From info at arin.net Tue Sep 3 10:54:11 2013 From: info at arin.net (ARIN) Date: Tue, 03 Sep 2013 10:54:11 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-5: LIR/ISP And End-User Definitions: Revised Problem Statement and Text Message-ID: <5225F813.3010308@arin.net> Draft Policy ARIN-2013-5: LIR/ISP And End-User Definitions - Revised Problem Statement and Text Revised text for ARIN-2013-5 is below and can be found at: https://www.arin.net/policy/proposals/2013_5.html The AC will evaluate the discussion in order to assess the conformance of this draft policy with ARIN's Principles of Internet Number Resource Policy as stated in the PDP. Specifically, these principles are: * Enabling Fair and Impartial Number Resource Administration * Technically Sound * Supported by the Community The ARIN Policy Development Process (PDP) can be found at: https://www.arin.net/policy/pdp.html Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html Regards, Communications and Member Services American Registry for Internet Numbers (ARIN) ################# Draft Policy ARIN-2013-5: LIR/ISP And End-User Definitions - Revised Problem Statement and Text Problem Statement: At ARIN 31, the Policy Experience Report (slides at https://www.arin.net/participate/meetings/reports/ARIN_31/PDF/monday/nobile_policy.pdf or https://www.arin.net/participate/meetings/reports/ARIN_31/PPT/monday/nobile_policy.pptx) reported that, in ARIN staff's experience, the NRPM does not adequately define ISP/LIR vs. end-user. As currently defined, and interpreted literally, many companies do not qualify as either LIRs or end-users. The proposed text would not change any existing definitions. It would instead put the onus on the requester to provide additional information, when it was for a new IP use. Proposed text: Retain existing NRPM text. Add to Section 2: Any organization which does not clearly fit into one of the above categories shall be treated as an LIR/ISP for policy purposes. ################## Draft Policy ARIN-2013-5 (v.1 17 May 2013) LIR/ISP and End-user Definitions On 16 May 2013 the ARIN Advisory Council (AC) accepted "ARIN-prop-188 LIR/ISP and End-user Definitions" as a Draft Policy. Draft Policy ARIN-2013-5 is below and can be found at: https://www.arin.net/policy/proposals/2013_5.html You are encouraged to discuss the merits and your concerns of Draft Policy 2013-5 on the Public Policy Mailing List. 2013-5 will also be on the agenda at the upcoming ARIN Public Policy Consultation at NANOG 58 in New Orleans. The AC will evaluate the discussion in order to assess the conformance of this draft policy with ARIN's Principles of Internet Number Resource Policy as stated in the PDP. Specifically, these principles are: * Enabling Fair and Impartial Number Resource Administration * Technically Sound * Supported by the Community The ARIN Policy Development Process (PDP) can be found at: https://www.arin.net/policy/pdp.html Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html Regards, Communications and Member Services American Registry for Internet Numbers (ARIN) ## * ## Draft Policy ARIN-2013-5 LIR/ISP and End-user Definitions Date: 17 May 2013 Problem Statement: At ARIN 31, the Policy Experience Report (slides at https://www.arin.net/participate/meetings/reports/ARIN_31/PDF/monday/nobile_policy.pdf or https://www.arin.net/participate/meetings/reports/ARIN_31/PPT/monday/nobile_policy.pptx) reported that, in ARIN staff's experience, the NRPM does not adequately define ISP/LIR vs. end-user. As currently defined, and interpreted literally, many companies do not qualify as either LIRs or end-users. I would propose that the primary difference between ISPs/LIRs vs. end-users, for purposes of the NRPM, is whether an organization reassigns address blocks to third parties. If an organization maintains full control of all of the equipment on its network, and doesn't need to make any reassignments to other organizations, then it can qualify as an end-user. In particular, an end user organization can supply a full list of all the IP addresses in use on its network, and know what devices are using those addresses. An ISP/LIR, on the other hand, should be defined by whether they delegate that responsibility to another organization. In that case, they need to reassign the network space via SWIP/rwhois, which makes them an LIR. Additionally, there are likely some ISPs that do not (yet) need to delegate any address blocks, but which assign address space to users (rather than to their own equipment), which should also fall under the definition of LIR/ISP. Policy statement: Update NRPM 2.4 and 2.6 to read: 2.4. Local Internet Registry (LIR) / Internet Service Provider (ISP) The terms Internet Service Provider (ISP) and LIR are used interchangeably in this document. A Local Internet Registry (LIR) is an IR that assigns address space to the users of the network services that it provides. Therefore, LIRs / ISPs are organizations that reassign addresses to end users and/or reallocate addresses to other ISPs/LIRs. 2.6. End-user An end-user is an organization receiving assignments of IP addresses exclusively for use in its operational networks, and does not register any reassignments of that space. Timetable for implementation: Immediate From info at arin.net Wed Sep 4 17:25:01 2013 From: info at arin.net (ARIN) Date: Wed, 04 Sep 2013 17:25:01 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text Message-ID: <5227A52D.1010802@arin.net> Revised text for ARIN-2013-6 is below and can be found at: https://www.arin.net/policy/proposals/2013_6.html The AC will evaluate the discussion in order to assess the conformance of this draft policy with ARIN's Principles of Internet Number Resource Policy as stated in the PDP. Specifically, these principles are: * Enabling Fair and Impartial Number Resource Administration * Technically Sound * Supported by the Community The ARIN Policy Development Process (PDP) can be found at: https://www.arin.net/policy/pdp.html Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html Regards, Communications and Member Services American Registry for Internet Numbers (ARIN) ## * ## Draft Policy ARIN-2013-6 Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Text (V2) Date: 4 September 2013 Problem Statement: ARIN number resources should be used primarily in the ARIN region, for ARIN region organizations. There is currently no explicit policy guiding staff in this area, this proposal seeks to correct that. Policy Statement: Create new policy Section X. X. Resource Justification within ARIN Region Organizations requesting Internet number resources from ARIN must provide proof that they (1) are an active business entity legally operating within the ARIN service region, and (2) are operating a network located within the ARIN service region. In addition to meeting all other applicable policy requirements, a plurality of resources requested from ARIN must be justified by technical infrastructure and customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region. The same technical infrastructure or customers cannot be used to justify resources in more than one RIR. ### Authors Comments: Although we represent law enforcement, and have brought forth this issue based upon our concerns and experience from a law enforcement perspective, this is a problem in which the entire ARIN community has a stake. As reported at the last meeting in Barbados, ARIN staff is having difficulty verifying organizations out-of-region. In many of the cases, particularly in VPS (Virtual Private Service), the only information received on these organizations by ARIN is a customer name and IP address. This information cannot be properly verified by ARIN. Accuracy of registration data is critical to not only law enforcement, but the greater ARIN community as it relates to abuse contact and complaints. In fact, most issues facing law enforcement are also shared by legitimate companies attempting, for instance, to identify an organization that has hijacked their IP address space. The expedited depletion of IPv4 address space in the ARIN region certainly seems to negatively impact those organizations currently operating in the region that may need to return to ARIN for additional IPv4 address space. While law enforcement?s concern is that criminal organizations outside of the ARIN region can easily and quickly request large blocks of IPv4 address space from ARIN, organizations that are not truly global organizations, but specific national companies from the RIPE and APNIC regions, also have this capability which is detrimental to true ARIN region organizations. This policy proposal is re-enforcing practices the ARIN staff currently employs to ensure that ARIN IP space is used for and by companies that are legitimate and have a legitimate presence in the ARIN region. This policy will assist in defining clear criteria that will be helpful to ARIN staff and the community. The primary role of RIRs is to manage and distribute public Internet address space within their respective regions. The problem brought forth here clearly undermines the current RIR model; if any organization can acquire IP address space from any region, what then is the purpose of the geographical breakdown of the five RIRs? Advisory Council Comments: The term "Internet number resources" or more simply "resources" should be used instead of "IP Blocks" to more accurately reflect the totality of the Registry. This implies both IPv4 and IPv6, as well as ASNs. While Internet registries are organized on a regional basis, policy must recognize that many networks, services and operations are trans-regional and it would be burdensome and impractical to attempt to strictly enforce territorially exclusive allocations. Therefore, policy should seek to balance the regional structure of address allocation with flexibility of service provision, by ensuring that ARIN?s resources are primarily aligned with the ARIN service region but facilitate flexibility and efficiency of use by applicants from any region. There are concerns that out of region organizations should be able to request resources for use within the ARIN service region. The proposed text accommodates this issue by requiring only proof that an organization is "legally operating within the ARIN Service Region". This includes business entities formed in the region, or other business entities with legal branch offices within the region. So, as long as an out of region organization is "legally operating within the ARIN Service Region" they can request resources from ARIN. Current operational practice is to require an organization be formed within the ARIN service region. However, if this were applied by all the RIRs, a global network would be required to have a minimum of five subsidiaries, one formed in each of the five RIR regions, this seems overly burdensome. Good resource policy should consider the consequences of all RIRs adopting the same policy. Previous discussions of the topic indicated that it is difficult to enforce and undesirable for many in the community to dictate where resources are to be used once they are allocated. A strategy to deal with this is to focus the policy on the technical infrastructure and customers used to justify the requested number resources from ARIN, as opposed to where resources are actually used once allocated. This is a subtle but important distinction. While resources received from ARIN may be used outside the ARIN region, a common technical infrastructure must interconnect the use of these resources to the ARIN region. This provides a necessary nexus with the ARIN service region for such out of region use. Therefore, if a discrete network is operating within another region, not interconnected to the ARIN region, then resources for that discrete network should be requested from that region's RIR. A concern was raised that this policy shouldn't limit or interfere with outbound inter-RIR transfers. If we focus on what justifies a request for resources from ARIN, outbound inter-RIR transfers shouldn't be affected, as they are clearly based on the receiving RIR's policies. From previous discussions of the topic, "double dipping" should not be allowed, that is using the same technical infrastructure or customers to justify resources from ARIN and another RIR at the same time. The legal jurisdiction an organization is formed in doesn?t necessarily reflect the jurisdictions in which it operates, or even that it operates a network in a jurisdiction. This implies that we should have both technical and legal requirements regarding operating within the ARIN service region in order to receive resources. The original text used the term "majority", seeming to describe a "simple," "absolute" or "overall" majority, which means greater than 50%. Many organizations don't have greater than 50% of their users or customers in any one region. A "plurality", "relative majority", "largest of", or more specifically "more than any other RIR's service region" seems to be the intended and appropriate meaning of the term "majority" in this context. Let's clarify that intent by using the term "plurality". The intent is not to require an organization to have an overall plurality of its technical infrastructure and customers within the ARIN service region. Rather, it is to ensure that the plurality of currently requested resources is justified from within the ARIN region. If an organization?s primary, or largest, demand for resources is in another region then the organization should request resources from that region's RIR. -- ## * ## ## * ## Draft Policy ARIN-2013-6 Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors Date: 25 June 2013 Problem Statement: ARIN number resources should be used primarily in the ARIN region, for ARIN region organizations. There is currently no explicit policy guiding staff in this area, this proposal seeks to correct that. Policy Statement: Any entity (individual or organization) requesting ARIN issued IP blocks must provide ARIN with proof of an established legal presence in the designated ARIN region, and have a majority of their technical infrastructure and customers in the designated ARIN region. This requirement applies to both IPv4 and IPv6 address space. Comments: The proposal originator said, "Although we represent law enforcement, and have brought forth this issue based upon our concerns and experience from a law enforcement perspective, this is a problem in which the entire ARIN community has a stake". As reported at the last meeting in Barbados, ARIN staff is having difficulty verifying organizations out-of-region. In many of the cases, particularly in VPS (Virtual Private Service), the only information received on these organizations by ARIN is a customer name and IP address. This information cannot be properly verified by ARIN. Accuracy of registration data is critical to not only law enforcement, but the greater ARIN community as it relates to abuse contact and complaints. In fact, most issues facing law enforcement are also shared by legitimate companies attempting, for instance, to identify an organization that has hijacked their IP address space. The expedited depletion of IPv4 address space in the ARIN region certainly seems to negatively impact those organizations currently operating in the region that may need to return to ARIN for additional IPv4 address space. While law enforcement??s concern is that criminal organizations outside of the ARIN region can easily and quickly request large blocks of IPv4 address space from ARIN, organizations that are not truly global organizations, but specific national companies from the RIPE and APNIC regions, also have this capability which is detrimental to true ARIN region organizations. This policy proposal is re-enforcing practices the ARIN staff currently employs to ensure that ARIN IP space is used for and by companies that are legitimate and have a legitimate presence in the ARIN region. This policy will assist in defining clear criteria that will be helpful to ARIN staff and the community. The primary role of RIR??s is to manage and distribute public Internet address space within their respective regions. The problem brought forth here clearly undermines the current RIR model; if any organization can acquire IP address space from any region, what then is the purpose of the geographical breakdown of the five RIRs? Draft Policy ARIN-2013-6 Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors Date: 25 June 2013 Problem Statement: ARIN number resources should be used primarily in the ARIN region, for ARIN region organizations. There is currently no explicit policy guiding staff in this area, this proposal seeks to correct that. Policy Statement: Any entity (individual or organization) requesting ARIN issued IP blocks must provide ARIN with proof of an established legal presence in the designated ARIN region, and have a majority of their technical infrastructure and customers in the designated ARIN region. This requirement applies to both IPv4 and IPv6 address space. Comments: The proposal originator said, "Although we represent law enforcement, and have brought forth this issue based upon our concerns and experience from a law enforcement perspective, this is a problem in which the entire ARIN community has a stake". As reported at the last meeting in Barbados, ARIN staff is having difficulty verifying organizations out-of-region. In many of the cases, particularly in VPS (Virtual Private Service), the only information received on these organizations by ARIN is a customer name and IP address. This information cannot be properly verified by ARIN. Accuracy of registration data is critical to not only law enforcement, but the greater ARIN community as it relates to abuse contact and complaints. In fact, most issues facing law enforcement are also shared by legitimate companies attempting, for instance, to identify an organization that has hijacked their IP address space. The expedited depletion of IPv4 address space in the ARIN region certainly seems to negatively impact those organizations currently operating in the region that may need to return to ARIN for additional IPv4 address space. While law enforcement?s concern is that criminal organizations outside of the ARIN region can easily and quickly request large blocks of IPv4 address space from ARIN, organizations that are not truly global organizations, but specific national companies from the RIPE and APNIC regions, also have this capability which is detrimental to true ARIN region organizations. This policy proposal is re-enforcing practices the ARIN staff currently employs to ensure that ARIN IP space is used for and by companies that are legitimate and have a legitimate presence in the ARIN region. This policy will assist in defining clear criteria that will be helpful to ARIN staff and the community. The primary role of RIR?s is to manage and distribute public Internet address space within their respective regions. The problem brought forth here clearly undermines the current RIR model; if any organization can acquire IP address space from any region, what then is the purpose of the geographical breakdown of the five RIRs? From h.lu at anytimechinese.com Thu Sep 5 02:48:50 2013 From: h.lu at anytimechinese.com (Lu Heng) Date: Thu, 5 Sep 2013 08:48:50 +0200 Subject: [arin-ppml] where I can find most recent ARIN allocation list Message-ID: Hi Do you know where I can find the most recent allocation list? e.g. /15 MADE to company A at date 5/9/13. -- -- Kind regards. Lu This transmission is intended solely for the addressee(s) shown above. It may contain information that is privileged, confidential or otherwise protected from disclosure. Any review, dissemination or use of this transmission or its contents by persons other than the intended addressee(s) is strictly prohibited. If you have received this transmission in error, please notify this office immediately and e-mail the original at the sender's address above by replying to this message and including the text of the transmission received. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jcurran at arin.net Thu Sep 5 04:58:31 2013 From: jcurran at arin.net (John Curran) Date: Thu, 5 Sep 2013 08:58:31 +0000 Subject: [arin-ppml] where I can find most recent ARIN allocation list In-Reply-To: References: Message-ID: On Sep 5, 2013, at 2:48 AM, Lu Heng wrote: > Do you know where I can find the most recent allocation list? e.g. /15 MADE to company A at date 5/9/13. Daily files of blocks issued/returned/etc are archived here: FYI, /John John Curran President and CEO ARIN From hannigan at gmail.com Thu Sep 5 15:27:11 2013 From: hannigan at gmail.com (Martin Hannigan) Date: Thu, 5 Sep 2013 15:27:11 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <5227A52D.1010802@arin.net> References: <5227A52D.1010802@arin.net> Message-ID: On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: > Revised text for ARIN-2013-6 is below and can be found at: > > Problem Statement: > ARIN number resources should be used primarily in the ARIN region, for > ARIN region organizations. There is currently no explicit policy guiding > staff in this area, this proposal seeks to correct that. > > Policy Statement: > Create new policy Section X. > > X. Resource Justification within ARIN Region > Organizations requesting Internet number resources from ARIN must > provide proof that they (1) are an active business entity legally > operating within the ARIN service region, and (2) are operating a > Define legally operating? Is a business which may be legal under state law, but perhaps not under Federal law (and depending upon who listens to the Attorney General of the United States) legally operating? > network located within the ARIN service region. In addition to meeting > all other applicable policy requirements, a plurality of resources > requested from ARIN must be justified by technical infrastructure and > customers located within the ARIN service region, and any located > outside the region must be interconnected to the ARIN service region. > The same technical infrastructure or customers cannot be used to justify > resources in more than one RIR. > LEO's already have the tools necessary to do their jobs. They can use subpoenas, search warrants, civil suits or even treaties to get information that they are legally entitled to. Widening this scope through restricting how we use numbers is a non-starter. Trying to harden policy to soften the legal process required is a job better left to Congress. -1 Best, -M< -------------- next part -------------- An HTML attachment was scrubbed... URL: From narten at us.ibm.com Fri Sep 6 00:53:03 2013 From: narten at us.ibm.com (Thomas Narten) Date: Fri, 06 Sep 2013 00:53:03 -0400 Subject: [arin-ppml] Weekly posting summary for ppml@arin.net Message-ID: <201309060453.r864r39O002137@rotala.raleigh.ibm.com> Total of 6 messages in the last 7 days. script run at: Fri Sep 6 00:53:03 EDT 2013 Messages | Bytes | Who --------+------+--------+----------+------------------------ 33.33% | 2 | 49.66% | 27759 | info at arin.net 16.67% | 1 | 17.58% | 9825 | hannigan at gmail.com 16.67% | 1 | 12.61% | 7049 | h.lu at anytimechinese.com 16.67% | 1 | 10.95% | 6119 | narten at us.ibm.com 16.67% | 1 | 9.21% | 5147 | jcurran at arin.net --------+------+--------+----------+------------------------ 100.00% | 6 |100.00% | 55899 | Total From rbf+arin-ppml at panix.com Sun Sep 8 14:59:18 2013 From: rbf+arin-ppml at panix.com (Brett Frankenberger) Date: Sun, 8 Sep 2013 13:59:18 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-7: Merge IPv4 ISP and End-User Requirements In-Reply-To: <521394A3.9040109@arin.net> References: <521394A3.9040109@arin.net> Message-ID: <20130908185918.GA22152@panix.com> On Tue, Aug 20, 2013 at 12:09:07PM -0400, ARIN wrote: > > Timetable for implementation: Immediate > > Proposed text changes in pdf: > https://www.arin.net/policy/proposals/ARIN-prop-190%20proposed_text_changes.pdf One housekeeping matter: In the PDF referenced above, 4.1.3 (formerly 4.1.8) contains the text Repeated requests, in a manner that would circumvent 4.1.6, are not allowed: ... However, there is no section 4.1.6 is the proposed text; 4.1.4 is the last subsection of 4.1, and is followed by 4.2. -- Brett From Daniel_Alexander at Cable.Comcast.com Sun Sep 8 21:08:36 2013 From: Daniel_Alexander at Cable.Comcast.com (Alexander, Daniel) Date: Mon, 9 Sep 2013 01:08:36 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-7: Merge IPv4 ISP and End-User Requirements In-Reply-To: <20130908185918.GA22152@panix.com> Message-ID: Brett, Thank you for catching that. The reference to 4.1.6 is from the original text and missed the update from all the suggested section changes. That should reference 4.1.2 instead of 4.1.6. I will work with the AC Shepherds on this update. Thank you, -Dan On 9/8/13 2:59 PM, "Brett Frankenberger" wrote: >On Tue, Aug 20, 2013 at 12:09:07PM -0400, ARIN wrote: >> >> Timetable for implementation: Immediate >> >> Proposed text changes in pdf: >> >>https://www.arin.net/policy/proposals/ARIN-prop-190%20proposed_text_chang >>es.pdf > >One housekeeping matter: > >In the PDF referenced above, 4.1.3 (formerly 4.1.8) contains the text > Repeated requests, in a manner that would circumvent > 4.1.6, are not allowed: ... > >However, there is no section 4.1.6 is the proposed text; 4.1.4 is the >last subsection of 4.1, and is followed by 4.2. > > -- Brett >_______________________________________________ >PPML >You are receiving this message because you are subscribed to >the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >Unsubscribe or manage your mailing list subscription at: >http://lists.arin.net/mailman/listinfo/arin-ppml >Please contact info at arin.net if you experience any issues. From SRyerse at eclipse-networks.com Mon Sep 9 13:26:41 2013 From: SRyerse at eclipse-networks.com (Steven Ryerse) Date: Mon, 9 Sep 2013 17:26:41 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-7: Merge IPv4 ISP andEnd-User Requirements In-Reply-To: <20130908185918.GA22152@panix.com> References: <521394A3.9040109@arin.net> <20130908185918.GA22152@panix.com> Message-ID: <5B9E90747FA2974D91A54FCFA1B8AD12013B860FF4@ENI-MAIL.eclipse-networks.com> I think it is time to remove the needs test like the 80% requirement in section 4.2.5. Policies like this don't give an organization any flexibility and in my humble opinion are ridiculous in the real world. The proposition of you can only get an allocation if you are going to use almost all of it up in 3 months does not further the Internet and in fact restricts it which is not ARIN's mission! Steven Ryerse President 100 Ashford Center North, Suite 110, Atlanta, GA? 30338 770.656.1460 - Cell 770.399.9099- Office ? Eclipse Networks, Inc. ??????? Conquering Complex Networks? -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Brett Frankenberger Sent: Sunday, September 08, 2013 2:59 PM To: ARIN Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-7: Merge IPv4 ISP andEnd-User Requirements On Tue, Aug 20, 2013 at 12:09:07PM -0400, ARIN wrote: > > Timetable for implementation: Immediate > > Proposed text changes in pdf: > https://www.arin.net/policy/proposals/ARIN-prop-190%20proposed_text_ch > anges.pdf One housekeeping matter: In the PDF referenced above, 4.1.3 (formerly 4.1.8) contains the text Repeated requests, in a manner that would circumvent 4.1.6, are not allowed: ... However, there is no section 4.1.6 is the proposed text; 4.1.4 is the last subsection of 4.1, and is followed by 4.2. -- Brett _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From farmer at umn.edu Mon Sep 9 13:58:19 2013 From: farmer at umn.edu (David Farmer) Date: Mon, 09 Sep 2013 12:58:19 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-7: Merge IPv4 ISP andEnd-User Requirements In-Reply-To: <5B9E90747FA2974D91A54FCFA1B8AD12013B860FF4@ENI-MAIL.eclipse-networks.com> References: <521394A3.9040109@arin.net> <20130908185918.GA22152@panix.com> <5B9E90747FA2974D91A54FCFA1B8AD12013B860FF4@ENI-MAIL.eclipse-networks.com> Message-ID: <522E0C3B.70408@umn.edu> On 9/9/13 12:26 , Steven Ryerse wrote: > I think it is time to remove the needs test like the 80% requirement in section 4.2.5. Policies like this don't give an organization any flexibility and in my humble opinion are ridiculous in the real world. The proposition of you can only get an allocation if you are going to use almost all of it up in 3 months does not further the Internet and in fact restricts it which is not ARIN's mission! This is worthy of discussion. However, I suggest this should be a different policy proposal. We seem to be developing a consensus around the idea of a single unified set of requirements for end-users and ISPs, I wouldn't say we are there yet, but it is looking interesting. However, consensus can be a fragile thing, pile too much on and you can break it and accomplish nothing. It worries me that adding this to the current proposal would be too much for it. I think a single unified set of requirements for end-users and ISPs is an extremely important idea and I would not want to see it get lost in another argument about removing needs basis or even a radical change to what justifies need. > Steven Ryerse > President > 100 Ashford Center North, Suite 110, Atlanta, GA 30338 > 770.656.1460 - Cell > 770.399.9099- Office > > ? Eclipse Networks, Inc. > Conquering Complex Networks? -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From SRyerse at eclipse-networks.com Mon Sep 9 14:13:34 2013 From: SRyerse at eclipse-networks.com (Steven Ryerse) Date: Mon, 9 Sep 2013 18:13:34 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-7: Merge IPv4 ISP andEnd-UserRequirements In-Reply-To: <522E0C3B.70408@umn.edu> References: <521394A3.9040109@arin.net> <20130908185918.GA22152@panix.com> <5B9E90747FA2974D91A54FCFA1B8AD12013B860FF4@ENI-MAIL.eclipse-networks.com> <522E0C3B.70408@umn.edu> Message-ID: <5B9E90747FA2974D91A54FCFA1B8AD12013B86128C@ENI-MAIL.eclipse-networks.com> I do think that a unified set of requirements is a big step in the right direction and should simplify things. Steven Ryerse President 100 Ashford Center North, Suite 110, Atlanta, GA? 30338 770.656.1460 - Cell 770.399.9099- Office ? Eclipse Networks, Inc. ??????? Conquering Complex Networks? -----Original Message----- From: David Farmer [mailto:farmer at umn.edu] Sent: Monday, September 09, 2013 1:58 PM To: Steven Ryerse Cc: Brett Frankenberger; ARIN; arin-ppml at arin.net; David Farmer Subject: Re: [arin-ppml] Draft Policy ARIN-2013-7: Merge IPv4 ISP andEnd-UserRequirements On 9/9/13 12:26 , Steven Ryerse wrote: > I think it is time to remove the needs test like the 80% requirement in section 4.2.5. Policies like this don't give an organization any flexibility and in my humble opinion are ridiculous in the real world. The proposition of you can only get an allocation if you are going to use almost all of it up in 3 months does not further the Internet and in fact restricts it which is not ARIN's mission! This is worthy of discussion. However, I suggest this should be a different policy proposal. We seem to be developing a consensus around the idea of a single unified set of requirements for end-users and ISPs, I wouldn't say we are there yet, but it is looking interesting. However, consensus can be a fragile thing, pile too much on and you can break it and accomplish nothing. It worries me that adding this to the current proposal would be too much for it. I think a single unified set of requirements for end-users and ISPs is an extremely important idea and I would not want to see it get lost in another argument about removing needs basis or even a radical change to what justifies need. > Steven Ryerse > President > 100 Ashford Center North, Suite 110, Atlanta, GA 30338 > 770.656.1460 - Cell > 770.399.9099- Office > > ? Eclipse Networks, Inc. > Conquering Complex Networks? -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From farmer at umn.edu Thu Sep 12 14:01:14 2013 From: farmer at umn.edu (David Farmer) Date: Thu, 12 Sep 2013 13:01:14 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <5227A52D.1010802@arin.net> References: <5227A52D.1010802@arin.net> Message-ID: <5232016A.2080300@umn.edu> There has been only one comment on this revised text, the AC needs more input from the community regarding this revised text. Next Thursday the AC must voting if it should promote this Draft Policy to Recommended Draft Policy status before the October ARIN meeting. A Draft Policy cannot go to Last Call until it has gone to a Public Consultation as a Recommended Draft Policy. Please provide your feedback, even if its as simple as you support the policy or not. Thank you. On 9/4/13 16:25 , ARIN wrote: > Revised text for ARIN-2013-6 is below and can be found at: > > https://www.arin.net/policy/proposals/2013_6.html > > The AC will evaluate the discussion in order to assess the conformance > of this draft policy with ARIN's Principles of Internet Number Resource > Policy as stated in the PDP. Specifically, these principles are: > > * Enabling Fair and Impartial Number Resource Administration > > * Technically Sound > > * Supported by the Community > > The ARIN Policy Development Process (PDP) can be found at: > > https://www.arin.net/policy/pdp.html > > > Draft Policies and Proposals under discussion can be found at: > > https://www.arin.net/policy/proposals/index.html > > Regards, > > > Communications and Member Services > American Registry for Internet Numbers (ARIN) > > > ## * ## > > Draft Policy ARIN-2013-6 Allocation of IPv4 and IPv6 Address Space to > Out-of-region Requestors - Revised Text (V2) > > Date: 4 September 2013 > > Problem Statement: > ARIN number resources should be used primarily in the ARIN region, for > ARIN region organizations. There is currently no explicit policy guiding > staff in this area, this proposal seeks to correct that. > > Policy Statement: > Create new policy Section X. > > X. Resource Justification within ARIN Region > Organizations requesting Internet number resources from ARIN must > provide proof that they (1) are an active business entity legally > operating within the ARIN service region, and (2) are operating a > network located within the ARIN service region. In addition to meeting > all other applicable policy requirements, a plurality of resources > requested from ARIN must be justified by technical infrastructure and > customers located within the ARIN service region, and any located > outside the region must be interconnected to the ARIN service region. > The same technical infrastructure or customers cannot be used to justify > resources in more than one RIR. > ### > > Authors Comments: > > Although we represent law enforcement, and have brought forth this issue > based upon our concerns and experience from a law enforcement > perspective, this is a problem in which the entire ARIN community has a > stake. > > As reported at the last meeting in Barbados, ARIN staff is having > difficulty verifying organizations out-of-region. In many of the cases, > particularly in VPS (Virtual Private Service), the only information > received on these organizations by ARIN is a customer name and IP > address. This information cannot be properly verified by ARIN. Accuracy > of registration data is critical to not only law enforcement, but the > greater ARIN community as it relates to abuse contact and complaints. In > fact, most issues facing law enforcement are also shared by legitimate > companies attempting, for instance, to identify an organization that has > hijacked their IP address space. > > The expedited depletion of IPv4 address space in the ARIN region > certainly seems to negatively impact those organizations currently > operating in the region that may need to return to ARIN for additional > IPv4 address space. While law enforcement?s concern is that criminal > organizations outside of the ARIN region can easily and quickly request > large blocks of IPv4 address space from ARIN, organizations that are not > truly global organizations, but specific national companies from the > RIPE and APNIC regions, also have this capability which is detrimental > to true ARIN region organizations. > > This policy proposal is re-enforcing practices the ARIN staff currently > employs to ensure that ARIN IP space is used for and by companies that > are legitimate and have a legitimate presence in the ARIN region. This > policy will assist in defining clear criteria that will be helpful to > ARIN staff and the community. > > The primary role of RIRs is to manage and distribute public Internet > address space within their respective regions. The problem brought forth > here clearly undermines the current RIR model; if any organization can > acquire IP address space from any region, what then is the purpose of > the geographical breakdown of the five RIRs? > > Advisory Council Comments: > > The term "Internet number resources" or more simply "resources" should > be used instead of "IP Blocks" to more accurately reflect the totality > of the Registry. This implies both IPv4 and IPv6, as well as ASNs. > While Internet registries are organized on a regional basis, policy must > recognize that many networks, services and operations are trans-regional > and it would be burdensome and impractical to attempt to strictly > enforce territorially exclusive allocations. Therefore, policy should > seek to balance the regional structure of address allocation with > flexibility of service provision, by ensuring that ARIN?s resources are > primarily aligned with the ARIN service region but facilitate > flexibility and efficiency of use by applicants from any region. > There are concerns that out of region organizations should be able to > request resources for use within the ARIN service region. The proposed > text accommodates this issue by requiring only proof that an > organization is "legally operating within the ARIN Service Region". This > includes business entities formed in the region, or other business > entities with legal branch offices within the region. So, as long as an > out of region organization is "legally operating within the ARIN Service > Region" they can request resources from ARIN. > > Current operational practice is to require an organization be formed > within the ARIN service region. However, if this were applied by all the > RIRs, a global network would be required to have a minimum of five > subsidiaries, one formed in each of the five RIR regions, this seems > overly burdensome. Good resource policy should consider the consequences > of all RIRs adopting the same policy. > > Previous discussions of the topic indicated that it is difficult to > enforce and undesirable for many in the community to dictate where > resources are to be used once they are allocated. A strategy to deal > with this is to focus the policy on the technical infrastructure and > customers used to justify the requested number resources from ARIN, as > opposed to where resources are actually used once allocated. This is a > subtle but important distinction. > > While resources received from ARIN may be used outside the ARIN region, > a common technical infrastructure must interconnect the use of these > resources to the ARIN region. This provides a necessary nexus with the > ARIN service region for such out of region use. Therefore, if a discrete > network is operating within another region, not interconnected to the > ARIN region, then resources for that discrete network should be > requested from that region's RIR. > > A concern was raised that this policy shouldn't limit or interfere with > outbound inter-RIR transfers. If we focus on what justifies a request > for resources from ARIN, outbound inter-RIR transfers shouldn't be > affected, as they are clearly based on the receiving RIR's policies. > > From previous discussions of the topic, "double dipping" should not be > allowed, that is using the same technical infrastructure or customers to > justify resources from ARIN and another RIR at the same time. > The legal jurisdiction an organization is formed in doesn?t necessarily > reflect the jurisdictions in which it operates, or even that it operates > a network in a jurisdiction. This implies that we should have both > technical and legal requirements regarding operating within the ARIN > service region in order to receive resources. > > The original text used the term "majority", seeming to describe a > "simple," "absolute" or "overall" majority, which means greater than > 50%. Many organizations don't have greater than 50% of their users or > customers in any one region. A "plurality", "relative majority", > "largest of", or more specifically "more than any other RIR's service > region" seems to be the intended and appropriate meaning of the term > "majority" in this context. Let's clarify that intent by using the term > "plurality". > > The intent is not to require an organization to have an overall > plurality of its technical infrastructure and customers within the ARIN > service region. Rather, it is to ensure that the plurality of currently > requested resources is justified from within the ARIN region. If an > organization?s primary, or largest, demand for resources is in another > region then the organization should request resources from that region's > RIR. > -- > > ## * ## -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From ikiris at gmail.com Thu Sep 12 14:43:06 2013 From: ikiris at gmail.com (Blake Dunlap) Date: Thu, 12 Sep 2013 13:43:06 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <5232016A.2080300@umn.edu> References: <5227A52D.1010802@arin.net> <5232016A.2080300@umn.edu> Message-ID: Do we really have to say opposed in principal instead of just wording every draft for it to be considered applicable response? -Blake On Thu, Sep 12, 2013 at 1:01 PM, David Farmer wrote: > There has been only one comment on this revised text, the AC needs more > input from the community regarding this revised text. Next Thursday the AC > must voting if it should promote this Draft Policy to Recommended Draft > Policy status before the October ARIN meeting. A Draft Policy cannot go to > Last Call until it has gone to a Public Consultation as a Recommended Draft > Policy. > > Please provide your feedback, even if its as simple as you support the > policy or not. > > Thank you. > > > On 9/4/13 16:25 , ARIN wrote: > >> Revised text for ARIN-2013-6 is below and can be found at: >> >> https://www.arin.net/policy/**proposals/2013_6.html >> >> The AC will evaluate the discussion in order to assess the conformance >> of this draft policy with ARIN's Principles of Internet Number Resource >> Policy as stated in the PDP. Specifically, these principles are: >> >> * Enabling Fair and Impartial Number Resource Administration >> >> * Technically Sound >> >> * Supported by the Community >> >> The ARIN Policy Development Process (PDP) can be found at: >> >> https://www.arin.net/policy/**pdp.html >> >> >> Draft Policies and Proposals under discussion can be found at: >> >> https://www.arin.net/policy/**proposals/index.html >> >> Regards, >> >> >> Communications and Member Services >> American Registry for Internet Numbers (ARIN) >> >> >> ## * ## >> >> Draft Policy ARIN-2013-6 Allocation of IPv4 and IPv6 Address Space to >> Out-of-region Requestors - Revised Text (V2) >> >> Date: 4 September 2013 >> >> Problem Statement: >> ARIN number resources should be used primarily in the ARIN region, for >> ARIN region organizations. There is currently no explicit policy guiding >> staff in this area, this proposal seeks to correct that. >> >> Policy Statement: >> Create new policy Section X. >> >> X. Resource Justification within ARIN Region >> Organizations requesting Internet number resources from ARIN must >> provide proof that they (1) are an active business entity legally >> operating within the ARIN service region, and (2) are operating a >> network located within the ARIN service region. In addition to meeting >> all other applicable policy requirements, a plurality of resources >> requested from ARIN must be justified by technical infrastructure and >> customers located within the ARIN service region, and