * /32's. > > So due to this, the only restriction here is the pool allocation which the community filter lists are based on - which the RIR's essentially have created and now have the responsibility to consider. > > ...Skeeve > > -- > Skeeve Stevens, CEO/Technical Director > eintellego Pty Ltd - The Networking Specialists > skeeve at eintellego.net / www.eintellego.net > Phone: 1300 753 383, Fax: (+612) 8572 9954 > Cell +61 (0)414 753 383 / skype://skeeve > www.linkedin.com/in/skeeve ; facebook.com/eintellego > -- > NOC, NOC, who's there? > > From: sig-policy-bounces at lists.apnic.net [mailto:sig-policy-bounces at lists.apnic.net] On Behalf Of Terence Zhang YH(CNNIC) > Sent: Wednesday, 3 February 2010 10:46 PM > To: sig-policy at apnic.net > Subject: [sig-policy] prop-083: Alternative criteria for subsequentIPv6 allocations > > Dear SIG members, > > The proposal, 'Alternative criteria for subsequent IPv6 allocations', > has been sent to the Policy SIG for review. It will be presented at the > Policy SIG at APNIC 29 in Kuala Lumpur, 1-5 March 2010. > > We invite you to review and comment on the proposal on the mailing list > before the meeting. > > The comment period on the mailing list before an APNIC meeting is an > important part of the policy development process. We encourage you to > express your views on the proposal: > > - Do you support or oppose this proposal? > - Does this proposal solve a problem you are experiencing? If so, > tell the community about your situation. > - Do you see any disadvantages in this proposal? > - Is there anything in the proposal that is not clear? > - What changes could be made to this proposal to make it more > effective? > > > Information about this and other policy proposals is available from: > > http://www.apnic.net/policy/proposals > > > Randy, Ching-Heng, and Terence > > > ___________________________________________________________________ > > prop-083-v001: Alternative criteria for subsequent IPv6 allocations > ___________________________________________________________________ > > > Author: Skeeve Stevens > > > Version: 1 > > Date: 3 February 2010 > > > 1. Introduction > ---------------- > > This is a proposal to enable current APNIC account holders with existing > IPv6 allocations to receive subsequent IPv6 allocations from APNIC for > use in networks that are not connected to the initial IPv6 allocation. > > > 2. Summary of current problem > ------------------------------ > > An APNIC account holder with an existing /32 IPv6 allocation (or larger) > is unable to deaggregate that allocation into routes smaller than a /32 > due to the community practice of 'filter blocking' or 'bogon lists' > associated with RIR blocks which are known to have a minimum allocation > size of /32 [1]. > > An LIR may want to build a network in a separate location and provide > IPv6 connectivity; however, because the LIR risks routability problems > if they deaggregate, they cannot use a subset of their initial > allocation in the new location. > > For example: > > An ISP has a /32 allocation which they announce via an upstream > in New Zealand. The ISP wants to build a new network in Singapore. > The ISP's new network in Singapore is not connected to the existing > New Zealand network and the ISP is using a local transit provider > to obtain dual stacked connectivity. > > If the network was using IPv4 addresses, the ISP would usually > be able to deaggregate their allocation and announce one part of > the deaggregated range to the local transit provider. > > In IPv6, however, this is not possible due to 'community filtering' > on ranges smaller than a /32. > > Such a filter may look like the following: > > ipv6 prefix-list ipv6-ebgp-strict permit 2400::/12 ge 19 le 32 > > This above statement in the IPv6 BGP filter recommendations would > cause any announcements by an ISP which had an allocation, > such as 2400:0000::/32, to announce smaller routes from that block, > such as multiple /35s for example, to be filtered. In a default > free situation, connectivity to the ISP would be problematic. > > Instead, the ISP needs to obtain a new /32 allocation to be able to > have IPv6 connectivity in the new location with an independent > (from their primary network) transit provider. > > > 3. Situation in other RIRs > --------------------------- > > AfriNIC, ARIN, LACNIC and RIPE currently have no similar policies or > proposals. However, ARIN mailing lists are presently discussing this > situation and there seems to be significant support. > > > 4. Details of the proposal > --------------------------- > > 4.1 It is proposed that alternative criteria be added to the subsequent > IPv6 allocation policy [2] to allow current APNIC account holders > with networks in multiple locations but without a connecting > infrastructure to obtain IPv6 resources for each location. > > 4.2 To qualify for subsequent IPv6 allocations under the proposed > alternative criteria, account holders must: > > - Be a current APNIC account holder with an existing IPv6 > allocation > - Be announcing its existing IPv6 allocation > - Demonstrate that the LIR has additional networks that are not > connected to the network announcing its existing IPv6 allocation > > > 5. Advantages and disadvantages of the proposal > ------------------------------------------------ > > 5.1 Advantages > > - This proposal enables current APNIC account holders to avoid > problematic network design issues and policy issues related to > deaggregation. > > - Current APNIC account holders will be able to acquire resources > and announce them separately to transit providers in disparate > locations. > > > 5.2 Disadvantages > > - This proposal could cause faster consumption of IPv6 address > space. However, given the size of the total IPv6 pool, the author > of this proposal does not see this as a significant issue. > > > 6. Effect on APNIC members > --------------------------- > > APNIC members would be able to build networks in separate locations and > obtain local IPv6 connectivity and announce their own resources. > > > 7. Effect on NIRs > ------------------ > > The proposal allows for NIRs to have the choice as to when to adopt this > policy for their members. > > > 8. References > --------------- > > [1] For example, see "IPv6 BGP filter recommendations" > http://www.space.net/~gert/RIPE/ipv6-filters.html > > [2] See section 5.2, "Subsequent Allocation Section" in "IPv6 Address > Allocation and Assignment Policy" > http://www.apnic.net/policy/ipv6-address-policy#5.2 > _______________________________________________ > > > > ------------------------------------------------------------------------ > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== From cgrundemann at gmail.com Fri Feb 5 09:55:19 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Fri, 5 Feb 2010 07:55:19 -0700 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements In-Reply-To: <3E54F9C2-FD20-43C2-8DEF-9A0FBACCB11B@delong.com> References: <4B6AF6CE.7000709@arin.net> <3E54F9C2-FD20-43C2-8DEF-9A0FBACCB11B@delong.com> Message-ID: <443de7ad1002050655t50ccb685md519c2f7a6572dd0@mail.gmail.com> On Thu, Feb 4, 2010 at 22:42, Owen DeLong wrote: > I'd like to see some wordsmithing to rectify the following: > > 6.5.5.2 > ? ? ? ?...registered via SWIP or RWHOIS. Section 6.5.5.2 ends with "...is registered in an RIR database." Are you saying that the text _should_ specify SWIP / RWHOIS? ~Chris > > > Otherwise, I could get behind this proposal and I think it is a much better > policy than 2010-3. > > Owen > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org From farmer at umn.edu Fri Feb 5 10:27:54 2010 From: farmer at umn.edu (David Farmer) Date: Fri, 05 Feb 2010 09:27:54 -0600 Subject: [arin-ppml] IPv6 Non-connected networks Message-ID: <4B6C38FA.6060502@umn.edu> This thread has mostly wondered off of my original question, but it still has been an interesting discussion, none the less. The intent of my question is how do we want to deal with networks that are not connected to the Internet. In other words networks that have no intention of achieving global reachability but still many need or want globally unique addresses. ARIN Policy specifically addresses a special case of what I am asking about for IPv6 in 6.10.2 Micro Allocation for Internal Infrastructure, and it creates a special pool for this use. Also, by the fact that current end-user assignments are based on IPv4 Policy, then section 4.3.5. Non-connected Networks allows such networks to get an IPv6 assignment, currently out of a common pool for end-user assignments. Since I've been working on rewriting ARIN's IPv6 policy I want to know how the community want this to actually work, my goal is a more direct and clear path for these network to get addresses. However, I see a faction of the ARIN community that want these assignments made from a filterable block. Then, there is another faction that says, wait a minute, that means ARIN is defining Routing Policy. I believe that these network have a right to globally unique IPv6 addressing just as much as anyone else. But, personally I'm mostly agnostic to the question if the these assignments should be made from a block designated for non-connected networks or just assigned from a common pool with all other assignments. I can see valid arguments on both sides. Basically it boils down to, if we assign from a common pool then there is no distinction and you can only have the address space you can justify connected or non-connected. If we make a distinction then, anyone must to be able to get such a non-connected assignment without regard to if they have an assignment intended intended for global connectivity. The current text I have in PP#107 calls for a common pool because that seemed most consistent with the current policies as I understand them. But as