any located >> outside the region must be interconnected to the ARIN service region. >> The same technical infrastructure or customers cannot be used to justify >> resources in more than one RIR. >> ### >> >> Authors Comments: >> >> Although we represent law enforcement, and have brought forth this issue >> based upon our concerns and experience from a law enforcement >> perspective, this is a problem in which the entire ARIN community has a >> stake. >> >> As reported at the last meeting in Barbados, ARIN staff is having >> difficulty verifying organizations out-of-region. In many of the cases, >> particularly in VPS (Virtual Private Service), the only information >> received on these organizations by ARIN is a customer name and IP >> address. This information cannot be properly verified by ARIN. Accuracy >> of registration data is critical to not only law enforcement, but the >> greater ARIN community as it relates to abuse contact and complaints. In >> fact, most issues facing law enforcement are also shared by legitimate >> companies attempting, for instance, to identify an organization that has >> hijacked their IP address space. >> >> The expedited depletion of IPv4 address space in the ARIN region >> certainly seems to negatively impact those organizations currently >> operating in the region that may need to return to ARIN for additional >> IPv4 address space. While law enforcement?s concern is that criminal >> organizations outside of the ARIN region can easily and quickly request >> large blocks of IPv4 address space from ARIN, organizations that are not >> truly global organizations, but specific national companies from the >> RIPE and APNIC regions, also have this capability which is detrimental >> to true ARIN region organizations. >> >> This policy proposal is re-enforcing practices the ARIN staff currently >> employs to ensure that ARIN IP space is used for and by companies that >> are legitimate and have a legitimate presence in the ARIN region. This >> policy will assist in defining clear criteria that will be helpful to >> ARIN staff and the community. >> >> The primary role of RIRs is to manage and distribute public Internet >> address space within their respective regions. The problem brought forth >> here clearly undermines the current RIR model; if any organization can >> acquire IP address space from any region, what then is the purpose of >> the geographical breakdown of the five RIRs? >> >> Advisory Council Comments: >> >> The term "Internet number resources" or more simply "resources" should >> be used instead of "IP Blocks" to more accurately reflect the totality >> of the Registry. This implies both IPv4 and IPv6, as well as ASNs. >> While Internet registries are organized on a regional basis, policy must >> recognize that many networks, services and operations are trans-regional >> and it would be burdensome and impractical to attempt to strictly >> enforce territorially exclusive allocations. Therefore, policy should >> seek to balance the regional structure of address allocation with >> flexibility of service provision, by ensuring that ARIN?s resources are >> primarily aligned with the ARIN service region but facilitate >> flexibility and efficiency of use by applicants from any region. >> There are concerns that out of region organizations should be able to >> request resources for use within the ARIN service region. The proposed >> text accommodates this issue by requiring only proof that an >> organization is "legally operating within the ARIN Service Region". This >> includes business entities formed in the region, or other business >> entities with legal branch offices within the region. So, as long as an >> out of region organization is "legally operating within the ARIN Service >> Region" they can request resources from ARIN. >> >> Current operational practice is to require an organization be formed >> within the ARIN service region. However, if this were applied by all the >> RIRs, a global network would be required to have a minimum of five >> subsidiaries, one formed in each of the five RIR regions, this seems >> overly burdensome. Good resource policy should consider the consequences >> of all RIRs adopting the same policy. >> >> Previous discussions of the topic indicated that it is difficult to >> enforce and undesirable for many in the community to dictate where >> resources are to be used once they are allocated. A strategy to deal >> with this is to focus the policy on the technical infrastructure and >> customers used to justify the requested number resources from ARIN, as >> opposed to where resources are actually used once allocated. This is a >> subtle but important distinction. >> >> While resources received from ARIN may be used outside the ARIN region, >> a common technical infrastructure must interconnect the use of these >> resources to the ARIN region. This provides a necessary nexus with the >> ARIN service region for such out of region use. Therefore, if a discrete >> network is operating within another region, not interconnected to the >> ARIN region, then resources for that discrete network should be >> requested from that region's RIR. >> >> A concern was raised that this policy shouldn't limit or interfere with >> outbound inter-RIR transfers. If we focus on what justifies a request >> for resources from ARIN, outbound inter-RIR transfers shouldn't be >> affected, as they are clearly based on the receiving RIR's policies. >> >> From previous discussions of the topic, "double dipping" should not be >> allowed, that is using the same technical infrastructure or customers to >> justify resources from ARIN and another RIR at the same time. >> The legal jurisdiction an organization is formed in doesn?t necessarily >> reflect the jurisdictions in which it operates, or even that it operates >> a network in a jurisdiction. This implies that we should have both >> technical and legal requirements regarding operating within the ARIN >> service region in order to receive resources. >> >> The original text used the term "majority", seeming to describe a >> "simple," "absolute" or "overall" majority, which means greater than >> 50%. Many organizations don't have greater than 50% of their users or >> customers in any one region. A "plurality", "relative majority", >> "largest of", or more specifically "more than any other RIR's service >> region" seems to be the intended and appropriate meaning of the term >> "majority" in this context. Let's clarify that intent by using the term >> "plurality". >> >> The intent is not to require an organization to have an overall >> plurality of its technical infrastructure and customers within the ARIN >> service region. Rather, it is to ensure that the plurality of currently >> requested resources is justified from within the ARIN region. If an >> organization?s primary, or largest, demand for resources is in another >> region then the organization should request resources from that region's >> RIR. >> -- >> >> ## * ## >> > > -- > ==============================**================== > David Farmer Email: farmer at umn.edu > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 1-612-626-0815 > Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 > ==============================**================== > > ______________________________**_________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/**listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bill at herrin.us Thu Sep 12 14:35:41 2013 From: bill at herrin.us (William Herrin) Date: Thu, 12 Sep 2013 14:35:41 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <5227A52D.1010802@arin.net> References: <5227A52D.1010802@arin.net> Message-ID: On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: > X. Resource Justification within ARIN Region > Organizations requesting Internet number resources from ARIN must > provide proof that they (1) are an active business entity legally > operating within the ARIN service region, and (2) are operating a > network located within the ARIN service region. In addition to meeting > all other applicable policy requirements, a plurality of resources > requested from ARIN must be justified by technical infrastructure and > customers located within the ARIN service region, and any located > outside the region must be interconnected to the ARIN service region. > The same technical infrastructure or customers cannot be used to justify > resources in more than one RIR. More broadly, I would suggest that further revision of this draft drop all concern for the legal status of the registrant. I think that better addressed as an ARIN business matter. Instead, focus on the degree to which the equipment on which the ARIN number resources are employed is physically present within the ARIN region. Plurality seems like an odd choice of word above. The implication is that if 21% of the equipment for which I use ARIN addresses is in North America, and as long as my use in each of the other four regions is 20% or less, I'm good to go. That doesn't seem to be what the author was trying to achieve, does it? Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From bill at herrin.us Thu Sep 12 14:19:02 2013 From: bill at herrin.us (William Herrin) Date: Thu, 12 Sep 2013 14:19:02 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <5227A52D.1010802@arin.net> References: <5227A52D.1010802@arin.net> Message-ID: On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: > X. Resource Justification within ARIN Region > Organizations requesting Internet number resources from ARIN must > provide proof that they (1) are an active business entity legally > operating within the ARIN service region, and I am not an active business entity, hence my AS number registration (AS 11875), used for multihomed network entirely in the U.S. State of Virginia would violate this policy as drafted. I tend to think of that as a bad thing. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From farmer at umn.edu Thu Sep 12 22:21:43 2013 From: farmer at umn.edu (David Farmer) Date: Thu, 12 Sep 2013 21:21:43 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> Message-ID: <523276B7.9080503@umn.edu> On 9/12/13 13:35 , William Herrin wrote: > On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: >> X. Resource Justification within ARIN Region >> Organizations requesting Internet number resources from ARIN must >> provide proof that they (1) are an active business entity legally >> operating within the ARIN service region, and (2) are operating a >> network located within the ARIN service region. In addition to meeting >> all other applicable policy requirements, a plurality of resources >> requested from ARIN must be justified by technical infrastructure and >> customers located within the ARIN service region, and any located >> outside the region must be interconnected to the ARIN service region. >> The same technical infrastructure or customers cannot be used to justify >> resources in more than one RIR. > > More broadly, I would suggest that further revision of this draft drop > all concern for the legal status of the registrant. I think that > better addressed as an ARIN business matter. Instead, focus on the > degree to which the equipment on which the ARIN number resources are > employed is physically present within the ARIN region. The details are definitely an ARIN business matter, but ARIN frequently get's asked "where does the policy require that?" And below you ask about "what the author was trying to achieve(?)", Legal Presence within the region was one of the key issues for the authors. > Plurality seems like an odd choice of word above. The implication is > that if 21% of the equipment for which I use ARIN addresses is in > North America, and as long as my use in each of the other four regions > is 20% or less, I'm good to go. Well more precisely the lowest possible use within the ARIN region is some fraction greater than 20%, with less than or equal to 20% in the other four regions. While possible in reality, this is much more of a contrived example that something you would expect to see regularly in the real world. However, if you were only operating within the ARIN region and one other region you would need greater than 50% in the ARIN region and less that 50% in the other region, a simple majority. > That doesn't seem to be what the author was trying to achieve, does it? I'd agree it wasn't what the authors were originally thinking, but if you review the earlier comments there were several people that objected to a 50% majority, and plurality was suggested as an alternative, as discussed in the Advisory Council Comments sections. In discussions with the authors their primary intent was that there be significant use in region. Plurality, is by no means perfect, for many it is way too much of a restriction and for other not enough, but it seems like a reasonable compromise. While the authors would prefer a 50% majority, they seemed to feel it was a reasonable compromise. -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From owen at delong.com Thu Sep 12 22:37:34 2013 From: owen at delong.com (Owen DeLong) Date: Thu, 12 Sep 2013 19:37:34 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <523276B7.9080503@umn.edu> References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: > >> Plurality seems like an odd choice of word above. The implication is >> that if 21% of the equipment for which I use ARIN addresses is in >> North America, and as long as my use in each of the other four regions >> is 20% or less, I'm good to go. > > Well more precisely the lowest possible use within the ARIN region is some fraction greater than 20%, with less than or equal to 20% in the other four regions. While possible in reality, this is much more of a contrived example that something you would expect to see regularly in the real world. However, if you were only operating within the ARIN region and one other region you would need greater than 50% in the ARIN region and less that 50% in the other region, a simple majority. > As written, I could, for example, have 50.001% in the ARIN region and 49.999% in one other RIR and be within the proposed requirements. However, I think that in a policy like this, it is important to choose language which does not limit operator flexibility in unintended ways while getting as close as possible to the intended result. If anyone has language that they believe will better match policy intent (or feels that a different intent would be better for that matter), then please express those ideas here. >> That doesn't seem to be what the author was trying to achieve, does it? > > I'd agree it wasn't what the authors were originally thinking, but if you review the earlier comments there were several people that objected to a 50% majority, and plurality was suggested as an alternative, as discussed in the Advisory Council Comments sections. > Majority is certainly more problematic than plurality. Plurality might not be the best possible choice, either, but nobody, including myself, has yet proposed a better alternative. The AC would certainly welcome any improved language from the community if anyone has a better idea. Owen From farmer at umn.edu Thu Sep 12 22:41:34 2013 From: farmer at umn.edu (David Farmer) Date: Thu, 12 Sep 2013 21:41:34 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> Message-ID: <52327B5E.6000605@umn.edu> On 9/12/13 13:19 , William Herrin wrote: > On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: >> X. Resource Justification within ARIN Region >> Organizations requesting Internet number resources from ARIN must >> provide proof that they (1) are an active business entity legally >> operating within the ARIN service region, and > > I am not an active business entity, hence my AS number registration > (AS 11875), used for multihomed network entirely in the U.S. State of > Virginia would violate this policy as drafted. > > I tend to think of that as a bad thing. I don't believe individuals (as an individual person) are allowed to request resources any longer. A business could be a sole proprietorship, and in every day terms there isn't that much difference, but legally there is I believe. But, your historical individual assignment isn't intended to be in violation of this policy. The policy is intended to apply to requesting (new or additional) resources. Just as it is intended to apply to how you justify resources, not how you use them in your network once allocated or assigned. See the 3rd paragraph of the Advisory Council comments in the email of the policy or the 4th paragraph on the web page. In the email the white space between the 1st and 2nd paragraphs got removed making them look like one big paragraph, its right on the web page. Thanks -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From hannigan at gmail.com Thu Sep 12 23:20:40 2013 From: hannigan at gmail.com (Martin Hannigan) Date: Thu, 12 Sep 2013 23:20:40 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> Message-ID: On Thu, Sep 12, 2013 at 2:35 PM, William Herrin wrote: > On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: > > X. Resource Justification within ARIN Region > > Organizations requesting Internet number resources from ARIN must > > provide proof that they (1) are an active business entity legally > > operating within the ARIN service region, and (2) are operating a > > network located within the ARIN service region. In addition to meeting > > all other applicable policy requirements, a plurality of resources > > requested from ARIN must be justified by technical infrastructure and > > customers located within the ARIN service region, and any located > > outside the region must be interconnected to the ARIN service region. > > The same technical infrastructure or customers cannot be used to justify > > resources in more than one RIR. > [ clip ] > Instead, focus on the > degree to which the equipment on which the ARIN number resources are > employed is physically present within the ARIN region. > The amount of equipment needed to run a network or legitimately utilize resources is getting smaller, not larger, and is not a good measure of whether you are a network operator. Or not. Best, -M< -------------- next part -------------- An HTML attachment was scrubbed... URL: From narten at us.ibm.com Fri Sep 13 00:53:05 2013 From: narten at us.ibm.com (Thomas Narten) Date: Fri, 13 Sep 2013 00:53:05 -0400 Subject: [arin-ppml] Weekly posting summary for ppml@arin.net Message-ID: <201309130453.r8D4r5bh027142@rotala.raleigh.ibm.com> Total of 14 messages in the last 7 days. script run at: Fri Sep 13 00:53:05 EDT 2013 Messages | Bytes | Who --------+------+--------+----------+------------------------ 28.57% | 4 | 31.60% | 40905 | farmer at umn.edu 7.14% | 1 | 22.25% | 28808 | ikiris at gmail.com 14.29% | 2 | 10.45% | 13532 | sryerse at eclipse-networks.com 14.29% | 2 | 9.88% | 12794 | bill at herrin.us 7.14% | 1 | 7.01% | 9072 | hannigan at gmail.com 7.14% | 1 | 5.53% | 7155 | owen at delong.com 7.14% | 1 | 4.82% | 6238 | narten at us.ibm.com 7.14% | 1 | 4.68% | 6053 | daniel_alexander at cable.comcast.com 7.14% | 1 | 3.79% | 4903 | rbf+arin-ppml at panix.com --------+------+--------+----------+------------------------ 100.00% | 14 |100.00% | 129460 | Total From farmer at umn.edu Fri Sep 13 10:27:17 2013 From: farmer at umn.edu (David Farmer) Date: Fri, 13 Sep 2013 09:27:17 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <52327B5E.6000605@umn.edu> References: <5227A52D.1010802@arin.net> <52327B5E.6000605@umn.edu> Message-ID: <523320C5.20705@umn.edu> On 9/12/13 21:41 , David Farmer wrote: > On 9/12/13 13:19 , William Herrin wrote: >> On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: >>> X. Resource Justification within ARIN Region >>> Organizations requesting Internet number resources from ARIN must >>> provide proof that they (1) are an active business entity legally >>> operating within the ARIN service region, and >> >> I am not an active business entity, hence my AS number registration >> (AS 11875), used for multihomed network entirely in the U.S. State of >> Virginia would violate this policy as drafted. >> >> I tend to think of that as a bad thing. > > I don't believe individuals (as an individual person) are allowed to > request resources any longer. A business could be a sole > proprietorship, and in every day terms there isn't that much difference, > but legally there is I believe. > > But, your historical individual assignment isn't intended to be in > violation of this policy. The policy is intended to apply to requesting > (new or additional) resources. Just as it is intended to apply to how > you justify resources, not how you use them in your network once > allocated or assigned. Thinking about this a little more, this policy is not intended to be an ex post facto rule, nor in general do I think it is appropriate for any policy to have retroactive effect without some extraordinary reason and justification for such an effect. Furthermore, I don't think ARIN staff would consider any policy to have retroactive effect without very explicit direction from the community that a policy should have such an effect, and calling that out in the staff and legal review. For an abundance of clarity I'd be happy to add something like the following in the Advisory Council Comments section before the text freeze; This policy is not intended to have any retroactive effect. It should not be construed to effect or invalidate any assignment or allocation previously made by ARIN, one of its predecessor registries, or any ISP or other LIR, based on good faith application information. In particular direct assignments previously made to individuals are not invalidated by this policy. However, this policy is intended to disallow any new assignment or allocation made directly to an individual person, as is current operational practice. -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From bjones at vt.edu Fri Sep 13 10:30:30 2013 From: bjones at vt.edu (Brian Jones) Date: Fri, 13 Sep 2013 10:30:30 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <523320C5.20705@umn.edu> References: <5227A52D.1010802@arin.net> <52327B5E.6000605@umn.edu> <523320C5.20705@umn.edu> Message-ID: +1 to your suggestion: " This policy is not intended to have any retroactive effect. It should not be construed to effect or invalidate any assignment or allocation previously made by ARIN, one of its predecessor registries, or any ISP or other LIR, based on good faith application information. In particular direct assignments previously made to individuals are not invalidated by this policy. However, this policy is intended to disallow any new assignment or allocation made directly to an individual person, as is current operational practice. " -- Brian On Fri, Sep 13, 2013 at 10:27 AM, David Farmer wrote: > On 9/12/13 21:41 , David Farmer wrote: > >> On 9/12/13 13:19 , William Herrin wrote: >> >>> On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: >>> >>>> X. Resource Justification within ARIN Region >>>> Organizations requesting Internet number resources from ARIN must >>>> provide proof that they (1) are an active business entity legally >>>> operating within the ARIN service region, and >>>> >>> >>> I am not an active business entity, hence my AS number registration >>> (AS 11875), used for multihomed network entirely in the U.S. State of >>> Virginia would violate this policy as drafted. >>> >>> I tend to think of that as a bad thing. >>> >> >> I don't believe individuals (as an individual person) are allowed to >> request resources any longer. A business could be a sole >> proprietorship, and in every day terms there isn't that much difference, >> but legally there is I believe. >> >> But, your historical individual assignment isn't intended to be in >> violation of this policy. The policy is intended to apply to requesting >> (new or additional) resources. Just as it is intended to apply to how >> you justify resources, not how you use them in your network once >> allocated or assigned. >> > > Thinking about this a little more, this policy is not intended to be an ex > post facto rule, nor in general do I think it is appropriate for any policy > to have retroactive effect without some extraordinary reason and > justification for such an effect. Furthermore, I don't think ARIN staff > would consider any policy to have retroactive effect without very explicit > direction from the community that a policy should have such an effect, and > calling that out in the staff and legal review. > > For an abundance of clarity I'd be happy to add something like the > following in the Advisory Council Comments section before the text freeze; > > This policy is not intended to have any retroactive effect. It should not > be construed to effect or invalidate any assignment or allocation > previously made by ARIN, one of its predecessor registries, or any ISP or > other LIR, based on good faith application information. In particular > direct assignments previously made to individuals are not invalidated by > this policy. However, this policy is intended to disallow any new > assignment or allocation made directly to an individual person, as is > current operational practice. > > > -- > ==============================**================== > David Farmer Email: farmer at umn.edu > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 1-612-626-0815 > Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 > ==============================**================== > ______________________________**_________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/**listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bill at herrin.us Fri Sep 13 11:38:45 2013 From: bill at herrin.us (William Herrin) Date: Fri, 13 Sep 2013 11:38:45 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> Message-ID: On Thu, Sep 12, 2013 at 11:20 PM, Martin Hannigan wrote: > On Thu, Sep 12, 2013 at 2:35 PM, William Herrin wrote: >> Instead, focus on the >> degree to which the equipment on which the ARIN number resources are >> employed is physically present within the ARIN region. > > The amount of equipment needed to run a network or legitimately utilize > resources is getting smaller, not larger, and is not a good measure of > whether you are a network operator. Or not. Hi Martin, That would be one of the reasons why I suggested a focus on where the equipment was located, not how much equipment you have. Your Canadian DSL customers don't attach to DSLAMs in Tokyo. The physical reality behind network latency makes it unlikely that they ever will. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From bill at herrin.us Fri Sep 13 11:53:05 2013 From: bill at herrin.us (William Herrin) Date: Fri, 13 Sep 2013 11:53:05 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: On Thu, Sep 12, 2013 at 10:37 PM, Owen DeLong wrote: > Majority is certainly more problematic than plurality. Plurality might not be > the best possible choice, either, but nobody, including myself, has yet proposed > a better alternative. The AC would certainly welcome any improved language > from the community if anyone has a better idea. Hi Owen, The intent of the policy proposal is to keep the use of ARIN addresses in-region. I say this with the utmost respect: A 20% rule doesn't do that. It does, however, create a new and potentially onerous documentary burden on every registrant requesting addresses. More, "plurality" makes the 20% rule needlessly complicated. I have to keep 20% in the ARIN region... unless I have 23% in the RIPE region and then I need to keep 24% in the ARIN region unless I have 30% in the APNIC region in which case I need 31% in the ARIN region, but if that drops the RIPE region down to 27% I can reduce the ARIN region holdings to 28%. Yuck! I'm for keeping ARIN addresses in region. I'm against creating new and potentially onerous documentary burdens. I'm doubly against creating new and potentially onerous documentary burdens which fail to plausibly achieve their defined goal. If there is no community consensus for a "should be in region" number in the 80% to 90% range then I think the draft should be abandoned. A plurality rule combines the worst elements of the notion, not the best. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From bill at herrin.us Fri Sep 13 11:59:51 2013 From: bill at herrin.us (William Herrin) Date: Fri, 13 Sep 2013 11:59:51 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <52327B5E.6000605@umn.edu> References: <5227A52D.1010802@arin.net> <52327B5E.6000605@umn.edu> Message-ID: On Thu, Sep 12, 2013 at 10:41 PM, David Farmer wrote: > I don't believe individuals (as an individual person) are allowed to request > resources any longer. Hi David, Since when? That was a 2008 assignment. More importantly: why not? What business is it of ARIN's what the legal structure of the entity requesting resources is? They're supposed to make assignments based on technically justified need, right? If the justification is present and the registrant is legally capable of entering into a contract, what's the problem? If I need another AS number for something, give me one good reason why ARIN should say no merely because I'm an individual. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From jeffrey.lyon at blacklotus.net Fri Sep 13 12:01:39 2013 From: jeffrey.lyon at blacklotus.net (Jeffrey Lyon) Date: Fri, 13 Sep 2013 12:01:39 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: On Fri, Sep 13, 2013 at 11:53 AM, William Herrin wrote: > On Thu, Sep 12, 2013 at 10:37 PM, Owen DeLong wrote: >> Majority is certainly more problematic than plurality. Plurality might not be >> the best possible choice, either, but nobody, including myself, has yet proposed >> a better alternative. The AC would certainly welcome any improved language >> from the community if anyone has a better idea. > > Hi Owen, > > The intent of the policy proposal is to keep the use of ARIN addresses > in-region. I say this with the utmost respect: A 20% rule doesn't do > that. It does, however, create a new and potentially onerous > documentary burden on every registrant requesting addresses. > > More, "plurality" makes the 20% rule needlessly complicated. I have to > keep 20% in the ARIN region... unless I have 23% in the RIPE region > and then I need to keep 24% in the ARIN region unless I have 30% in > the APNIC region in which case I need 31% in the ARIN region, but if > that drops the RIPE region down to 27% I can reduce the ARIN region > holdings to 28%. > > Yuck! > > I'm for keeping ARIN addresses in region. I'm against creating new and > potentially onerous documentary burdens. I'm doubly against creating > new and potentially onerous documentary burdens which fail to > plausibly achieve their defined goal. > > If there is no community consensus for a "should be in region" number > in the 80% to 90% range then I think the draft should be abandoned. A > plurality rule combines the worst elements of the notion, not the > best. > > Regards, > Bill Herrin > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. I agree that ARIN IP's must be reserved for in region use. -- Jeffrey A. Lyon, CISSP President, Black Lotus Communications mobile: (757) 304-0668 | gtalk: jeffrey.lyon at gmail.com | skype: blacklotus.net From ikiris at gmail.com Fri Sep 13 10:37:31 2013 From: ikiris at gmail.com (Blake Dunlap) Date: Fri, 13 Sep 2013 09:37:31 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <52327B5E.6000605@umn.edu> <523320C5.20705@umn.edu> Message-ID: Why would we want to restrict from allocation to individuals if they can justify it? Very opposed to that alone, above and beyond my opposition to regional restrictions. -Blake On Fri, Sep 13, 2013 at 9:30 AM, Brian Jones wrote: > +1 to your suggestion: > > > " > This policy is not intended to have any retroactive effect. It should not > be construed to effect or invalidate any assignment or allocation > previously made by ARIN, one of its predecessor registries, or any ISP or > other LIR, based on good faith application information. In particular > direct assignments previously made to individuals are not invalidated by > this policy. However, this policy is intended to disallow any new > assignment or allocation made directly to an individual person, as is > current operational practice. > " > > -- > Brian > > > On Fri, Sep 13, 2013 at 10:27 AM, David Farmer wrote: > >> On 9/12/13 21:41 , David Farmer wrote: >> >>> On 9/12/13 13:19 , William Herrin wrote: >>> >>>> On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: >>>> >>>>> X. Resource Justification within ARIN Region >>>>> Organizations requesting Internet number resources from ARIN must >>>>> provide proof that they (1) are an active business entity legally >>>>> operating within the ARIN service region, and >>>>> >>>> >>>> I am not an active business entity, hence my AS number registration >>>> (AS 11875), used for multihomed network entirely in the U.S. State of >>>> Virginia would violate this policy as drafted. >>>> >>>> I tend to think of that as a bad thing. >>>> >>> >>> I don't believe individuals (as an individual person) are allowed to >>> request resources any longer. A business could be a sole >>> proprietorship, and in every day terms there isn't that much difference, >>> but legally there is I believe. >>> >>> But, your historical individual assignment isn't intended to be in >>> violation of this policy. The policy is intended to apply to requesting >>> (new or additional) resources. Just as it is intended to apply to how >>> you justify resources, not how you use them in your network once >>> allocated or assigned. >>> >> >> Thinking about this a little more, this policy is not intended to be an >> ex post facto rule, nor in general do I think it is appropriate for any >> policy to have retroactive effect without some extraordinary reason and >> justification for such an effect. Furthermore, I don't think ARIN staff >> would consider any policy to have retroactive effect without very explicit >> direction from the community that a policy should have such an effect, and >> calling that out in the staff and legal review. >> >> For an abundance of clarity I'd be happy to add something like the >> following in the Advisory Council Comments section before the text freeze; >> >> This policy is not intended to have any retroactive effect. It should >> not be construed to effect or invalidate any assignment or allocation >> previously made by ARIN, one of its predecessor registries, or any ISP or >> other LIR, based on good faith application information. In particular >> direct assignments previously made to individuals are not invalidated by >> this policy. However, this policy is intended to disallow any new >> assignment or allocation made directly to an individual person, as is >> current operational practice. >> >> >> -- >> ==============================**================== >> David Farmer Email: farmer at umn.edu >> Office of Information Technology >> University of Minnesota >> 2218 University Ave SE Phone: 1-612-626-0815 >> Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 >> ==============================**================== >> ______________________________**_________________ >> PPML >> You are receiving this message because you are subscribed to >> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >> Unsubscribe or manage your mailing list subscription at: >> http://lists.arin.net/mailman/**listinfo/arin-ppml >> Please contact info at arin.net if you experience any issues. >> > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From kkargel at polartel.com Fri Sep 13 12:30:11 2013 From: kkargel at polartel.com (Kevin Kargel) Date: Fri, 13 Sep 2013 11:30:11 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <52327B5E.6000605@umn.edu> <523320C5.20705@umn.edu> Message-ID: <8695009A81378E48879980039EEDAD28012B3D4CAC@MAIL1.polartel.local> I also am very opposed to restricting assignments to businesses only. I am strongly in favor of keeping ARIN IP's in region but I see this as hard or impossible to police. Let's not make rules we can't enforce. Kevin From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Blake Dunlap Sent: Friday, September 13, 2013 9:38 AM To: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text Why would we want to restrict from allocation to individuals if they can justify it? Very opposed to that alone, above and beyond my opposition to regional restrictions. -Blake On Fri, Sep 13, 2013 at 9:30 AM, Brian Jones > wrote: +1 to your suggestion: " This policy is not intended to have any retroactive effect. It should not be construed to effect or invalidate any assignment or allocation previously made by ARIN, one of its predecessor registries, or any ISP or other LIR, based on good faith application information. In particular direct assignments previously made to individuals are not invalidated by this policy. However, this policy is intended to disallow any new assignment or allocation made directly to an individual person, as is current operational practice. " -- Brian On Fri, Sep 13, 2013 at 10:27 AM, David Farmer > wrote: On 9/12/13 21:41 , David Farmer wrote: On 9/12/13 13:19 , William Herrin wrote: On Wed, Sep 4, 2013 at 5:25 PM, ARIN > wrote: X. Resource Justification within ARIN Region Organizations requesting Internet number resources from ARIN must provide proof that they (1) are an active business entity legally operating within the ARIN service region, and I am not an active business entity, hence my AS number registration (AS 11875), used for multihomed network entirely in the U.S. State of Virginia would violate this policy as drafted. I tend to think of that as a bad thing. I don't believe individuals (as an individual person) are allowed to request resources any longer. A business could be a sole proprietorship, and in every day terms there isn't that much difference, but legally there is I believe. But, your historical individual assignment isn't intended to be in violation of this policy. The policy is intended to apply to requesting (new or additional) resources. Just as it is intended to apply to how you justify resources, not how you use them in your network once allocated or assigned. Thinking about this a little more, this policy is not intended to be an ex post facto rule, nor in general do I think it is appropriate for any policy to have retroactive effect without some extraordinary reason and justification for such an effect. Furthermore, I don't think ARIN staff would consider any policy to have retroactive effect without very explicit direction from the community that a policy should have such an effect, and calling that out in the staff and legal review. For an abundance of clarity I'd be happy to add something like the following in the Advisory Council Comments section before the text freeze; This policy is not intended to have any retroactive effect. It should not be construed to effect or invalidate any assignment or allocation previously made by ARIN, one of its predecessor registries, or any ISP or other LIR, based on good faith application information. In particular direct assignments previously made to individuals are not invalidated by this policy. However, this policy is intended to disallow any new assignment or allocation made directly to an individual person, as is current operational practice. -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. -------------- next part -------------- An HTML attachment was scrubbed... URL: From JOHN at egh.com Fri Sep 13 12:52:58 2013 From: JOHN at egh.com (John Santos) Date: Fri, 13 Sep 2013 12:52:58 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: Message-ID: <1130913122307.64770A-100000@Ives.egh.com> On Fri, 13 Sep 2013, William Herrin wrote: > On Thu, Sep 12, 2013 at 10:37 PM, Owen DeLong wrote: > > Majority is certainly more problematic than plurality. Plurality might not be > > the best possible choice, either, but nobody, including myself, has yet proposed > > a better alternative. The AC would certainly welcome any improved language > > from the community if anyone has a better idea. > > Hi Owen, > > The intent of the policy proposal is to keep the use of ARIN addresses > in-region. I say this with the utmost respect: A 20% rule doesn't do > that. It does, however, create a new and potentially onerous > documentary burden on every registrant requesting addresses. > > More, "plurality" makes the 20% rule needlessly complicated. I have to > keep 20% in the ARIN region... unless I have 23% in the RIPE region > and then I need to keep 24% in the ARIN region unless I have 30% in > the APNIC region in which case I need 31% in the ARIN region, but if > that drops the RIPE region down to 27% I can reduce the ARIN region > holdings to 28%. > > Yuck! I'm not sure if I'm in favor or against the this proposal, but I think your argument is not valid. You are making the process needlessly complicated. You don't need to "keep" anything anywhere. Only when you need more resources do you need to evaluate what region has the most systems (presumably with in-use addresses as a proxy for "systems", and probably with total subnet space as a proxy for addresses), and request the address space from that RIR (or any other RIR that has not adopted this or a similar policy.) You have to know how much of your address space allocation is in use before you can request more space. This just requires that you have some (extremely vague due to the extremely coarse granuality) idea of *where* you are using the addresses. > > I'm for keeping ARIN addresses in region. I'm against creating new and > potentially onerous documentary burdens. I'm doubly against creating > new and potentially onerous documentary burdens which fail to > plausibly achieve their defined goal. I'm not sure I'm in favor of keeping addresses in region. Certainly, with inter-RIR transfers, they won't *stay* in region! I agree with your doubts about this acheiving its intended goal, but I don't think the documentation burdens are particularly onerous. At worst case, less than 3 bits per IP address, but almost certainly knowing where a particular subnet is would suffice. Businesses with multiple locations need to know where their hosts are for management purposes anyway. Mobile devices are generally with in a few hundred feet of their Wifi hotspot or within a few miles of their current cell tower, and someone running such a network has to know how much load their is on each location for planning and problem resolution anyway. > > If there is no community consensus for a "should be in region" number > in the 80% to 90% range then I think the draft should be abandoned. A > plurality rule combines the worst elements of the notion, not the > best. > What if the business is international, with sites all over the world? Should they be forced to run at least 5 separate networks instead of a single integrated network? In your original example, if you have 23% in RIPE and 20% in ARIN, then you should go to RIPE for more addresses. (Or the transfer market, if RIPE is exhausted.) All this stuff about plurality vs. majority vs. 80-90% vs. "most of" (for some very vague definition of "most of") is moot with IPv6 anyway, since (at least in theory), a single IPv6 allocation should suffice forever. The lack of a definition of what constitutes a "legal business", the lack of recognition of the international nature of many businesses and organizations, and what seems to me an implicit assumption that US law applies to everyone all worry me more than the documentation requirements. > Regards, > Bill Herrin > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > > -- John Santos Evans Griffiths & Hart, Inc. 781-861-0670 ext 539 From farmer at umn.edu Fri Sep 13 12:58:11 2013 From: farmer at umn.edu (David Farmer) Date: Fri, 13 Sep 2013 11:58:11 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <523320C5.20705@umn.edu> References: <5227A52D.1010802@arin.net> <52327B5E.6000605@umn.edu> <523320C5.20705@umn.edu> Message-ID: <52334423.40207@umn.edu> On 9/13/13 09:27 , David Farmer wrote: > However, this policy is intended to > disallow any new assignment or allocation made directly to an individual > person, as is current operational practice. Maybe I'm mistaken. Could ARIN staff confirm or correct me, in current operational practice can individuals (as an individual, not a sole proprietor or other business entity) receive an allocation or assignment? Thanks -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From gary.buhrmaster at gmail.com Fri Sep 13 13:06:02 2013 From: gary.buhrmaster at gmail.com (Gary Buhrmaster) Date: Fri, 13 Sep 2013 17:06:02 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: On Fri, Sep 13, 2013 at 3:53 PM, William Herrin wrote: .... > More, "plurality" makes the 20% rule needlessly complicated. I have to > keep 20% in the ARIN region... unless I have 23% in the RIPE region > and then I need to keep 24% in the ARIN region unless I have 30% in > the APNIC region in which case I need 31% in the ARIN region, but if > that drops the RIPE region down to 27% I can reduce the ARIN region > holdings to 28%. > > Yuck! Unless I am misreading this, this proposal deals with the initial (or additional) allocation/assignments, and not on-going activities. Once you get the numbers, you could then move the numbers to other regions. Yes, that opens up some ways to "game" the intent. That has been true for, well, forever. However, unless the community requests that ARIN start to do reviews of existing allocation/assignments and requires that they meet current policies (which, AFAIK, no one is suggesting), the "plurality" requirement does not seem too onerous given that one already has to provide quite a bit of documentation to ARIN for numbers. Where do you have the plurality of the resources? Apply to that RIR. Gary From Terri.L.Stumme at usdoj.gov Fri Sep 13 14:09:43 2013 From: Terri.L.Stumme at usdoj.gov (Stumme, Terri L.) Date: Fri, 13 Sep 2013 18:09:43 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: As the author of the original DRAFT policy proposal, I'd like to reiterate the original intent of the policy: to enable ARIN staff to validate/verify requestors of address space who establish a "shell company" in the US for the sole purpose of acquiring ARIN resources. ARIN has historically required legal incorporation within the region. Due to the depletion of IPv4 there has been a significant increase in out-of-region requestors, and they are returning often (every three weeks) to request larger blocks. ARIN staff does not have the capability or mechanisms in place to verify customer usage, nor to verify/validate physical contact information for these out-of-region entities. If ARIN staff is unable to validate/verify requestors contact information or customer usage, enforcement of ARIN contractual obligations is significantly impeded. Law enforcement simply wants to ensure that mechanisms are in place for verification/validation of ARIN's customers to avoid allocation to organizations/individuals who may intend to utilize IP address space for nefarious purposes, and that should this occur, accurate pointers (requested via subpoena) are available from ARIN for law enforcement to proceed with a criminal investigation. -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Jeffrey Lyon Sent: Friday, September 13, 2013 12:02 PM To: William Herrin Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text On Fri, Sep 13, 2013 at 11:53 AM, William Herrin wrote: > On Thu, Sep 12, 2013 at 10:37 PM, Owen DeLong wrote: >> Majority is certainly more problematic than plurality. Plurality >> might not be the best possible choice, either, but nobody, including >> myself, has yet proposed a better alternative. The AC would certainly >> welcome any improved language from the community if anyone has a better idea. > > Hi Owen, > > The intent of the policy proposal is to keep the use of ARIN addresses > in-region. I say this with the utmost respect: A 20% rule doesn't do > that. It does, however, create a new and potentially onerous > documentary burden on every registrant requesting addresses. > > More, "plurality" makes the 20% rule needlessly complicated. I have to > keep 20% in the ARIN region... unless I have 23% in the RIPE region > and then I need to keep 24% in the ARIN region unless I have 30% in > the APNIC region in which case I need 31% in the ARIN region, but if > that drops the RIPE region down to 27% I can reduce the ARIN region > holdings to 28%. > > Yuck! > > I'm for keeping ARIN addresses in region. I'm against creating new and > potentially onerous documentary burdens. I'm doubly against creating > new and potentially onerous documentary burdens which fail to > plausibly achieve their defined goal. > > If there is no community consensus for a "should be in region" number > in the 80% to 90% range then I think the draft should be abandoned. A > plurality rule combines the worst elements of the notion, not the > best. > > Regards, > Bill Herrin > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to the ARIN > Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. I agree that ARIN IP's must be reserved for in region use. -- Jeffrey A. Lyon, CISSP President, Black Lotus Communications mobile: (757) 304-0668 | gtalk: jeffrey.lyon at gmail.com | skype: blacklotus.net _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From kkargel at polartel.com Fri Sep 13 14:42:18 2013 From: kkargel at polartel.com (Kevin Kargel) Date: Fri, 13 Sep 2013 13:42:18 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: <8695009A81378E48879980039EEDAD28012B3D4D1E@MAIL1.polartel.local> I still don't see how this is going to be enforceable. To my eye it would entail getting geo-data for all last mile routers that service IP's under ARIN control and having someone or a sophisticated AI bot continuously scanning the BGP tables to enumerate and verify the geo-locations of the endpoints. This sounds like a project that I suspect the ARIN community is going to be hesitant to fund. If the idea is just to ask people if they are in the ARIN governance area and make them promise to never move offshore (knowing it will not be subsequently policed) then I submit that the algorithm is way too easy to game by unscrupulous operators and will end up being a token policy that creates more bureaucracy and trouble for legitimate operators. Unenforceable policy is a waste of time and money. If you can figure out a way to enforce *and* implement it I would support the policy, but until that time I have to vote "nay". I suspect that even if it were implemented enforcement would only be possible if it were written with an anti-grandfather clause. Kevin -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Stumme, Terri L. Sent: Friday, September 13, 2013 1:10 PM To: Jeffrey Lyon; William Herrin Cc: robert.flaim at ic.fbi.gov; Kellum, Andre W.; arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text As the author of the original DRAFT policy proposal, I'd like to reiterate the original intent of the policy: to enable ARIN staff to validate/verify requestors of address space who establish a "shell company" in the US for the sole purpose of acquiring ARIN resources. ARIN has historically required legal incorporation within the region. Due to the depletion of IPv4 there has been a significant increase in out-of-region requestors, and they are returning often (every three weeks) to request larger blocks. ARIN staff does not have the capability or mechanisms in place to verify customer usage, nor to verify/validate physical contact information for these out-of-region entities. If ARIN staff is unable to validate/verify requestors contact information or customer usage, enforcement of ARIN contractual obligations is significantly impeded. Law enforcement simply wants to ensure that mechanisms are in place for verification/validation of ARIN's customers to avoid allocation to organizations/individuals who may intend to utilize IP address space for nefarious purposes, and that should this occur, accurate pointers (requested via subpoena) are available from ARIN for law enforcement to proceed with a criminal investigation. -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Jeffrey Lyon Sent: Friday, September 13, 2013 12:02 PM To: William Herrin Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text On Fri, Sep 13, 2013 at 11:53 AM, William Herrin wrote: > On Thu, Sep 12, 2013 at 10:37 PM, Owen DeLong wrote: >> Majority is certainly more problematic than plurality. Plurality >> might not be the best possible choice, either, but nobody, including >> myself, has yet proposed a better alternative. The AC would certainly >> welcome any improved language from the community if anyone has a better idea. > > Hi Owen, > > The intent of the policy proposal is to keep the use of ARIN addresses > in-region. I say this with the utmost respect: A 20% rule doesn't do > that. It does, however, create a new and potentially onerous > documentary burden on every registrant requesting addresses. > > More, "plurality" makes the 20% rule needlessly complicated. I have to > keep 20% in the ARIN region... unless I have 23% in the RIPE region > and then I need to keep 24% in the ARIN region unless I have 30% in > the APNIC region in which case I need 31% in the ARIN region, but if > that drops the RIPE region down to 27% I can reduce the ARIN region > holdings to 28%. > > Yuck! > > I'm for keeping ARIN addresses in region. I'm against creating new and > potentially onerous documentary burdens. I'm doubly against creating > new and potentially onerous documentary burdens which fail to > plausibly achieve their defined goal. > > If there is no community consensus for a "should be in region" number > in the 80% to 90% range then I think the draft should be abandoned. A > plurality rule combines the worst elements of the notion, not the > best. > > Regards, > Bill Herrin > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > _______________________________________________ > PPML > You are receiving this message because you are subscribed to the ARIN > Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. I agree that ARIN IP's must be reserved for in region use. -- Jeffrey A. Lyon, CISSP President, Black Lotus Communications mobile: (757) 304-0668 | gtalk: jeffrey.lyon at gmail.com | skype: blacklotus.net _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From jcurran at arin.net Fri Sep 13 15:26:40 2013 From: jcurran at arin.net (John Curran) Date: Fri, 13 Sep 2013 19:26:40 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <52334423.40207@umn.edu> References: <5227A52D.1010802@arin.net> <52327B5E.6000605@umn.edu> <523320C5.20705@umn.edu> <52334423.40207@umn.edu> Message-ID: <596A67F7-7BE8-41E4-850B-726D031EF3AA@corp.arin.net> On Sep 13, 2013, at 12:58 PM, David Farmer wrote: > ... > Could ARIN staff confirm or correct me, in current operational practice can individuals (as an individual, not a sole proprietor or other business entity) receive an allocation or assignment? It is ARIN's practice to assign number resources to organizations, not individuals. > On Sep 13, 2013, at 11:59 AM, William Herrin wrote: >> ... >> More importantly: why not? At a minimum, NRPM 2.6 ("End-user" definition) would need to be changed to recognize IP address assignments to individuals - "2.6 An end-user is an organization receiving assignments of IP addresses exclusively for use in its operational networks." Thanks, /John John Curran President and CEO ARIN From SRyerse at eclipse-networks.com Fri Sep 13 15:45:59 2013 From: SRyerse at eclipse-networks.com (Steven Ryerse) Date: Fri, 13 Sep 2013 19:45:59 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6 Address Space to Out-of-region Requestors - Revised Problem Statementand Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net><52327B5E.6000605@umn.edu> <523320C5.20705@umn.edu> Message-ID: <5B9E90747FA2974D91A54FCFA1B8AD12013B86A6CF@ENI-MAIL.eclipse-networks.com> I agree with Blake and others that legal structure of org has no bearing on an allocation and thus should not be mentioned in policies. Steven Ryerse President 100 Ashford Center North, Suite 110, Atlanta, GA 30338 770.656.1460 - Cell 770.399.9099- Office [Description: Description: Eclipse Networks Logo_small.png]? Eclipse Networks, Inc. Conquering Complex Networks? From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Blake Dunlap Sent: Friday, September 13, 2013 10:38 AM To: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6 Address Space to Out-of-region Requestors - Revised Problem Statementand Policy Text Why would we want to restrict from allocation to individuals if they can justify it? Very opposed to that alone, above and beyond my opposition to regional restrictions. -Blake On Fri, Sep 13, 2013 at 9:30 AM, Brian Jones > wrote: +1 to your suggestion: " This policy is not intended to have any retroactive effect. It should not be construed to effect or invalidate any assignment or allocation previously made by ARIN, one of its predecessor registries, or any ISP or other LIR, based on good faith application information. In particular direct assignments previously made to individuals are not invalidated by this policy. However, this policy is intended to disallow any new assignment or allocation made directly to an individual person, as is current operational practice. " -- Brian On Fri, Sep 13, 2013 at 10:27 AM, David Farmer > wrote: On 9/12/13 21:41 , David Farmer wrote: On 9/12/13 13:19 , William Herrin wrote: On Wed, Sep 4, 2013 at 5:25 PM, ARIN > wrote: X. Resource Justification within ARIN Region Organizations requesting Internet number resources from ARIN must provide proof that they (1) are an active business entity legally operating within the ARIN service region, and I am not an active business entity, hence my AS number registration (AS 11875), used for multihomed network entirely in the U.S. State of Virginia would violate this policy as drafted. I tend to think of that as a bad thing. I don't believe individuals (as an individual person) are allowed to request resources any longer. A business could be a sole proprietorship, and in every day terms there isn't that much difference, but legally there is I believe. But, your historical individual assignment isn't intended to be in violation of this policy. The policy is intended to apply to requesting (new or additional) resources. Just as it is intended to apply to how you justify resources, not how you use them in your network once allocated or assigned. Thinking about this a little more, this policy is not intended to be an ex post facto rule, nor in general do I think it is appropriate for any policy to have retroactive effect without some extraordinary reason and justification for such an effect. Furthermore, I don't think ARIN staff would consider any policy to have retroactive effect without very explicit direction from the community that a policy should have such an effect, and calling that out in the staff and legal review. For an abundance of clarity I'd be happy to add something like the following in the Advisory Council Comments section before the text freeze; This policy is not intended to have any retroactive effect. It should not be construed to effect or invalidate any assignment or allocation previously made by ARIN, one of its predecessor registries, or any ISP or other LIR, based on good faith application information. In particular direct assignments previously made to individuals are not invalidated by this policy. However, this policy is intended to disallow any new assignment or allocation made directly to an individual person, as is current operational practice. -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 1468 bytes Desc: image001.jpg URL: From bill at herrin.us Fri Sep 13 15:54:37 2013 From: bill at herrin.us (William Herrin) Date: Fri, 13 Sep 2013 15:54:37 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <596A67F7-7BE8-41E4-850B-726D031EF3AA@corp.arin.net> References: <5227A52D.1010802@arin.net> <52327B5E.6000605@umn.edu> <523320C5.20705@umn.edu> <52334423.40207@umn.edu> <596A67F7-7BE8-41E4-850B-726D031EF3AA@corp.arin.net> Message-ID: On Fri, Sep 13, 2013 at 3:26 PM, John Curran wrote: > It is ARIN's practice to assign number resources to organizations, > not individuals. That's me, Mr. Outlier. >> On Sep 13, 2013, at 11:59 AM, William Herrin wrote: >>> More importantly: why not? > > At a minimum, NRPM 2.6 ("End-user" definition) would need to be > changed to recognize IP address assignments to individuals - > > "2.6 An end-user is an organization receiving assignments of IP > addresses exclusively for use in its operational networks." An organization is some number of people acting on concert towards a common goal. One is an acceptable number. Given Citizens United and the history of similar rulings, I'm pretty sure I can make that claim stick. Besides which, I presume ARIN doesn't refuse to do business with sole proprietorships. A sole proprietorship has no legal existence separate from the single individual who owns it. With minor exceptions (Bob's Bait and Tackle can't get married or adopt children) a proprietorship is legally synonymous with its owner. What else ya got? :) Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From bill at herrin.us Fri Sep 13 16:41:42 2013 From: bill at herrin.us (William Herrin) Date: Fri, 13 Sep 2013 16:41:42 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <1130913122307.64770A-100000@Ives.egh.com> References: <1130913122307.64770A-100000@Ives.egh.com> Message-ID: On Fri, Sep 13, 2013 at 12:52 PM, John Santos wrote: > What if the business is international, with sites all over the world? > Should they be forced to run at least 5 separate networks instead of a > single integrated network? Hi John, That's a fair question. I hope I don't mischaracterize the ITU's position when I say they think a strictly regionalized registry system is detrimental to business in exactly this manner. They would have themselves designated as a registry with worldwide scope in order to serve these interests among others. I'd offer this answer: if we want to continue as a system of regional registries then it's generally appropriate for a multinational organization get acquire the number resources it deploys in each region from that region's registry. One network. Five suppliers, whose goods have geographical constraints on their use. If a system of regional registries is no longer indicated, that's a much bigger topic of discussion which we shouldn't back-door by having ARIN unilaterally act as registry to the world. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From bill at herrin.us Fri Sep 13 16:30:36 2013 From: bill at herrin.us (William Herrin) Date: Fri, 13 Sep 2013 16:30:36 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: On Fri, Sep 13, 2013 at 1:06 PM, Gary Buhrmaster wrote: > On Fri, Sep 13, 2013 at 3:53 PM, William Herrin wrote: >> Yuck! > > Unless I am misreading this, this proposal deals with the initial > (or additional) allocation/assignments, and not on-going activities. > Once you get the numbers, you could then move the numbers > to other regions. Hi Gary, Did I miss the text which exempts this draft from the exercise of NRPM section 12.2.c and d? Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From jcurran at arin.net Fri Sep 13 17:13:39 2013 From: jcurran at arin.net (John Curran) Date: Fri, 13 Sep 2013 21:13:39 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <52327B5E.6000605@umn.edu> <523320C5.20705@umn.edu> <52334423.40207@umn.edu> <596A67F7-7BE8-41E4-850B-726D031EF3AA@corp.arin.net> Message-ID: <0336F44F-01C1-4724-83D2-DA4AF763D225@arin.net> On Sep 13, 2013, at 3:54 PM, William Herrin wrote: > On Fri, Sep 13, 2013 at 3:26 PM, John Curran wrote: >> It is ARIN's practice to assign number resources to organizations, >> not individuals. > > That's me, Mr. Outlier. > >>> On Sep 13, 2013, at 11:59 AM, William Herrin wrote: >>>> More importantly: why not? >> >> At a minimum, NRPM 2.6 ("End-user" definition) would need to be >> changed to recognize IP address assignments to individuals - >> >> "2.6 An end-user is an organization receiving assignments of IP >> addresses exclusively for use in its operational networks." > > An organization is some number of people acting on concert towards a > common goal. One is an acceptable number. Given Citizens United and > the history of similar rulings, I'm pretty sure I can make that claim > stick. > > Besides which, I presume ARIN doesn't refuse to do business with sole > proprietorships. A sole proprietorship has no legal existence separate > from the single individual who owns it. With minor exceptions (Bob's > Bait and Tackle can't get married or adopt children) a proprietorship > is legally synonymous with its owner. > > What else ya got? :) Bill - We have no problem dealing with sole proprietorships; they are organizations and can receive assignments. Note that the number resources are still assigned in such cases to the organization (i.e. in the name of the sole proprietorship) not the individual. FYI, /John John Curran President and CEO ARIN From drc at virtualized.org Fri Sep 13 17:12:58 2013 From: drc at virtualized.org (David Conrad) Date: Fri, 13 Sep 2013 17:12:58 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <8695009A81378E48879980039EEDAD28012B3D4D1E@MAIL1.polartel.local> References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <8695009A81378E48879980039EEDAD28012B3D4D1E@MAIL1.polartel.local> Message-ID: Kevin, On Sep 13, 2013, at 2:42 PM, Kevin Kargel wrote: > I still don't see how this is going to be enforceable. To my eye it would entail getting geo-data for all last mile routers that service IP's under ARIN control and having someone or a sophisticated AI bot continuously scanning the BGP tables to enumerate and verify the geo-locations of the endpoints. Why wouldn't an assertion by the applicant that they run a network in the ARIN region and perhaps a traceroute or two be sufficient to meet the "operating a network located in the ARIN service region" requirement? > If the idea is just to ask people if they are in the ARIN governance area and make them promise to never move offshore (knowing it will not be subsequently policed) then I submit that the algorithm is way too easy to game by unscrupulous operators and will end up being a token policy that creates more bureaucracy and trouble for legitimate operators. I don't see this being significantly different than gaming the "operational needs" requirement. I think the issue here is establishing a policy basis upon which violations, when detected, can be addressed. If it is discovered that someone is getting addresses to stockpile them for later sale, ARIN policy exists to allow ARIN to revoke those addresses. This draft policy is saying that if someone is getting addresses for use outside ARIN's region, there would be a policy to allow ARIN to address that issue. And, FWIW, I'll note that both AfriNIC and LACNIC (the remaining RIRs that have not gone into "last /8" policy) require companies to demonstrate in-region legal status and network usage. > If you can figure out a way to enforce *and* implement it I would support the policy, but until that time I have to vote "nay". I suspect that even if it were implemented enforcement would only be possible if it were written with an anti-grandfather clause. Wait, I liked my grandfather... :) (sorry, not sure what an 'anti-grandfather clause is) Regards, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: From kkargel at polartel.com Fri Sep 13 17:20:22 2013 From: kkargel at polartel.com (Kevin Kargel) Date: Fri, 13 Sep 2013 16:20:22 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <8695009A81378E48879980039EEDAD28012B3D4D1E@MAIL1.polartel.local> Message-ID: <8695009A81378E48879980039EEDAD28012B3D4D77@MAIL1.polartel.local> -----Original Message----- From: David Conrad [mailto:drc at virtualized.org] Sent: Friday, September 13, 2013 4:13 PM To: Kevin Kargel Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text Kevin, On Sep 13, 2013, at 2:42 PM, Kevin Kargel wrote: > I still don't see how this is going to be enforceable. To my eye it would entail getting geo-data for all last mile routers that service IP's under ARIN control and having someone or a sophisticated AI bot continuously scanning the BGP tables to enumerate and verify the geo-locations of the endpoints. >>Why wouldn't an assertion by the applicant that they run a network in the ARIN region and perhaps a traceroute or two be sufficient to meet the "operating a network located in the ARIN service region" requirement? A traceroute would only satisfy an initial test. Trivially easy to set one up, get your allocation, and then move the network to where you really wanted it. > If the idea is just to ask people if they are in the ARIN governance area and make them promise to never move offshore (knowing it will not be subsequently policed) then I submit that the algorithm is way too easy to game by unscrupulous operators and will end up being a token policy that creates more bureaucracy and trouble for legitimate operators. >>I don't see this being significantly different than gaming the "operational needs" requirement. I think the issue here is establishing a policy basis upon which violations, when detected, can be addressed. If it is discovered that someone is getting addresses to stockpile them for later sale, ARIN policy exists to allow ARIN to revoke those addresses. This draft policy is saying that if someone is getting addresses for use outside ARIN's region, there would be a policy to allow ARIN to address that issue. Just like ARIN follows up on the utilization requirement? >>And, FWIW, I'll note that both AfriNIC and LACNIC (the remaining RIRs that have not gone into "last /8" policy) require companies to demonstrate in-region legal status and network usage. Maybe they have a way to test and enforce their requirement. If so perhaps it is a model we should pattern after. > If you can figure out a way to enforce *and* implement it I would support the policy, but until that time I have to vote "nay". I suspect that even if it were implemented enforcement would only be possible if it were written with an anti-grandfather clause. >>Wait, I liked my grandfather... :) (sorry, not sure what an 'anti-grandfather clause is) Anti-grandfather means that the restrictions should equally apply to existing allocations, and current allocations that are operating outside of the ARIN region should be required to obtain allocations from their region and return the ARIN allocation. Old allocations should not have a 'grandfather' exemption. We would probably need to forgive their latest set of fees. It would be onerously difficult to separate the pre and post allocations for enforcement. Regards, -drc From drc at virtualized.org Fri Sep 13 17:45:41 2013 From: drc at virtualized.org (David Conrad) Date: Fri, 13 Sep 2013 17:45:41 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <8695009A81378E48879980039EEDAD28012B3D4D77@MAIL1.polartel.local> References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <8695009A81378E48879980039EEDAD28012B3D4D1E@MAIL1.polartel.local> <8695009A81378E48879980039EEDAD28012B3D4D77@MAIL1.polartel.local> Message-ID: Kevin, On Sep 13, 2013, at 5:20 PM, Kevin Kargel wrote: > A traceroute would only satisfy an initial test. Trivially easy to set one up, get your allocation, and then move the network to where you really wanted it. Yes. However, if this subterfuge was noticed, the policy would give ARIN the capability to do something about it (if necessary), just like other ARIN policies. > Just like ARIN follows up on the utilization requirement? I've been told ARIN has revoked address space for violation of policy. > Anti-grandfather means that the restrictions should equally apply to existing allocations, and current allocations that are operating outside of the ARIN region should be required to obtain allocations from their region and return the ARIN allocation. My understanding of the policy proposal was that it was to apply to future allocations because the out-of-region requests appear to be increasing with the exhaustion of various RIR free pools. Historically, it has been ... challenging to retroactively apply policy to pre-existing allocations. If such retroactive application were desired (not going to comment one way or another on that aspect), I'd suggest it should be a different policy proposal. Regards, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: From springer at inlandnet.com Fri Sep 13 17:59:22 2013 From: springer at inlandnet.com (John Springer) Date: Fri, 13 Sep 2013 14:59:22 -0700 (PDT) Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: Opposed as written. I think the only way I could support something like this is if part(2) were done away with entirely and if part (1) were construed as codifying existing practice. If part (1) envisions additional validation/verification on ARIN's part beyond the current practice of requiring corporate documentation, I will require some persuasion before I can support it. At minimum, I would expect that all additional validation/verification intended be explicitly spelled out in advance. John Springer On Fri, 13 Sep 2013, Stumme, Terri L. wrote: > As the author of the original DRAFT policy proposal, I'd like to reiterate the original intent of the policy: to enable ARIN staff to validate/verify requestors of address space who establish a "shell company" in the US for the sole purpose of acquiring ARIN resources. ARIN has historically required legal incorporation within the region. Due to the depletion of IPv4 there has been a significant increase in out-of-region requestors, and they are returning often (every three weeks) to request larger blocks. ARIN staff does not have the capability or mechanisms in place to verify customer usage, nor to verify/validate physical contact information for these out-of-region entities. > If ARIN staff is unable to validate/verify requestors contact information or customer usage, enforcement of ARIN contractual obligations is significantly impeded. > Law enforcement simply wants to ensure that mechanisms are in place for verification/validation of ARIN's customers to avoid allocation to organizations/individuals who may intend to utilize IP address space for nefarious purposes, and that should this occur, accurate pointers (requested via subpoena) are available from ARIN for law enforcement to proceed with a criminal investigation. > > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Jeffrey Lyon > Sent: Friday, September 13, 2013 12:02 PM > To: William Herrin > Cc: arin-ppml at arin.net > Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text > > On Fri, Sep 13, 2013 at 11:53 AM, William Herrin wrote: >> On Thu, Sep 12, 2013 at 10:37 PM, Owen DeLong wrote: >>> Majority is certainly more problematic than plurality. Plurality >>> might not be the best possible choice, either, but nobody, including >>> myself, has yet proposed a better alternative. The AC would certainly >>> welcome any improved language from the community if anyone has a better idea. >> >> Hi Owen, >> >> The intent of the policy proposal is to keep the use of ARIN addresses >> in-region. I say this with the utmost respect: A 20% rule doesn't do >> that. It does, however, create a new and potentially onerous >> documentary burden on every registrant requesting addresses. >> >> More, "plurality" makes the 20% rule needlessly complicated. I have to >> keep 20% in the ARIN region... unless I have 23% in the RIPE region >> and then I need to keep 24% in the ARIN region unless I have 30% in >> the APNIC region in which case I need 31% in the ARIN region, but if >> that drops the RIPE region down to 27% I can reduce the ARIN region >> holdings to 28%. >> >> Yuck! >> >> I'm for keeping ARIN addresses in region. I'm against creating new and >> potentially onerous documentary burdens. I'm doubly against creating >> new and potentially onerous documentary burdens which fail to >> plausibly achieve their defined goal. >> >> If there is no community consensus for a "should be in region" number >> in the 80% to 90% range then I think the draft should be abandoned. A >> plurality rule combines the worst elements of the notion, not the >> best. >> >> Regards, >> Bill Herrin >> >> >> -- >> William D. Herrin ................ herrin at dirtside.com bill at herrin.us >> 3005 Crane Dr. ...................... Web: >> Falls Church, VA 22042-3004 >> _______________________________________________ >> PPML >> You are receiving this message because you are subscribed to the ARIN >> Public Policy Mailing List (ARIN-PPML at arin.net). >> Unsubscribe or manage your mailing list subscription at: >> http://lists.arin.net/mailman/listinfo/arin-ppml >> Please contact info at arin.net if you experience any issues. > > I agree that ARIN IP's must be reserved for in region use. > > -- > Jeffrey A. Lyon, CISSP > President, Black Lotus Communications > mobile: (757) 304-0668 | gtalk: jeffrey.lyon at gmail.com | skype: blacklotus.net _______________________________________________ > PPML > You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > > From jcurran at arin.net Fri Sep 13 17:59:57 2013 From: jcurran at arin.net (John Curran) Date: Fri, 13 Sep 2013 21:59:57 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <8695009A81378E48879980039EEDAD28012B3D4D1E@MAIL1.polartel.local> <8695009A81378E48879980039EEDAD28012B3D4D77@MAIL1.polartel.local> Message-ID: <0C998CD9-DF80-4D6F-A21A-766271210819@arin.net> On Sep 13, 2013, at 5:45 PM, David Conrad wrote: > On Sep 13, 2013, at 5:20 PM, Kevin Kargel wrote: >> A traceroute would only satisfy an initial test. Trivially easy to set one up, get your allocation, and then move the network to where you really wanted it. > > Yes. However, if this subterfuge was noticed, the policy would give ARIN the capability to do something about it (if necessary), just like other ARIN policies. > >> Just like ARIN follows up on the utilization requirement? > > I've been told ARIN has revoked address space for violation of policy. That is correct, specifically in cases where the resource request was made based on fraudulent information. I am not advocating for this type of test in any particular policy; only noting that it is possible to establish conditions that would need to be met in good faith and would have ramifications otherwise. FYI, /John John Curran President and CEO ARIN From ebw at abenaki.wabanaki.net Fri Sep 13 21:30:04 2013 From: ebw at abenaki.wabanaki.net (Eric Brunner-Williams) Date: Fri, 13 Sep 2013 18:30:04 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <8695009A81378E48879980039EEDAD28012B3D4D1E@MAIL1.polartel.local> <8695009A81378E48879980039EEDAD28012B3D4D77@MAIL1.polartel.local> Message-ID: <5233BC1C.1030902@abenaki.wabanaki.net> On 9/13/13 2:45 PM, David Conrad wrote: > My understanding of the policy proposal was that it was to apply to future allocations because the out-of-region requests appear to be increasing with the exhaustion of various RIR free pools. Starting at the phrase "because ..." If I recall correctly the policy proposal was made on behalf of one or more law enforcement agencies, which are unlikely to have, as a primary motivation, a relation between putative locality of allocation requester and availability of the resource allocated. As I pointed out earlier, agencies of government, and other entities, other than the agency which created the allocated resource and the initial and subsequent mechanisms of allocation (unique, consistent with the routing regime of the epoch, ...) are mere consumers of the resource and not subordinating sources of policy. If I'm mistaken a pointer would be appreciated. Eric From bjones at vt.edu Fri Sep 13 09:32:06 2013 From: bjones at vt.edu (Brian Jones) Date: Fri, 13 Sep 2013 09:32:06 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> Message-ID: See comments below. [ clip ] > Instead, focus on the > degree to which the equipment on which the ARIN number resources are > employed is physically present within the ARIN region. > The amount of equipment needed to run a network or legitimately utilize resources is getting smaller, not larger, and is not a good measure of whether you are a network operator. Or not. Best, -M< I think that really depends on who you are and who your user base is as to how your network resource equipment counts grow. Demands for network services are continually growing and expanding in our university environment and therefore the amount of equipment needed to continue to provide the requested services continues to grow. I'm not saying that it is a valid indicator or definer of what is a network operator... but I am not seeing the amount of equipment needed to run a network getting smaller. fwiw -- Brian On Thu, Sep 12, 2013 at 11:20 PM, Martin Hannigan wrote: > > > On Thu, Sep 12, 2013 at 2:35 PM, William Herrin wrote: > >> On Wed, Sep 4, 2013 at 5:25 PM, ARIN wrote: >> > X. Resource Justification within ARIN Region >> > Organizations requesting Internet number resources from ARIN must >> > provide proof that they (1) are an active business entity legally >> > operating within the ARIN service region, and (2) are operating a >> > network located within the ARIN service region. In addition to meeting >> > all other applicable policy requirements, a plurality of resources >> > requested from ARIN must be justified by technical infrastructure and >> > customers located within the ARIN service region, and any located >> > outside the region must be interconnected to the ARIN service region. >> > The same technical infrastructure or customers cannot be used to justify >> > resources in more than one RIR. >> > > [ clip ] > > >> Instead, focus on the >> degree to which the equipment on which the ARIN number resources are >> employed is physically present within the ARIN region. >> > > > The amount of equipment needed to run a network or legitimately utilize > resources is getting smaller, not larger, and is not a good measure of > whether you are a network operator. Or not. > > > Best, > > -M< > > > > > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nathaliecoupet at yahoo.com Sat Sep 14 13:58:28 2013 From: nathaliecoupet at yahoo.com (nathalie coupet) Date: Sat, 14 Sep 2013 10:58:28 -0700 (PDT) Subject: [arin-ppml] "Re: Contents of ARIN-PPML digest, Vol 99, Issue 10..." In-Reply-To: References: Message-ID: <1379181508.84068.YahooMailNeo@web124705.mail.ne1.yahoo.com> How about if each company would have to make their case, based on the greatest number of attachment points to a particular area? They could show they have a plurality of elements linking them to ARIN's region rather than to any other region (such as a majority of their end-users being present in that region and/or it makes sense operationally to submit the request to ARIN because of the presence of a majority of its equipment located in that region, and/or other attachment elements to be defined). ?? ? Nathalie Coupet ARIN Member ________________________________ From: "arin-ppml-request at arin.net" To: arin-ppml at arin.net Sent: Friday, September 13, 2013 5:45 PM Subject: ARIN-PPML Digest, Vol 99, Issue 9 Send ARIN-PPML mailing list submissions to ??? arin-ppml at arin.net To subscribe or unsubscribe via the World Wide Web, visit ??? http://lists.arin.net/mailman/listinfo/arin-ppml or, via email, send a message with subject or body 'help' to ??? arin-ppml-request at arin.net You can reach the person managing the list at ??? arin-ppml-owner at arin.net When replying, please edit your Subject line so it is more specific than "Re: Contents of ARIN-PPML digest..." Today's Topics: ? 1. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (William Herrin) ? 2. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (William Herrin) ? 3. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (William Herrin) ? 4. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (John Curran) ? 5. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and??? IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised??? Problem ? ? ? Statement and Policy Text (David Conrad) ? 6. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (Kevin Kargel) ? 7. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and??? IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised??? Problem ? ? ? Statement and Policy Text (David Conrad) ---------------------------------------------------------------------- Message: 1 Date: Fri, 13 Sep 2013 15:54:37 -0400 From: William Herrin To: John Curran Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: ??? Content-Type: text/plain; charset=ISO-8859-1 On Fri, Sep 13, 2013 at 3:26 PM, John Curran wrote: > It is ARIN's practice to assign number resources to organizations, > not individuals. That's me, Mr. Outlier. >> On Sep 13, 2013, at 11:59 AM, William Herrin wrote: >>> More importantly: why not? > > At a minimum, NRPM 2.6 ("End-user" definition) would need to be > changed to recognize IP address assignments to individuals - > > "2.6 An end-user is an organization receiving assignments of IP >? ? ? addresses exclusively for use in its operational networks." An organization is some number of people acting on concert towards a common goal. One is an acceptable number. Given Citizens United and the history of similar rulings, I'm pretty sure I can make that claim stick. Besides which, I presume ARIN doesn't refuse to do business with sole proprietorships. A sole proprietorship has no legal existence separate from the single individual who owns it. With minor exceptions (Bob's Bait and Tackle can't get married or adopt children) a proprietorship is legally synonymous with its owner. What else ya got? :) Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com? bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 ------------------------------ Message: 2 Date: Fri, 13 Sep 2013 16:41:42 -0400 From: William Herrin To: John Santos Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: ??? Content-Type: text/plain; charset=ISO-8859-1 On Fri, Sep 13, 2013 at 12:52 PM, John Santos wrote: > What if the business is international, with sites all over the world? > Should they be forced to run at least 5 separate networks instead of a > single integrated network? Hi John, That's a fair question. I hope I don't mischaracterize the ITU's position when I say they think a strictly regionalized registry system is detrimental to business in exactly this manner.? They would have themselves designated as a registry with worldwide scope in order to serve these interests among others. I'd offer this answer: if we want to continue as a system of regional registries then it's generally appropriate for a multinational organization get acquire the number resources it deploys in each region from that region's registry. One network. Five suppliers, whose goods have geographical constraints on their use. If a system of regional registries is no longer indicated, that's a much bigger topic of discussion which we shouldn't back-door by having ARIN unilaterally act as registry to the world. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com? bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 ------------------------------ Message: 3 Date: Fri, 13 Sep 2013 16:30:36 -0400 From: William Herrin To: Gary Buhrmaster Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: ??? Content-Type: text/plain; charset=ISO-8859-1 On Fri, Sep 13, 2013 at 1:06 PM, Gary Buhrmaster wrote: > On Fri, Sep 13, 2013 at 3:53 PM, William Herrin wrote: >> Yuck! > > Unless I am misreading this, this proposal deals with the initial > (or additional) allocation/assignments, and not on-going activities. > Once you get the numbers, you could then move the numbers > to other regions. Hi Gary, Did I miss the text which exempts this draft from the exercise of NRPM section 12.2.c and d? Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com? bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 ------------------------------ Message: 4 Date: Fri, 13 Sep 2013 21:13:39 +0000 From: John Curran To: William Herrin Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: <0336F44F-01C1-4724-83D2-DA4AF763D225 at arin.net> Content-Type: text/plain; charset="us-ascii" On Sep 13, 2013, at 3:54 PM, William Herrin wrote: > On Fri, Sep 13, 2013 at 3:26 PM, John Curran wrote: >> It is ARIN's practice to assign number resources to organizations, >> not individuals. > > That's me, Mr. Outlier. > >>> On Sep 13, 2013, at 11:59 AM, William Herrin wrote: >>>> More importantly: why not? >> >> At a minimum, NRPM 2.6 ("End-user" definition) would need to be >> changed to recognize IP address assignments to individuals - >> >> "2.6 An end-user is an organization receiving assignments of IP >>? ? addresses exclusively for use in its operational networks." > > An organization is some number of people acting on concert towards a > common goal. One is an acceptable number. Given Citizens United and > the history of similar rulings, I'm pretty sure I can make that claim > stick. > > Besides which, I presume ARIN doesn't refuse to do business with sole > proprietorships. A sole proprietorship has no legal existence separate > from the single individual who owns it. With minor exceptions (Bob's > Bait and Tackle can't get married or adopt children) a proprietorship > is legally synonymous with its owner. > > What else ya got? :) Bill - We have no problem dealing with sole proprietorships; they are organizations and can receive assignments.? Note that the number resources are still assigned in such cases to the organization (i.e. in the name of the sole proprietorship) not the individual. FYI, /John John Curran President and CEO ARIN ------------------------------ Message: 5 Date: Fri, 13 Sep 2013 17:12:58 -0400 From: David Conrad To: Kevin Kargel Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and??? IPv6 Address Space to Out-of-region Requestors - Revised??? Problem ??? Statement and Policy Text Message-ID: Content-Type: text/plain; charset="us-ascii" Kevin, On Sep 13, 2013, at 2:42 PM, Kevin Kargel wrote: > I still don't see how this is going to be enforceable. To my eye it would entail getting geo-data for all last mile routers that service IP's under ARIN control and having someone or a sophisticated AI bot continuously scanning the BGP tables to enumerate and verify the geo-locations of the endpoints. Why wouldn't an assertion by the applicant that they run a network in the ARIN region and perhaps a traceroute or two be sufficient to meet the "operating a network located in the ARIN service region" requirement? > If the idea is just to ask people if they are in the ARIN governance area and make them promise to never move offshore (knowing it will not be subsequently policed) then I submit that the algorithm is way too easy to game by unscrupulous operators and will end up being a token policy that creates more bureaucracy and trouble for legitimate operators.? I don't see this being significantly different than gaming the "operational needs" requirement. I think the issue here is establishing a policy basis upon which violations, when detected, can be addressed. If it is discovered that someone is getting addresses to stockpile them for later sale, ARIN policy exists to allow ARIN to revoke those addresses.? This draft policy is saying that if someone is getting addresses for use outside ARIN's region, there would be a policy to allow ARIN to address that issue. And, FWIW, I'll note that both AfriNIC and LACNIC (the remaining RIRs that have not gone into "last /8" policy) require companies to demonstrate in-region legal status and network usage. > If you can figure out a way to enforce *and* implement it I would support the policy, but until that time I have to vote "nay".? I suspect that even if it were implemented enforcement would only be possible if it were written with an anti-grandfather clause. Wait, I liked my grandfather... :) (sorry, not sure what an 'anti-grandfather clause is) Regards, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: ------------------------------ Message: 6 Date: Fri, 13 Sep 2013 16:20:22 -0500 From: Kevin Kargel To: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: ??? <8695009A81378E48879980039EEDAD28012B3D4D77 at MAIL1.polartel.local> Content-Type: text/plain; charset="us-ascii" -----Original Message----- From: David Conrad [mailto:drc at virtualized.org] Sent: Friday, September 13, 2013 4:13 PM To: Kevin Kargel Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text Kevin, On Sep 13, 2013, at 2:42 PM, Kevin Kargel wrote: > I still don't see how this is going to be enforceable. To my eye it would entail getting geo-data for all last mile routers that service IP's under ARIN control and having someone or a sophisticated AI bot continuously scanning the BGP tables to enumerate and verify the geo-locations of the endpoints. >>Why wouldn't an assertion by the applicant that they run a network in the ARIN region and perhaps a traceroute or two be sufficient to meet the "operating a network located in the ARIN service region" requirement? A traceroute would only satisfy an initial test.? Trivially easy to set one up, get your allocation, and then move the network to where you really wanted it. > If the idea is just to ask people if they are in the ARIN governance area and make them promise to never move offshore (knowing it will not be subsequently policed) then I submit that the algorithm is way too easy to game by unscrupulous operators and will end up being a token policy that creates more bureaucracy and trouble for legitimate operators.? >>I don't see this being significantly different than gaming the "operational needs" requirement. I think the issue here is establishing a policy basis upon which violations, when detected, can be addressed. If it is discovered that someone is getting addresses to stockpile them for later sale, ARIN policy exists to allow ARIN to revoke those addresses.? This draft policy is saying that if someone is getting addresses for use outside ARIN's region, there would be a policy to allow ARIN to address that issue. Just like ARIN follows up on the utilization requirement?? >>And, FWIW, I'll note that both AfriNIC and LACNIC (the remaining RIRs that have not gone into "last /8" policy) require companies to demonstrate in-region legal status and network usage. Maybe they have a way to test and enforce their requirement.? If so perhaps it is a model we should pattern after. > If you can figure out a way to enforce *and* implement it I would support the policy, but until that time I have to vote "nay".? I suspect that even if it were implemented enforcement would only be possible if it were written with an anti-grandfather clause. >>Wait, I liked my grandfather... :) (sorry, not sure what an 'anti-grandfather clause is) Anti-grandfather means that the restrictions should equally apply to existing allocations, and current allocations that are operating outside of the ARIN region should be required to obtain allocations from their region and return the ARIN allocation.? Old allocations should not have a 'grandfather' exemption.? We would probably need to forgive their latest set of fees. It would be onerously difficult to separate the pre and post allocations for enforcement. Regards, -drc ------------------------------ Message: 7 Date: Fri, 13 Sep 2013 17:45:41 -0400 From: David Conrad To: Kevin Kargel Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and??? IPv6 Address Space to Out-of-region Requestors - Revised??? Problem ??? Statement and Policy Text Message-ID: Content-Type: text/plain; charset="us-ascii" Kevin, On Sep 13, 2013, at 5:20 PM, Kevin Kargel wrote: > A traceroute would only satisfy an initial test.? Trivially easy to set one up, get your allocation, and then move the network to where you really wanted it. Yes. However, if this subterfuge was noticed, the policy would give ARIN the capability to do something about it (if necessary), just like other ARIN policies. > Just like ARIN follows up on the utilization requirement?? I've been told ARIN has revoked address space for violation of policy. > Anti-grandfather means that the restrictions should equally apply to existing allocations, and current allocations that are operating outside of the ARIN region should be required to obtain allocations from their region and return the ARIN allocation.? My understanding of the policy proposal was that it was to apply to future allocations because the out-of-region requests appear to be increasing with the exhaustion of various RIR free pools.? Historically, it has been ... challenging to retroactively apply policy to pre-existing allocations.? If such retroactive application were desired (not going to comment one way or another on that aspect), I'd suggest it should be a different policy proposal. Regards, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: ------------------------------ _______________________________________________ ARIN-PPML mailing list ARIN-PPML at arin.net http://lists.arin.net/mailman/listinfo/arin-ppml End of ARIN-PPML Digest, Vol 99, Issue 9 **************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: From nathaliecoupet at yahoo.com Sat Sep 14 16:57:41 2013 From: nathaliecoupet at yahoo.com (nathalie coupet) Date: Sat, 14 Sep 2013 13:57:41 -0700 (PDT) Subject: [arin-ppml] "Re: Contents of ARIN-PPML digest, Vol 99, Issue 10..." In-Reply-To: <1379181508.84068.YahooMailNeo@web124705.mail.ne1.yahoo.com> References: <1379181508.84068.YahooMailNeo@web124705.mail.ne1.yahoo.com> Message-ID: <1379192261.24036.YahooMailNeo@web124705.mail.ne1.yahoo.com> How about if each company would have to make their case, based on the greatest number of attachment points to a particular area? They could show they have a plurality of elements linking them to ARIN's region rather than to any other region (such as a majority of their end-users being present in that region and/or it makes sense operationally to submit the request to ARIN because of the presence of a majority of its equipment located in that region, and/or other attachment elements to be defined). Instead of having only 1 criteria for attachment to a particular region, there could be several and if 3 out 5 are verified, than the entity would receive number resources from the RIR.? This would allow staff to have a global picture of that entity and the policy could be made as liberal or as restrictive as desired by the community. ? Nathalie Coupet ARIN Member ________________________________ From: nathalie coupet To: "arin-ppml at arin.net" Sent: Saturday, September 14, 2013 1:58 PM Subject: "Re: Contents of ARIN-PPML digest, Vol 99, Issue 10..." How about if each company would have to make their case, based on the greatest number of attachment points to a particular area? They could show they have a plurality of elements linking them to ARIN's region rather than to any other region (such as a majority of their end-users being present in that region and/or it makes sense operationally to submit the request to ARIN because of the presence of a majority of its equipment located in that region, and/or other attachment elements to be defined). ?? ? Nathalie Coupet ARIN Member ________________________________ From: "arin-ppml-request at arin.net" To: arin-ppml at arin.net Sent: Friday, September 13, 2013 5:45 PM Subject: ARIN-PPML Digest, Vol 99, Issue 9 Send ARIN-PPML mailing list submissions to ??? arin-ppml at arin.net To subscribe or unsubscribe via the World Wide Web, visit ??? http://lists.arin.net/mailman/listinfo/arin-ppml or, via email, send a message with subject or body 'help' to ??? arin-ppml-request at arin.net You can reach the person managing the list at ??? arin-ppml-owner at arin.net When replying, please edit your Subject line so it is more specific than "Re: Contents of ARIN-PPML digest..." Today's Topics: ? 1. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (William Herrin) ? 2. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (William Herrin) ? 3. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (William Herrin) ? 4. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (John Curran) ? 5. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and??? IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised??? Problem ? ? ? Statement and Policy Text (David Conrad) ? 6. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised Problem ? ? ? Statement and Policy Text (Kevin Kargel) ? 7. Re: Draft Policy ARIN-2013-6: Allocation of IPv4 and??? IPv6 ? ? ? Address Space to Out-of-region Requestors - Revised??? Problem ? ? ? Statement and Policy Text (David Conrad) ---------------------------------------------------------------------- Message: 1 Date: Fri, 13 Sep 2013 15:54:37 -0400 From: William Herrin To: John Curran Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: ??? Content-Type: text/plain; charset=ISO-8859-1 On Fri, Sep 13, 2013 at 3:26 PM, John Curran wrote: > It is ARIN's practice to assign number resources to organizations, > not individuals. That's me, Mr. Outlier. >> On Sep 13, 2013, at 11:59 AM, William Herrin wrote: >>> More importantly: why not? > > At a minimum, NRPM 2.6 ("End-user" definition) would need to be > changed to recognize IP address assignments to individuals - > > "2.6 An end-user is an organization receiving assignments of IP >? ? ? addresses exclusively for use in its operational networks." An organization is some number of people acting on concert towards a common goal. One is an acceptable number. Given Citizens United and the history of similar rulings, I'm pretty sure I can make that claim stick. Besides which, I presume ARIN doesn't refuse to do business with sole proprietorships. A sole proprietorship has no legal existence separate from the single individual who owns it. With minor exceptions (Bob's Bait and Tackle can't get married or adopt children) a proprietorship is legally synonymous with its owner. What else ya got? :) Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com? bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 ------------------------------ Message: 2 Date: Fri, 13 Sep 2013 16:41:42 -0400 From: William Herrin To: John Santos Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: ??? Content-Type: text/plain; charset=ISO-8859-1 On Fri, Sep 13, 2013 at 12:52 PM, John Santos wrote: > What if the business is international, with sites all over the world? > Should they be forced to run at least 5 separate networks instead of a > single integrated network? Hi John, That's a fair question. I hope I don't mischaracterize the ITU's position when I say they think a strictly regionalized registry system is detrimental to business in exactly this manner.? They would have themselves designated as a registry with worldwide scope in order to serve these interests among others. I'd offer this answer: if we want to continue as a system of regional registries then it's generally appropriate for a multinational organization get acquire the number resources it deploys in each region from that region's registry. One network. Five suppliers, whose goods have geographical constraints on their use. If a system of regional registries is no longer indicated, that's a much bigger topic of discussion which we shouldn't back-door by having ARIN unilaterally act as registry to the world. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com? bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 ------------------------------ Message: 3 Date: Fri, 13 Sep 2013 16:30:36 -0400 From: William Herrin To: Gary Buhrmaster Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: ??? Content-Type: text/plain; charset=ISO-8859-1 On Fri, Sep 13, 2013 at 1:06 PM, Gary Buhrmaster wrote: > On Fri, Sep 13, 2013 at 3:53 PM, William Herrin wrote: >> Yuck! > > Unless I am misreading this, this proposal deals with the initial > (or additional) allocation/assignments, and not on-going activities. > Once you get the numbers, you could then move the numbers > to other regions. Hi Gary, Did I miss the text which exempts this draft from the exercise of NRPM section 12.2.c and d? Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com? bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 ------------------------------ Message: 4 Date: Fri, 13 Sep 2013 21:13:39 +0000 From: John Curran To: William Herrin Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: <0336F44F-01C1-4724-83D2-DA4AF763D225 at arin.net> Content-Type: text/plain; charset="us-ascii" On Sep 13, 2013, at 3:54 PM, William Herrin wrote: > On Fri, Sep 13, 2013 at 3:26 PM, John Curran wrote: >> It is ARIN's practice to assign number resources to organizations, >> not individuals. > > That's me, Mr. Outlier. > >>> On Sep 13, 2013, at 11:59 AM, William Herrin wrote: >>>> More importantly: why not? >> >> At a minimum, NRPM 2.6 ("End-user" definition) would need to be >> changed to recognize IP address assignments to individuals - >> >> "2.6 An end-user is an organization receiving assignments of IP >>? ? addresses exclusively for use in its operational networks." > > An organization is some number of people acting on concert towards a > common goal. One is an acceptable number. Given Citizens United and > the history of similar rulings, I'm pretty sure I can make that claim > stick. > > Besides which, I presume ARIN doesn't refuse to do business with sole > proprietorships. A sole proprietorship has no legal existence separate > from the single individual who owns it. With minor exceptions (Bob's > Bait and Tackle can't get married or adopt children) a proprietorship > is legally synonymous with its owner. > > What else ya got? :) Bill - We have no problem dealing with sole proprietorships; they are organizations and can receive assignments.? Note that the number resources are still assigned in such cases to the organization (i.e. in the name of the sole proprietorship) not the individual. FYI, /John John Curran President and CEO ARIN ------------------------------ Message: 5 Date: Fri, 13 Sep 2013 17:12:58 -0400 From: David Conrad To: Kevin Kargel Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and??? IPv6 Address Space to Out-of-region Requestors - Revised??? Problem ??? Statement and Policy Text Message-ID: Content-Type: text/plain; charset="us-ascii" Kevin, On Sep 13, 2013, at 2:42 PM, Kevin Kargel wrote: > I still don't see how this is going to be enforceable. To my eye it would entail getting geo-data for all last mile routers that service IP's under ARIN control and having someone or a sophisticated AI bot continuously scanning the BGP tables to enumerate and verify the geo-locations of the endpoints. Why wouldn't an assertion by the applicant that they run a network in the ARIN region and perhaps a traceroute or two be sufficient to meet the "operating a network located in the ARIN service region" requirement? > If the idea is just to ask people if they are in the ARIN governance area and make them promise to never move offshore (knowing it will not be subsequently policed) then I submit that the algorithm is way too easy to game by unscrupulous operators and will end up being a token policy that creates more bureaucracy and trouble for legitimate operators.? I don't see this being significantly different than gaming the "operational needs" requirement. I think the issue here is establishing a policy basis upon which violations, when detected, can be addressed. If it is discovered that someone is getting addresses to stockpile them for later sale, ARIN policy exists to allow ARIN to revoke those addresses.? This draft policy is saying that if someone is getting addresses for use outside ARIN's region, there would be a policy to allow ARIN to address that issue. And, FWIW, I'll note that both AfriNIC and LACNIC (the remaining RIRs that have not gone into "last /8" policy) require companies to demonstrate in-region legal status and network usage. > If you can figure out a way to enforce *and* implement it I would support the policy, but until that time I have to vote "nay".? I suspect that even if it were implemented enforcement would only be possible if it were written with an anti-grandfather clause. Wait, I liked my grandfather... :) (sorry, not sure what an 'anti-grandfather clause is) Regards, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: ------------------------------ Message: 6 Date: Fri, 13 Sep 2013 16:20:22 -0500 From: Kevin Kargel To: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and IPv6 Address Space to Out-of-region Requestors - Revised Problem ??? Statement and Policy Text Message-ID: ??? <8695009A81378E48879980039EEDAD28012B3D4D77 at MAIL1.polartel.local> Content-Type: text/plain; charset="us-ascii" -----Original Message----- From: David Conrad [mailto:drc at virtualized.org] Sent: Friday, September 13, 2013 4:13 PM To: Kevin Kargel Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text Kevin, On Sep 13, 2013, at 2:42 PM, Kevin Kargel wrote: > I still don't see how this is going to be enforceable. To my eye it would entail getting geo-data for all last mile routers that service IP's under ARIN control and having someone or a sophisticated AI bot continuously scanning the BGP tables to enumerate and verify the geo-locations of the endpoints. >>Why wouldn't an assertion by the applicant that they run a network in the ARIN region and perhaps a traceroute or two be sufficient to meet the "operating a network located in the ARIN service region" requirement? A traceroute would only satisfy an initial test.? Trivially easy to set one up, get your allocation, and then move the network to where you really wanted it. > If the idea is just to ask people if they are in the ARIN governance area and make them promise to never move offshore (knowing it will not be subsequently policed) then I submit that the algorithm is way too easy to game by unscrupulous operators and will end up being a token policy that creates more bureaucracy and trouble for legitimate operators.? >>I don't see this being significantly different than gaming the "operational needs" requirement. I think the issue here is establishing a policy basis upon which violations, when detected, can be addressed. If it is discovered that someone is getting addresses to stockpile them for later sale, ARIN policy exists to allow ARIN to revoke those addresses.? This draft policy is saying that if someone is getting addresses for use outside ARIN's region, there would be a policy to allow ARIN to address that issue. Just like ARIN follows up on the utilization requirement?? >>And, FWIW, I'll note that both AfriNIC and LACNIC (the remaining RIRs that have not gone into "last /8" policy) require companies to demonstrate in-region legal status and network usage. Maybe they have a way to test and enforce their requirement.? If so perhaps it is a model we should pattern after. > If you can figure out a way to enforce *and* implement it I would support the policy, but until that time I have to vote "nay".? I suspect that even if it were implemented enforcement would only be possible if it were written with an anti-grandfather clause. >>Wait, I liked my grandfather... :) (sorry, not sure what an 'anti-grandfather clause is) Anti-grandfather means that the restrictions should equally apply to existing allocations, and current allocations that are operating outside of the ARIN region should be required to obtain allocations from their region and return the ARIN allocation.? Old allocations should not have a 'grandfather' exemption.? We would probably need to forgive their latest set of fees. It would be onerously difficult to separate the pre and post allocations for enforcement. Regards, -drc ------------------------------ Message: 7 Date: Fri, 13 Sep 2013 17:45:41 -0400 From: David Conrad To: Kevin Kargel Cc: "arin-ppml at arin.net" Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 ??? and??? IPv6 Address Space to Out-of-region Requestors - Revised??? Problem ??? Statement and Policy Text Message-ID: Content-Type: text/plain; charset="us-ascii" Kevin, On Sep 13, 2013, at 5:20 PM, Kevin Kargel wrote: > A traceroute would only satisfy an initial test.? Trivially easy to set one up, get your allocation, and then move the network to where you really wanted it. Yes. However, if this subterfuge was noticed, the policy would give ARIN the capability to do something about it (if necessary), just like other ARIN policies. > Just like ARIN follows up on the utilization requirement?? I've been told ARIN has revoked address space for violation of policy. > Anti-grandfather means that the restrictions should equally apply to existing allocations, and current allocations that are operating outside of the ARIN region should be required to obtain allocations from their region and return the ARIN allocation.? My understanding of the policy proposal was that it was to apply to future allocations because the out-of-region requests appear to be increasing with the exhaustion of various RIR free pools.? Historically, it has been ... challenging to retroactively apply policy to pre-existing allocations.? If such retroactive application were desired (not going to comment one way or another on that aspect), I'd suggest it should be a different policy proposal. Regards, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: ------------------------------ _______________________________________________ ARIN-PPML mailing list ARIN-PPML at arin.net http://lists.arin.net/mailman/listinfo/arin-ppml End of ARIN-PPML Digest, Vol 99, Issue 9 **************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: From owen at delong.com Sat Sep 14 17:47:26 2013 From: owen at delong.com (Owen DeLong) Date: Sat, 14 Sep 2013 14:47:26 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: On Sep 13, 2013, at 8:53 AM, William Herrin wrote: > On Thu, Sep 12, 2013 at 10:37 PM, Owen DeLong wrote: >> Majority is certainly more problematic than plurality. Plurality might not be >> the best possible choice, either, but nobody, including myself, has yet proposed >> a better alternative. The AC would certainly welcome any improved language >> from the community if anyone has a better idea. > > Hi Owen, > > The intent of the policy proposal is to keep the use of ARIN addresses > in-region. I say this with the utmost respect: A 20% rule doesn't do > that. It does, however, create a new and potentially onerous > documentary burden on every registrant requesting addresses. With all due respect, if that's the intent, then I oppose the policy. I do support an intent to reasonably accommodate address allocations to entities using the addresses in-region and/or to entities that are in-region that want to simplify their international operations by not having to deal with every RIR where they happen to have an office. > More, "plurality" makes the 20% rule needlessly complicated. I have to > keep 20% in the ARIN region... unless I have 23% in the RIPE region > and then I need to keep 24% in the ARIN region unless I have 30% in > the APNIC region in which case I need 31% in the ARIN region, but if > that drops the RIPE region down to 27% I can reduce the ARIN region > holdings to 28%. I suppose you can make it sound complex like that, but, in reality, it's much simpler? You need to make sure that more of your operations using ARIN space are in the ARIN region than anywhere else. If you don't like that, you are, of course free with or without this policy to get your space for your operations in each region from that region. > I'm for keeping ARIN addresses in region. I'm against creating new and > potentially onerous documentary burdens. I'm doubly against creating > new and potentially onerous documentary burdens which fail to > plausibly achieve their defined goal. And I'm against making it harder for in-region users with out-of-region operations to use ARIN space globally when that makes good operational sense. Owen From mpetach at netflight.com Sat Sep 14 23:58:13 2013 From: mpetach at netflight.com (Matthew Petach) Date: Sat, 14 Sep 2013 20:58:13 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: On Thu, Sep 12, 2013 at 7:37 PM, Owen DeLong wrote: > > > >> Plurality seems like an odd choice of word above. The implication is > >> that if 21% of the equipment for which I use ARIN addresses is in > >> North America, and as long as my use in each of the other four regions > >> is 20% or less, I'm good to go. > > > > Well more precisely the lowest possible use within the ARIN region is > some fraction greater than 20%, with less than or equal to 20% in the other > four regions. While possible in reality, this is much more of a contrived > example that something you would expect to see regularly in the real world. > However, if you were only operating within the ARIN region and one other > region you would need greater than 50% in the ARIN region and less that 50% > in the other region, a simple majority. > > > > As written, I could, for example, have 50.001% in the ARIN region and > 49.999% in one other RIR and be within the proposed requirements. > > However, I think that in a policy like this, it is important to choose > language which does not limit operator flexibility in unintended ways while > getting as close as possible to the intended result. > > If anyone has language that they believe will better match policy intent > (or feels that a different intent would be better for that matter), then > please express those ideas here. > > >> That doesn't seem to be what the author was trying to achieve, does it? > > > > I'd agree it wasn't what the authors were originally thinking, but if > you review the earlier comments there were several people that objected to > a 50% majority, and plurality was suggested as an alternative, as discussed > in the Advisory Council Comments sections. > > > > Majority is certainly more problematic than plurality. Plurality might not > be the best possible choice, either, but nobody, including myself, has yet > proposed a better alternative. The AC would certainly welcome any improved > language from the community if anyone has a better idea. > Why not simply use a phrase like "significant fraction" rather than "plurality"? change " a plurality of resources requested from ARIN must be justified by technical infrastructure and customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region." to " a significant fraction of the resources requested from ARIN must be justified by technical infrastructure or customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region." (representing a global network that spans 4 RIRs, but has no customers, I also advocate changing from "and customers" to "or customers", to relieve networks such as the one I work for from being unfairly excluded from obtaining ARIN resources. I will also note for the record that as port density increases, the number of devices we use is going down, not up. They cost a metric shit ton more, and suck up more power and need more cooling--but if you're measuring by "number of boxes" rather than "capability of boxes", I think the expectation that the number of boxes in a network will always be increasing, as someone else further down in the thread claimed, is prima facie false. Matt (for the record, while I'm suggesting alternate language that I think might be more palatable, as currently proposed, I oppose this proposal) > Owen > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bill at herrin.us Sun Sep 15 14:18:42 2013 From: bill at herrin.us (William Herrin) Date: Sun, 15 Sep 2013 14:18:42 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: On Sat, Sep 14, 2013 at 5:47 PM, Owen DeLong wrote: > On Sep 13, 2013, at 8:53 AM, William Herrin wrote: >> The intent of the policy proposal is to keep the use of ARIN addresses >> in-region. I say this with the utmost respect: A 20% rule doesn't do >> that. It does, however, create a new and potentially onerous >> documentary burden on every registrant requesting addresses. > > With all due respect, if that's the intent, then I oppose the policy. Hi Owen, My paragraph above is in error. Terri clarified the intent of the draft several messages ago. Paraphrasing: the authors want better public records so they know who to go to or go after when there is a law enforcement issue. And they'd like that to be someone within their respective jurisdictions. They would have us tighten eligibility to those folks with some kind of substantive legal presence in the region. Something more than "We've registered a Delaware LLC and park IP addresses on rented equipment in a rented data center." Based on her clarification, I'd drop the language which seeks to have the number resources employed in-region. That muddies the issue and makes consensus harder than it needs to be. The issue is not where the IP addresses are used, but whether the registrant can be compelled to cooperate with local law enforcement and adhere to local law. >> More, "plurality" makes the 20% rule needlessly complicated. I have to >> keep 20% in the ARIN region... unless I have 23% in the RIPE region >> and then I need to keep 24% in the ARIN region unless I have 30% in >> the APNIC region in which case I need 31% in the ARIN region, but if >> that drops the RIPE region down to 27% I can reduce the ARIN region >> holdings to 28%. > > I suppose you can make it sound complex like that, but, in reality, it's > much simpler? You need to make sure that more of your operations > using ARIN space are in the ARIN region than anywhere else. The concept of A.I. is pretty simple too: it's a computer than thinks on a level comparable to man. Now go make it work. An execution of "plurality" in the context you've used it is every bit as nasty as what I described above. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From farmer at umn.edu Mon Sep 16 18:59:56 2013 From: farmer at umn.edu (David Farmer) Date: Mon, 16 Sep 2013 17:59:56 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: <52378D6C.2060106@umn.edu> On 9/14/13 22:58 , Matthew Petach wrote: > Why not simply use a phrase like "significant fraction" rather than > "plurality"? The problem with significant fraction, its overly vague, while plurality may not be a commonly use every day word, it does have a precise meaning and in this context that is "more than any other RIR's region". However, since there are 5 regions the smallest possible plurality would be slightly more than 20% within the ARIN region. However, in most cases a plurality will be more than that. Rather than significant fraction, if the community could agree on a percentage say 20%, 25%, or maybe 30%, as a minimum percentage within the region that would be a little simpler than plurality, and be actually something staff could implement. I do not believe significant fraction as the standard would give staff a policy that can be implemented. > change > > " a plurality of resources > requested from ARIN must be justified by technical infrastructure and > customers located within the ARIN service region, and any located > outside the region must be interconnected to the ARIN service region." > > to > > " a significant fraction of the resources requested from ARIN must be > justified by technical infrastructure or customers located within the ARIN > service region, and any located outside the region must be interconnected > to the ARIN service region." If we don't like plurality for whatever reason, I'd suggest; "a minimum of X% of the resources requested from ARIN must be justified by technical infrastructure or customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region." Where X% is something like 20%, 25%, or 30%. > (representing a global network that spans 4 RIRs, but has no > customers, I also advocate changing from "and customers" > to "or customers", to relieve networks such as the one I work > for from being unfairly excluded from obtaining ARIN resources. I'm ok with "technical infrastructure or customers", I've been debating between, and, or, and and/or myself. Are there any objections to "technical infrastructure or customers"? > I will also note for the record that as port density increases, > the number of devices we use is going down, not up. > > They cost a metric shit ton more, and suck up more power > and need more cooling--but if you're measuring by "number > of boxes" rather than "capability of boxes", I think the expectation > that the number of boxes in a network will always be increasing, > as someone else further down in the thread claimed, is prima > facie false. I don't think we want to be measuring the size of the network, at least the number of devices used to build the network. Just that there is a network, or portion of a global network, within the region. > Matt > > (for the record, while I'm suggesting alternate language that > I think might be more palatable, as currently proposed, > I oppose this proposal) Do you opposed to the whole approach? Or, Are there changes to the text that would allow you to support the Draft? Or, is there another approach to the problem you would propose? Thanks -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From farmer at umn.edu Mon Sep 16 19:06:31 2013 From: farmer at umn.edu (David Farmer) Date: Mon, 16 Sep 2013 18:06:31 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> Message-ID: <52378EF7.4010205@umn.edu> On 9/15/13 13:18 , William Herrin wrote: > On Sat, Sep 14, 2013 at 5:47 PM, Owen DeLong wrote: >> On Sep 13, 2013, at 8:53 AM, William Herrin wrote: >>> The intent of the policy proposal is to keep the use of ARIN addresses >>> in-region. I say this with the utmost respect: A 20% rule doesn't do >>> that. It does, however, create a new and potentially onerous >>> documentary burden on every registrant requesting addresses. >> >> With all due respect, if that's the intent, then I oppose the policy. > > Hi Owen, > > My paragraph above is in error. Terri clarified the intent of the > draft several messages ago. > > Paraphrasing: the authors want better public records so they know who > to go to or go after when there is a law enforcement issue. And they'd > like that to be someone within their respective jurisdictions. They > would have us tighten eligibility to those folks with some kind of > substantive legal presence in the region. Something more than "We've > registered a Delaware LLC and park IP addresses on rented equipment in > a rented data center." > > Based on her clarification, I'd drop the language which seeks to have > the number resources employed in-region. That muddies the issue and > makes consensus harder than it needs to be. The issue is not where the > IP addresses are used, but whether the registrant can be compelled to > cooperate with local law enforcement and adhere to local law. The intent of requiring a plurality or a minimum percentage is not to keep resources within the region, but along with the other requirements of a legal presence and operating a network in region, the intent is to ensure all organizations receiving resources from ARIN actually have a real presence within the ARIN region, be that a network with a footprint wholly contained within the region, a network with a global footprint based in the ARIN region, or the in-region need of a global network, based any where. Requiring a minimum percentage of resource be justified from within the region adds another level of assurance that an organization has such a real presence within the ARIN region. Without some minimum for justification within the ARIN region it would be theoretically possible for an organization to have a legal presence and operational network within region, and get resources from ARIN and use 0.001% within the region 99.999% outside the region, that just doesn't pass a smell test for me. That sounds more like they are operating a network with a global footprint that is really based out of another region, than based in the ARIN region. I think we want to allow organizations with a global network based in the region to get resources from ARIN if they wish. Some organizations may want to get resources from other RIRs, or all 5. Others organizations may find it easier to get resources from some other RIRs (those near the minimum), and a few may need to by policy (those with less than the minimum). But, the vast majority of organizations shouldn't have to get resources from other RIRs unless they want to. >>> More, "plurality" makes the 20% rule needlessly complicated. I have to >>> keep 20% in the ARIN region... unless I have 23% in the RIPE region >>> and then I need to keep 24% in the ARIN region unless I have 30% in >>> the APNIC region in which case I need 31% in the ARIN region, but if >>> that drops the RIPE region down to 27% I can reduce the ARIN region >>> holdings to 28%. >> >> I suppose you can make it sound complex like that, but, in reality, it's >> much simpler? You need to make sure that more of your operations >> using ARIN space are in the ARIN region than anywhere else. As I said in my response to Matt, I think we could simplify things by going with a minimum percentage rather than a plurality. But I agree with Owen a plurality really isn't that complicated. A minimum percentage would probably water down the requirement more that some people want. But if we can find consensus around a simple percentage then lets use that. I'm suggesting 20%, 25% or 30%, but I'd like to know what others think. -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From billdarte at gmail.com Mon Sep 16 19:48:23 2013 From: billdarte at gmail.com (Bill Darte) Date: Mon, 16 Sep 2013 18:48:23 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <52378D6C.2060106@umn.edu> References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> Message-ID: Agreed.... As much as I do not like plurality, it is far better than an arbitrary percentage in my opinion. I think an arbitrary percentage is less likely to be agreed upon, whereas plurality says what the community seems to want. That is, a portion of one's holding/business, that is in fact more than significant...it is most significant. bd On Mon, Sep 16, 2013 at 5:59 PM, David Farmer wrote: > On 9/14/13 22:58 , Matthew Petach wrote: > > Why not simply use a phrase like "significant fraction" rather than >> "plurality"? >> > > The problem with significant fraction, its overly vague, while plurality > may not be a commonly use every day word, it does have a precise meaning > and in this context that is "more than any other RIR's region". However, > since there are 5 regions the smallest possible plurality would be slightly > more than 20% within the ARIN region. However, in most cases a plurality > will be more than that. > > Rather than significant fraction, if the community could agree on a > percentage say 20%, 25%, or maybe 30%, as a minimum percentage within the > region that would be a little simpler than plurality, and be actually > something staff could implement. I do not believe significant fraction as > the standard would give staff a policy that can be implemented. > > change >> >> " a plurality of resources >> requested from ARIN must be justified by technical infrastructure and >> customers located within the ARIN service region, and any located >> outside the region must be interconnected to the ARIN service region." >> >> to >> >> " a significant fraction of the resources requested from ARIN must be >> justified by technical infrastructure or customers located within the ARIN >> service region, and any located outside the region must be interconnected >> to the ARIN service region." >> > > If we don't like plurality for whatever reason, I'd suggest; > > "a minimum of X% of the resources requested from ARIN must be justified by > technical infrastructure or customers located within the ARIN service > region, and any located outside the region must be interconnected to the > ARIN service region." > > Where X% is something like 20%, 25%, or 30%. > > (representing a global network that spans 4 RIRs, but has no >> customers, I also advocate changing from "and customers" >> to "or customers", to relieve networks such as the one I work >> for from being unfairly excluded from obtaining ARIN resources. >> > > I'm ok with "technical infrastructure or customers", I've been debating > between, and, or, and and/or myself. Are there any objections to > "technical infrastructure or customers"? > > I will also note for the record that as port