I said, I'm mostly agnostic on this issue. So I started this thread to try develop a consensus one way or the other. Because, we can't do both at the same time. So I would like to see continued discussion on the specific issue of a common pool for all assignments VS. a specific pool for non-connected networks. Additionally, I intend to raise this issue on the floor in Toronto. Thanks -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== From cgrundemann at gmail.com Fri Feb 5 10:28:22 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Fri, 5 Feb 2010 08:28:22 -0700 Subject: [arin-ppml] Policy Proposal 109: Standardize IP ReassignmentRegistration Requirements In-Reply-To: <28E139F46D45AF49A31950F88C4974580513B8BB@E03MVZ2-UKDY.domain1.systemhost.net> References: <4B6AF6CE.7000709@arin.net> <28E139F46D45AF49A31950F88C4974580513B8BB@E03MVZ2-UKDY.domain1.systemhost.net> Message-ID: <443de7ad1002050728o39803f20l5cadd1b8d2ef6915@mail.gmail.com> On Fri, Feb 5, 2010 at 06:12, wrote: > >> Policy Proposal 109: Standardize IP Reassignment Registration >> Requirements > > Huh!? > >> ? - Add: >> ? - Rename 4.2.3.7. "Reassignment information" to "Registration" >> >> ? - Rename 4.2.3.7.1. "Customer organization information" to >> "Reassignment Information" and replace text with: >> ? - Replace 4.2.3.7.6. Residential Customer Privacy with: >> ? - Strike section 4.2.6. "Cable Address Space Policy" >> ? - Replace Section 6.5.5. with: > > I'm still not sure what this policy proposal is trying to do > or what is being changed. Clearly, the only way to figure > this out is to compare the existing copious verbiage in the NRPM > with the copious verbiage in this policy and I haven't time > to do this right now. Yes, reading the NRPM may be a prerequisite to understanding proposed changes to it. > I am opposed to this proposal on the grounds of its complexity > and the lack of clarity around what, if any, kind of problem > it attempts to solve. I will expound a bit on the rational for clarification: 1) This policy restructures the reassignment and registration sections of the IPv4 and IPv6 policies. a) The IPv4 section is renamed "registration." b) The first section of the IPv4 policy is rewritten for clarity. c) The IPv6 policy is totally rewritten in a format that matches the IPv4 policy. * These structural changes are meant to make it easier to compare the two sections. I believe that having the IPv6 and IPv4 policies written in completely different formats and structures (as they are in many cases now) confuses the issues and makes it very hard to understand what is different and what is the same across the two sections. Bringing them into a similar format should help ease the migration to IPv6 as folks can quickly and easily understand the differences and the similarities. 2) This policy adds a definition of "organizational information" which is used in the existing policy but not currently defined anywhere in the NRPM. a) The definition states that specific addresses are not required for client organizations but asks that they be included when possible. b) The definition states that a POC is required but can be designated by the client organization - it spells out that the client org can choose to use their upstream as a POC. c) The definition requires that the POC have a valid email address but only suggests that it include a phone number. * This definition is meant to address the customer confidentiality concerns that have been brought up recently (by specifically removing the requirement to publish client addresses and telephone numbers), with the smallest negative impact to whois usefulness (retains a valid POC w/ email contact). 3) This policy takes the privileges granted specifically to IPv4 cable operators in section 4.2.6. "Cable Address Space Policy" and grants them to all ISPs who serve residential areas. a) It allows all ISPs with residential coverage to register/swip/rwhois an entire market area. b) It retains the existing residential customer privacy policy for all customers with larger IP blocks. * This change removes the need for any ISP to enter residential customers into whois at all. 4) In the text that Scott pointed out (and that will be added), this policy will also extend the >50% utilization rate currently granted only to IPv4 cable operators to all ISPs with a residential footprint. * This change will make it easier for ISPs serving residential areas to get the addresses they need - this is key for FTTH operators as well as fixed-wireless and other residential ISPs. Cheers, ~Chris > > --Michael Dillon > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org From packetgrrl at gmail.com Fri Feb 5 12:28:45 2010 From: packetgrrl at gmail.com (cja@daydream.com) Date: Fri, 5 Feb 2010 10:28:45 -0700 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B6C38FA.6060502@umn.edu> References: <4B6C38FA.6060502@umn.edu> Message-ID: I think a common pool is a good idea. It allows these non-connected networks to connect if their needs change and keeps them from having to get another allocation/assingment if they do choose to connect at a later date. I do see the desire to perhaps filter the non-connected networks and that having them out of a dedicated block facilitates that purpose but long-term when we are in an exhaustion phase again that address space would be stranded and although globally unique perhaps highly filtered. You could argue that we have SO much IPv6 that we're never going to run out but I don't buy that argument. As does David.. I would love to hear what other folks think about this. ----Cathy Sent from my iPhone On Feb 5, 2010, at 8:27 AM, David Farmer wrote: > This thread has mostly wondered off of my original question, but it > still has been an interesting discussion, none the less. > > The intent of my question is how do we want to deal with networks > that are not connected to the Internet. In other words networks > that have no intention of achieving global reachability but still > many need or want globally unique addresses. ARIN Policy > specifically addresses a special case of what I am asking about for > IPv6 in 6.10.2 Micro Allocation for Internal Infrastructure, and it > creates a special pool for this use. Also, by the fact that current > end-user assignments are based on IPv4 Policy, then section 4.3.5. > Non-connected Networks allows such networks to get an IPv6 > assignment, currently out of a common pool for end-user assignments. > > Since I've been working on rewriting ARIN's IPv6 policy I want to > know how the community want this to actually work, my goal is a more > direct and clear path for these network to get addresses. However, > I see a faction of the ARIN community that want these assignments > made from a filterable block. Then, there is another faction that > says, wait a minute, that means ARIN is defining Routing Policy. > > I believe that these network have a right to globally unique IPv6 > addressing just as much as anyone else. But, personally I'm mostly > agnostic to the question if the these assignments should be made > from a block designated for non-connected networks or just assigned > from a common pool with all other assignments. I can see valid > arguments on both sides. > > Basically it boils down to, if we assign from a common pool then > there is no distinction and you can only have the address space you > can justify connected or non-connected. If we make a distinction > then, anyone must to be able to get such a non-connected assignment > without regard to if they have an assignment intended intended for > global connectivity. > > The current text I have in PP#107 calls for a common pool because > that seemed most consistent with the current policies as I > understand them. But as I said, I'm mostly agnostic on this issue. > So I started this thread to try develop a consensus one way or the > other. Because, we can't do both at the same time. > > So I would like to see continued discussion on the specific issue of > a common pool for all assignments VS. a specific pool for non- > connected networks. Additionally, I intend to raise this issue on > the floor in Toronto. > > Thanks > > -- > =============================================== > David Farmer Email:farmer at umn.edu > Networking & Telecommunication Services > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 612-626-0815 > Minneapolis, MN 55414-3029 Cell: 612-812-9952 > =============================================== > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. From packetgrrl at gmail.com Fri Feb 5 12:46:44 2010 From: packetgrrl at gmail.com (cja@daydream.com) Date: Fri, 5 Feb 2010 10:46:44 -0700 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <10468.1265391143@marajade.sandelman.ca> References: <4B563F50.1070306@umn.edu> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> <10468.1265391143@marajade.sandelman.ca> Message-ID: I got this note from Michael and I wanted to clarify my statements. I was just trying to comment on the "ARIN should be doing this or that" statements. ARIN doesn't decide the policy so they do what the community tells them to via the policy process. If folks don't like what ARIN is doing then there is a process to make things change. This includes policy proposal submissions as well as the petition process. I am sorry if I wasn't clear. On with the discussion of a separate pool or a combined pool for non-connected networks per David's summary email. Thanks! ----Cathy On Fri, Feb 5, 2010 at 10:32 AM, Michael Richardson wrote: > > >>>>> "packetgrrl" == packetgrrl writes: > packetgrrl> Then submit policy proposals to help make that happen. > packetgrrl> The community makes the policies so if you want them to > packetgrrl> be different then submit what you want and help it gain > packetgrrl> support. > > That was policy 103, which the AC declined to put on the agenda, but > enouraged further discussion, which we are having. > > -- > ] He who is tired of Weird Al is tired of life! | > firewalls [ > ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net > architect[ > ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device > driver[ > Kyoto Plus: watch the video > then sign the petition. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bill at herrin.us Fri Feb 5 13:38:20 2010 From: bill at herrin.us (William Herrin) Date: Fri, 5 Feb 2010 13:38:20 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F7632@RWC-EX1.corp.seven.com> References: <4B563F50.1070306@umn.edu> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7632@RWC-EX1.corp.seven.com> Message-ID: <3c3e3fca1002051038p50a77436u7e8db46c2dfd1e85@mail.gmail.com> On Fri, Feb 5, 2010 at 1:25 AM, George Bonser wrote: >> My point was that I'd really like to see us stop suffering failures of >> imagination in the name of careful reason. ARIN has to be the >> moderating force on the routing table only because we've failed to >> imagine a individually driven process that renders the role >> unnecessary. > > And my point was that the size of the routing table is only an issue > because of hardware vendors lack of resources in their gear. ?Having > more resources available eliminates the entire issue. Well sure. But are you familiar with how the hardware works in the high-end routers? The stuff is seriously expensive to build, especially in the relatively low quantities that populate the core of the DFZ. > A disruptive > player in the hardware market that introduces a router that can handle > two or four or eight times the number of concurrent flows and routes as > current gear would moot the point. The current kit deals with packets rather than flows. Flows was investigated thoroughly and looks very much like a blind alley. It has some useful niches but the failure modes are catastrophic. Granted someone could stumble on a brilliant insight tomorrow, especially if under pressure to innovate,. But understand that you're talking about a scientific advance, not a technological advance. Technology can be predictably built from the existing science at demand. Scientific advances are unpredictable; they happen almost at random. If you're a betting man, don't bet on the timely discovery of science that doesn't yet exist and right now the science of routing is Tries or TCAMs. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From mcr at sandelman.ca Fri Feb 5 13:11:09 2010 From: mcr at sandelman.ca (Michael Richardson) Date: Fri, 05 Feb 2010 13:11:09 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B563F50.1070306@umn.edu> <9413.1265283016@marajade.sandelman.ca> Message-ID: <16548.1265393469@marajade.sandelman.ca> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "Owen" == Owen DeLong writes: David> At the Dearborn meeting I heard a lot of people say that ARIN David> shouldn't dictate routing policy. I personally would find it David> hard to reconcile that stance with the idea of ARIN assigning David> non-connected /48s from a separate block. At least without an David> RFC defining centrally assignable ULA addressing, then ARIN David> would not be defining it, the IETF would be, ARIN would only David> be implementing something defined by the IETF. >> I don't understand your view here. >> >> ARIN does define routing policy right now --- if you ask ARIN for >> address space, you get routable address space, and ARIN defines >> the policy by which you can get it. There is presently only one >> question I can ask, and one set of criteria I can satisfy. If I >> satisfy the criteria I get one thing: routable address space. Owen> No. If you get space from ARIN now, it is up to the ISPs Owen> whether or not they will accept the route for it or not. For Owen> example, Verizon is currently rejecting all IPv6 /48 routes. Owen> Whether or not that is a good decision on their part has Owen> nothing to do with ARIN policy. Remember that thread is about non-connected networks. 1) I said that I would like address space that is non-connected 2) I wanted it marked as such 3) people said that this would never work because people would persuade ISPs to route it anyway, and this is bad, because it means that people would try to get non-connected address space as a loop around ARIN "policy" 4) I then said, but you see, the allocation policy is being used as a proxy for limiting who can routed! 5) then I was re-assured that ARIN allocations are not guaranteed to be routeable, so I shouldn't confuse the two. 6) then you say that it's really up to the ISPs to decide, and isn't it terrible that some ISP has some policy not route some set of address space, even through ARIN has given it out. Remember: I'm arguing that should be very liberal with small (/48+ ) allocations, charging a very nominal book-keeping fee, and do non-connected allocations out of a pool that can be clearly identified as such, so that ISPs can clearly make up the policy they want. - -- ] He who is tired of Weird Al is tired of life! | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ Kyoto Plus: watch the video then sign the petition. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Finger me for keys iQEVAwUBS2xfO4CLcPvd0N1lAQLQcgf/Su5SOK/pSmFIOJ0SzqsR1+5lKGUHARpD yklEuEzrciybfWR7RUO6eZqBCwzh+XozbnA4RYTurwWfYQ9PIWFxZz4moS0YKYnm 0GCsATr7+xyfnDixpjx2ylrgdIa0MJsl2A5/JyHmiJuDuAe2XXd1ekGbPPOY79Se 6JSIuz3wQxeH1Nt3u+nEAhlIZSzMPcB+wVyDtL7qZqVWdvlhn2Jiv30xuO1VxiN2 3EGLI+oe469GLpMbPI3Kg4rrdgAP+irgpNQo+8df9iwFjGfGWX1CQLEW9iijmm8v JDFk+/D0i4K3GMnMOFnnTqBYobn4WI5+4WrtD18v5RVgaO6hegctmA== =Q6PN -----END PGP SIGNATURE----- From gbonser at seven.com Fri Feb 5 13:55:28 2010 From: gbonser at seven.com (George Bonser) Date: Fri, 5 Feb 2010 10:55:28 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002051038p50a77436u7e8db46c2dfd1e85@mail.gmail.com> References: <4B563F50.1070306@umn.edu> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7632@RWC-EX1.corp.seven.com> <3c3e3fca1002051038p50a77436u7e8db46c2dfd1e85@mail.gmail.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7645@RWC-EX1.corp.seven.com> > The current kit deals with packets rather than flows. Flows was > investigated thoroughly and looks very much like a blind alley. It has > some useful niches but the failure modes are catastrophic. Yeah, I know that, but they tend to cache information regarding a flow. The cache isn't big enough is the problem I am worried about. Some gear likes to populate the routes (FIB) in hardware and if you don't have enough space, they don't all get in there. Chip density being what it is, I would think that more storage is available in the same form factor today than was available when the module was initially designed. It isn't so much a performance issue with a large table these days because that is switched in hardware, not by the CPU. The problem is a lack of space to hold all the routes in the hardware. When you are talking about the ability to hold 250K routes of IPv6 or 1,000K routes of v4, the problem gets bad when multihomed v4 nets become multihomed v4 AND v6 nets and have a route to their net in both protocols because they are running both. If you want to have space for 500K v4 routes in FIB that leaves you with only enough room for 125K v6 routes and while that is ok now, will that still be OK when A: more networks begin to appear in both spaces and B: smaller v4 allocations are made? That is the concern I had. I see the pushback against routing table growth as more of a hardware limitation than anything else (problems with instability in a network with more routes to announce/withdraw notwithstanding). "dual stacking" might only work for some period of time before both protocols combined outgrow the capability of the hardware and people need to split the infrastructure from dual-stacked to dedicated stacks. But this is more of an operational issue than an ARIN policy issue, the point being that operational issues and RIR policy issues are tightly coupled. George From matthew at matthew.at Fri Feb 5 14:08:09 2010 From: matthew at matthew.at (Matthew Kaufman) Date: Fri, 05 Feb 2010 11:08:09 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F7645@RWC-EX1.corp.seven.com> References: <4B563F50.1070306@umn.edu> <08528F8D-8E5A-497F-85E3-8B3317F6ABB4@icann.org> <3c3e3fca1002041437ja51ee80i9e3c5afa0d13fff7@mail.gmail.com> <7E625125-914A-45B6-B3B2-D03EE6FC6DFA@icann.org> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7632@RWC-EX1.corp.seven.com> <3c3e3fca1002051038p50a77436u7e8db46c2dfd1e85@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7645@RWC-EX1.corp.seven.com> Message-ID: <4B6C6C99.20900@matthew.at> George Bonser wrote: > But this is more of an operational issue than an ARIN policy issue, the > point being that operational issues and RIR policy issues are tightly > coupled. > > For some people, yes. For others, no. It is fairly easy to show that RIR policy around allocation of addresses people expect to be routed is coupled in the RIR->Operator direction. If is less easy to show why, exactly, operator policy around routing must necessarily dictate RIR policy. It is especially difficult to show why, exactly, operator policy around routing should dictate RIR policy around allocation of objects that are not expected to be routed by operators. Matthew Kaufman From bill at herrin.us Fri Feb 5 14:15:21 2010 From: bill at herrin.us (William Herrin) Date: Fri, 5 Feb 2010 14:15:21 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B6C6C99.20900@matthew.at> References: <4B563F50.1070306@umn.edu> <3c3e3fca1002041713o72b057fcqe09f93b5e846d1b8@mail.gmail.com> <3c3e3fca1002041954p3baf46f3sd8ccb8dd5d2246b5@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F762E@RWC-EX1.corp.seven.com> <3c3e3fca1002042122x4a503c0sa4d8c02b9b4182ae@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7632@RWC-EX1.corp.seven.com> <3c3e3fca1002051038p50a77436u7e8db46c2dfd1e85@mail.gmail.com> <5A6D953473350C4B9995546AFE9939EE081F7645@RWC-EX1.corp.seven.com> <4B6C6C99.20900@matthew.at> Message-ID: <3c3e3fca1002051115p71e04e10w4f373a6989b3fb86@mail.gmail.com> On Fri, Feb 5, 2010 at 2:08 PM, Matthew Kaufman wrote: > It is especially difficult to show why, exactly, operator policy around > routing should dictate RIR policy around allocation of objects that are not > expected to be routed by operators. Matthew, Failure modes. If the objects are not expected to be routed by operators then correction should be actionable when they show up anyway. Beyond the consideration of failure modes, you're basically right: operator routing policy should not inform RIR policy for non-routed objects. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From mcr at sandelman.ca Fri Feb 5 14:17:40 2010 From: mcr at sandelman.ca (Michael Richardson) Date: Fri, 05 Feb 2010 14:17:40 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B6C38FA.6060502@umn.edu> References: <4B6C38FA.6060502@umn.edu> Message-ID: <22925.1265397460@marajade.sandelman.ca> >>>>> "David" == David Farmer writes: David> Since I've been working on rewriting ARIN's IPv6 policy I David> want to know how the community want this to actually work, my David> goal is a more direct and clear path for these network to get David> addresses. However, I see a faction of the ARIN community David> that want these assignments made from a filterable block. David> Then, there is another faction that says, wait a minute, that David> means ARIN is defining Routing Policy. If the assignments are not made from a trivially filterable block, then the assignments are not special in any way, and if you can convince an ISP to carry them, they are exactly the same as connected blocks, and so should be charged in the same way. The argument against giving out IPv6 /32s to any and all (regardless of need) is, I think, that it causes DFZ router table explosion. (Remember, there are enough /40s to give every man, woman and child one, but I see no reason why any individual human needs more than a /60...) We are told that ARIN doesn't do routing policy, yet it seems to me that a large amount of ARINs reluctance to make IPv6 addressing available is the result of a concern about DFZ router size. If we had a way to assign a routing table congestion cost to assignments then maybe it would be okay. Maybe SIDR will provide a mechanism to do that, since the "routability" of a block could expressed in the authorization certificate binding it to an ASN. Until such time, ISPs are guardians of a scarce public (distributed) resource known as the DFZ. It's a tragedy of the commons, and a fax-effect (at the same time), were once one ISP starts to pollute the table, other ISPs are encouraged by peer pressure to do the same thing. David> Basically it boils down to, if we assign from a common pool David> then there is no distinction and you can only have the David> address space you can justify connected or non-connected. If David> we make a distinction then, anyone must to be able to get David> such a non-connected assignment without regard to if they David> have an assignment intended intended for global connectivity. I can't parse the second sentence, but I think I know what you mean. Can you rewrite it for me? David> So I would like to see continued discussion on the specific David> issue of a common pool for all assignments VS. a specific David> pool for non-connected networks. Additionally, I intend to David> raise this issue on the floor in Toronto. Thanks for bring us back to the topic. (It seems amazing that ARIN has only ever once provided aN IPv4 prefix that wasn't routable, which is the 24.y/11... ) -- ] He who is tired of Weird Al is tired of life! | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ Kyoto Plus: watch the video then sign the petition. From gbonser at seven.com Fri Feb 5 14:27:07 2010 From: gbonser at seven.com (George Bonser) Date: Fri, 5 Feb 2010 11:27:07 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B6C38FA.6060502@umn.edu> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F764B@RWC-EX1.corp.seven.com> > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of cja > Sent: Friday, February 05, 2010 9:29 AM > Subject: Re: [arin-ppml] IPv6 Non-connected networks > > I think a common pool is a good idea. It allows these non-connected > networks to connect if their needs change and keeps them from having > to get another allocation/assingment if they do choose to connect at a > later date. I also believe having non-connected networks out of a common pool is a good idea. For one thing, it allows two networks that are not connected to the global Internet to interconnect without worrying about address space collisions provided both networks got their addresses from the same issuer. I am thinking of it as a "regionally unique" address space. But if they were to retain those net blocks if they do become connected, would that present some problems as holes would then have to be punched in the "not connected to the Internet" block filters? George From bill at herrin.us Fri Feb 5 14:39:15 2010 From: bill at herrin.us (William Herrin) Date: Fri, 5 Feb 2010 14:39:15 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B6C38FA.6060502@umn.edu> Message-ID: <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com> On Fri, Feb 5, 2010 at 12:28 PM, cja at daydream.com wrote: > I think a common pool is a good idea. It allows these non-connected > networks to connect if their needs change and keeps them from having > to get another allocation/assingment if they do choose to connect at a > later date. And if that later date is the one following the assignment, so much the better. > I do see the desire to perhaps filter the non-connected networks and > that having them out of a dedicated block facilitates that purpose but > long-term when we are in an exhaustion phase again that address space > would be stranded and although globally unique perhaps highly > filtered. ?You could argue that we have SO much IPv6 that we're never > going to run out but I don't buy that argument. Yeah, but the IETF set aside fc00::/7 for that purpose already and only fd00::/8 is used for the so-called statistically unique assignments. So we don't actually *have* to waste any new space to make non-connected assignments from a distinct pool. At worst we'd need a global policy to open fc00::/8 for assignment to the RIRs. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From bill at herrin.us Fri Feb 5 14:41:35 2010 From: bill at herrin.us (William Herrin) Date: Fri, 5 Feb 2010 14:41:35 -0500 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com> References: <4B6C38FA.6060502@umn.edu> <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com> Message-ID: <3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com> On Fri, Feb 5, 2010 at 2:39 PM, William Herrin wrote: > Yeah, but the IETF set aside fc00::/7 for that purpose already and > only fd00::/8 is used for the so-called statistically unique > assignments. So we don't actually *have* to waste any new space to > make non-connected assignments from a distinct pool. At worst we'd > need a global policy to open fc00::/8 for assignment to the RIRs. Excuse me, the IANA at the request of the IETF set aside fc00::/7 for the purpose of addressing non-connected networks. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From packetgrrl at gmail.com Fri Feb 5 15:11:39 2010 From: packetgrrl at gmail.com (cja@daydream.com) Date: Fri, 5 Feb 2010 13:11:39 -0700 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F764B@RWC-EX1.corp.seven.com> References: <4B6C38FA.6060502@umn.edu> <5A6D953473350C4B9995546AFE9939EE081F764B@RWC-EX1.corp.seven.com> Message-ID: I believe David's definition of a common pool were that they were out of a block with other similar but "connected to the Internet" blocks not that they were out of one unique block just for non-connected sites. ---Cathy On Fri, Feb 5, 2010 at 12:27 PM, George Bonser wrote: > > > > -----Original Message----- > > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] > On > > Behalf Of cja > > Sent: Friday, February 05, 2010 9:29 AM > > Subject: Re: [arin-ppml] IPv6 Non-connected networks > > > > I think a common pool is a good idea. It allows these non-connected > > networks to connect if their needs change and keeps them from having > > to get another allocation/assingment if they do choose to connect at a > > later date. > > I also believe having non-connected networks out of a common pool is a > good idea. For one thing, it allows two networks that are not connected > to the global Internet to interconnect without worrying about address > space collisions provided both networks got their addresses from the > same issuer. I am thinking of it as a "regionally unique" address > space. > > But if they were to retain those net blocks if they do become connected, > would that present some problems as holes would then have to be punched > in the "not connected to the Internet" block filters? > > George > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From matthew at matthew.at Fri Feb 5 15:47:20 2010 From: matthew at matthew.at (Matthew Kaufman) Date: Fri, 05 Feb 2010 12:47:20 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com> References: <4B6C38FA.6060502@umn.edu> <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com> <3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com> Message-ID: <4B6C83D8.7020109@matthew.at> William Herrin wrote: > On Fri, Feb 5, 2010 at 2:39 PM, William Herrin wrote: > >> Yeah, but the IETF set aside fc00::/7 for that purpose already and >> only fd00::/8 is used for the so-called statistically