density increases, >> the number of devices we use is going down, not up. >> >> They cost a metric shit ton more, and suck up more power >> and need more cooling--but if you're measuring by "number >> of boxes" rather than "capability of boxes", I think the expectation >> that the number of boxes in a network will always be increasing, >> as someone else further down in the thread claimed, is prima >> facie false. >> > > I don't think we want to be measuring the size of the network, at least > the number of devices used to build the network. Just that there is a > network, or portion of a global network, within the region. > > Matt >> >> (for the record, while I'm suggesting alternate language that >> I think might be more palatable, as currently proposed, >> I oppose this proposal) >> > > Do you opposed to the whole approach? Or, Are there changes to the text > that would allow you to support the Draft? Or, is there another approach > to the problem you would propose? > > Thanks > > -- > ==============================**================== > David Farmer Email: farmer at umn.edu > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 1-612-626-0815 > Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 > ==============================**================== > ______________________________**_________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/**listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From SRyerse at eclipse-networks.com Mon Sep 16 20:01:53 2013 From: SRyerse at eclipse-networks.com (Steven Ryerse) Date: Tue, 17 Sep 2013 00:01:53 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6 Address Space to Out-of-region Requestors - Revised Problem Statementand Policy Text In-Reply-To: <52378EF7.4010205@umn.edu> References: <5227A52D.1010802@arin.net><523276B7.9080503@umn.edu> <52378EF7.4010205@umn.edu> Message-ID: <5B9E90747FA2974D91A54FCFA1B8AD12013B86DF2D@ENI-MAIL.eclipse-networks.com> The problem here of course is there could be a legitimate international organization with over 50% of their network say in Asia and only say 2% in the US. As long as the resources are going to be used in the ARIN region it is reasonable that they should be allocated resources from ARIN. So majority or plurality doesn't work and there will always be a scenario that is legitimate but that doesn't fit into a contrived policy. I don't believe ARIN can NOT allocate resources solely because more than 50% of existing resources reside in other regions. This is an example of trying to use policy to NOT allocate resources and of course ARIN's mission is TO allocate resources. The best that could be done by policy is to require they use them within the ARIN region. I'm not sure if ARIN really wants to get into the policing business after resources have been allocated, but that is the only recourse if an org lies in their allocation request. Steven Ryerse President 100 Ashford Center North, Suite 110, Atlanta, GA? 30338 770.656.1460 - Cell 770.399.9099- Office ? Eclipse Networks, Inc. ??????? Conquering Complex Networks? -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of David Farmer Sent: Monday, September 16, 2013 7:07 PM To: William Herrin Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6 Address Space to Out-of-region Requestors - Revised Problem Statementand Policy Text On 9/15/13 13:18 , William Herrin wrote: > On Sat, Sep 14, 2013 at 5:47 PM, Owen DeLong wrote: >> On Sep 13, 2013, at 8:53 AM, William Herrin wrote: >>> The intent of the policy proposal is to keep the use of ARIN >>> addresses in-region. I say this with the utmost respect: A 20% rule >>> doesn't do that. It does, however, create a new and potentially >>> onerous documentary burden on every registrant requesting addresses. >> >> With all due respect, if that's the intent, then I oppose the policy. > > Hi Owen, > > My paragraph above is in error. Terri clarified the intent of the > draft several messages ago. > > Paraphrasing: the authors want better public records so they know who > to go to or go after when there is a law enforcement issue. And they'd > like that to be someone within their respective jurisdictions. They > would have us tighten eligibility to those folks with some kind of > substantive legal presence in the region. Something more than "We've > registered a Delaware LLC and park IP addresses on rented equipment in > a rented data center." > > Based on her clarification, I'd drop the language which seeks to have > the number resources employed in-region. That muddies the issue and > makes consensus harder than it needs to be. The issue is not where the > IP addresses are used, but whether the registrant can be compelled to > cooperate with local law enforcement and adhere to local law. The intent of requiring a plurality or a minimum percentage is not to keep resources within the region, but along with the other requirements of a legal presence and operating a network in region, the intent is to ensure all organizations receiving resources from ARIN actually have a real presence within the ARIN region, be that a network with a footprint wholly contained within the region, a network with a global footprint based in the ARIN region, or the in-region need of a global network, based any where. Requiring a minimum percentage of resource be justified from within the region adds another level of assurance that an organization has such a real presence within the ARIN region. Without some minimum for justification within the ARIN region it would be theoretically possible for an organization to have a legal presence and operational network within region, and get resources from ARIN and use 0.001% within the region 99.999% outside the region, that just doesn't pass a smell test for me. That sounds more like they are operating a network with a global footprint that is really based out of another region, than based in the ARIN region. I think we want to allow organizations with a global network based in the region to get resources from ARIN if they wish. Some organizations may want to get resources from other RIRs, or all 5. Others organizations may find it easier to get resources from some other RIRs (those near the minimum), and a few may need to by policy (those with less than the minimum). But, the vast majority of organizations shouldn't have to get resources from other RIRs unless they want to. >>> More, "plurality" makes the 20% rule needlessly complicated. I have >>> to keep 20% in the ARIN region... unless I have 23% in the RIPE >>> region and then I need to keep 24% in the ARIN region unless I have >>> 30% in the APNIC region in which case I need 31% in the ARIN region, >>> but if that drops the RIPE region down to 27% I can reduce the ARIN >>> region holdings to 28%. >> >> I suppose you can make it sound complex like that, but, in reality, >> it's much simpler? You need to make sure that more of your operations >> using ARIN space are in the ARIN region than anywhere else. As I said in my response to Matt, I think we could simplify things by going with a minimum percentage rather than a plurality. But I agree with Owen a plurality really isn't that complicated. A minimum percentage would probably water down the requirement more that some people want. But if we can find consensus around a simple percentage then lets use that. I'm suggesting 20%, 25% or 30%, but I'd like to know what others think. -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From billdarte at gmail.com Mon Sep 16 20:38:44 2013 From: billdarte at gmail.com (Bill Darte) Date: Mon, 16 Sep 2013 19:38:44 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6 Address Space to Out-of-region Requestors - Revised Problem Statementand Policy Text In-Reply-To: <5B9E90747FA2974D91A54FCFA1B8AD12013B86DF2D@ENI-MAIL.eclipse-networks.com> References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378EF7.4010205@umn.edu> <5B9E90747FA2974D91A54FCFA1B8AD12013B86DF2D@ENI-MAIL.eclipse-networks.com> Message-ID: Steve, I believe this policy would focus on the 'next' allocation...the one currently being requested from ARIN. A plurality for that one. bd On Mon, Sep 16, 2013 at 7:01 PM, Steven Ryerse wrote: > The problem here of course is there could be a legitimate international > organization with over 50% of their network say in Asia and only say 2% in > the US. As long as the resources are going to be used in the ARIN region > it is reasonable that they should be allocated resources from ARIN. So > majority or plurality doesn't work and there will always be a scenario that > is legitimate but that doesn't fit into a contrived policy. > > I don't believe ARIN can NOT allocate resources solely because more than > 50% of existing resources reside in other regions. This is an example of > trying to use policy to NOT allocate resources and of course ARIN's mission > is TO allocate resources. The best that could be done by policy is to > require they use them within the ARIN region. I'm not sure if ARIN really > wants to get into the policing business after resources have been > allocated, but that is the only recourse if an org lies in their allocation > request. > > Steven Ryerse > President > 100 Ashford Center North, Suite 110, Atlanta, GA 30338 > 770.656.1460 - Cell > 770.399.9099- Office > > ? Eclipse Networks, Inc. > Conquering Complex Networks? > > > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On > Behalf Of David Farmer > Sent: Monday, September 16, 2013 7:07 PM > To: William Herrin > Cc: arin-ppml at arin.net > Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 > andIPv6 Address Space to Out-of-region Requestors - Revised Problem > Statementand Policy Text > > On 9/15/13 13:18 , William Herrin wrote: > > On Sat, Sep 14, 2013 at 5:47 PM, Owen DeLong wrote: > >> On Sep 13, 2013, at 8:53 AM, William Herrin wrote: > >>> The intent of the policy proposal is to keep the use of ARIN > >>> addresses in-region. I say this with the utmost respect: A 20% rule > >>> doesn't do that. It does, however, create a new and potentially > >>> onerous documentary burden on every registrant requesting addresses. > >> > >> With all due respect, if that's the intent, then I oppose the policy. > > > > Hi Owen, > > > > My paragraph above is in error. Terri clarified the intent of the > > draft several messages ago. > > > > Paraphrasing: the authors want better public records so they know who > > to go to or go after when there is a law enforcement issue. And they'd > > like that to be someone within their respective jurisdictions. They > > would have us tighten eligibility to those folks with some kind of > > substantive legal presence in the region. Something more than "We've > > registered a Delaware LLC and park IP addresses on rented equipment in > > a rented data center." > > > > Based on her clarification, I'd drop the language which seeks to have > > the number resources employed in-region. That muddies the issue and > > makes consensus harder than it needs to be. The issue is not where the > > IP addresses are used, but whether the registrant can be compelled to > > cooperate with local law enforcement and adhere to local law. > > The intent of requiring a plurality or a minimum percentage is not to keep > resources within the region, but along with the other requirements of a > legal presence and operating a network in region, the intent is to ensure > all organizations receiving resources from ARIN actually have a real > presence within the ARIN region, be that a network with a footprint wholly > contained within the region, a network with a global footprint based in the > ARIN region, or the in-region need of a global network, based any where. > Requiring a minimum percentage of resource be justified from within the > region adds another level of assurance that an organization has such a real > presence within the ARIN region. > > Without some minimum for justification within the ARIN region it would be > theoretically possible for an organization to have a legal presence and > operational network within region, and get resources from ARIN and use > 0.001% within the region 99.999% outside the region, that just doesn't pass > a smell test for me. That sounds more like they are operating a network > with a global footprint that is really based out of another region, than > based in the ARIN region. > > I think we want to allow organizations with a global network based in the > region to get resources from ARIN if they wish. Some organizations may > want to get resources from other RIRs, or all 5. Others organizations may > find it easier to get resources from some other RIRs (those near the > minimum), and a few may need to by policy (those with less than the > minimum). But, the vast majority of organizations shouldn't have to get > resources from other RIRs unless they want to. > > >>> More, "plurality" makes the 20% rule needlessly complicated. I have > >>> to keep 20% in the ARIN region... unless I have 23% in the RIPE > >>> region and then I need to keep 24% in the ARIN region unless I have > >>> 30% in the APNIC region in which case I need 31% in the ARIN region, > >>> but if that drops the RIPE region down to 27% I can reduce the ARIN > >>> region holdings to 28%. > >> > >> I suppose you can make it sound complex like that, but, in reality, > >> it's much simpler? You need to make sure that more of your operations > >> using ARIN space are in the ARIN region than anywhere else. > > As I said in my response to Matt, I think we could simplify things by > going with a minimum percentage rather than a plurality. But I agree with > Owen a plurality really isn't that complicated. A minimum percentage would > probably water down the requirement more that some people want. But if we > can find consensus around a simple percentage then lets use that. I'm > suggesting 20%, 25% or 30%, but I'd like to know what others think. > > > -- > ================================================ > David Farmer Email: farmer at umn.edu > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 1-612-626-0815 > Minneapolis, MN 55414-3029 Cell: 1-612-812-9952================================================ > _______________________________________________ > PPML > You are receiving this message because you are subscribed to the ARIN > Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. -------------- next part -------------- An HTML attachment was scrubbed... URL: From SRyerse at eclipse-networks.com Mon Sep 16 20:56:26 2013 From: SRyerse at eclipse-networks.com (Steven Ryerse) Date: Tue, 17 Sep 2013 00:56:26 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6Address Space to Out-of-region Requestors - Revised Problem StatementandPolicy Text In-Reply-To: References: <5227A52D.1010802@arin.net><523276B7.9080503@umn.edu><52378EF7.4010205@umn.edu><5B9E90747F A2974D91A54FCFA1B8AD12013B86DF2D@ENI-MAIL.eclipse-networks.com> Message-ID: <5B9E90747FA2974D91A54FCFA1B8AD12013B86E089@ENI-MAIL.eclipse-networks.com> Requiring some legal presence and operational presence in the region is doable. Meeting a current footprint size as a majority percentage or a plurality percentage is irrelevant and there will always be an exception that is legitimate. Defining what a real presence means is very subjective and it means different things to different folks. The easiest thing to do in a policy is require a legal address and use of resources in the region. After that the subjective part comes in and is very difficult for ARIN to police. (I suppose ARIN could send renewals only to the legal address and then if there isn?t one it would go undelivered and thus resources go unrenewed. Probably not practical though.) Steven Ryerse President 100 Ashford Center North, Suite 110, Atlanta, GA 30338 770.656.1460 - Cell 770.399.9099- Office [Description: Description: Eclipse Networks Logo_small.png]? Eclipse Networks, Inc. Conquering Complex Networks? From: Bill Darte [mailto:billdarte at gmail.com] Sent: Monday, September 16, 2013 8:39 PM To: Steven Ryerse Cc: David Farmer; William Herrin; arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6Address Space to Out-of-region Requestors - Revised Problem StatementandPolicy Text Steve, I believe this policy would focus on the 'next' allocation...the one currently being requested from ARIN. A plurality for that one. bd On Mon, Sep 16, 2013 at 7:01 PM, Steven Ryerse > wrote: The problem here of course is there could be a legitimate international organization with over 50% of their network say in Asia and only say 2% in the US. As long as the resources are going to be used in the ARIN region it is reasonable that they should be allocated resources from ARIN. So majority or plurality doesn't work and there will always be a scenario that is legitimate but that doesn't fit into a contrived policy. I don't believe ARIN can NOT allocate resources solely because more than 50% of existing resources reside in other regions. This is an example of trying to use policy to NOT allocate resources and of course ARIN's mission is TO allocate resources. The best that could be done by policy is to require they use them within the ARIN region. I'm not sure if ARIN really wants to get into the policing business after resources have been allocated, but that is the only recourse if an org lies in their allocation request. Steven Ryerse President 100 Ashford Center North, Suite 110, Atlanta, GA 30338 770.656.1460 - Cell 770.399.9099- Office ? Eclipse Networks, Inc. Conquering Complex Networks? -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of David Farmer Sent: Monday, September 16, 2013 7:07 PM To: William Herrin Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6 Address Space to Out-of-region Requestors - Revised Problem Statementand Policy Text On 9/15/13 13:18 , William Herrin wrote: > On Sat, Sep 14, 2013 at 5:47 PM, Owen DeLong > wrote: >> On Sep 13, 2013, at 8:53 AM, William Herrin > wrote: >>> The intent of the policy proposal is to keep the use of ARIN >>> addresses in-region. I say this with the utmost respect: A 20% rule >>> doesn't do that. It does, however, create a new and potentially >>> onerous documentary burden on every registrant requesting addresses. >> >> With all due respect, if that's the intent, then I oppose the policy. > > Hi Owen, > > My paragraph above is in error. Terri clarified the intent of the > draft several messages ago. > > Paraphrasing: the authors want better public records so they know who > to go to or go after when there is a law enforcement issue. And they'd > like that to be someone within their respective jurisdictions. They > would have us tighten eligibility to those folks with some kind of > substantive legal presence in the region. Something more than "We've > registered a Delaware LLC and park IP addresses on rented equipment in > a rented data center." > > Based on her clarification, I'd drop the language which seeks to have > the number resources employed in-region. That muddies the issue and > makes consensus harder than it needs to be. The issue is not where the > IP addresses are used, but whether the registrant can be compelled to > cooperate with local law enforcement and adhere to local law. The intent of requiring a plurality or a minimum percentage is not to keep resources within the region, but along with the other requirements of a legal presence and operating a network in region, the intent is to ensure all organizations receiving resources from ARIN actually have a real presence within the ARIN region, be that a network with a footprint wholly contained within the region, a network with a global footprint based in the ARIN region, or the in-region need of a global network, based any where. Requiring a minimum percentage of resource be justified from within the region adds another level of assurance that an organization has such a real presence within the ARIN region. Without some minimum for justification within the ARIN region it would be theoretically possible for an organization to have a legal presence and operational network within region, and get resources from ARIN and use 0.001% within the region 99.999% outside the region, that just doesn't pass a smell test for me. That sounds more like they are operating a network with a global footprint that is really based out of another region, than based in the ARIN region. I think we want to allow organizations with a global network based in the region to get resources from ARIN if they wish. Some organizations may want to get resources from other RIRs, or all 5. Others organizations may find it easier to get resources from some other RIRs (those near the minimum), and a few may need to by policy (those with less than the minimum). But, the vast majority of organizations shouldn't have to get resources from other RIRs unless they want to. >>> More, "plurality" makes the 20% rule needlessly complicated. I have >>> to keep 20% in the ARIN region... unless I have 23% in the RIPE >>> region and then I need to keep 24% in the ARIN region unless I have >>> 30% in the APNIC region in which case I need 31% in the ARIN region, >>> but if that drops the RIPE region down to 27% I can reduce the ARIN >>> region holdings to 28%. >> >> I suppose you can make it sound complex like that, but, in reality, >> it's much simpler? You need to make sure that more of your operations >> using ARIN space are in the ARIN region than anywhere else. As I said in my response to Matt, I think we could simplify things by going with a minimum percentage rather than a plurality. But I agree with Owen a plurality really isn't that complicated. A minimum percentage would probably water down the requirement more that some people want. But if we can find consensus around a simple percentage then lets use that. I'm suggesting 20%, 25% or 30%, but I'd like to know what others think. -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 1468 bytes Desc: image001.jpg URL: From mueller at syr.edu Mon Sep 16 22:51:25 2013 From: mueller at syr.edu (Milton L Mueller) Date: Tue, 17 Sep 2013 02:51:25 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <5232016A.2080300@umn.edu> References: <5227A52D.1010802@arin.net> <5232016A.2080300@umn.edu> Message-ID: <855077AC3D7A7147A7570370CA01ECD24C77FC@SUEX10-mbx-10.ad.syr.edu> This policy took a winding path through the AC review process. In my view, the actual substantive policy proposed is mostly supportable, though we need to have a careful debate about the meaning of "plurality" and whether that is necessary or not. There are three other issues, none of which actually have to do with the policy, that I think need to be pointed out: 1. I have a problem with the Problem Statement. The first sentence asserts as an accepted policy something that is not really an accepted policy (ARIN number resources should be used primarily in the ARIN region, for ARIN region organizations). In other words, it assumes that we already have a policy on this, then in the second sentence, it says "there is currently no explicit policy guiding staff in this area." That's an obvious self-contradiction. I think the second statement is correct. Before I could favor moving this forward as a recommended policy, I would want to see the Problem Statement revised. 2. The Authors' comments says: > As reported at the last meeting in Barbados, ARIN staff is having > difficulty verifying organizations out-of-region. This is not actually what they said. My recollection of the meeting was that they said they had noticed that they were getting a larger number of out of region requests, and they did not feel as if they had explicit policy guidance on how to handle these requests. Insofar as there are difficulties, te policy of ensuring that the applicant for resources is an active business entity legally operating in the ARIN region solves that problem. 3. I consider the "law enforcement" rationale for this policy to be poorly thought-out and basically pointless. ARIN consists of ~ 20 jurisdictions and the other regions are composed of even more; thus, the idea that confining an RIR's address resource allocations to use within a region will ease the task of law enforcement strikes me as factually untrue, and obviously so. One might ease the task of law enforcement by requiring ALL number resources and ALL communication services to be territorially bound to a single legal jurisdiction - but this "cure" would be worse than the disease as it would fundamentally undermine the global nature of the internet. Moreover, keeping a "plurality" of use in region does NOT have anything to do with the accuracy of registration data. I also take issue, factually, with the assumption that internet criminality is facilitated or eased by registering addresses in one region rather than another. No one has provided a shred of evidence for this at any time in the process. Indeed, if a criminal operation wants to affect the North American region or the USA, the last thing it would want to do is register addresses in ARIN. Its criminal operations can reach North America without registering addresses here. So the bottom line is that this policy could have been a lot worse; I agree with almost all of the AC comments; I don't disagree with the Authors Comments so much as I think they completely miss their target and show signs of trying to use an inappropriate tool (address eligibility criteria) for a worthy goal (solving cybercrimes). > Problem Statement: > ARIN number resources should be used primarily in the ARIN region, for > ARIN region organizations. There is currently no explicit policy > guiding staff in this area, this proposal seeks to correct that. > > Policy Statement: > Create new policy Section X. > > X. Resource Justification within ARIN Region Organizations requesting > Internet number resources from ARIN must provide proof that they (1) > are an active business entity legally operating within the ARIN > service region, and (2) are operating a network located within the > ARIN service region. In addition to meeting all other applicable > policy requirements, a plurality of resources requested from ARIN must > be justified by technical infrastructure and customers located within > the ARIN service region, and any located outside the region must be > interconnected to the ARIN service region. > The same technical infrastructure or customers cannot be used to > justify resources in more than one RIR. > ### > > Authors Comments: > > Although we represent law enforcement, and have brought forth this > issue based upon our concerns and experience from a law enforcement > perspective, this is a problem in which the entire ARIN community has > a stake. > > As reported at the last meeting in Barbados, ARIN staff is having > difficulty verifying organizations out-of-region. In many of the > cases, particularly in VPS (Virtual Private Service), the only > information received on these organizations by ARIN is a customer name > and IP address. This information cannot be properly verified by ARIN. > Accuracy of registration data is critical to not only law enforcement, > but the greater ARIN community as it relates to abuse contact and > complaints. In fact, most issues facing law enforcement are also > shared by legitimate companies attempting, for instance, to identify > an organization that has hijacked their IP address space. > > The expedited depletion of IPv4 address space in the ARIN region > certainly seems to negatively impact those organizations currently > operating in the region that may need to return to ARIN for additional > IPv4 address space. While law enforcement?s concern is that criminal > organizations outside of the ARIN region can easily and quickly > request large blocks of IPv4 address space from ARIN, organizations > that are not truly global organizations, but specific national > companies from the RIPE and APNIC regions, also have this capability > which is detrimental to true ARIN region organizations. > > This policy proposal is re-enforcing practices the ARIN staff > currently employs to ensure that ARIN IP space is used for and by > companies that are legitimate and have a legitimate presence in the > ARIN region. This policy will assist in defining clear criteria that > will be helpful to ARIN staff and the community. > > The primary role of RIRs is to manage and distribute public Internet > address space within their respective regions. The problem brought > forth here clearly undermines the current RIR model; if any > organization can acquire IP address space from any region, what then > is the purpose of the geographical breakdown of the five RIRs? > > Advisory Council Comments: > > The term "Internet number resources" or more simply "resources" should > be used instead of "IP Blocks" to more accurately reflect the totality > of the Registry. This implies both IPv4 and IPv6, as well as ASNs. > While Internet registries are organized on a regional basis, policy > must recognize that many networks, services and operations are > trans-regional and it would be burdensome and impractical to attempt > to strictly enforce territorially exclusive allocations. Therefore, > policy should seek to balance the regional structure of address > allocation with flexibility of service provision, by ensuring that > ARIN?s resources are primarily aligned with the ARIN service region > but facilitate flexibility and efficiency of use by applicants from any region. > There are concerns that out of region organizations should be able to > request resources for use within the ARIN service region. The proposed > text accommodates this issue by requiring only proof that an > organization is "legally operating within the ARIN Service Region". > This includes business entities formed in the region, or other > business entities with legal branch offices within the region. So, as > long as an out of region organization is "legally operating within the > ARIN Service Region" they can request resources from ARIN. > > Current operational practice is to require an organization be formed > within the ARIN service region. However, if this were applied by all > the RIRs, a global network would be required to have a minimum of five > subsidiaries, one formed in each of the five RIR regions, this seems > overly burdensome. Good resource policy should consider the > consequences of all RIRs adopting the same policy. > > Previous discussions of the topic indicated that it is difficult to > enforce and undesirable for many in the community to dictate where > resources are to be used once they are allocated. A strategy to deal > with this is to focus the policy on the technical infrastructure and > customers used to justify the requested number resources from ARIN, as > opposed to where resources are actually used once allocated. This is a > subtle but important distinction. > > While resources received from ARIN may be used outside the ARIN > region, a common technical infrastructure must interconnect the use of > these resources to the ARIN region. This provides a necessary nexus > with the ARIN service region for such out of region use. Therefore, if > a discrete network is operating within another region, not > interconnected to the ARIN region, then resources for that discrete > network should be requested from that region's RIR. > > A concern was raised that this policy shouldn't limit or interfere > with outbound inter-RIR transfers. If we focus on what justifies a > request for resources from ARIN, outbound inter-RIR transfers > shouldn't be affected, as they are clearly based on the receiving RIR's policies. > > From previous discussions of the topic, "double dipping" should not > be allowed, that is using the same technical infrastructure or > customers to justify resources from ARIN and another RIR at the same time. > The legal jurisdiction an organization is formed in doesn?t > necessarily reflect the jurisdictions in which it operates, or even > that it operates a network in a jurisdiction. This implies that we > should have both technical and legal requirements regarding operating > within the ARIN service region in order to receive resources. > > The original text used the term "majority", seeming to describe a > "simple," "absolute" or "overall" majority, which means greater than > 50%. Many organizations don't have greater than 50% of their users or > customers in any one region. A "plurality", "relative majority", > "largest of", or more specifically "more than any other RIR's service > region" seems to be the intended and appropriate meaning of the term > "majority" in this context. Let's clarify that intent by using the > term "plurality". > > The intent is not to require an organization to have an overall > plurality of its technical infrastructure and customers within the > ARIN service region. Rather, it is to ensure that the plurality of > currently requested resources is justified from within the ARIN > region. If an organization?s primary, or largest, demand for resources > is in another region then the organization should request resources > from that region's RIR. > -- > > ## * ## -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From owen at delong.com Mon Sep 16 23:35:25 2013 From: owen at delong.com (Owen DeLong) Date: Mon, 16 Sep 2013 20:35:25 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6 Address Space to Out-of-region Requestors - Revised Problem Statementand Policy Text In-Reply-To: <5B9E90747FA2974D91A54FCFA1B8AD12013B86DF2D@ENI-MAIL.eclipse-networks.com> References: <5227A52D.1010802@arin.net><523276B7.9080503@umn.edu> <52378EF7.4010205@umn.edu> <5B9E90747FA2974D91A54FCFA1B8AD12013B86DF2D@ENI-MAIL.eclipse-networks.com> Message-ID: <4BCB65B9-6174-4109-9A3A-36A81B6A5288@delong.com> On Sep 16, 2013, at 5:01 PM, Steven Ryerse wrote: > The problem here of course is there could be a legitimate international organization with over 50% of their network say in Asia and only say 2% in the US. As long as the resources are going to be used in the ARIN region it is reasonable that they should be allocated resources from ARIN. So majority or plurality doesn't work and there will always be a scenario that is legitimate but that doesn't fit into a contrived policy. Such an organization should be getting their resources from APNIC or at least their resources for their APNIC region networks. This policy would allow such an organization to get ARIN resources for what they use in the ARIN region and for some fraction of what they use out of region, so long as what they use in other regions does not exceed what they use in the ARIN region. It does not affect or count their resources from other RIRs except that it does prohibit double-dipping from two RIRs for the same resources. As such, what you state as a problem above appears not to apply. > I don't believe ARIN can NOT allocate resources solely because more than 50% of existing resources reside in other regions. This is an example of trying to use policy to NOT allocate resources and of course ARIN's mission is TO allocate resources. The best that could be done by policy is to require they use them within the ARIN region. I'm not sure if ARIN really wants to get into the policing business after resources have been allocated, but that is the only recourse if an org lies in their allocation request. If more than 50% of the existing ARIN resources are being used outside of the ARIN region, then it makes far more sense for that organization to get resources for their out-of-region networks from the appropriate RIR and move those resources back into the ARIN region prior to receiving more ARIN resources. Owen > > Steven Ryerse > President > 100 Ashford Center North, Suite 110, Atlanta, GA 30338 > 770.656.1460 - Cell > 770.399.9099- Office > > ? Eclipse Networks, Inc. > Conquering Complex Networks? > > > -----Original Message----- > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of David Farmer > Sent: Monday, September 16, 2013 7:07 PM > To: William Herrin > Cc: arin-ppml at arin.net > Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 andIPv6 Address Space to Out-of-region Requestors - Revised Problem Statementand Policy Text > > On 9/15/13 13:18 , William Herrin wrote: >> On Sat, Sep 14, 2013 at 5:47 PM, Owen DeLong wrote: >>> On Sep 13, 2013, at 8:53 AM, William Herrin wrote: >>>> The intent of the policy proposal is to keep the use of ARIN >>>> addresses in-region. I say this with the utmost respect: A 20% rule >>>> doesn't do that. It does, however, create a new and potentially >>>> onerous documentary burden on every registrant requesting addresses. >>> >>> With all due respect, if that's the intent, then I oppose the policy. >> >> Hi Owen, >> >> My paragraph above is in error. Terri clarified the intent of the >> draft several messages ago. >> >> Paraphrasing: the authors want better public records so they know who >> to go to or go after when there is a law enforcement issue. And they'd >> like that to be someone within their respective jurisdictions. They >> would have us tighten eligibility to those folks with some kind of >> substantive legal presence in the region. Something more than "We've >> registered a Delaware LLC and park IP addresses on rented equipment in >> a rented data center." >> >> Based on her clarification, I'd drop the language which seeks to have >> the number resources employed in-region. That muddies the issue and >> makes consensus harder than it needs to be. The issue is not where the >> IP addresses are used, but whether the registrant can be compelled to >> cooperate with local law enforcement and adhere to local law. > > The intent of requiring a plurality or a minimum percentage is not to keep resources within the region, but along with the other requirements of a legal presence and operating a network in region, the intent is to ensure all organizations receiving resources from ARIN actually have a real presence within the ARIN region, be that a network with a footprint wholly contained within the region, a network with a global footprint based in the ARIN region, or the in-region need of a global network, based any where. Requiring a minimum percentage of resource be justified from within the region adds another level of assurance that an organization has such a real presence within the ARIN region. > > Without some minimum for justification within the ARIN region it would be theoretically possible for an organization to have a legal presence and operational network within region, and get resources from ARIN and use 0.001% within the region 99.999% outside the region, that just doesn't pass a smell test for me. That sounds more like they are operating a network with a global footprint that is really based out of another region, than based in the ARIN region. > > I think we want to allow organizations with a global network based in the region to get resources from ARIN if they wish. Some organizations may want to get resources from other RIRs, or all 5. Others organizations may find it easier to get resources from some other RIRs (those near the minimum), and a few may need to by policy (those with less than the minimum). But, the vast majority of organizations shouldn't have to get resources from other RIRs unless they want to. > >>>> More, "plurality" makes the 20% rule needlessly complicated. I have >>>> to keep 20% in the ARIN region... unless I have 23% in the RIPE >>>> region and then I need to keep 24% in the ARIN region unless I have >>>> 30% in the APNIC region in which case I need 31% in the ARIN region, >>>> but if that drops the RIPE region down to 27% I can reduce the ARIN >>>> region holdings to 28%. >>> >>> I suppose you can make it sound complex like that, but, in reality, >>> it's much simpler? You need to make sure that more of your operations >>> using ARIN space are in the ARIN region than anywhere else. > > As I said in my response to Matt, I think we could simplify things by going with a minimum percentage rather than a plurality. But I agree with Owen a plurality really isn't that complicated. A minimum percentage would probably water down the requirement more that some people want. But if we can find consensus around a simple percentage then lets use that. I'm suggesting 20%, 25% or 30%, but I'd like to know what others think. > > > -- > ================================================ > David Farmer Email: farmer at umn.edu > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 1-612-626-0815 > Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ > _______________________________________________ > PPML > You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. From owen at delong.com Mon Sep 16 23:47:39 2013 From: owen at delong.com (Owen DeLong) Date: Mon, 16 Sep 2013 20:47:39 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <855077AC3D7A7147A7570370CA01ECD24C77FC@SUEX10-mbx-10.ad.syr.edu> References: <5227A52D.1010802@arin.net> <5232016A.2080300@umn.edu> <855077AC3D7A7147A7570370CA01ECD24C77FC@SUEX10-mbx-10.ad.syr.edu> Message-ID: <9D291C5B-8163-4E2C-8A67-691089E16843@delong.com> On Sep 16, 2013, at 7:51 PM, Milton L Mueller wrote: > > This policy took a winding path through the AC review process. In my view, the actual substantive policy proposed is mostly supportable, though we need to have a careful debate about the meaning of "plurality" and whether that is necessary or not. > > There are three other issues, none of which actually have to do with the policy, that I think need to be pointed out: > > 1. I have a problem with the Problem Statement. The first sentence asserts as an accepted policy something that is not really an accepted policy (ARIN number resources should be used primarily in the ARIN region, for ARIN region organizations). In other words, it assumes that we already have a policy on this, then in the second sentence, it says "there is currently no explicit policy guiding staff in this area." That's an obvious self-contradiction. I think the second statement is correct. Before I could favor moving this forward as a recommended policy, I would want to see the Problem Statement revised. Milton, please read the NRPM? 2.2. Regional Internet Registry (RIR) Regional Internet Registries (RIRs) are established and authorized by respective regional communities, and recognized by the IANA to serve and represent large geographical regions. The primary role of RIRs is to manage and distribute public Internet address space within their respective regions. Staff has been tightening up their interpretation of this in recent years. In the past, it used to be relatively easy for any multinational organization headquartered in the ARIN region to get address space for their world-wide network. Today, it is difficult to get ARIN to approve anything not justified by in-region operations. > 2. The Authors' comments says: > >> As reported at the last meeting in Barbados, ARIN staff is having >> difficulty verifying organizations out-of-region. > > This is not actually what they said. My recollection of the meeting was that they said they had noticed that they were getting a larger number of out of region requests, and they did not feel as if they had explicit policy guidance on how to handle these requests. Insofar as there are difficulties, te policy of ensuring that the applicant for resources is an active business entity legally operating in the ARIN region solves that problem. I think the actual reality is somewhere in between these two extreme views of what was said. I believe ARIN is getting a lot of "in-region" requests that are from providers using VPNs to connect out-of-region customers and ARIN lacks guidance on how to treat these requests as to whether to consider them in-region or out-of-region. Frankly, I'm not 100% sure that this proposal addresses the issue raised or helps staff resolve that issue at all. > 3. I consider the "law enforcement" rationale for this policy to be poorly thought-out and basically pointless. ARIN consists of ~ 20 jurisdictions and the other regions are composed of even more; thus, the idea that confining an RIR's address resource allocations to use within a region will ease the task of law enforcement strikes me as factually untrue, and obviously so. One might ease the task of law enforcement by requiring ALL number resources and ALL communication services to be territorially bound to a single legal jurisdiction - but this "cure" would be worse than the disease as it would fundamentally undermine the global nature of the internet. While it's not a panacea, I can see some benefit to law enforcement within the region being able to depend on a consistent set of policies for organizations receiving address space from the RIR to have legal presence within the region. Owen -------------- next part -------------- An HTML attachment was scrubbed... URL: From jcurran at arin.net Tue Sep 17 11:05:40 2013 From: jcurran at arin.net (John Curran) Date: Tue, 17 Sep 2013 15:05:40 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <9D291C5B-8163-4E2C-8A67-691089E16843@delong.com> References: <5227A52D.1010802@arin.net> <5232016A.2080300@umn.edu> <855077AC3D7A7147A7570370CA01ECD24C77FC@SUEX10-mbx-10.ad.syr.edu> <9D291C5B-8163-4E2C-8A67-691089E16843@delong.com> Message-ID: On Sep 16, 2013, at 11:47 PM, Owen DeLong wrote: > Staff has been tightening up their interpretation of this in recent years. In the past, it used to be relatively easy for any multinational organization headquartered in the ARIN region to get address space for their world-wide network. Today, it is difficult to get ARIN to approve anything not justified by in-region operations. It is correct that ARIN's existing practice requires the requestor to have a legal presence in the ARIN region and to operate a network in region. > I think the actual reality is somewhere in between these two extreme views of what was said. I believe ARIN is getting a lot of "in-region" requests that are from providers using VPNs to connect out-of-region customers and ARIN lacks guidance on how to treat these requests as to whether to consider them in-region or out-of-region. If number resources are being requested for infrastructure in the region (and based on customers within the region) then it is clear that issuing space meets the goal to "manage and distribute public Internet address space within their respective regions" The Policy Experience Report noted that it is not quite as clear when a request comes for issuance of address space for infrastructure in the region but it is in order to serve customers outside the region. This could be in keeping with community expectation, or could be contrary to same; it is not clear that there was any discussion of that potential situation during policy development. It is also worth noting that we presently approve these requests, if there is a legal presence and network infrastructure in region. FYI, /John John Curran President and CEO ARIN From mpetach at netflight.com Tue Sep 17 11:20:43 2013 From: mpetach at netflight.com (Matthew Petach) Date: Tue, 17 Sep 2013 08:20:43 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <52378D6C.2060106@umn.edu> References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> Message-ID: On Mon, Sep 16, 2013 at 3:59 PM, David Farmer wrote: > On 9/14/13 22:58 , Matthew Petach wrote: > > Why not simply use a phrase like "significant fraction" rather than >> "plurality"? >> > > The problem with significant fraction, its overly vague, while plurality > may not be a commonly use every day word, it does have a precise meaning > and in this context that is "more than any other RIR's region". However, > since there are 5 regions the smallest possible plurality would be slightly > more than 20% within the ARIN region. However, in most cases a plurality > will be more than that. > > Rather than significant fraction, if the community could agree on a > percentage say 20%, 25%, or maybe 30%, as a minimum percentage within the > region that would be a little simpler than plurality, and be actually > something staff could implement. I do not believe significant fraction as > the standard would give staff a policy that can be implemented. > > Can you clarify if this policy only applies to *new* requests, or if it is meant to apply to *all* number resources requested from ARIN? I have a serious problem with trying to assign a fixed value if this is meant to apply to existing as well as new number resources. But if it it only applies to new requests, and the requirement for a plurality of the *new* request being used to service needs somewhere within the ARIN region, I see that as less onerous than the notion of a plurality of *all* number resources having to be within the ARIN region. > > change >> >> " a plurality of resources >> requested from ARIN must be justified by technical infrastructure and >> customers located within the ARIN service region, and any located >> outside the region must be interconnected to the ARIN service region." >> >> to >> >> " a significant fraction of the resources requested from ARIN must be >> justified by technical infrastructure or customers located within the ARIN >> service region, and any located outside the region must be interconnected >> to the ARIN service region." >> > > If we don't like plurality for whatever reason, I'd suggest; > > "a minimum of X% of the resources requested from ARIN must be justified by > technical infrastructure or customers located within the ARIN service > region, and any located outside the region must be interconnected to the > ARIN service region." > > Where X% is something like 20%, 25%, or 30%. So, how about something like this, then? "a minimum of 20% of the *new* resources requested from ARIN must be justified by technical infrastructure or customers physically located within the borders of ARIN member countries, and any technical infrastructure or customers located outside the ARIN region must be physically interconnected to the ARIN service region" > > > (representing a global network that spans 4 RIRs, but has no >> customers, I also advocate changing from "and customers" >> to "or customers", to relieve networks such as the one I work >> for from being unfairly excluded from obtaining ARIN resources. >> > > I'm ok with "technical infrastructure or customers", I've been debating > between, and, or, and and/or myself. Are there any objections to > "technical infrastructure or customers"? No objections to "technical infrastructure or customers", nope. > > > I will also note for the record that as port density increases, >> the number of devices we use is going down, not up. >> >> They cost a metric shit ton more, and suck up more power >> and need more cooling--but if you're measuring by "number >> of boxes" rather than "capability of boxes", I think the expectation >> that the number of boxes in a network will always be increasing, >> as someone else further down in the thread claimed, is prima >> facie false. >> > > I don't think we want to be measuring the size of the network, at least > the number of devices used to build the network. Just that there is a > network, or portion of a global network, within the region. OK; so "20%" could be measured in terms of cost of devices in the ARIN region, rather than device count, in the case of a network that has a few very large, very expensive network elements in the ARIN region, but hundreds of small, inexpensive nodes outside of the ARIN region. > > > Matt >> >> (for the record, while I'm suggesting alternate language that >> I think might be more palatable, as currently proposed, >> I oppose this proposal) >> > > Do you opposed to the whole approach? Or, Are there changes to the text > that would allow you to support the Draft? Or, is there another approach > to the problem you would propose? > > I keep feeling like we're approaching the problem from the wrong angle. :/ I don't have a better approach yet, but I'm trying to noodle over it. Fundamentally, we're trying to ensure that entities that obtain number resources in the ARIN region are registered with physical addresses somewhere in the ARIN region, and that the addresses get used primarily in the ARIN region, right? Maybe we should stick to simpler language like that, rather than explicitly trying to identify percentages of customers, or costs of devices? Thanks! Matt > Thanks > > > -- > ==============================**================== > David Farmer Email: farmer at umn.edu > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 1-612-626-0815 > Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 > ==============================**================== > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jcurran at arin.net Tue Sep 17 12:11:34 2013 From: jcurran at arin.net (John Curran) Date: Tue, 17 Sep 2013 16:11:34 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> Message-ID: <3ADF9814-94BE-4F63-9FB4-A84ACAF56083@arin.net> On Sep 17, 2013, at 11:20 AM, Matthew Petach wrote: > Can you clarify if this policy only applies > to *new* requests, or if it is meant to apply > to *all* number resources requested from > ARIN? In general, ARIN does not apply new policies to blocks already issued. We are capable of applying new policies to previously issued address blocks, but such changes should be very carefully considered due to potential implications (and actual application to any given block may be constrained by the terms and conditions with the applicable registration service agreement.) Examples of where new policies have been applied to existing blocks are generally proposals clearly expressed as registry wide, e.g. addition of the abuse contact, point-of-contact validation, etc; ARIN staff otherwise interprets the policy as applicable to new blocks as they are being issued. FYI, /John John Curran President and CEO ARIN From farmer at umn.edu Tue Sep 17 12:44:18 2013 From: farmer at umn.edu (David Farmer) Date: Tue, 17 Sep 2013 11:44:18 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <3ADF9814-94BE-4F63-9FB4-A84ACAF56083@arin.net> References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> <3ADF9814-94BE-4F63-9FB4-A84ACAF56083@arin.net> Message-ID: <523886E2.3080507@umn.edu> On 9/17/13 11:11 , John Curran wrote: > On Sep 17, 2013, at 11:20 AM, Matthew Petach wrote: > >> Can you clarify if this policy only applies >> to *new* requests, or if it is meant to apply >> to *all* number resources requested from >> ARIN? > > In general, ARIN does not apply new policies to blocks already issued. > > We are capable of applying new policies to previously issued address > blocks, but such changes should be very carefully considered due to > potential implications (and actual application to any given block may be > constrained by the terms and conditions with the applicable registration > service agreement.) Examples of where new policies have been applied > to existing blocks are generally proposals clearly expressed as registry > wide, e.g. addition of the abuse contact, point-of-contact validation, etc; > ARIN staff otherwise interprets the policy as applicable to new blocks > as they are being issued. > > FYI, > /John I'll add that previously in the thread I said "For an abundance of clarity I'd be happy to add something like the following in the Advisory Council Comments section before the text freeze;" "This policy is not intended to have any retroactive effect. It should not be construed to effect or invalidate any assignment or allocation previously made by ARIN, one of its predecessor registries, or any ISP or other LIR, based on good faith application information. In particular direct assignments previously made to individuals are not invalidated by this policy. However, this policy is intended to disallow any new assignment or allocation made directly to an individual person, as is current operational practice." Additionally, Advisory Council Comments section, says the following; "Previous discussions of the topic indicated that it is difficult to enforce and undesirable for many in the community to dictate where resources are to be used once they are allocated. A strategy to deal with this is to focus the policy on the technical infrastructure and customers used to justify the requested number resources from ARIN, as opposed to where resources are actually used once allocated. This is a subtle but important distinction." ... "The intent is not to require an organization to have an overall plurality of its technical infrastructure and customers within the ARIN service region. Rather, it is to ensure that the plurality of currently requested resources is justified from within the ARIN region. If an organization?s primary, or largest, demand for resources is in another region then the organization should request resources from that region's RIR." Thanks -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From farmer at umn.edu Tue Sep 17 14:45:41 2013 From: farmer at umn.edu (David Farmer) Date: Tue, 17 Sep 2013 13:45:41 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> Message-ID: <5238A355.4040700@umn.edu> I'm going to break this up into separate sub threads. On 9/17/13 10:20 , Matthew Petach wrote: > On Mon, Sep 16, 2013 at 3:59 PM, David Farmer > wrote: > > On 9/14/13 22:58 , Matthew Petach wrote: ... > change > > " a plurality of resources requested from ARIN must be justified by technical > infrastructure and customers located within the ARIN service region, and any located > outside the region must be interconnected to the ARIN service region." > > to > > " a significant fraction of the resources requested from ARIN > must be justified by technical infrastructure or customers located > within the ARIN service region, and any located outside the region must be > interconnected to the ARIN service region." > > > If we don't like plurality for whatever reason, I'd suggest; > > "a minimum of X% of the resources requested from ARIN must be > justified by technical infrastructure or customers located within > the ARIN service region, and any located outside the region must be > interconnected to the ARIN service region." > > Where X% is something like 20%, 25%, or 30%. > > > So, how about something like this, then? > > "a minimum of 20% of the *new* resources requested from ARIN must be > justified by technical infrastructure or customers physically located within > the borders of ARIN member countries, and any technical infrastructure > or customers located outside the ARIN region must be physically > interconnected to the ARIN service region" I will modify the current language adding "new" making it "a plurality of new resources requested" before the text freeze, I think that clarifies the current intent. Are there any objections to the "new resources requested" language? However, I'd like to hear more comments in support of a flat 20% standard before I'm willing to make that change, as I think that significantly changes the intent, at least in the view of some. As an Individual I'd support a flat 20% standard. But as the primary shepherd for the proposal, I'm a little worried we would loose as much or more support than we would gain with that change. So, I need a better read on what the community as a whole thinks of a flat 20% standard before making that change. No matter what, I will include that in the questions I take to the floor of the PPM. As for some of the other additions I'm not sure "physically located within the borders of ARIN member countries" add much verses "located within the ARIN service region", or "physically interconnected" vs. "interconnected". In your opinion what do these changes add? Thanks -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From cgrundemann at gmail.com Tue Sep 17 14:03:18 2013 From: cgrundemann at gmail.com (Chris Grundemann) Date: Tue, 17 Sep 2013 12:03:18 -0600 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: <520BC004.6000106@arin.net> References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> Message-ID: Hail PPML! We've seen no additional feedback to this most recent version (v3 13 August 2013) of ARIN-2013-4. We have attempted to include all of the feedback received into this latest version of text and I personally hope that all major issues have been addressed. This current text aims to document existing practice based on historical norms which best instruct the driving principles required to successfully operate an RIR. If that mark has been hit or missed, we need your feedback to properly gauge. Please include a clear statement of support or opposition when responding. Thank you, ~Chris On Wed, Aug 14, 2013 at 11:36 AM, ARIN wrote: > Draft Policy ARIN-2013-4 > RIR Principles > > Revised text for ARIN-2013-4 is below and can be found at: > https://www.arin.net/policy/**proposals/2013_4.html > > The AC will evaluate the discussion in order to assess the conformance of > this draft policy with ARIN's Principles of Internet Number Resource Policy > as stated in the PDP. Specifically, these principles are: > > > * Enabling Fair and Impartial Number Resource Administration > * Technically Sound > * Supported by the Community > > The ARIN Policy Development Process (PDP) can be found at: > https://www.arin.net/policy/**pdp.html > > Draft Policies and Proposals under discussion can be found at: > https://www.arin.net/policy/**proposals/index.html > > Regards, > > Communications and Member Services > American Registry for Internet Numbers (ARIN) > > > ## * ## > > > > Draft Policy ARIN-2013-4 > RIR Principles > > Policy Statement (v3 14 August 2013): > > Section 0: Principles and Goals of the Internet Registry System > > 0.1. Registration > > The principle of registration guarantees the uniqueness of Internet number > resources. > > Provision of this public registry documenting Internet number resource > allocation, reallocation, assignment, and reassignment is necessary: > a) to ensure uniqueness, > b) to provide a contact in case of operational/security problems, > c) to provide the transparency required to ensure that Internet number > resources are efficiently utilized, and > d) to assist in IP allocation studies. > > 0.2. Conservation > > The principle of conservation guarantees sustainability of the Internet > through efficient utilization of unique number resources. > > Due to the requirement for uniqueness, Internet number resources of each > type are drawn from a common number space. Conservation of these common > number spaces requires that Internet number resources be efficiently > distributed to those organizations who have a technical need for them in > support of operational networks. > > 0.3. Routability > > The principle of routability guarantees that Internet number resources are > managed in such a manner that they may be routed on the Internet in a > scalable manner. > > While routing scalability is necessary to ensure proper operation of > Internet routing, allocation or assignment of Internet number resources by > ARIN in no way guarantees that those addresses will be routed by any > particular network operator. > > 0.4. Stewardship > > The principle of stewardship guarantees the application of these > principles when managing Internet number resources. > > The fundamental purpose of Internet number stewardship is to distribute > unique number resources to entities building and operating networks thereby > facilitating the growth and sustainability of the Internet for the benefit > of all. > > It should be noted that the above goals may sometimes be in conflict with > each other and with the interests of individual end-users or network > operators. Care must be taken to ensure balance with these conflicting > goals given the resource availability, relative size of the resource, and > number resource specific technical dynamics, for each type of number > resource. For example, Conservation often requires greater consideration in > IPv4 address distribution due to the limited size of the address space, > Routability has a higher weight for the massive IPv6 address space, and AS > numbers place the highest value on Registration because they come from a > moderately sized pool and are not subject to aggregation. > > > On 08/Jul/2013 5:34 PM, ARIN wrote: > >> Draft Policy ARIN-2013-4 >> RIR Principles >> >> Revised text for ARIN-2013-4 is below and can be found at: >> https://www.arin.net/policy/**proposals/2013_4.html >> >> The AC will evaluate the discussion in order to assess the conformance >> of this draft policy with ARIN's Principles of Internet Number Resource >> Policy as stated in the PDP. Specifically, these principles are: >> >> >> * Enabling Fair and Impartial Number Resource Administration >> * Technically Sound >> * Supported by the Community >> >> The ARIN Policy Development Process (PDP) can be found at: >> https://www.arin.net/policy/**pdp.html >> >> Draft Policies and Proposals under discussion can be found at: >> https://www.arin.net/policy/**proposals/index.html >> >> Regards, >> >> Communications and Member Services >> American Registry for Internet Numbers (ARIN) >> >> >> ## * ## >> >> >> >> Draft Policy ARIN-2013-4 >> RIR Principles >> >> Policy Statement (v2 8 July 2013): >> >> Section 0: Principles and Goals of the Internet Registry System >> >> 0.1. Registration >> >> The principle of registration guarantees the uniqueness of Internet >> number resources. >> >> Provision of this public registry documenting Internet number resource >> allocation, reallocation, assignment, and reassignment is necessary: >> >> a) to ensure uniqueness and to to provide operational staff with >> information on who is using each number resource, >> b) to provide a contact in case of operational/security problems, >> c) to provide the transparency required to ensure that Internet number >> resources are efficiently utilized, and >> d) to assist in IP allocation studies. >> >> 0.1. Conservation >> >> The principle of conservation guarantees sustainability of the >> Internet through efficient utilization of unique number resources. >> >> Due to the requirement for uniqueness, Internet number resources of >> each type are drawn from a common number space. Conservation of these >> common number spaces requires that Internet number resources be >> efficiently distributed to those organizations who have a technical >> need for them in support of operational networks. >> >> 0.2. Routability >> >> The principle of routability guarantees that Internet number resources >> are managed in such a manner that they may be routed on the Internet >> in a scalable manner. >> >> Routing scalability is necessary to ensure proper operation of >> Internet routing, although it must be stressed that routability is in >> no way guaranteed with the allocation or assignment of Internet number >> resources. >> >> 0.4. Stewardship >> >> The principle of stewardship guarantees the application of these >> principles when managing Internet number resources. >> >> It should be noted that the above goals may sometimes be in conflict >> with each other and with the interests of individual end-users or >> network operators. Care must be taken to ensure balance with these >> conflicting goals given the resource availability, relative size of >> the resource, and number resource specific technical dynamics, for >> each type of number resource. >> >> For example, Conservation often requires greater consideration in IPv4 >> address distribution due to the limited size of the address space, >> Routability has a higher weight for the massive IPv6 address space, >> and AS numbers place the highest value on Registration because they >> come from a moderately sized pool and are not subject to aggregation. >> >> >> >> >> On 5/17/13 12:53 PM, ARIN wrote: >> >>> Draft Policy ARIN-2013-4 >>> RIR Principles >>> >>> On 16 May 2013 the ARIN Advisory Council (AC) accepted "ARIN-prop-187 >>> RIR Principles" as a Draft Policy. >>> >>> Draft Policy ARIN-2013-4 is below and can be found at: >>> https://www.arin.net/policy/**proposals/2013_4.html >>> >>> You are encouraged to discuss the merits and your concerns of Draft >>> Policy 2013-4 on the Public Policy Mailing List. 2013-4 will also be on >>> the agenda at the upcoming ARIN Public Policy Consultation at NANOG 58 >>> in New Orleans. >>> >>> The AC will evaluate the discussion in order to assess the conformance >>> of this draft policy with ARIN's Principles of Internet Number Resource >>> Policy as stated in the PDP. Specifically, these principles are: >>> >>> >>> * Enabling Fair and Impartial Number Resource Administration >>> * Technically Sound >>> * Supported by the Community >>> >>> The ARIN Policy Development Process (PDP) can be found at: >>> https://www.arin.net/policy/**pdp.html >>> >>> Draft Policies and Proposals under discussion can be found at: >>> https://www.arin.net/policy/**proposals/index.html >>> >>> Regards, >>> >>> Communications and Member Services >>> American Registry for Internet Numbers (ARIN) >>> >>> >>> ## * ## >>> >>> >>> >>> Draft Policy ARIN-2013-4 >>> RIR Principles >>> >>> Date: 17 May 2013 >>> >>> Problem Statement: >>> >>> The original text in RFC 2050 both "describes the registry system for >>> the distribution of globally unique Internet address space and registry >>> operations" and provides "rules and guidelines [principles] governing >>> the distribution of this address space." >>> >>> The currently proposed update (RFC2050bis) "provides information about >>> the current Internet Numbers Registry System used in the distribution of >>> globally unique Internet Protocol (IP) address space and autonomous >>> system (AS) numbers" and "provides information about the processes for >>> further evolution of the Internet Numbers Registry System." >>> >>> This means that the guiding principles of stewardship are not currently >>> being carried forward into the new document. The goals of Conservation >>> (efficient utilization based on need), Routability (hierarchical >>> aggregation), and Registration (uniqueness) are as important, if not >>> more so, now that the transition to IPv6 is upon us. This can be >>> rectified by documenting these principles in RIR policy. >>> >>> Policy Statement: >>> >>> Section 0: Principles and Goals of the Internet Registry System >>> >>> 0.1. Efficient utilization based on need (Conservation) >>> >>> Policies for managing Internet number resources must support fair >>> distribution of globally unique Internet address space according to the >>> operational needs of the end-users and Internet Service Providers >>> operating networks using this address space. The registry should prevent >>> stockpiling in order to maximize the conservation and efficient >>> utilization of the Internet address space. >>> >>> 0.1.1. Documented Justified Need (Needs Based) >>> >>> Assignment of Internet number resources is based on documented >>> operational need. Utilization rate of address space will be a key factor >>> in number resource assignment. To this end, registrants should have >>> documented justified need available for each assignment. Organizations >>> will be assigned resources based on immediate utilization plus expected >>> utilization. >>> >>> In order to promote increased usage of Internet number resources, >>> resource holders will be required to provide an accounting of resources >>> currently held demonstrating efficient utilization. Internet number >>> resources are valid as long as the criteria continues to be met. The >>> transfer of Internet number resources from one party to another must be >>> approved by the regional registries. The party trying to obtain the >>> resources must meet the same criteria as if they were requesting >>> resources directly from the IR. >>> >>> All Internet number resource requests are subject to audit and >>> verification by any means deemed appropriate by the regional registry. >>> >>> 0.2. Hierarchical aggregation (Routability) >>> >>> Policies for managing Internet number resources must support >>> distribution of globally unique Internet addresses in a hierarchical >>> manner, permitting the routing scalability of the addresses. This >>> scalability is necessary to ensure proper operation of Internet routing, >>> although it must be stressed that routability is in no way guaranteed >>> with the allocation or assignment of IPv4 addresses. >>> >>> 0.3. Uniqueness (Registration) >>> >>> Provision of a public registry documenting Internet number resource >>> allocation, reallocation, assignment, and reassignment is necessary to: >>> >>> a) ensure uniqueness and to to provide operational staff with >>> information on who is using the number resource b) to provide a contact >>> in case of operational/security problems (e.g. Law Enforcement) c) to >>> ensure that a provider has exhausted a majority of its current CIDR >>> allocation, thereby justifying an additional allocation d) to assist in >>> IP allocation studies. >>> >>> It is imperative that reassignment information be submitted in a prompt >>> and efficient manner to facilitate database maintenance and ensure >>> database integrity. >>> >>> 0.4. Stewardship >>> >>> It should be noted that efficient utilization and hierarchical >>> aggregation are often conflicting goals. All the above goals may >>> sometimes be in conflict with the interests of individual end-users or >>> Internet Service Providers. Care must be taken to ensure balance with >>> these conflicting goals given the resource availability, relative size >>> of the resource, and number resource specific technical dynamics, for >>> each type of number resource. For example, efficient utilization becomes >>> a more prominent issue than aggregation as the IPv4 free pool depletes >>> and IPv4 resource availability in any transfer market decreases. >>> Conversely, because the IPv6 number space is orders of magnitude larger >>> than the IPv4 number space, the scale tips away from efficient >>> utilization towards hierarchical aggregation for IPv6 number resources. >>> >>> Comments: >>> >>> a. Timetable for implementation: immediately >>> >>> b. I believe that it would be beneficial for IANA to adopt these >>> principles as well, and encourage the community to consider a global >>> policy proposal. >>> >> >> > > ______________________________**_________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/**listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- @ChrisGrundemann http://chrisgrundemann.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From farmer at umn.edu Tue Sep 17 15:52:25 2013 From: farmer at umn.edu (David Farmer) Date: Tue, 17 Sep 2013 14:52:25 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> Message-ID: <5238B2F9.5010607@umn.edu> On 9/17/13 10:20 , Matthew Petach wrote: > On Mon, Sep 16, 2013 at 3:59 PM, David Farmer > wrote: > > On 9/14/13 22:58 , Matthew Petach wrote: > .... > I will also note for the record that as port density increases, > the number of devices we use is going down, not up. > > They cost a metric shit ton more, and suck up more power > and need more cooling--but if you're measuring by "number > of boxes" rather than "capability of boxes", I think the expectation > that the number of boxes in a network will always be increasing, > as someone else further down in the thread claimed, is prima > facie false. > > > I don't think we want to be measuring the size of the network, at > least the number of devices used to build the network. Just that > there is a network, or portion of a global network, within the region. > > > > OK; so "20%" could be measured in terms of cost of devices in the > ARIN region, rather than device count, in the case of a network > that has a few very large, very expensive network elements in > the ARIN region, but hundreds of small, inexpensive nodes > outside of the ARIN region. If we change to a 20% standard, then substitute 20% for plurality below, but I'll use plurality for now; It is plurality of the resources requested and where the things that justify those resources are located. If one device in the ARIN region, is part of a global network of a million other devices, but that device justifies the need for a plurality of the new requested resources, based on the other applicable policies and procedures then you've meet the standard. This isn't about counting infrastructure, there just needs to be infrastructure to justify the request, just like today. This isn't necessarily about counting customers either, if the fact that you are adding 10,000 home broadband users and you are justifying 1 address per customer, then sure the count of the customers in or out of the region matters in that case. This isn't intended to add anything new other than where the things are that are use to justify your request. Its the count of the resources justified that matters, not necessarily the count of the things justifying. If today you justify your request because you are adding 10,000 servers to your network and also 10,000 virtual hosting web sites with SSL, for a total of 20,000 addresses. Then if the 10,000 virtual hosts are based in the ARIN region, and the 10,000 servers are not all in one of the other regions then you meet the standard for a plurality of the resources requested being justified within the ARIN region. Also, note the 10,000 virtual sites with SSL could in theory be one server in the ARIN region. This isn't as hard as some people seem to want to make it. You simply add one fact to the information that you have to give ARIN now, where the things justifying resources are located. I believe, in most cases you end up giving them that anyway. Thanks -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From drc at virtualized.org Tue Sep 17 21:21:08 2013 From: drc at virtualized.org (David Conrad) Date: Tue, 17 Sep 2013 18:21:08 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> Message-ID: <1B23E4A0-DBAD-40EF-829F-2686B1D73018@virtualized.org> Chris, On Sep 17, 2013, at 11:03 AM, Chris Grundemann wrote: > This current text aims to document existing practice based on historical norms which best instruct the driving principles required to successfully operate an RIR. Apologies if this has been discussed before, but is this intended to be a 'global policy' (in the unanimous among all RIRs and ratified by ICANN board sense)? Thanks, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: From mpetach at netflight.com Wed Sep 18 03:12:42 2013 From: mpetach at netflight.com (Matthew Petach) Date: Wed, 18 Sep 2013 00:12:42 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <5238A355.4040700@umn.edu> References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> <5238A355.4040700@umn.edu> Message-ID: On Tue, Sep 17, 2013 at 11:45 AM, David Farmer wrote: > I'm going to break this up into separate sub threads. > > > On 9/17/13 10:20 , Matthew Petach wrote: > > On Mon, Sep 16, 2013 at 3:59 PM, David Farmer > > wrote: >> >> On 9/14/13 22:58 , Matthew Petach wrote: >> > ... > > change >> >> " a plurality of resources requested from ARIN must be justified >> by technical >> infrastructure and customers located within the ARIN service >> region, and any located >> outside the region must be interconnected to the ARIN service >> region." >> >> to >> >> " a significant fraction of the resources requested from ARIN >> must be justified by technical infrastructure or customers located >> within the ARIN service region, and any located outside the >> region must be >> interconnected to the ARIN service region." >> >> >> If we don't like plurality for whatever reason, I'd suggest; >> >> "a minimum of X% of the resources requested from ARIN must be >> justified by technical infrastructure or customers located within >> the ARIN service region, and any located outside the region must be >> interconnected to the ARIN service region." >> >> Where X% is something like 20%, 25%, or 30%. >> >> >> So, how about something like this, then? >> >> "a minimum of 20% of the *new* resources requested from ARIN must be >> justified by technical infrastructure or customers physically located >> within >> the borders of ARIN member countries, and any technical infrastructure >> or customers located outside the ARIN region must be physically >> interconnected to the ARIN service region" >> > > I will modify the current language adding "new" making it "a plurality of > new resources requested" before the text freeze, I think that clarifies the > current intent. Are there any objections to the "new resources requested" > language? > > However, I'd like to hear more comments in support of a flat 20% standard > before I'm willing to make that change, as I think that significantly > changes the intent, at least in the view of some. As an Individual I'd > support a flat 20% standard. But as the primary shepherd for the proposal, > I'm a little worried we would loose as much or more support than we would > gain with that change. So, I need a better read on what the community as a > whole thinks of a flat 20% standard before making that change. No matter > what, I will include that in the questions I take to the floor of the PPM. > The concern I have with "plurality" is that that I may not know with certainty that a new request will meet that definition; I may intend for it to be split 50/40/10 between ARIN/RIPE/LACNIC regions; but then upon deployment, discover that the LACNIC backbone nodes required more space than expected, as did RIPE, and my split ends up being 40/45/15. Now it's no longer a plurality of space in the ARIN region. It's easier to plan to hit a target percentage than try to hit a multi-way ratio given the unpredictable and changeable forces that impact real world rollouts. > > As for some of the other additions I'm not sure "physically located within > the borders of ARIN member countries" add much verses "located within the > ARIN service region", or "physically interconnected" vs. "interconnected". > In your opinion what do these changes add? (warning--philosophical weeds ahead; feel free to ignore anything beyond this point as completely pointless to the actual topic being discussed) I always wonder what "the ARIN service region" actually entails. I know what country borders are; what do we make of places like offshore oil platforms (sealand?)--is it covered by the service region, even if it's not one of the member countries? If a business address is listed in the ARIN 'region', but not within the borders of any member country, does it help the LEA desire prompting this policy? I realize I'm splitting hairs, so feel free to ignore this philosophical ramble; under ordinary circumstances, language like "located within the ARIN region" is good enough for us, because we're not concerned with political boundaries and law enforcement jurisdictions. I just realized that if the intent is to provide an address so that a particular LEA can track down wrongdoers, what do we do about the portions of the ARIN service region that aren't associated with a specific country? Or is the ARIN service region strictly bound by the borders of the countries involved, and anything outside of that belongs to a different RIR, or does it float up to the IANA level? Which service region does the IP address pool on a jet airliner flying over the atlantic ocean belong to? Does the entity making use of the addresses go out of compliance if all the aircraft using the IPs leave the ARIN region at the same time? Likewise, does the aircraft's network still count as being "interconnected" to the ARIN region, even with no physical network layer involved? If that counts, is it any different from a network that runs a VPN link from outside the ARIN region to a device inside the ARIN region, for the purposes of claiming the networks are "interconnected". For that matter, as long as the different network elements connect in some fashion to "the Internet", doesn't that satisfy the "interconnected" clause, in which case, does having it in actually add anything to the policy above simply saying "the number resources requested must be used on the Internet somewhere"? OK. Enough late-night philosophizing. Back to doing some real work. ^_^; Matt > > > Thanks > > -- > ==============================**================== > David Farmer Email: farmer at umn.edu > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 1-612-626-0815 > Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 > ==============================**================== > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From kkargel at polartel.com Wed Sep 18 10:41:20 2013 From: kkargel at polartel.com (Kevin Kargel) Date: Wed, 18 Sep 2013 09:41:20 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> <5238A355.4040700@umn.edu> Message-ID: <8695009A81378E48879980039EEDAD28012B3D50C1@MAIL1.polartel.local> My question is what happens when BigRedISP that does 99% of its' business with a densely used /12 of space hosted primarily in Barsoom wants to open a pop with a legitimately justified /21 of space in a NOC in Chicago. Isn't the 'right' thing for them to do by the intent of what we are talking about to get a /21 (or whatever the current minimum is) of space from ARIN for this particular use point? It seems that the 'plurality' or 'significant percentage' rules would proscribe that. Once they do get a block and the Chicago enterprise goes belly up and closes how do we make sure BigRedISP doesn't take their ARIN /21 back to Barsoom to use in Manator? Kevin {My apologies to them if there really is a BigRedISP} From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Matthew Petach Sent: Wednesday, September 18, 2013 2:13 AM To: David Farmer Cc: arin-ppml at arin.net Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text On Tue, Sep 17, 2013 at 11:45 AM, David Farmer > wrote: I'm going to break this up into separate sub threads. On 9/17/13 10:20 , Matthew Petach wrote: On Mon, Sep 16, 2013 at 3:59 PM, David Farmer >> wrote: On 9/14/13 22:58 , Matthew Petach wrote: ... change " a plurality of resources requested from ARIN must be justified by technical infrastructure and customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region." to " a significant fraction of the resources requested from ARIN must be justified by technical infrastructure or customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region." If we don't like plurality for whatever reason, I'd suggest; "a minimum of X% of the resources requested from ARIN must be justified by technical infrastructure or customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region." Where X% is something like 20%, 25%, or 30%. So, how about something like this, then? "a minimum of 20% of the *new* resources requested from ARIN must be justified by technical infrastructure or customers physically located within the borders of ARIN member countries, and any technical infrastructure or customers located outside the ARIN region must be physically interconnected to the ARIN service region" I will modify the current language adding "new" making it "a plurality of new resources requested" before the text freeze, I think that clarifies the current intent. Are there any objections to the "new resources requested" language? However, I'd like to hear more comments in support of a flat 20% standard before I'm willing to make that change, as I think that significantly changes the intent, at least in the view of some. As an Individual I'd support a flat 20% standard. But as the primary shepherd for the proposal, I'm a little worried we would loose as much or more support than we would gain with that change. So, I need a better read on what the community as a whole thinks of a flat 20% standard before making that change. No matter what, I will include that in the questions I take to the floor of the PPM. The concern I have with "plurality" is that that I may not know with certainty that a new request will meet that definition; I may intend for it to be split 50/40/10 between ARIN/RIPE/LACNIC regions; but then upon deployment, discover that the LACNIC backbone nodes required more space than expected, as did RIPE, and my split ends up being 40/45/15. Now it's no longer a plurality of space in the ARIN region. It's easier to plan to hit a target percentage than try to hit a multi-way ratio given the unpredictable and changeable forces that impact real world rollouts. As for some of the other additions I'm not sure "physically located within the borders of ARIN member countries" add much verses "located within the ARIN service region", or "physically interconnected" vs. "interconnected". In your opinion what do these changes add? (warning--philosophical weeds ahead; feel free to ignore anything beyond this point as completely pointless to the actual topic being discussed) I always wonder what "the ARIN service region" actually entails. I know what country borders are; what do we make of places like offshore oil platforms (sealand?)