unique >> assignments. So we don't actually *have* to waste any new space to >> make non-connected assignments from a distinct pool. At worst we'd >> need a global policy to open fc00::/8 for assignment to the RIRs. >> > > Excuse me, the IANA at the request of the IETF set aside fc00::/7 for > the purpose of addressing non-connected networks. > > Perhaps one or more Regional Not-The-Internet Registries should apply to IANA to administer assignments within that space. Matthew Kaufman From farmer at umn.edu Fri Feb 5 15:48:30 2010 From: farmer at umn.edu (David Farmer) Date: Fri, 05 Feb 2010 14:48:30 -0600 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: References: <4B6C38FA.6060502@umn.edu> <5A6D953473350C4B9995546AFE9939EE081F764B@RWC-EX1.corp.seven.com> Message-ID: <4B6C841E.6000405@umn.edu> Yes, When I said common pool I was referring to a common block of address that both Internet connected and non-connected assignments would be made. Such that it would not be possible to filter the non-connected assignments. Or the other option is to have a block dedicated to non-connected assignments that could be filtered. cja at daydream.com wrote: > I believe David's definition of a common pool were that they were out of a > block with other similar but "connected to the Internet" blocks not that > they were out of one unique block just for non-connected sites. > > ---Cathy > > On Fri, Feb 5, 2010 at 12:27 PM, George Bonser wrote: > >> >>> -----Original Message----- >>> From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] >> On >>> Behalf Of cja >>> Sent: Friday, February 05, 2010 9:29 AM >>> Subject: Re: [arin-ppml] IPv6 Non-connected networks >>> >>> I think a common pool is a good idea. It allows these non-connected >>> networks to connect if their needs change and keeps them from having >>> to get another allocation/assingment if they do choose to connect at a >>> later date. >> I also believe having non-connected networks out of a common pool is a >> good idea. For one thing, it allows two networks that are not connected >> to the global Internet to interconnect without worrying about address >> space collisions provided both networks got their addresses from the >> same issuer. I am thinking of it as a "regionally unique" address >> space. There is nothing regional about it, they would be globally unique. >> But if they were to retain those net blocks if they do become connected, >> would that present some problems as holes would then have to be punched >> in the "not connected to the Internet" block filters? >> >> George -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== From gbonser at seven.com Fri Feb 5 16:10:12 2010 From: gbonser at seven.com (George Bonser) Date: Fri, 5 Feb 2010 13:10:12 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B6C83D8.7020109@matthew.at> References: <4B6C38FA.6060502@umn.edu> <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com><3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com> <4B6C83D8.7020109@matthew.at> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F764F@RWC-EX1.corp.seven.com> > > > > Excuse me, the IANA at the request of the IETF set aside fc00::/7 for > > the purpose of addressing non-connected networks. > > > > So what is really being looked at, then, is a registry for fc00::/7 space with the L bit set to 0, or in other words, defining the L bit per section 3.2 of RFC4193 as "assigned by RIR or whomever" with chunks of fd00::/8 being doled out by the various RIRs (or whomever) for networks in their area. > Perhaps one or more Regional Not-The-Internet Registries should apply > to > IANA to administer assignments within that space. Would seem to me like a better idea than using globally unique space for unconnected networks. It would require renumbering if you went connected, though. So does it boil down to wanting space that is not connected so your unconnected address space nets doesn't count against density requirements for connected space but allows you to connect it without renumbering later? And if so, how do you know when someone has converted their "unconnected" net to "connected" by announcing the route and that space should now count against requirements to justify space? What is to prevent someone from requesting space for "unconnected" networks in addition to "connected" for a total of more space than they would otherwise be able to justify and then announcing the unconnected space a week later? I think "unconnected space" space should be just that and not "temporarily unconnected space for right now". But having pieces of it doled out from a central authority would make it easier for two networks that are not connected to the global internet to interconnect without address space collision. From farmer at umn.edu Fri Feb 5 16:16:42 2010 From: farmer at umn.edu (David Farmer) Date: Fri, 05 Feb 2010 15:16:42 -0600 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <22925.1265397460@marajade.sandelman.ca> References: <4B6C38FA.6060502@umn.edu> <22925.1265397460@marajade.sandelman.ca> Message-ID: <4B6C8ABA.4000101@umn.edu> Michael Richardson wrote: >>>>>> "David" == David Farmer writes: > David> Since I've been working on rewriting ARIN's IPv6 policy I > David> want to know how the community want this to actually work, my > David> goal is a more direct and clear path for these network to get > David> addresses. However, I see a faction of the ARIN community > David> that want these assignments made from a filterable block. > David> Then, there is another faction that says, wait a minute, that > David> means ARIN is defining Routing Policy. > > If the assignments are not made from a trivially filterable block, then > the assignments are not special in any way, and if you can convince an > ISP to carry them, they are exactly the same as connected blocks, and so > should be charged in the same way. I believe the cost is not part of the policy. > The argument against giving out IPv6 /32s to any and all (regardless of > need) is, I think, that it causes DFZ router table explosion. > > (Remember, there are enough /40s to give every man, woman and child one, > but I see no reason why any individual human needs more than a /60...) > > We are told that ARIN doesn't do routing policy, yet it seems to me that > a large amount of ARINs reluctance to make IPv6 addressing available is > the result of a concern about DFZ router size. > > If we had a way to assign a routing table congestion cost to > assignments then maybe it would be okay. > Maybe SIDR will provide a mechanism to do that, since the "routability" > of a block could expressed in the authorization certificate binding it > to an ASN. > > Until such time, ISPs are guardians of a scarce public (distributed) > resource known as the DFZ. It's a tragedy of the commons, and a > fax-effect (at the same time), were once one ISP starts to pollute the > table, other ISPs are encouraged by peer pressure to do the same thing. > > David> Basically it boils down to, if we assign from a common pool > David> then there is no distinction and you can only have the > David> address space you can justify connected or non-connected. If > David> we make a distinction then, anyone must to be able to get > David> such a non-connected assignment without regard to if they > David> have an assignment intended intended for global connectivity. > > I can't parse the second sentence, but I think I know what you mean. > Can you rewrite it for me? Sorry I wasn't clear, how about these; - If we make a distinction between Internet connected and non-connected, them having an assignment from one or the other can't affect your ability to get the other type of space. - If I have an Internet connected assignment, that should not disqualify me from getting a non-connected assignment and visa-versa. - If I meet the requirements for both, I should be able to get both. I would still have to properly meet the requirements independently for each assignment, but I should be able to get both. > David> So I would like to see continued discussion on the specific > David> issue of a common pool for all assignments VS. a specific > David> pool for non-connected networks. Additionally, I intend to > David> raise this issue on the floor in Toronto. > > Thanks for bring us back to the topic. > > (It seems amazing that ARIN has only ever once provided aN IPv4 prefix > that wasn't routable, which is the 24.y/11... ) > -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== From leo.vegoda at icann.org Fri Feb 5 16:19:08 2010 From: leo.vegoda at icann.org (Leo Vegoda) Date: Fri, 5 Feb 2010 13:19:08 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B6C83D8.7020109@matthew.at> References: <4B6C38FA.6060502@umn.edu> <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com> <3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com> <4B6C83D8.7020109@matthew.at> Message-ID: <57AF8076-FA54-443A-B664-1F8D4901F580@icann.org> On 5 Feb 2010, at 12:47, Matthew Kaufman wrote: > William Herrin wrote: >> On Fri, Feb 5, 2010 at 2:39 PM, William Herrin wrote: >> >>> Yeah, but the IETF set aside fc00::/7 for that purpose already and >>> only fd00::/8 is used for the so-called statistically unique >>> assignments. So we don't actually *have* to waste any new space to >>> make non-connected assignments from a distinct pool. At worst we'd >>> need a global policy to open fc00::/8 for assignment to the RIRs. >>> >> Excuse me, the IANA at the request of the IETF set aside fc00::/7 for >> the purpose of addressing non-connected networks. >> > Perhaps one or more Regional Not-The-Internet Registries should apply to > IANA to administer assignments within that space. As that /7 was registered following the publication of a Standards Track RFC (4193), we won't just be accepting applications without a suitable RFC telling us to do so. Regards, Leo Vegoda From matthew at matthew.at Fri Feb 5 16:22:26 2010 From: matthew at matthew.at (Matthew Kaufman) Date: Fri, 05 Feb 2010 13:22:26 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <57AF8076-FA54-443A-B664-1F8D4901F580@icann.org> References: <4B6C38FA.6060502@umn.edu> <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com> <3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com> <4B6C83D8.7020109@matthew.at> <57AF8076-FA54-443A-B664-1F8D4901F580@icann.org> Message-ID: <4B6C8C12.7070309@matthew.at> Leo Vegoda wrote: > On 5 Feb 2010, at 12:47, Matthew Kaufman wrote: > >> William Herrin wrote: >> >>> On Fri, Feb 5, 2010 at 2:39 PM, William Herrin wrote: >>> >>> >>>> Yeah, but the IETF set aside fc00::/7 for that purpose already and >>>> only fd00::/8 is used for the so-called statistically unique >>>> assignments. So we don't actually *have* to waste any new space to >>>> make non-connected assignments from a distinct pool. At worst we'd >>>> need a global policy to open fc00::/8 for assignment to the RIRs. >>>> >>>> >>> Excuse me, the IANA at the request of the IETF set aside fc00::/7 for >>> the purpose of addressing non-connected networks. >>> >>> >> Perhaps one or more Regional Not-The-Internet Registries should apply to >> IANA to administer assignments within that space. >> > > As that /7 was registered following the publication of a Standards Track RFC (4193), we won't just be accepting applications without a suitable RFC telling us to do so. > Of course... but the ARIN PDP isn't how such an RFC would be produced. But this all does suggest that no ARIN PDP is necessary at all, since ARIN shouldn't be in that business (yet) anyway. If we're going to hand out space which must be marked in such a way that it can never be routed, it really should come from space for which IANA (and everyone else) agrees will never be routed, not just from a spare end of space on hand. Matthew Kaufman From aaron at wholesaleinternet.net Fri Feb 5 16:30:14 2010 From: aaron at wholesaleinternet.net (Aaron Wendel) Date: Fri, 5 Feb 2010 15:30:14 -0600 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements In-Reply-To: <4B6AF6CE.7000709@arin.net> References: <4B6AF6CE.7000709@arin.net> Message-ID: <0b5d01caa6aa$6784ad80$368e0880$@net> I oppose this proposal. It further restricts information and overcomplicates policies that should be made simpler and more flexible. Aaron -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Member Services Sent: Thursday, February 04, 2010 10:33 AM To: arin-ppml at arin.net Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements ARIN received the following policy proposal and is posting it to the Public Policy Mailing List (PPML) in accordance with Policy Development Process. This proposal is in the first stage of the Policy Development Process. ARIN staff will perform the Clarity and Understanding step. Staff does not evaluate the proposal at this time, their goal is to make sure that they understand the proposal and believe the community will as well. Staff will report their results to the ARIN Advisory Council (AC) within 10 days. The AC will review the proposal at their next regularly scheduled meeting (if the period before the next regularly scheduled meeting is less than 10 days, then the period may be extended to the subsequent regularly scheduled meeting). The AC will decide how to utilize the proposal and announce the decision to the PPML. In the meantime, the AC invites everyone to comment on the proposal on the PPML, particularly their support or non-support and the reasoning behind their opinion. Such participation contributes to a thorough vetting and provides important guidance to the AC in their deliberations. Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html The ARIN Policy Development Process can be found at: https://www.arin.net/policy/pdp.html Mailing list subscription information can be found at: https://www.arin.net/mailing_lists/ Regards, Member Services American Registry for Internet Numbers (ARIN) ## * ## Policy Proposal 109: Standardize IP Reassignment Registration Requirements Proposal Originator: Chris Grundemann Proposal Version: 1.0 Date: 4 FEB 2010 Proposal type: Modify Policy term: Permanent Policy statement: ## Definitions ## - Add: 2.3. Organizational Information When required, organization Information must include at a minimum: Legal name, city, state, zip code equivalent and at least one valid technical or abuse POC; inclusion of street address is highly encouraged. The POC shall be designated by the organization and must include at least one verifiable email address, inclusion of a phone number is highly encouraged. ## IPv4 ## - Rename 4.2.3.7. "Reassignment information" to "Registration" - Rename 4.2.3.7.1. "Customer organization information" to "Reassignment Information" and replace text with: When an organization holding an IPv4 address allocation makes IPv4 address assignments, it must register reassignment information via SWIP or RWHOIS server. SWIP and RWHOIS reassignments shall include each client's organizational information, except where specifically exempted by this policy. - Replace 4.2.3.7.6. Residential Customer Privacy with: 4.2.3.7.6. Residential Subscribers 4.2.3.7.6.1. Residential Market Area In most cases, ISPs that have residential subscribers assign address space to the infrastructure to which their customers connect rather than to individual subscribers. This assignment information regarding each market area holding an address block should be registered with the network name used to identify each market area. Initial allocations are based on total number of homes that could purchase the service in a given market area. Each assignment to specific end-users of /29 and larger blocks still requires individual registration. 4.2.3.7.6.2. Residential Customer Privacy To maintain the privacy of their residential customers, an organization with downstream residential customers holding /29 and larger blocks may substitute that organization's name for the customer's name, e.g. 'Private Customer - XYZ Network', and the customer's street address may read 'Private Residence'. Each private downstream residential reassignment must have accurate upstream Abuse and Technical POCs visible on the WHOIS record for that block. - Strike section 4.2.6. "Cable Address Space Policy" ## IPv6 ## - Replace Section 6.5.5. with: 6.5.5. Registration 6.5.5.1. Reassignment information When an organization holding an IPv6 address allocation makes IPv6 address assignments, it must register reassignment information in a database, accessible by RIRs as appropriate (information registered by an RIR may be replaced by a distributed database for registering address management information in future). These reassignment registrations shall include each client's organizational information, except where specifically exempted by this policy. 6.5.5.2. /56 registered unit Information is registered in units of assigned /56 networks. When more than a /56 is assigned to a client organization, the assigning organization is responsible for ensuring that the address space is registered in an RIR database. 6.5.5.3. Submit within 7 days Any time an LIR receives a new block of address space, reassignment information should be submitted within 7 days of issuance of the new space. 6.5.5.4. Visible via WHOIS This information must be visible via WHOIS prior to submitting a request for a new allocation. For further information on reassigning IP address space, please see RFC 2050. 6.5.5.6. Residential Subscribers 6.5.5.6.1. Residential Market Area In most cases, ISPs that have residential subscribers assign address space to the infrastructure to which their customers connect rather than to individual subscribers. This assignment information regarding each market area holding an address block should be registered with the network name used to identify each market area. Initial allocations are based on total number of homes that could purchase the service in a given market area. Each assignment to specific end-users of /56 and larger blocks still requires individual registration. 6.5.5.6.2. Residential Customer Privacy To maintain the privacy of their residential customers, an organization with downstream residential customers holding /56 and larger blocks may substitute that organization's name for the customer's name, e.g. 'Private Customer - XYZ Network', and the customer's street address may read 'Private Residence'. Each private downstream residential reassignment must have accurate upstream Abuse and Technical POCs visible on the WHOIS record for that block. Rationale: This proposal intends to do several things: 1) Bring IPv4 and IPv6 policy more in line with each other to make the NRPM easier to understand and comply with - at least as it relates to reassignment information. 2) Specifically define what organizational information is required to be added to whois when reassignments are made to client organizations. 