--is it covered by the service region, even if it's not one of the member countries? If a business address is listed in the ARIN 'region', but not within the borders of any member country, does it help the LEA desire prompting this policy? I realize I'm splitting hairs, so feel free to ignore this philosophical ramble; under ordinary circumstances, language like "located within the ARIN region" is good enough for us, because we're not concerned with political boundaries and law enforcement jurisdictions. I just realized that if the intent is to provide an address so that a particular LEA can track down wrongdoers, what do we do about the portions of the ARIN service region that aren't associated with a specific country? Or is the ARIN service region strictly bound by the borders of the countries involved, and anything outside of that belongs to a different RIR, or does it float up to the IANA level? Which service region does the IP address pool on a jet airliner flying over the atlantic ocean belong to? Does the entity making use of the addresses go out of compliance if all the aircraft using the IPs leave the ARIN region at the same time? Likewise, does the aircraft's network still count as being "interconnected" to the ARIN region, even with no physical network layer involved? If that counts, is it any different from a network that runs a VPN link from outside the ARIN region to a device inside the ARIN region, for the purposes of claiming the networks are "interconnected". For that matter, as long as the different network elements connect in some fashion to "the Internet", doesn't that satisfy the "interconnected" clause, in which case, does having it in actually add anything to the policy above simply saying "the number resources requested must be used on the Internet somewhere"? OK. Enough late-night philosophizing. Back to doing some real work. ^_^; Matt Thanks -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ -------------- next part -------------- An HTML attachment was scrubbed... URL: From farmer at umn.edu Wed Sep 18 14:22:16 2013 From: farmer at umn.edu (David Farmer) Date: Wed, 18 Sep 2013 13:22:16 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: <8695009A81378E48879980039EEDAD28012B3D50C1@MAIL1.polartel.local> References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> <5238A355.4040700@umn.edu> <8695009A81378E48879980039EEDAD28012B3D50C1@MAIL1.polartel.local> Message-ID: <5239EF58.5030606@umn.edu> On 9/18/13 09:41 , Kevin Kargel wrote: > My question is what happens when BigRedISP that does 99% of its? > business with a densely used /12 of space hosted primarily in Barsoom > wants to open a pop with a legitimately justified /21 of space in a NOC > in Chicago. > > Isn?t the ?right? thing for them to do by the intent of what we are > talking about to get a /21 (or whatever the current minimum is) of space > from ARIN for this particular use point? It seems that the ?plurality? > or ?significant percentage? rules would proscribe that. > > Once they do get a block and the Chicago enterprise goes belly up and > closes how do we make sure BigRedISP doesn?t take their ARIN /21 back to > Barsoom to use in Manator? What keeps that from happening now? Nothing. The best I can say is they can't get more. What do you want to see happen and why? > Kevin > > {My apologies to them if there really is a BigRedISP} -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From bill at herrin.us Wed Sep 18 14:25:43 2013 From: bill at herrin.us (William Herrin) Date: Wed, 18 Sep 2013 14:25:43 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> <5238A355.4040700@umn.edu> Message-ID: On Wed, Sep 18, 2013 at 3:12 AM, Matthew Petach wrote: > The concern I have with "plurality" is that that I may not know > with certainty that a new request will meet that definition; I may > intend for it to be split 50/40/10 between ARIN/RIPE/LACNIC > regions; but then upon deployment, discover that the LACNIC > backbone nodes required more space than expected, as did > RIPE, and my split ends up being 40/45/15. Now it's no longer > a plurality of space in the ARIN region. It's easier to plan to > hit a target percentage than try to hit a multi-way ratio given > the unpredictable and changeable forces that impact real > world rollouts. This. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From cgrundemann at gmail.com Wed Sep 18 14:35:03 2013 From: cgrundemann at gmail.com (Chris Grundemann) Date: Wed, 18 Sep 2013 12:35:03 -0600 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: <1B23E4A0-DBAD-40EF-829F-2686B1D73018@virtualized.org> References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> <1B23E4A0-DBAD-40EF-829F-2686B1D73018@virtualized.org> Message-ID: On Tue, Sep 17, 2013 at 7:21 PM, David Conrad wrote: > Chris, > > On Sep 17, 2013, at 11:03 AM, Chris Grundemann > wrote: > > This current text aims to document existing practice based on historical > norms which best instruct the driving principles required to successfully > operate an RIR. > > Apologies if this has been discussed before, but is this intended to be a > 'global policy' (in the unanimous among all RIRs and ratified by ICANN > board sense)? > Currently ARIN-2013-4 has only been submitted in the ARIN region. There has been some discussion of making it a global proposal, which would require someone submitting the same text in all five regions (and all five regions agreeing to the same text), but that has not happened at this point. HTH, ~Chris > Thanks, > -drc > > -- @ChrisGrundemann http://chrisgrundemann.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From bill at herrin.us Wed Sep 18 16:41:54 2013 From: bill at herrin.us (William Herrin) Date: Wed, 18 Sep 2013 16:41:54 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> Message-ID: On Tue, Sep 17, 2013 at 2:03 PM, Chris Grundemann wrote: > We've seen no additional feedback to this most recent version (v3 13 August > 2013) of ARIN-2013-4. We have attempted to include all of the feedback > received into this latest version of text and I personally hope that all > major issues have been addressed. This current text aims to document > existing practice based on historical norms which best instruct the driving > principles required to successfully operate an RIR. If that mark has been > hit or missed, we need your feedback to properly gauge. > > Please include a clear statement of support or opposition when responding. Hi Chris, I reluctantly OPPOSE the draft as written. This proposal has undergone tremendous improvement since it first appeared an I want to take a moment to commend everyone who worked on it for their efforts. The points about registration and routability do a respectable job marking out what I think our policies should be about. I continue to think "conservation" misses the mark: ARIN's role is about sustainability which is not the same thing. However, conservation is arguably a reasonable starting point for further development. Get something on the books and then talk about improving it. The fourth point about stewardship doesn't work for me. "0.4. Stewardship The principle of stewardship guarantees the application of these principles when managing Internet number resources. The fundamental purpose of Internet number stewardship is to distribute unique number resources to entities building and operating networks thereby facilitating the growth and sustainability of the Internet for the benefit of all." The language is too wishy-washy, justifying anything and nothing. What concept is intended to be conveyed here anyway? That ARIN is supposed to manage number resources in a way which follows policies developed based on principles 1 through 3? That ARIN is intended to manage number resources for the benefit of all who build and operate TCP/IP networks, not just Internet-centric companies? Something else? We already covered uniqueness and network growth and what not, so why restate them weakly? Let's figure out what we're really trying to say here and then say it plainly. Or just drop it. I think the statement of principles would survive the absence of point 4,. If we ever figure out what we were trying to say, we can add it later. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From cja at daydream.com Wed Sep 18 17:07:35 2013 From: cja at daydream.com (CJ Aronson) Date: Wed, 18 Sep 2013 15:07:35 -0600 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> <1B23E4A0-DBAD-40EF-829F-2686B1D73018@virtualized.org> Message-ID: Someone help me here. I am not sure this would qualify as a "global policy" in terms of the ASO MOU. The document is here http://archive.icann.org/en/aso/aso-mou-29oct04.htm I have always been told that an global policy is distinctly one that regulates the interaction between ICANN/IANA and the RIRs. Like policies for giving out blocks of address space or ASNs by the IANA, etc. The MOU says this and I am not sure this policy would meet this.. Thanks ----Cathy "*5. Global Policy Development Process* Global policies are defined within the scope of this agreement as Internet number resource policies that have the agreement of all RIRs according to their policy development processes and ICANN, and require specific actions or outcomes on the part of IANA or any other external ICANN-related body in order to be implemented. Global policies will be developed in the context of this agreement, according to the processes defined by attachment A to this MoU. Under this agreement the ICANN Board will ratify proposed global policies in accordance with the Global Policy Development Process, using review procedures as determined by ICANN. ICANN will publish these procedures no later than ninety (90) days from the date of the signature of this agreement by all parties. " On Wed, Sep 18, 2013 at 12:35 PM, Chris Grundemann wrote: > > > > On Tue, Sep 17, 2013 at 7:21 PM, David Conrad wrote: > >> Chris, >> >> On Sep 17, 2013, at 11:03 AM, Chris Grundemann >> wrote: >> > This current text aims to document existing practice based on >> historical norms which best instruct the driving principles required to >> successfully operate an RIR. >> >> Apologies if this has been discussed before, but is this intended to be a >> 'global policy' (in the unanimous among all RIRs and ratified by ICANN >> board sense)? >> > > Currently ARIN-2013-4 has only been submitted in the ARIN region. There > has been some discussion of making it a global proposal, which would > require someone submitting the same text in all five regions (and all five > regions agreeing to the same text), but that has not happened at this point. > > HTH, > ~Chris > > >> Thanks, >> -drc >> >> > > > -- > @ChrisGrundemann > http://chrisgrundemann.com > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgrundemann at gmail.com Wed Sep 18 18:57:00 2013 From: cgrundemann at gmail.com (Chris Grundemann) Date: Wed, 18 Sep 2013 16:57:00 -0600 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> <1B23E4A0-DBAD-40EF-829F-2686B1D73018@virtualized.org> Message-ID: On Wed, Sep 18, 2013 at 3:07 PM, CJ Aronson wrote: > Someone help me here. > I am not sure this would qualify as a "global policy" in terms of the ASO > MOU. The document is here > http://archive.icann.org/en/aso/aso-mou-29oct04.htm > I have always been told that an global policy is distinctly one that > regulates the interaction between ICANN/IANA and the RIRs. Like policies > for giving out blocks of address space or ASNs by the IANA, etc. > > The MOU says this and I am not sure this policy would meet this.. > In the past I've heard a distinction made between a global policy (under the MOU, related to IANA) and a globally coordinated policy (all RIRs agree on a policy but it only governs RIR behavior). However, in this particular case, at this particular time, neither applies to ARIN-2013-4. The global options could be explored now or in the future if folks so desire. Thanks for clarifying Cathy! Cheers, ~Chris > Thanks > ----Cathy > > "*5. Global Policy Development Process* > > Global policies are defined within the scope of this agreement as Internet > number resource policies that have the agreement of all RIRs according to > their policy development processes and ICANN, and require specific actions > or outcomes on the part of IANA or any other external ICANN-related body in > order to be implemented. > > Global policies will be developed in the context of this agreement, > according to the processes defined by attachment A to this MoU. > > Under this agreement the ICANN Board will ratify proposed global policies > in accordance with the Global Policy Development Process, using review > procedures as determined by ICANN. ICANN will publish these procedures no > later than ninety (90) days from the date of the signature of this > agreement by all parties. > " > > > > On Wed, Sep 18, 2013 at 12:35 PM, Chris Grundemann wrote: > >> >> >> >> On Tue, Sep 17, 2013 at 7:21 PM, David Conrad wrote: >> >>> Chris, >>> >>> On Sep 17, 2013, at 11:03 AM, Chris Grundemann >>> wrote: >>> > This current text aims to document existing practice based on >>> historical norms which best instruct the driving principles required to >>> successfully operate an RIR. >>> >>> Apologies if this has been discussed before, but is this intended to be >>> a 'global policy' (in the unanimous among all RIRs and ratified by ICANN >>> board sense)? >>> >> >> Currently ARIN-2013-4 has only been submitted in the ARIN region. There >> has been some discussion of making it a global proposal, which would >> require someone submitting the same text in all five regions (and all five >> regions agreeing to the same text), but that has not happened at this point. >> >> HTH, >> ~Chris >> >> >>> Thanks, >>> -drc >>> >>> >> >> >> -- >> @ChrisGrundemann >> http://chrisgrundemann.com >> >> _______________________________________________ >> PPML >> You are receiving this message because you are subscribed to >> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >> Unsubscribe or manage your mailing list subscription at: >> http://lists.arin.net/mailman/listinfo/arin-ppml >> Please contact info at arin.net if you experience any issues. >> > > -- @ChrisGrundemann http://chrisgrundemann.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From cja at daydream.com Wed Sep 18 19:33:10 2013 From: cja at daydream.com (CJ Aronson) Date: Wed, 18 Sep 2013 17:33:10 -0600 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> <1B23E4A0-DBAD-40EF-829F-2686B1D73018@virtualized.org> Message-ID: Chris there is no process for "globally coordinated" policies. I wrote one long ago but it never went anywhere. ----Cathy On Wed, Sep 18, 2013 at 4:57 PM, Chris Grundemann wrote: > > > > On Wed, Sep 18, 2013 at 3:07 PM, CJ Aronson wrote: > >> Someone help me here. >> I am not sure this would qualify as a "global policy" in terms of the ASO >> MOU. The document is here >> http://archive.icann.org/en/aso/aso-mou-29oct04.htm >> I have always been told that an global policy is distinctly one that >> regulates the interaction between ICANN/IANA and the RIRs. Like policies >> for giving out blocks of address space or ASNs by the IANA, etc. >> >> The MOU says this and I am not sure this policy would meet this.. >> > > In the past I've heard a distinction made between a global policy (under > the MOU, related to IANA) and a globally coordinated policy (all RIRs agree > on a policy but it only governs RIR behavior). However, in this particular > case, at this particular time, neither applies to ARIN-2013-4. The global > options could be explored now or in the future if folks so desire. > > Thanks for clarifying Cathy! > > Cheers, > ~Chris > > >> Thanks >> ----Cathy >> >> "*5. Global Policy Development Process* >> >> Global policies are defined within the scope of this agreement as >> Internet number resource policies that have the agreement of all RIRs >> according to their policy development processes and ICANN, and require >> specific actions or outcomes on the part of IANA or any other external >> ICANN-related body in order to be implemented. >> >> Global policies will be developed in the context of this agreement, >> according to the processes defined by attachment A to this MoU. >> >> Under this agreement the ICANN Board will ratify proposed global policies >> in accordance with the Global Policy Development Process, using review >> procedures as determined by ICANN. ICANN will publish these procedures no >> later than ninety (90) days from the date of the signature of this >> agreement by all parties. >> " >> >> >> >> On Wed, Sep 18, 2013 at 12:35 PM, Chris Grundemann > > wrote: >> >>> >>> >>> >>> On Tue, Sep 17, 2013 at 7:21 PM, David Conrad wrote: >>> >>>> Chris, >>>> >>>> On Sep 17, 2013, at 11:03 AM, Chris Grundemann >>>> wrote: >>>> > This current text aims to document existing practice based on >>>> historical norms which best instruct the driving principles required to >>>> successfully operate an RIR. >>>> >>>> Apologies if this has been discussed before, but is this intended to be >>>> a 'global policy' (in the unanimous among all RIRs and ratified by ICANN >>>> board sense)? >>>> >>> >>> Currently ARIN-2013-4 has only been submitted in the ARIN region. There >>> has been some discussion of making it a global proposal, which would >>> require someone submitting the same text in all five regions (and all five >>> regions agreeing to the same text), but that has not happened at this point. >>> >>> HTH, >>> ~Chris >>> >>> >>>> Thanks, >>>> -drc >>>> >>>> >>> >>> >>> -- >>> @ChrisGrundemann >>> http://chrisgrundemann.com >>> >>> _______________________________________________ >>> PPML >>> You are receiving this message because you are subscribed to >>> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >>> Unsubscribe or manage your mailing list subscription at: >>> http://lists.arin.net/mailman/listinfo/arin-ppml >>> Please contact info at arin.net if you experience any issues. >>> >> >> > > > -- > @ChrisGrundemann > http://chrisgrundemann.com > -------------- next part -------------- An HTML attachment was scrubbed... URL: From farmer at umn.edu Wed Sep 18 20:22:57 2013 From: farmer at umn.edu (David Farmer) Date: Wed, 18 Sep 2013 19:22:57 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text In-Reply-To: References: <5227A52D.1010802@arin.net> <523276B7.9080503@umn.edu> <52378D6C.2060106@umn.edu> <5238A355.4040700@umn.edu> Message-ID: <523A43E1.9070008@umn.edu> On 9/18/13 13:25 , William Herrin wrote: > On Wed, Sep 18, 2013 at 3:12 AM, Matthew Petach wrote: >> The concern I have with "plurality" is that that I may not know >> with certainty that a new request will meet that definition; I may >> intend for it to be split 50/40/10 between ARIN/RIPE/LACNIC >> regions; but then upon deployment, discover that the LACNIC >> backbone nodes required more space than expected, as did >> RIPE, and my split ends up being 40/45/15. Now it's no longer >> a plurality of space in the ARIN region. It's easier to plan to >> hit a target percentage than try to hit a multi-way ratio given >> the unpredictable and changeable forces that impact real >> world rollouts. > > > This. Sorry Bill, I'm not quite sure how to parse that. I think you mean "This is the issue you have with plurality", but I'm just not sure what conclusion to draw from that. Does that mean you support a simple 20% standard, like Matt is suggesting? If you and others, concur with Matt on the 20% standard, it would be helpful to know that for sure. Or, does that mean you think we should flush the policy all together? A little bit more would be really helpful. Thanks -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From cgrundemann at gmail.com Wed Sep 18 18:50:07 2013 From: cgrundemann at gmail.com (Chris Grundemann) Date: Wed, 18 Sep 2013 16:50:07 -0600 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> Message-ID: On Wed, Sep 18, 2013 at 2:41 PM, William Herrin wrote: > On Tue, Sep 17, 2013 at 2:03 PM, Chris Grundemann > wrote: > > We've seen no additional feedback to this most recent version (v3 13 > August > > 2013) of ARIN-2013-4. We have attempted to include all of the feedback > > received into this latest version of text and I personally hope that all > > major issues have been addressed. This current text aims to document > > existing practice based on historical norms which best instruct the > driving > > principles required to successfully operate an RIR. If that mark has been > > hit or missed, we need your feedback to properly gauge. > > > > Please include a clear statement of support or opposition when > responding. > > Hi Chris, > > I reluctantly OPPOSE the draft as written. > > This proposal has undergone tremendous improvement since it first > appeared an I want to take a moment to commend everyone who worked on > it for their efforts. > Excellent, I think so too, and I echo your commendation to all involved. > The points about registration and routability do a respectable job > marking out what I think our policies should be about. I continue to > think "conservation" misses the mark: ARIN's role is about > sustainability which is not the same thing. However, conservation is > arguably a reasonable starting point for further development. Get > something on the books and then talk about improving it. > Sounds good. > The fourth point about stewardship doesn't work for me. > > "0.4. Stewardship > > The principle of stewardship guarantees the application of these > principles when managing Internet number resources. > > The fundamental purpose of Internet number stewardship is to > distribute unique number resources to entities building and operating > networks thereby facilitating the growth and sustainability of the > Internet for the benefit of all." > > The language is too wishy-washy, justifying anything and nothing. What > concept is intended to be conveyed here anyway? That ARIN is supposed > to manage number resources in a way which follows policies developed > based on principles 1 through 3? That ARIN is intended to manage > number resources for the benefit of all who build and operate TCP/IP > networks, not just Internet-centric companies? Something else? We > already covered uniqueness and network growth and what not, so why > restate them weakly? > My understanding is that stewardship is the glue holding the other three principles together. Or said another way, all three previous principles must be balanced with one another, and stewardship is the principle which informs that balancing act by reminding us that our ultimate goal here is to get numbers to those who need them in the service of the Internet. I'd love to hear other opinions on the need to include stewardship as one of the principles. ~Chris Let's figure out what we're really trying to say here and then say it > plainly. Or just drop it. I think the statement of principles would > survive the absence of point 4,. If we ever figure out what we were > trying to say, we can add it later. > > Regards, > Bill Herrin > > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 > -- @ChrisGrundemann http://chrisgrundemann.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From jschiller at google.com Wed Sep 18 21:24:25 2013 From: jschiller at google.com (Jason Schiller) Date: Wed, 18 Sep 2013 21:24:25 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> <1B23E4A0-DBAD-40EF-829F-2686B1D73018@virtualized.org> Message-ID: As written is does not qualify as a global policy nor a globally coordinated policy. However one could image it *could* be written, such that IANA would also adopt these principles and these principles should be considered wrt policy of allocation of number resources to RIRs. This would mean two things: 1. we, the global community, should also take these principles in consideration when developing draft global policies. 2. we, the ARIN region community could pass this (now) global policy, and have it not take effect until the four other regions also pass it and the ICANN board ratify it. Optionally we could craft it as a regional policy that automatically gets elevated to a global policy should it pass all five RIRs. The comments were a suggestion about the two points above, and a hint to get people to think if it should be written in such a way as to make it global and binding on IANA. ___Jason On Wed, Sep 18, 2013 at 5:07 PM, CJ Aronson wrote: > Someone help me here. > I am not sure this would qualify as a "global policy" in terms of the ASO > MOU. The document is here > http://archive.icann.org/en/aso/aso-mou-29oct04.htm > I have always been told that an global policy is distinctly one that > regulates the interaction between ICANN/IANA and the RIRs. Like policies > for giving out blocks of address space or ASNs by the IANA, etc. > > The MOU says this and I am not sure this policy would meet this.. > > Thanks > ----Cathy > > "*5. Global Policy Development Process* > > Global policies are defined within the scope of this agreement as Internet > number resource policies that have the agreement of all RIRs according to > their policy development processes and ICANN, and require specific actions > or outcomes on the part of IANA or any other external ICANN-related body in > order to be implemented. > > Global policies will be developed in the context of this agreement, > according to the processes defined by attachment A to this MoU. > > Under this agreement the ICANN Board will ratify proposed global policies > in accordance with the Global Policy Development Process, using review > procedures as determined by ICANN. ICANN will publish these procedures no > later than ninety (90) days from the date of the signature of this > agreement by all parties. > " > > > > On Wed, Sep 18, 2013 at 12:35 PM, Chris Grundemann wrote: > >> >> >> >> On Tue, Sep 17, 2013 at 7:21 PM, David Conrad wrote: >> >>> Chris, >>> >>> On Sep 17, 2013, at 11:03 AM, Chris Grundemann >>> wrote: >>> > This current text aims to document existing practice based on >>> historical norms which best instruct the driving principles required to >>> successfully operate an RIR. >>> >>> Apologies if this has been discussed before, but is this intended to be >>> a 'global policy' (in the unanimous among all RIRs and ratified by ICANN >>> board sense)? >>> >> >> Currently ARIN-2013-4 has only been submitted in the ARIN region. There >> has been some discussion of making it a global proposal, which would >> require someone submitting the same text in all five regions (and all five >> regions agreeing to the same text), but that has not happened at this point. >> >> HTH, >> ~Chris >> >> >>> Thanks, >>> -drc >>> >>> >> >> >> -- >> @ChrisGrundemann >> http://chrisgrundemann.com >> >> _______________________________________________ >> PPML >> You are receiving this message because you are subscribed to >> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >> Unsubscribe or manage your mailing list subscription at: >> http://lists.arin.net/mailman/listinfo/arin-ppml >> Please contact info at arin.net if you experience any issues. >> > > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- _______________________________________________________ Jason Schiller|NetOps|jschiller at google.com|571-266-0006 -------------- next part -------------- An HTML attachment was scrubbed... URL: From john.sweeting at twcable.com Thu Sep 19 08:35:51 2013 From: john.sweeting at twcable.com (Sweeting, John) Date: Thu, 19 Sep 2013 08:35:51 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: Message-ID: Thanks Jason. One other option, which I personally like, is that we can continue to process as is and then if/when there is a global opportunity initiated ARIN can participate in that as well. That one of the nice things about policy, it can be changed as required. From: Jason Schiller > Date: Wednesday, September 18, 2013 9:24 PM To: CJ Aronson > Cc: "arin-ppml at arin.net" > Subject: Re: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised As written is does not qualify as a global policy nor a globally coordinated policy. However one could image it *could* be written, such that IANA would also adopt these principles and these principles should be considered wrt policy of allocation of number resources to RIRs. This would mean two things: 1. we, the global community, should also take these principles in consideration when developing draft global policies. 2. we, the ARIN region community could pass this (now) global policy, and have it not take effect until the four other regions also pass it and the ICANN board ratify it. Optionally we could craft it as a regional policy that automatically gets elevated to a global policy should it pass all five RIRs. The comments were a suggestion about the two points above, and a hint to get people to think if it should be written in such a way as to make it global and binding on IANA. ___Jason On Wed, Sep 18, 2013 at 5:07 PM, CJ Aronson > wrote: Someone help me here. I am not sure this would qualify as a "global policy" in terms of the ASO MOU. The document is here http://archive.icann.org/en/aso/aso-mou-29oct04.htm I have always been told that an global policy is distinctly one that regulates the interaction between ICANN/IANA and the RIRs. Like policies for giving out blocks of address space or ASNs by the IANA, etc. The MOU says this and I am not sure this policy would meet this.. Thanks ----Cathy "5. Global Policy Development Process Global policies are defined within the scope of this agreement as Internet number resource policies that have the agreement of all RIRs according to their policy development processes and ICANN, and require specific actions or outcomes on the part of IANA or any other external ICANN-related body in order to be implemented. Global policies will be developed in the context of this agreement, according to the processes defined by attachment A to this MoU. Under this agreement the ICANN Board will ratify proposed global policies in accordance with the Global Policy Development Process, using review procedures as determined by ICANN. ICANN will publish these procedures no later than ninety (90) days from the date of the signature of this agreement by all parties. " On Wed, Sep 18, 2013 at 12:35 PM, Chris Grundemann > wrote: On Tue, Sep 17, 2013 at 7:21 PM, David Conrad > wrote: Chris, On Sep 17, 2013, at 11:03 AM, Chris Grundemann > wrote: > This current text aims to document existing practice based on historical norms which best instruct the driving principles required to successfully operate an RIR. Apologies if this has been discussed before, but is this intended to be a 'global policy' (in the unanimous among all RIRs and ratified by ICANN board sense)? Currently ARIN-2013-4 has only been submitted in the ARIN region. There has been some discussion of making it a global proposal, which would require someone submitting the same text in all five regions (and all five regions agreeing to the same text), but that has not happened at this point. HTH, ~Chris Thanks, -drc -- @ChrisGrundemann http://chrisgrundemann.com _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. -- _______________________________________________________ Jason Schiller|NetOps|jschiller at google.com|571-266-0006 ________________________________ This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. -------------- next part -------------- An HTML attachment was scrubbed... URL: From billdarte at gmail.com Thu Sep 19 08:49:18 2013 From: billdarte at gmail.com (Bill Darte) Date: Thu, 19 Sep 2013 07:49:18 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> Message-ID: Chris Grundemann wrote... My understanding is that stewardship is the glue holding the other three principles together. Or said another way, all three previous principles must be balanced with one another, and stewardship is the principle which informs that balancing act by reminding us that our ultimate goal here is to get numbers to those who need them in the service of the Internet. I'd love to hear other opinions on the need to include stewardship as one of the principles. ~Chris I believe this view of stewardship is exactly right and that it is an important overlay to the other principles. It essentially states the reality of policy making....that you cannot predict and prepare policy for every situation and corner case and that sometimes, in order to satisfy a need in the community, some accommodation must be made...again "in the service of the Internet". bd On Wed, Sep 18, 2013 at 5:50 PM, Chris Grundemann wrote: > > > > On Wed, Sep 18, 2013 at 2:41 PM, William Herrin wrote: > >> On Tue, Sep 17, 2013 at 2:03 PM, Chris Grundemann >> wrote: >> > We've seen no additional feedback to this most recent version (v3 13 >> August >> > 2013) of ARIN-2013-4. We have attempted to include all of the feedback >> > received into this latest version of text and I personally hope that all >> > major issues have been addressed. This current text aims to document >> > existing practice based on historical norms which best instruct the >> driving >> > principles required to successfully operate an RIR. If that mark has >> been >> > hit or missed, we need your feedback to properly gauge. >> > >> > Please include a clear statement of support or opposition when >> responding. >> >> Hi Chris, >> >> I reluctantly OPPOSE the draft as written. >> >> This proposal has undergone tremendous improvement since it first >> appeared an I want to take a moment to commend everyone who worked on >> it for their efforts. >> > > Excellent, I think so too, and I echo your commendation to all involved. > > >> The points about registration and routability do a respectable job >> marking out what I think our policies should be about. I continue to >> think "conservation" misses the mark: ARIN's role is about >> sustainability which is not the same thing. However, conservation is >> arguably a reasonable starting point for further development. Get >> something on the books and then talk about improving it. >> > > Sounds good. > > >> The fourth point about stewardship doesn't work for me. >> >> "0.4. Stewardship >> >> The principle of stewardship guarantees the application of these >> principles when managing Internet number resources. >> >> The fundamental purpose of Internet number stewardship is to >> distribute unique number resources to entities building and operating >> networks thereby facilitating the growth and sustainability of the >> Internet for the benefit of all." >> >> The language is too wishy-washy, justifying anything and nothing. What >> concept is intended to be conveyed here anyway? That ARIN is supposed >> to manage number resources in a way which follows policies developed >> based on principles 1 through 3? That ARIN is intended to manage >> number resources for the benefit of all who build and operate TCP/IP >> networks, not just Internet-centric companies? Something else? We >> already covered uniqueness and network growth and what not, so why >> restate them weakly? >> > > My understanding is that stewardship is the glue holding the other three > principles together. Or said another way, all three previous principles > must be balanced with one another, and stewardship is the principle which > informs that balancing act by reminding us that our ultimate goal here is > to get numbers to those who need them in the service of the Internet. I'd > love to hear other opinions on the need to include stewardship as one of > the principles. > > ~Chris > > Let's figure out what we're really trying to say here and then say it >> plainly. Or just drop it. I think the statement of principles would >> survive the absence of point 4,. If we ever figure out what we were >> trying to say, we can add it later. >> >> Regards, >> Bill Herrin >> >> >> >> -- >> William D. Herrin ................ herrin at dirtside.com bill at herrin.us >> 3005 Crane Dr. ...................... Web: >> Falls Church, VA 22042-3004 >> > > > > -- > @ChrisGrundemann > http://chrisgrundemann.com > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From john.sweeting at twcable.com Thu Sep 19 11:04:42 2013 From: john.sweeting at twcable.com (Sweeting, John) Date: Thu, 19 Sep 2013 11:04:42 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: Message-ID: Right, I just wanted to point out for clarity that for 2013-4 the preferred path is to continue through the ARIN PDP process. And thanks for all the good information (Cathy too). From: Jason Schiller > Date: Thursday, September 19, 2013 11:00 AM To: John Sweeting > Cc: CJ Aronson >, "arin-ppml at arin.net" > Subject: Re: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised John, At this point we can only pursue this policy as an ARIN policy as written as we are post Sept 10, and the draft policy text is frozen. I suspect the changes to make this global would be significant, unlikely to happen in last call, and even if rewritten on the floor at the public policy meeting (which is nearly prohibited) would likely require another cycle to provide the community enough time to review. What I was attempting to do was jump start the conversation on a global approach such that if a global policy was desired, that would could possibly short cycle the process by sorting out those details earlier on in the discussion. At this point a group of international authors are awaiting the out come of our ARIN discussion prior to moving forward. I have also noted that this group is aware of the significant streamlining and rewriting, and have also noted that the LACNIC Policy Manual is more in-line with the original RFC-2050 language that has been stricken. Discussion of the new language has been tabled until after the results of the discussion at ARIN meeting. The options I presented in my previous email were options of alternative ways to proceed, if movement towards a global direction was desired earlier in the discussion, and are no longer valid. I am not suggesting we try to make this a draft global policy at this point (sorry if I created any confusion). I was rather trying to explain the comment about considering a global policy proposal, how that could happen given the current text does not impact IANA, and that I was trying to get the community to consider the merits of a global policy and if we should move in that direction earlier in the process. Thanks, __Jason On Thu, Sep 19, 2013 at 8:35 AM, Sweeting, John > wrote: Thanks Jason. One other option, which I personally like, is that we can continue to process as is and then if/when there is a global opportunity initiated ARIN can participate in that as well. That one of the nice things about policy, it can be changed as required. From: Jason Schiller > Date: Wednesday, September 18, 2013 9:24 PM To: CJ Aronson > Cc: "arin-ppml at arin.net" > Subject: Re: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised As written is does not qualify as a global policy nor a globally coordinated policy. However one could image it *could* be written, such that IANA would also adopt these principles and these principles should be considered wrt policy of allocation of number resources to RIRs. This would mean two things: 1. we, the global community, should also take these principles in consideration when developing draft global policies. 