3) To specifically state that a client organization may designate the POC of their choice for any/all whois entries. This includes designating an upstream POC as their own prefered POC. 4) Expands the priviledges previously reserved solely for cable ISPs to all ISPs/LIRs with residential subscribers. Namely the ability to SWIP/RWHOIS an entire residential market area as one reassignment. It also expands this priviledge to IPv6 reasignments, instead of just IPv4 as it is now. Timetable for implementation: Immediate _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.733 / Virus Database: 271.1.1/2659 - Release Date: 02/04/10 01:35:00 From gbonser at seven.com Fri Feb 5 16:29:16 2010 From: gbonser at seven.com (George Bonser) Date: Fri, 5 Feb 2010 13:29:16 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F764F@RWC-EX1.corp.seven.com> References: <4B6C38FA.6060502@umn.edu> <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com><3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com><4B6C83D8.7020109@matthew.at> <5A6D953473350C4B9995546AFE9939EE081F764F@RWC-EX1.corp.seven.com> Message-ID: <5A6D953473350C4B9995546AFE9939EE081F7651@RWC-EX1.corp.seven.com> > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of George Bonser > Sent: Friday, February 05, 2010 1:10 PM > To: matthew at matthew.at; William Herrin > Cc: arin-ppml at arin.net > Subject: Re: [arin-ppml] IPv6 Non-connected networks > So what is really being looked at, then, is a registry for fc00::/7 > space with the L bit set to 0, or in other words, defining the L bit > per > section 3.2 of RFC4193 as "assigned by RIR or whomever" with chunks of > fd00::/8 being doled out by the various RIRs (or whomever) for networks > in their area. Meant to say defining L=0 and it should be fc00::/8 So some central authority handing out fc00::/8 space out of fc00::/7 fd00::/8 would belong to anyone who wants to use it and potentially at risk of collision as rfc1918 is today. From farmer at umn.edu Fri Feb 5 16:51:12 2010 From: farmer at umn.edu (David Farmer) Date: Fri, 05 Feb 2010 15:51:12 -0600 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F764F@RWC-EX1.corp.seven.com> References: <4B6C38FA.6060502@umn.edu> <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com><3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com> <4B6C83D8.7020109@matthew.at> <5A6D953473350C4B9995546AFE9939EE081F764F@RWC-EX1.corp.seven.com> Message-ID: <4B6C92D0.7080709@umn.edu> George Bonser wrote: > >>> Excuse me, the IANA at the request of the IETF set aside fc00::/7 > for >>> the purpose of addressing non-connected networks. >>> >>> > > So what is really being looked at, then, is a registry for fc00::/7 > space with the L bit set to 0, or in other words, defining the L bit per > section 3.2 of RFC4193 as "assigned by RIR or whomever" with chunks of > fd00::/8 being doled out by the various RIRs (or whomever) for networks > in their area. No that is what Bill is proposing, I'm not completely opposed to that, but it is not currently being proposed. Nor do I think ARIN could do this unilaterally. I was thinking this would take IETF action. Bill proposed the idea of a RIR global policy, and maybe that could be an option, I need to think about that more. >> Perhaps one or more Regional Not-The-Internet Registries should apply >> to >> IANA to administer assignments within that space. > > Would seem to me like a better idea than using globally unique space for > unconnected networks. It would require renumbering if you went > connected, though. So does it boil down to wanting space that is not > connected so your unconnected address space nets doesn't count against > density requirements for connected space but allows you to connect it > without renumbering later? And if so, how do you know when someone has > converted their "unconnected" net to "connected" by announcing the route > and that space should now count against requirements to justify space? > > What is to prevent someone from requesting space for "unconnected" > networks in addition to "connected" for a total of more space than they > would otherwise be able to justify and then announcing the unconnected > space a week later? If there is no distention, you just get one kind of space, the question is how did you justify it. > I think "unconnected space" space should be just that and not > "temporarily unconnected space for right now". But having pieces of it > doled out from a central authority would make it easier for two networks > that are not connected to the global internet to interconnect without > address space collision. I want people to realize that current IPv6 policy allows someone who could justify a non-connected network under IPv4 policy and to get globally unique IPv4 addresses per 4.3.5 to get an globally unique IPv6 addresses too. I believe we should do one of the following; 1. Implement PP#107 as written allowing non-connected network assignments from common blocks with Internet connected assignments, or; (I believe this is the status-quo of the current convoluted IPv6 policy) 2. Define a separate blocks of address space for non-connected networks from the space ARIN has already or get more space from 2000:/3 for this. By directing ARIN in PP#107 to make assignments for non-connected networks from separate defined and published blocks, or; 3. Implement ULA-Central or a similar proposal, either through the IETF or the RIR global policy process, as make assignments from a block within fc00::/7. In this case I would suggest pull non-connected networks out of PP#107 and starting a whole new policy for this. -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== From cgrundemann at gmail.com Fri Feb 5 17:10:39 2010 From: cgrundemann at gmail.com (Chris Grundemann) Date: Fri, 5 Feb 2010 15:10:39 -0700 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements In-Reply-To: <0b5d01caa6aa$6784ad80$368e0880$@net> References: <4B6AF6CE.7000709@arin.net> <0b5d01caa6aa$6784ad80$368e0880$@net> Message-ID: <443de7ad1002051410j3bdf1842s4003071290e159ae@mail.gmail.com> On Fri, Feb 5, 2010 at 14:30, Aaron Wendel wrote: > I oppose this proposal. ?It further restricts information and > overcomplicates policies that should be made simpler and more flexible. To make sure that I understand you correctly: You believe that all residential customers should be listed in WHOIS? You believe that this proposal makes the policy more complicated than it is today? I would really appreciate your feedback! ~Chris > > Aaron > > > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org From matthew at matthew.at Fri Feb 5 17:16:21 2010 From: matthew at matthew.at (Matthew Kaufman) Date: Fri, 05 Feb 2010 14:16:21 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B6C92D0.7080709@umn.edu> References: <4B6C38FA.6060502@umn.edu> <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com><3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com> <4B6C83D8.7020109@matthew.at> <5A6D953473350C4B9995546AFE9939EE081F764F@RWC-EX1.corp.seven.com> <4B6C92D0.7080709@umn.edu> Message-ID: <4B6C98B5.8010506@matthew.at> David Farmer wrote: > George Bonser wrote: >> >>>> Excuse me, the IANA at the request of the IETF set aside fc00::/7 >> for >>>> the purpose of addressing non-connected networks. >>>> >>>> >> >> So what is really being looked at, then, is a registry for fc00::/7 >> space with the L bit set to 0, or in other words, defining the L bit per >> section 3.2 of RFC4193 as "assigned by RIR or whomever" with chunks of >> fd00::/8 being doled out by the various RIRs (or whomever) for networks >> in their area. > > No that is what Bill is proposing, I'm not completely opposed to that, > but it is not currently being proposed. Nor do I think ARIN could do > this unilaterally. I was thinking this would take IETF action. Bill > proposed the idea of a RIR global policy, and maybe that could be an > option, I need to think about that more. > >>> Perhaps one or more Regional Not-The-Internet Registries should apply >>> to >>> IANA to administer assignments within that space. >> >> Would seem to me like a better idea than using globally unique space for >> unconnected networks. It would require renumbering if you went >> connected, though. So does it boil down to wanting space that is not >> connected so your unconnected address space nets doesn't count against >> density requirements for connected space but allows you to connect it >> without renumbering later? And if so, how do you know when someone has >> converted their "unconnected" net to "connected" by announcing the route >> and that space should now count against requirements to justify space? >> >> What is to prevent someone from requesting space for "unconnected" >> networks in addition to "connected" for a total of more space than they >> would otherwise be able to justify and then announcing the unconnected >> space a week later? > > If there is no distention, you just get one kind of space, the > question is how did you justify it. > >> I think "unconnected space" space should be just that and not >> "temporarily unconnected space for right now". But having pieces of it >> doled out from a central authority would make it easier for two networks >> that are not connected to the global internet to interconnect without >> address space collision. > > I want people to realize that current IPv6 policy allows someone who > could justify a non-connected network under IPv4 policy and to get > globally unique IPv4 addresses per 4.3.5 to get an globally unique > IPv6 addresses too. > > I believe we should do one of the following; > > 1. Implement PP#107 as written allowing non-connected network > assignments from common blocks with Internet connected assignments, > or; (I believe this is the status-quo of the current convoluted IPv6 > policy) Right. You can already do this, but they look just like connected ones. These are the kind you should get if you're not connected *now* but plan to connect *later* and don't want to renumber. > > 2. Define a separate blocks of address space for non-connected > networks from the space ARIN has already or get more space from > 2000:/3 for this. By directing ARIN in PP#107 to make assignments for > non-connected networks from separate defined and published blocks, or; This is a bad idea. > > 3. Implement ULA-Central or a similar proposal, either through the > IETF or the RIR global policy process, as make assignments from a > block within fc00::/7. In this case I would suggest pull > non-connected networks out of PP#107 and starting a whole new policy > for this. > > If there's going to be a central registrar for never-to-be-connected networks (something for which I believe there are good arguments), this is what would need to happen, and the ARIN PDP wouldn't be involved until late in this process, and then only if ARIN was going to be the world's or this region's registrar for that kind of space (something which I don't believe should be a given). Matthew Kaufman From farmer at umn.edu Fri Feb 5 18:15:55 2010 From: farmer at umn.edu (David Farmer) Date: Fri, 05 Feb 2010 17:15:55 -0600 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B6C98B5.8010506@matthew.at> References: <4B6C38FA.6060502@umn.edu> <3c3e3fca1002051139m10794e26sb869e432114b2643@mail.gmail.com><3c3e3fca1002051141h582df0b8o545ea3eaf58d1ab3@mail.gmail.com> <4B6C83D8.7020109@matthew.at> <5A6D953473350C4B9995546AFE9939EE081F764F@RWC-EX1.corp.seven.com> <4B6C92D0.7080709@umn.edu> <4B6C98B5.8010506@matthew.at> Message-ID: <4B6CA6AB.7020101@umn.edu> Matthew Kaufman wrote: > David Farmer wrote: >> I want people to realize that current IPv6 policy allows someone who >> could justify a non-connected network under IPv4 policy and to get >> globally unique IPv4 addresses per 4.3.5 to get an globally unique >> IPv6 addresses too. >> >> I believe we should do one of the following; >> >> 1. Implement PP#107 as written allowing non-connected network >> assignments from common blocks with Internet connected assignments, >> or; (I believe this is the status-quo of the current convoluted IPv6 >> policy) > > Right. You can already do this, but they look just like connected ones. > These are the kind you should get if you're not connected *now* but plan > to connect *later* and don't want to renumber. Should they have to meet basically the same criteria as a Internet connected assignments them? >> 2. Define a separate blocks of address space for non-connected >> networks from the space ARIN has already or get more space from >> 2000:/3 for this. By directing ARIN in PP#107 to make assignments for >> non-connected networks from separate defined and published blocks, or; > > This is a bad idea. To maybe help develop a consensus, could you expand on why you think this is a bad idea? >> 3. Implement ULA-Central or a similar proposal, either through the >> IETF or the RIR global policy process, as make assignments from a >> block within fc00::/7. In this case I would suggest pull >> non-connected networks out of PP#107 and starting a whole new policy >> for this. > > If there's going to be a central registrar for never-to-be-connected > networks (something for which I believe there are good arguments), this > is what would need to happen, and the ARIN PDP wouldn't be involved > until late in this process, and then only if ARIN was going to be the > world's or this region's registrar for that kind of space (something > which I don't believe should be a given). Are you suggestion we should do both #1 and #3? It kind of seems to me that you are, and I hadn't thought of that option. I think I hear you saying there are three types of network in question; 1. Internet Connected 2. Non-Connected 3. Never to be Connected And, never to be connected networks should be served by ULA or ULA-Central, and that filtering them is probably OK. But, that non-connected networks should be served out of 2000::/3 and that making them easy to filter them is not OK. This is an interesting idea I need to think about more. > Matthew Kaufman Thanks -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== From mysidia at gmail.com Fri Feb 5 21:57:08 2010 From: mysidia at gmail.com (James Hess) Date: Fri, 5 Feb 2010 20:57:08 -0600 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements In-Reply-To: <443de7ad1002051410j3bdf1842s4003071290e159ae@mail.gmail.com> References: <4B6AF6CE.7000709@arin.net> <0b5d01caa6aa$6784ad80$368e0880$@net> <443de7ad1002051410j3bdf1842s4003071290e159ae@mail.gmail.com> Message-ID: <6eb799ab1002051857v19b7908cxf91217f8fc3efdd4@mail.gmail.com> On Fri, Feb 5, 2010 at 4:10 PM, Chris Grundemann wrote: > On Fri, Feb 5, 2010 at 14:30, Aaron Wendel wrote: > You believe that all residential customers should be listed in WHOIS? Residential customers do not have to be identified by name or address in WHOIS under current policy. So the proposal is neutral in regards to that.. By my reading of it, proposal 109 requires more information, not less, to be recorded in an assignment. We don't need to add re-assignment form standardization to the NRPM, because this can be done most effectively by ARIN staff; it makes the number policy more complicated, and does not appear to confer a benefit. The re-assigning ISP and ARIN should exercise discretion in regards to the contents of re-assignment records. The NRPM doesn't need to standardize this, any more than it needs to standardize what specific documents a new organization needs to fax in to _prove_ to ARIN that they really exist, or the fee levels. Believe Sec 3.2 is sufficient "3.2. Distributed Information Server Use Requirements ... The minimal requirements for an organization to setup a distributed information service to advertise reassignment information are: The distributed information service must respond to a query with the minimal set of attributes per object as defined by ARIN staff." Also, in regards to the following: merging and revising the "Cable Address Space" policy into a "Residential Market Area" policy, is a potential can of worms. "Initial allocations are based on total number of homes that could purchase the service in a given market area. Each assignment to specific end-users of /29 and larger blocks still requires individual registration." Problem with this wording: _every_ home in a given market area COULD purchase certain services, such as dial-up networking or VPN services for residential users, even in cases where 15% or fewer actually will. Then in those cases, the initial allocation would have been based on the higher fictional quantity, the number "that could" buy service in that market. Cable networks that involve IP addressing for residential customers are normally local monopolies, and have well-defined market areas. So basing initial allocation on potential market size is not wasteful. But for other types of services it could be wasteful. Perhaps it's just a wording issue... -- -J From joe at joesdatacenter.com Fri Feb 5 23:31:03 2010 From: joe at joesdatacenter.com (Joe Morgan) Date: Fri, 5 Feb 2010 22:31:03 -0600 Subject: [arin-ppml] Policy Proposal 109: Standardize IP Reassignment Registration Requirements In-Reply-To: <6eb799ab1002051857v19b7908cxf91217f8fc3efdd4@mail.gmail.com> References: <4B6AF6CE.7000709@arin.net> <0b5d01caa6aa$6784ad80$368e0880$@net> <443de7ad1002051410j3bdf1842s4003071290e159ae@mail.gmail.com> <6eb799ab1002051857v19b7908cxf91217f8fc3efdd4@mail.gmail.com> Message-ID: <38dd4e411002052031y5e62c0edp41bcc1b996dc31c6@mail.gmail.com> I oppose this proposal. Joe Morgan Joe's Datacenter, LLC http://joesdatacenter.com On Fri, Feb 5, 2010 at 8:57 PM, James Hess wrote: > On Fri, Feb 5, 2010 at 4:10 PM, Chris Grundemann > wrote: >> On Fri, Feb 5, 2010 at 14:30, Aaron Wendel wrote: >> You believe that all residential customers should be listed in WHOIS? > > Residential ?customers do not have to be identified by name or address > in WHOIS ?under current policy. So the proposal is neutral in regards > to that.. By my reading of it, ?proposal 109 requires more > information, not less, to be recorded in an assignment. > > We don't need to add re-assignment form standardization to the NRPM, > because ?this can be done most effectively by ARIN staff; ?it makes > the number policy more complicated, and does not appear to confer a > benefit. ? ?The re-assigning ISP and ARIN ?should exercise discretion > in regards to the contents of re-assignment records. ? ?The ?NRPM > doesn't need to standardize this, any more than it needs to > standardize ?what specific documents a new organization needs to fax > in to _prove_ to ARIN that they really exist, or the fee levels. > > > Believe Sec 3.2 ?is sufficient > "3.2. Distributed Information Server Use Requirements > ... > The minimal requirements for an organization to setup a distributed > information service to advertise reassignment information are: > The distributed information service must respond to a query with the > minimal set of attributes per object as defined by ARIN staff." > > > > > Also, in regards to the following: ? merging and revising the "Cable > Address Space" policy ?into a ?"Residential Market Area" ?policy, ?is > a potential can of worms. > > ?"Initial ?allocations are based on total number of homes that could > purchase the > service in a given market area. Each assignment to specific end-users > of /29 and larger blocks still requires individual registration." > > Problem with this wording: ?_every_ ?home ?in a given market area > COULD purchase ?certain services, ?such as ?dial-up ?networking or VPN > services for residential users, even in cases where 15% or fewer > actually will. ? ? Then in those cases, the initial allocation would > have been based on the higher fictional quantity, ? the number "that > could" buy service in that market. > > Cable networks that involve IP addressing for residential customers > are normally local monopolies, ?and have well-defined ?market areas. > > So basing initial allocation on ?potential market size ?is ?not wasteful. > But for ?other types of services it could be wasteful. > > Perhaps it's just a wording issue... > > -- > -J > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- Thank You, Joe Morgan Joe's Datacenter, LLC http://joesdatacenter.com From matthew at matthew.at Sat Feb 6 02:05:03 2010 From: matthew at matthew.at (Matthew Kaufman) Date: Fri, 05 Feb 2010 23:05:03 -0800 Subject: [arin-ppml] IPv6 Non-connected networks In-Reply-To: <4B6CA6AB.7020101@umn.edu> References: <4B6C38FA.6060502@umn.edu>