2. we, the ARIN region community could pass this (now) global policy, and have it not take effect until the four other regions also pass it and the ICANN board ratify it. Optionally we could craft it as a regional policy that automatically gets elevated to a global policy should it pass all five RIRs. The comments were a suggestion about the two points above, and a hint to get people to think if it should be written in such a way as to make it global and binding on IANA. ___Jason On Wed, Sep 18, 2013 at 5:07 PM, CJ Aronson > wrote: Someone help me here. I am not sure this would qualify as a "global policy" in terms of the ASO MOU. The document is here http://archive.icann.org/en/aso/aso-mou-29oct04.htm I have always been told that an global policy is distinctly one that regulates the interaction between ICANN/IANA and the RIRs. Like policies for giving out blocks of address space or ASNs by the IANA, etc. The MOU says this and I am not sure this policy would meet this.. Thanks ----Cathy "5. Global Policy Development Process Global policies are defined within the scope of this agreement as Internet number resource policies that have the agreement of all RIRs according to their policy development processes and ICANN, and require specific actions or outcomes on the part of IANA or any other external ICANN-related body in order to be implemented. Global policies will be developed in the context of this agreement, according to the processes defined by attachment A to this MoU. Under this agreement the ICANN Board will ratify proposed global policies in accordance with the Global Policy Development Process, using review procedures as determined by ICANN. ICANN will publish these procedures no later than ninety (90) days from the date of the signature of this agreement by all parties. " On Wed, Sep 18, 2013 at 12:35 PM, Chris Grundemann > wrote: On Tue, Sep 17, 2013 at 7:21 PM, David Conrad > wrote: Chris, On Sep 17, 2013, at 11:03 AM, Chris Grundemann > wrote: > This current text aims to document existing practice based on historical norms which best instruct the driving principles required to successfully operate an RIR. Apologies if this has been discussed before, but is this intended to be a 'global policy' (in the unanimous among all RIRs and ratified by ICANN board sense)? Currently ARIN-2013-4 has only been submitted in the ARIN region. There has been some discussion of making it a global proposal, which would require someone submitting the same text in all five regions (and all five regions agreeing to the same text), but that has not happened at this point. HTH, ~Chris Thanks, -drc -- @ChrisGrundemann http://chrisgrundemann.com _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. -- _______________________________________________________ Jason Schiller|NetOps|jschiller at google.com|571-266-0006 ________________________________ This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. -- _______________________________________________________ Jason Schiller|NetOps|jschiller at google.com|571-266-0006 -------------- next part -------------- An HTML attachment was scrubbed... URL: From jschiller at google.com Thu Sep 19 11:00:14 2013 From: jschiller at google.com (Jason Schiller) Date: Thu, 19 Sep 2013 11:00:14 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: Message-ID: John, At this point we can only pursue this policy as an ARIN policy as written as we are post Sept 10, and the draft policy text is frozen. I suspect the changes to make this global would be significant, unlikely to happen in last call, and even if rewritten on the floor at the public policy meeting (which is nearly prohibited) would likely require another cycle to provide the community enough time to review. What I was attempting to do was jump start the conversation on a global approach such that if a global policy was desired, that would could possibly short cycle the process by sorting out those details earlier on in the discussion. At this point a group of international authors are awaiting the out come of our ARIN discussion prior to moving forward. I have also noted that this group is aware of the significant streamlining and rewriting, and have also noted that the LACNIC Policy Manual is more in-line with the original RFC-2050 language that has been stricken. Discussion of the new language has been tabled until after the results of the discussion at ARIN meeting. The options I presented in my previous email were options of alternative ways to proceed, if movement towards a global direction was desired earlier in the discussion, and are no longer valid. I am not suggesting we try to make this a draft global policy at this point (sorry if I created any confusion). I was rather trying to explain the comment about considering a global policy proposal, how that could happen given the current text does not impact IANA, and that I was trying to get the community to consider the merits of a global policy and if we should move in that direction earlier in the process. Thanks, __Jason On Thu, Sep 19, 2013 at 8:35 AM, Sweeting, John wrote: > Thanks Jason. > > One other option, which I personally like, is that we can continue to > process as is and then if/when there is a global opportunity initiated ARIN > can participate in that as well. That one of the nice things about policy, > it can be changed as required. > > > From: Jason Schiller > Date: Wednesday, September 18, 2013 9:24 PM > To: CJ Aronson > Cc: "arin-ppml at arin.net" > Subject: Re: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - > revised > > As written is does not qualify as a global policy nor a globally > coordinated policy. > > However one could image it *could* be written, such that IANA would also > adopt these principles and these principles should be considered wrt policy > of allocation of number resources to RIRs. > > This would mean two things: > > 1. we, the global community, should also take these principles in > consideration when developing draft global policies. > > 2. we, the ARIN region community could pass this (now) global policy, > and have it not take effect until the four other regions also pass it and > the ICANN board ratify it. > > Optionally we could craft it as a regional policy that automatically > gets elevated to a global policy should it pass all five RIRs. > > > The comments were a suggestion about the two points above, and a hint to > get people to think if it should be written in such a way as to make it > global and binding on IANA. > > ___Jason > > > > On Wed, Sep 18, 2013 at 5:07 PM, CJ Aronson wrote: > >> Someone help me here. >> I am not sure this would qualify as a "global policy" in terms of the ASO >> MOU. The document is here >> http://archive.icann.org/en/aso/aso-mou-29oct04.htm >> I have always been told that an global policy is distinctly one that >> regulates the interaction between ICANN/IANA and the RIRs. Like policies >> for giving out blocks of address space or ASNs by the IANA, etc. >> >> The MOU says this and I am not sure this policy would meet this.. >> >> Thanks >> ----Cathy >> >> "*5. Global Policy Development Process* >> >> Global policies are defined within the scope of this agreement as >> Internet number resource policies that have the agreement of all RIRs >> according to their policy development processes and ICANN, and require >> specific actions or outcomes on the part of IANA or any other external >> ICANN-related body in order to be implemented. >> >> Global policies will be developed in the context of this agreement, >> according to the processes defined by attachment A to this MoU. >> >> Under this agreement the ICANN Board will ratify proposed global policies >> in accordance with the Global Policy Development Process, using review >> procedures as determined by ICANN. ICANN will publish these procedures no >> later than ninety (90) days from the date of the signature of this >> agreement by all parties. >> " >> >> >> >> On Wed, Sep 18, 2013 at 12:35 PM, Chris Grundemann > > wrote: >> >>> >>> >>> >>> On Tue, Sep 17, 2013 at 7:21 PM, David Conrad wrote: >>> >>>> Chris, >>>> >>>> On Sep 17, 2013, at 11:03 AM, Chris Grundemann >>>> wrote: >>>> > This current text aims to document existing practice based on >>>> historical norms which best instruct the driving principles required to >>>> successfully operate an RIR. >>>> >>>> Apologies if this has been discussed before, but is this intended to >>>> be a 'global policy' (in the unanimous among all RIRs and ratified by ICANN >>>> board sense)? >>>> >>> >>> Currently ARIN-2013-4 has only been submitted in the ARIN region. >>> There has been some discussion of making it a global proposal, which would >>> require someone submitting the same text in all five regions (and all five >>> regions agreeing to the same text), but that has not happened at this point. >>> >>> HTH, >>> ~Chris >>> >>> >>>> Thanks, >>>> -drc >>>> >>>> >>> >>> >>> -- >>> @ChrisGrundemann >>> http://chrisgrundemann.com >>> >>> _______________________________________________ >>> PPML >>> You are receiving this message because you are subscribed to >>> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >>> Unsubscribe or manage your mailing list subscription at: >>> http://lists.arin.net/mailman/listinfo/arin-ppml >>> Please contact info at arin.net if you experience any issues. >>> >> >> >> _______________________________________________ >> PPML >> You are receiving this message because you are subscribed to >> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >> Unsubscribe or manage your mailing list subscription at: >> http://lists.arin.net/mailman/listinfo/arin-ppml >> Please contact info at arin.net if you experience any issues. >> > > > > -- > _______________________________________________________ > Jason Schiller|NetOps|jschiller at google.com|571-266-0006 > > > ------------------------------ > This E-mail and any of its attachments may contain Time Warner Cable > proprietary information, which is privileged, confidential, or subject to > copyright belonging to Time Warner Cable. This E-mail is intended solely > for the use of the individual or entity to which it is addressed. If you > are not the intended recipient of this E-mail, you are hereby notified that > any dissemination, distribution, copying, or action taken in relation to > the contents of and attachments to this E-mail is strictly prohibited and > may be unlawful. If you have received this E-mail in error, please notify > the sender immediately and permanently delete the original and any copy of > this E-mail and any printout. > -- _______________________________________________________ Jason Schiller|NetOps|jschiller at google.com|571-266-0006 -------------- next part -------------- An HTML attachment was scrubbed... URL: From cja at daydream.com Thu Sep 19 22:36:43 2013 From: cja at daydream.com (CJ Aronson) Date: Thu, 19 Sep 2013 20:36:43 -0600 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: Message-ID: Right and my point was that this couldn't just be submitted as a global policy as-is and that's what I thought was being suggested on the ppml list. It's good to see how it goes in Phoenix and take it from there. Thanks! -----Cathy On Thu, Sep 19, 2013 at 9:04 AM, Sweeting, John wrote: > Right, I just wanted to point out for clarity that for 2013-4 the > preferred path is to continue through the ARIN PDP process. And thanks for > all the good information (Cathy too). > > > > From: Jason Schiller > Date: Thursday, September 19, 2013 11:00 AM > To: John Sweeting > Cc: CJ Aronson , "arin-ppml at arin.net" < > arin-ppml at arin.net> > > Subject: Re: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - > revised > > John, > > At this point we can only pursue this policy as an ARIN policy as written > as we are post Sept 10, and the draft policy text is frozen. > > I suspect the changes to make this global would be significant, unlikely > to happen in last call, and even if rewritten on the floor at the public > policy meeting (which is nearly prohibited) would likely require another > cycle to provide the community enough time to review. > > What I was attempting to do was jump start the conversation on a global > approach such that if a global policy was desired, that would could > possibly short cycle the process by sorting out those details earlier on in > the discussion. > > At this point a group of international authors are awaiting the out come > of our ARIN discussion prior to moving forward. I have also noted that > this group is aware of the significant streamlining and rewriting, and have > also noted that the LACNIC Policy Manual is more in-line with the original > RFC-2050 language that has been stricken. Discussion of the new language > has been tabled until after the results of the discussion at ARIN meeting. > > The options I presented in my previous email were options of alternative > ways to proceed, if movement towards a global direction was desired earlier > in the discussion, and are no longer valid. > > I am not suggesting we try to make this a draft global policy at this > point (sorry if I created any confusion). I was rather trying to explain > the comment about considering a global policy proposal, how that could > happen given the current text does not impact IANA, and that I was trying > to get the community to consider the merits of a global policy and if we > should move in that direction earlier in the process. > > Thanks, > > __Jason > > > > > On Thu, Sep 19, 2013 at 8:35 AM, Sweeting, John > wrote: > >> Thanks Jason. >> >> One other option, which I personally like, is that we can continue to >> process as is and then if/when there is a global opportunity initiated ARIN >> can participate in that as well. That one of the nice things about policy, >> it can be changed as required. >> >> >> From: Jason Schiller >> Date: Wednesday, September 18, 2013 9:24 PM >> To: CJ Aronson >> Cc: "arin-ppml at arin.net" >> Subject: Re: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - >> revised >> >> As written is does not qualify as a global policy nor a globally >> coordinated policy. >> >> However one could image it *could* be written, such that IANA would also >> adopt these principles and these principles should be considered wrt policy >> of allocation of number resources to RIRs. >> >> This would mean two things: >> >> 1. we, the global community, should also take these principles in >> consideration when developing draft global policies. >> >> 2. we, the ARIN region community could pass this (now) global policy, and >> have it not take effect until the four other regions also pass it and the >> ICANN board ratify it. >> >> Optionally we could craft it as a regional policy that automatically gets >> elevated to a global policy should it pass all five RIRs. >> >> >> The comments were a suggestion about the two points above, and a hint to >> get people to think if it should be written in such a way as to make it >> global and binding on IANA. >> >> ___Jason >> >> >> >> On Wed, Sep 18, 2013 at 5:07 PM, CJ Aronson wrote: >> >>> Someone help me here. >>> I am not sure this would qualify as a "global policy" in terms of the >>> ASO MOU. The document is here >>> http://archive.icann.org/en/aso/aso-mou-29oct04.htm >>> I have always been told that an global policy is distinctly one that >>> regulates the interaction between ICANN/IANA and the RIRs. Like policies >>> for giving out blocks of address space or ASNs by the IANA, etc. >>> >>> The MOU says this and I am not sure this policy would meet this.. >>> >>> Thanks >>> ----Cathy >>> >>> "*5. Global Policy Development Process* >>> >>> Global policies are defined within the scope of this agreement as >>> Internet number resource policies that have the agreement of all RIRs >>> according to their policy development processes and ICANN, and require >>> specific actions or outcomes on the part of IANA or any other external >>> ICANN-related body in order to be implemented. >>> >>> Global policies will be developed in the context of this agreement, >>> according to the processes defined by attachment A to this MoU. >>> >>> Under this agreement the ICANN Board will ratify proposed global >>> policies in accordance with the Global Policy Development Process, using >>> review procedures as determined by ICANN. ICANN will publish these >>> procedures no later than ninety (90) days from the date of the signature of >>> this agreement by all parties. >>> " >>> >>> >>> >>> On Wed, Sep 18, 2013 at 12:35 PM, Chris Grundemann < >>> cgrundemann at gmail.com> wrote: >>> >>>> >>>> >>>> >>>> On Tue, Sep 17, 2013 at 7:21 PM, David Conrad wrote: >>>> >>>>> Chris, >>>>> >>>>> On Sep 17, 2013, at 11:03 AM, Chris Grundemann >>>>> wrote: >>>>> > This current text aims to document existing practice based on >>>>> historical norms which best instruct the driving principles required to >>>>> successfully operate an RIR. >>>>> >>>>> Apologies if this has been discussed before, but is this intended to >>>>> be a 'global policy' (in the unanimous among all RIRs and ratified by ICANN >>>>> board sense)? >>>>> >>>> >>>> Currently ARIN-2013-4 has only been submitted in the ARIN region. There >>>> has been some discussion of making it a global proposal, which would >>>> require someone submitting the same text in all five regions (and all five >>>> regions agreeing to the same text), but that has not happened at this point. >>>> >>>> HTH, >>>> ~Chris >>>> >>>> >>>>> Thanks, >>>>> -drc >>>>> >>>>> >>>> >>>> >>>> -- >>>> @ChrisGrundemann >>>> http://chrisgrundemann.com >>>> >>>> _______________________________________________ >>>> PPML >>>> You are receiving this message because you are subscribed to >>>> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >>>> Unsubscribe or manage your mailing list subscription at: >>>> http://lists.arin.net/mailman/listinfo/arin-ppml >>>> Please contact info at arin.net if you experience any issues. >>>> >>> >>> >>> _______________________________________________ >>> PPML >>> You are receiving this message because you are subscribed to >>> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). >>> Unsubscribe or manage your mailing list subscription at: >>> http://lists.arin.net/mailman/listinfo/arin-ppml >>> Please contact info at arin.net if you experience any issues. >>> >> >> >> >> -- >> _______________________________________________________ >> Jason Schiller|NetOps|jschiller at google.com|571-266-0006 >> >> >> ------------------------------ >> This E-mail and any of its attachments may contain Time Warner Cable >> proprietary information, which is privileged, confidential, or subject to >> copyright belonging to Time Warner Cable. This E-mail is intended solely >> for the use of the individual or entity to which it is addressed. If you >> are not the intended recipient of this E-mail, you are hereby notified that >> any dissemination, distribution, copying, or action taken in relation to >> the contents of and attachments to this E-mail is strictly prohibited and >> may be unlawful. If you have received this E-mail in error, please notify >> the sender immediately and permanently delete the original and any copy of >> this E-mail and any printout. >> > > > > -- > _______________________________________________________ > Jason Schiller|NetOps|jschiller at google.com|571-266-0006 > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From drc at virtualized.org Fri Sep 20 09:04:35 2013 From: drc at virtualized.org (David Conrad) Date: Fri, 20 Sep 2013 09:04:35 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> <1B23E4A0-DBAD-40EF-829F-2686B1D73018@virtualized.org> Message-ID: <30F77FC0-6F4F-4FC6-8ED6-0B590932B43C@virtualized.org> Hi, Sorry for the slow response ($dayjob intervention). On Sep 18, 2013, at 5:07 PM, CJ Aronson wrote: > Someone help me here. > I am not sure this would qualify as a "global policy" in terms of the ASO MOU. The reason I asked was it seems a bit presumptuous to me for ARIN alone to define the "Principles and Goals of the Internet Registry System". If it is intended this policy only apply to ARIN, then the title should probably be "Principles and Goals of ARIN" or some such. > The document is here http://archive.icann.org/en/aso/aso-mou-29oct04.htm I have always been told that an global policy is distinctly one that regulates the interaction between ICANN/IANA and the RIRs. Yes. The last comment in the document would seem to suggest the desire is for IANA to incorporate the principles of this policy into its operation. > Like policies for giving out blocks of address space or ASNs by the IANA, etc. My reading of the #5 of the ASO MOU doesn't suggest a limitation to giving out blocks. Regards, -drc -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: From john.sweeting at twcable.com Fri Sep 20 09:37:44 2013 From: john.sweeting at twcable.com (Sweeting, John) Date: Fri, 20 Sep 2013 09:37:44 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: <30F77FC0-6F4F-4FC6-8ED6-0B590932B43C@virtualized.org> Message-ID: From: David Conrad > Date: Friday, September 20, 2013 9:04 AM To: CJ Aronson > Cc: "arin-ppml at arin.net List" > Subject: Re: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised Hi, Sorry for the slow response ($dayjob intervention). On Sep 18, 2013, at 5:07 PM, CJ Aronson > wrote: Someone help me here. I am not sure this would qualify as a "global policy" in terms of the ASO MOU. The reason I asked was it seems a bit presumptuous to me for ARIN alone to define the "Principles and Goals of the Internet Registry System". If it is intended this policy only apply to ARIN, then the title should probably be "Principles and Goals of ARIN" or some such. (JCS) Good point, we will most likely change the title. The document is here http://archive.icann.org/en/aso/aso-mou-29oct04.htm I have always been told that an global policy is distinctly one that regulates the interaction between ICANN/IANA and the RIRs. Yes. The last comment in the document would seem to suggest the desire is for IANA to incorporate the principles of this policy into its operation. Like policies for giving out blocks of address space or ASNs by the IANA, etc. My reading of the #5 of the ASO MOU doesn't suggest a limitation to giving out blocks. Regards, -drc ________________________________ This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. -------------- next part -------------- An HTML attachment was scrubbed... URL: From narten at us.ibm.com Fri Sep 20 14:38:57 2013 From: narten at us.ibm.com (Thomas Narten) Date: Fri, 20 Sep 2013 14:38:57 -0400 Subject: [arin-ppml] Weekly posting summary for ppml@arin.net Message-ID: <201309201838.r8KIcv0H027591@cichlid.raleigh.ibm.com.raleigh.ibm.com> Total of messages in the last 7 days. script run at: Fri Sep 20 14:38:57 EDT 2013 Messages | Bytes | Who --------+------+--------+----------+------------------------ --------+------+--------+----------+------------------------ From narten at us.ibm.com Fri Sep 20 14:39:19 2013 From: narten at us.ibm.com (Thomas Narten) Date: Fri, 20 Sep 2013 14:39:19 -0400 Subject: [arin-ppml] Weekly posting summary for ppml@arin.net Message-ID: <201309201839.r8KIdJVu027920@cichlid.raleigh.ibm.com.raleigh.ibm.com> Total of messages in the last 7 days. script run at: Fri Sep 20 14:39:19 EDT 2013 Messages | Bytes | Who --------+------+--------+----------+------------------------ --------+------+--------+----------+------------------------ From narten at us.ibm.com Fri Sep 20 14:43:29 2013 From: narten at us.ibm.com (Thomas Narten) Date: Fri, 20 Sep 2013 14:43:29 -0400 Subject: [arin-ppml] Weekly posting summary for ppml@arin.net Message-ID: <201309201843.r8KIhT7H028917@cichlid.raleigh.ibm.com.raleigh.ibm.com> Total of 62 messages in the last 7 days. script run at: Fri Sep 20 14:42:44 EDT 2013 Messages | Bytes | Who --------+------+--------+----------+------------------------ 8.06% | 5 | 11.38% | 110509 | john.sweeting at twcable.com 11.29% | 7 | 6.83% | 66293 | farmer at umn.edu 11.29% | 7 | 4.91% | 47643 | bill at herrin.us 3.23% | 2 | 11.88% | 115359 | nathaliecoupet at yahoo.com 6.45% | 4 | 7.73% | 75057 | billdarte at gmail.com 4.84% | 3 | 8.72% | 84702 | sryerse at eclipse-networks.com 8.06% | 5 | 3.37% | 32683 | jcurran at arin.net 4.84% | 3 | 5.76% | 55957 | mpetach at netflight.com 6.45% | 4 | 3.48% | 33770 | drc at virtualized.org 3.23% | 2 | 6.08% | 59010 | cja at daydream.com 4.84% | 3 | 4.16% | 40366 | kkargel at polartel.com 3.23% | 2 | 5.58% | 54150 | jschiller at google.com 4.84% | 3 | 3.73% | 36190 | owen at delong.com 3.23% | 2 | 3.07% | 29766 | bjones at vt.edu 1.61% | 1 | 3.93% | 38181 | cgrundemann at gmail.com 1.61% | 1 | 1.76% | 17074 | ikiris at gmail.com 1.61% | 1 | 1.74% | 16934 | mueller at syr.edu 1.61% | 1 | 1.09% | 10535 | springer at inlandnet.com 1.61% | 1 | 1.08% | 10489 | terri.l.stumme at usdoj.gov 1.61% | 1 | 0.92% | 8919 | john at egh.com 1.61% | 1 | 0.82% | 7949 | jeffrey.lyon at blacklotus.net 1.61% | 1 | 0.68% | 6645 | gary.buhrmaster at gmail.com 1.61% | 1 | 0.68% | 6589 | narten at us.ibm.com 1.61% | 1 | 0.64% | 6191 | ebw at abenaki.wabanaki.net --------+------+--------+----------+------------------------ 100.00% | 62 |100.00% | 970961 | Total From bill at herrin.us Fri Sep 20 17:34:37 2013 From: bill at herrin.us (William Herrin) Date: Fri, 20 Sep 2013 17:34:37 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-4: RIR Principles - revised In-Reply-To: References: <51966083.2010003@arin.net> <51DB3076.5080304@arin.net> <520BC004.6000106@arin.net> Message-ID: On Wed, Sep 18, 2013 at 6:50 PM, Chris Grundemann wrote: > all three previous principles must > be balanced with one another [...] our ultimate goal here is to > get numbers to those who need them in the service of the Internet. Hi Chris, So: say that. Don't call it "stewardship." Call it what you just called it: Balance. Better yet, crib from NRPM 6.3.8 and tell us how to weigh the three principles in order to achieve balance. Stewardship isn't a principle or a goal, it's an activity. Use words that mean what you seek to say. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From info at arin.net Tue Sep 24 12:55:55 2013 From: info at arin.net (ARIN) Date: Tue, 24 Sep 2013 12:55:55 -0400 Subject: [arin-ppml] Advisory Council Meeting Results - September 2013 Message-ID: <5241C41B.4060300@arin.net> In accordance with the ARIN Policy Development Process, the ARIN Advisory Council (AC) held a meeting on 19 September 2013 and made decisions about draft policies. Having found the following draft policy to be fully developed and meeting ARIN's Principles of Internet Number Resource Policy, the AC recommended it for adoption. This draft policy will be posted shortly for discussion on the Public Policy Mailing List as a Recommended Draft Policy. Draft Policy ARIN-2013-4: RIR Principles The AC is continuing to work on the following: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors Draft Policy ARIN-2013-7: Merge IPv4 ISP and End-User Requirements 2013-4, 2013-6 and 2013-7 will be presented at the upcoming ARIN Public Policy Consultation at NANOG 59 and the ARIN 32 Public Policy Meeting in Phoenix. The AC abandoned the following: Draft Policy ARIN-2013-5: LIR/ISP and End-user Definitions The AC provided this statement about 2013-5: "The ARIN Advisory Council voted to abandon ARIN 2013-5 "2013-5 LIR/ISP and End-user Definitions". The AC feels that based on community feedback, the proposal would not be able to reach consensus. In addition, the original and revised text were not able to solve the problem that the author intended." The AC abandoned ARIN-2013-5. Anyone dissatisfied with this decision may initiate a petition. The deadline to begin a petition will be five business days after the AC's draft meeting minutes are published. For more information on starting and participating in petitions, see PDP Petitions at: https://www.arin.net/policy/pdp_petitions.html Draft Policy and Proposal texts are available at: https://www.arin.net/policy/proposals/index.html The ARIN Policy Development Process can be found at: https://www.arin.net/policy/pdp.html Regards, Communications and Member Services American Registry for Internet Numbers (ARIN) From info at arin.net Tue Sep 24 12:56:34 2013 From: info at arin.net (ARIN) Date: Tue, 24 Sep 2013 12:56:34 -0400 Subject: [arin-ppml] Recommended Draft Policy ARIN-2012-4: RIR Principles Message-ID: <5241C442.9020008@arin.net> Recommended Draft Policy ARIN-2012-4 RIR Principles On 19 September 2013 the ARIN Advisory Council (AC) recommended ARIN-2012-4 for adoption, making it a Recommended Draft Policy. ARIN-2012-4 will be presented at ARIN 32, and will be eligible for last call afterward. Draft Policy ARIN-2012-4 is below and can be found at: https://www.arin.net/policy/proposals/2012_4.html You are encouraged to discuss Draft Policy 2012-4 on the PPML prior to the upcoming Public Policy Consultation. Both the discussion on the list and at the meeting will be used by the ARIN Advisory Council to determine the community consensus for adopting this as policy. The ARIN Policy Development Process can be found at: https://www.arin.net/policy/pdp.html Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html Regards, Communications and Member Services American Registry for Internet Numbers (ARIN) ## * ## Recommended Draft Policy ARIN-2013-4 RIR Principles AC's assessment of conformance with the Principles of Internet Number Resource Policy: ARIN-2013-4 "RIR Principles" was moved to recommended draft policy status for adoption discussion at ARIN 32. The majority of the AC believes that documenting the existing principles under which ARIN operates uniquely enables fair and impartial number resource administration and that these principles are technically sound, based on their history and heritage. The AC also notes that the current text, after being revised to incorporate staff and community feedback, now has community support. Date: 14 August 2013 Problem Statement: The original text in RFC 2050 both "describes the registry system for the distribution of globally unique Internet address space and registry operations" and provides "rules and guidelines [principles] governing the distribution of this address space." The currently proposed update (RFC2050bis) "provides information about the current Internet Numbers Registry System used in the distribution of globally unique Internet Protocol (IP) address space and autonomous system (AS) numbers" and "provides information about the processes for further evolution of the Internet Numbers Registry System." This means that the guiding principles of stewardship are not currently being carried forward into the new document. The goals of Conservation (efficient utilization based on need), Routability (hierarchical aggregation), and Registration (uniqueness) are as important, if not more so, now that the transition to IPv6 is upon us. This can be rectified by documenting these principles in RIR policy. Policy Statement (v3 14 August 2013): Section 0: Principles and Goals of the Internet Registry System 0.1. Registration The principle of registration guarantees the uniqueness of Internet number resources. Provision of this public registry documenting Internet number resource allocation, reallocation, assignment, and reassignment is necessary: a) to ensure uniqueness, b) to provide a contact in case of operational/security problems, c) to provide the transparency required to ensure that Internet number resources are efficiently utilized, and d) to assist in IP allocation studies. 0.2. Conservation The principle of conservation guarantees sustainability of the Internet through efficient utilization of unique number resources. Due to the requirement for uniqueness, Internet number resources of each type are drawn from a common number space. Conservation of these common number spaces requires that Internet number resources be efficiently distributed to those organizations who have a technical need for them in support of operational networks. 0.3. Routability The principle of routability guarantees that Internet number resources are managed in such a manner that they may be routed on the Internet in a scalable manner. While routing scalability is necessary to ensure proper operation of Internet routing, allocation or assignment of Internet number resources by ARIN in no way guarantees that those addresses will be routed by any particular network operator. 0.4. Stewardship The principle of stewardship guarantees the application of these principles when managing Internet number resources. The fundamental purpose of Internet number stewardship is to distribute unique number resources to entities building and operating networks thereby facilitating the growth and sustainability of the Internet for the benefit of all. It should be noted that the above goals may sometimes be in conflict with each other and with the interests of individual end-users or network operators. Care must be taken to ensure balance with these conflicting goals given the resource availability, relative size of the resource, and number resource specific technical dynamics, for each type of number resource. For example, Conservation often requires greater consideration in IPv4 address distribution due to the limited size of the address space, Routability has a higher weight for the massive IPv6 address space, and AS numbers place the highest value on Registration because they come from a moderately sized pool and are not subject to aggregation. Comments: a. Timetable for implementation: immediately b. I believe that it would be beneficial for IANA to adopt these principles as well, and encourage the community to consider a global policy proposal. ########## ARIN Staff and Legal Assessment DRAFT NUMBER AND NAME: 2013-4 Principles and Goals of the Internet Registry System DATE: 24 August 2013 1. Summary (Staff Understanding) This policy would add text to the NRPM which codifies the guiding principles of the registry system as registration, conservation, routability, and stewardship. 2. Comments A. ARIN Staff Comments ? This proposal text is clear. ? Staff notes that the proposal does not appear to change any existing processes or procedures. ? It appears that the author's intent is to add these statements as guiding principles into the NRPM. ? Their inclusion into the policy manual will make it more clear to the community the principles under which ARIN has operated. ? For reference, the term ?Registration? already exists in NRPM as follows: ? 4.2.3.7. Registration - Refers to ISPs providing reassignment information, so it's not applicable. ? 6.3.3. Registration - This section has some overlap, could be reduced, but also refers to privacy. ? 6.5.5. Registration - Refers to reassignment information, so it's not applicable. ? The term ?Conservation? exists already in 6.3.5 but is different and specific to IPv6. ? The addition of the term ?Routability? would make a portion of NRPM 4.1.1 redundant. ? The term "Stewardship" would add that word anew to the NRPM. ? The statement about conflicting goals should not refer to any specific type of number resource if it is a principle. o Suggestion - Allow the specific conflicts to exist in the particular section. Remove everything from "For example" on. ? Note also that NRPM 6.3.8 already talks about conflict of goals, noting "aggregation" as the most important goal for IPv6. ? Staff suggests different placement/numbering, in particular, moving the introduction text up into the Abstract section before the TOC, thus freeing up Section 1 for ?RIR Principles?. ? It is worth noting that the ARIN Policy Development Process contains the following: "4. Principles of Internet Number Resource Policy? Internet number resource policy must satisfy three important principles, specifically: 1) enabling fair and impartial number resource administration, 2) technically sound (providing for uniqueness and usability of number resources), and 3) supported by the community." Furthermore that the RFC 7020 contains references to ?1) Allocation Pool Management, 2) Hierarchical Allocation, and 3) Registration Accuracy?. It is suggested that the policy text be reviewed to avoid duplication with these existing principles. B. ARIN General Counsel - Legal Assessment The text of the policy does not create a material legal issue for ARIN. Any effort like this to accurately incorporate in writing the concepts that animate ARIN's activity is a positive development. 3. Resource Impact This policy would have minimal resource impact from an implementation aspect. It is estimated that implementation would occur within 3 months after ratification by the ARIN Board of Trustees. The following would be needed in order to implement: A. Updated guidelines B. Staff training Draft Policy Text: Section 0: Principles and Goals of the Internet Registry System 0.1. Registration The principle of registration guarantees the uniqueness of Internet number resources. Provision of this public registry documenting Internet number resource allocation, reallocation, assignment, and reassignment is necessary: a) to ensure uniqueness, b) to provide a contact in case of operational/security problems, c) to provide the transparency required to ensure that Internet number resources are efficiently utilized, and d) to assist in IP allocation studies. 0.2. Conservation The principle of conservation guarantees sustainability of the Internet through efficient utilization of unique number resources. Due to the requirement for uniqueness, Internet number resources of each type are drawn from a common number space. Conservation of these common number spaces requires that Internet number resources be efficiently distributed to those organizations who have a technical need for them in support of operational networks. 0.3. Routability The principle of routability guarantees that Internet number resources are managed in such a manner that they may be routed on the Internet in a scalable manner. While routing scalability is necessary to ensure proper operation of Internet routing, allocation or assignment of Internet number resources by ARIN in no way guarantees that those addresses will be routed by any particular network operator. 0.4. Stewardship The principle of stewardship guarantees the application of these principles when managing Internet number resources. The fundamental purpose of Internet number stewardship is to distribute unique number resources to entities building and operating networks thereby facilitating the growth and sustainability of the Internet for the benefit of all. It should be noted that the above goals may sometimes be in conflict with each other and with the interests of individual end-users or network operators. Care must be taken to ensure balance with these conflicting goals given the resource availability, relative size of the resource, and number resource specific technical dynamics, for each type of number resource. For example, Conservation often requires greater consideration in IPv4 address distribution due to the limited size of the address space, Routability has a higher weight for the massive IPv6 address space, and AS numbers place the highest value on Registration because they come from a moderately sized pool and are not subject to aggregation. Comments: a. Timetable for implementation: immediately b. I believe that it would be beneficial for IANA to adopt these principles as well, and encourage the community to consider a global policy proposal. From info at arin.net Wed Sep 25 10:59:03 2013 From: info at arin.net (ARIN) Date: Wed, 25 Sep 2013 10:59:03 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Message-ID: <5242FA37.7000304@arin.net> Revised text for ARIN-2013-6 is below and can be found at: https://www.arin.net/policy/proposals/2013_6.html The AC will evaluate the discussion in order to assess the conformance of this draft policy with ARIN's Principles of Internet Number Resource Policy as stated in the PDP. Specifically, these principles are: * Enabling Fair and Impartial Number Resource Administration * Technically Sound * Supported by the Community The ARIN Policy Development Process (PDP) can be found at: https://www.arin.net/policy/pdp.html Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html Regards, Communications and Member Services American Registry for Internet Numbers (ARIN) ## * ## Draft Policy ARIN-2013-6 Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors Date: 25 September 2013 Problem Statement: ARIN number resources should be used primarily in the ARIN region, for ARIN region organizations. There is currently no explicit policy guiding staff in this area, this proposal seeks to correct that. Policy Statement: Create new policy Section X. X. Resource Justification within ARIN Region Organizations requesting Internet number resources from ARIN must provide proof that they (1) are an active business entity legally operating within the ARIN service region, and (2) are operating a network located within the ARIN service region. In addition to meeting all other applicable policy requirements, a plurality of new resources requested from ARIN must be justified by technical infrastructure or customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region. The same technical infrastructure or customers cannot be used to justify resources in more than one RIR. Authors Comments: Although we represent law enforcement, and have brought forth this issue based upon our concerns and experience from a law enforcement perspective, this is a problem in which the entire ARIN community has a stake. As reported at the last meeting in Barbados, ARIN staff is having difficulty verifying organizations out-of-region. In many of the cases, particularly in VPS (Virtual Private Service), the only information received on these organizations by ARIN is a customer name and IP address. This information cannot be properly verified by ARIN. Accuracy of registration data is critical to not only law enforcement, but the greater ARIN community as it relates to abuse contact and complaints. In fact, most issues facing law enforcement are also shared by legitimate companies attempting, for instance, to identify an organization that has hijacked their IP address space. The expedited depletion of IPv4 address space in the ARIN region certainly seems to negatively impact those organizations currently operating in the region that may need to return to ARIN for additional IPv4 address space. While law enforcement?s concern is that criminal organizations outside of the ARIN region can easily and quickly request large blocks of IPv4 address space from ARIN, organizations that are not truly global organizations, but specific national companies from the RIPE and APNIC regions, also have this capability which is detrimental to true ARIN region organizations. This policy proposal is re-enforcing practices the ARIN staff currently employs to ensure that ARIN IP space is used for and by companies that are legitimate and have a legitimate presence in the ARIN region. This policy will assist in defining clear criteria that will be helpful to ARIN staff and the community. The primary role of RIRs is to manage and distribute public Internet address space within their respective regions. The problem brought forth here clearly undermines the current RIR model; if any organization can acquire IP address space from any region, what then is the purpose of the geographical breakdown of the five RIRs? Advisory Council Comments: The term "Internet number resources" or more simply "resources" should be used instead of "IP Blocks" to more accurately reflect the totality of the Registry. This implies both IPv4 and IPv6, as well as ASNs. While Internet registries are organized on a regional basis, policy must recognize that many networks, services and operations are trans-regional and it would be burdensome and impractical to attempt to strictly enforce territorially exclusive allocations. Therefore, policy should seek to balance the regional structure of address allocation with flexibility of service provision, by ensuring that ARIN's resources are primarily aligned with the ARIN service region but facilitate flexibility and efficiency of use by applicants from any region. There are concerns that out of region organizations should be able to request resources for use within the ARIN service region. The proposed text accommodates this issue by requiring only proof that an organization is "legally operating within the ARIN Service Region". This includes business entities formed in the region, or other business entities with legal branch offices within the region. So, as long as an out of region organization is "legally operating within the ARIN Service Region" they can request resources from ARIN. Current operational practice is to require an organization be formed within the ARIN service region. However, if this were applied by all the RIRs, a global network would be required to have a minimum of five subsidiaries, one formed in each of the five RIR regions, this seems overly burdensome. Good resource policy should consider the consequences of all RIRs adopting the same policy. Previous discussions of the topic indicated that it is difficult to enforce and undesirable for many in the community to dictate where resources are to be used once they are allocated. A strategy to deal with this is to focus the policy on the technical infrastructure and customers used to justify the requested number resources from ARIN, as opposed to where resources are actually used once allocated. This is a subtle but important distinction. While resources received from ARIN may be used outside the ARIN region, a common technical infrastructure must interconnect the use of these resources to the ARIN region. This provides a necessary nexus with the ARIN service region for such out of region use. Therefore, if a discrete network is operating within another region, not interconnected to the ARIN region, then resources for that discrete network should be requested from that region's RIR. A concern was raised that this policy shouldn't limit or interfere with outbound inter-RIR transfers. If we focus on what justifies a request for resources from ARIN, outbound inter-RIR transfers shouldn't be affected, as they are clearly based on the receiving RIR's policies. From previous discussions of the topic, "double dipping" should not be allowed, that is using the same technical infrastructure or customers to justify resources from ARIN and another RIR at the same time. The legal jurisdiction an organization is formed in doesn't necessarily reflect the jurisdictions in which it operates, or even that it operates a network in a jurisdiction. This implies that we should have both technical and legal requirements regarding operating within the ARIN service region in order to receive resources. This policy is not intended to have any retroactive effect. It should not be construed to effect or invalidate any assignment or allocation previously made by ARIN, one of its predecessor registries, or any ISP or other LIR, based on good faith application information. In particular direct assignments previously made to individuals are not invalidated by this policy. However, this policy is intended to disallow any new assignment or allocation made directly to an individual person, consistent with current operational practice. The original text used the term "majority", seeming to describe a "simple," "absolute" or "overall" majority, which means greater than 50%. Many organizations don't have greater than 50% of their users or customers in any one region. A "plurality", "relative majority", "largest of", or more specifically "more than any other RIR's service region" seems to be the intended and appropriate meaning of the term "majority" in this context. Let's clarify that intent by using the term "plurality". The intent is not to require an organization to have an overall plurality of its technical infrastructure and customers within the ARIN service region. Rather, it is to ensure that the plurality of currently requested resources is justified from within the ARIN region. If an organization?s primary, or largest, demand for resources is in another region then the organization should request resources from that region's RIR, at least for the demand within that other RIR's region. Further, it is not intended to limit access to resources intended to be exclusively used within the ARIN region. ########## ARIN Staff and Legal Assessment of the earlier, 4 September 2013, version of the draft DRAFT NUMBER AND NAME: Draft Policy ARIN-2013-6 Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors DATE: 18 September 2013 1. Summary (Staff Understanding) This policy would require requesters to provide proof of legal presence within the ARIN region and to demonstrate that a majority (or plurality) of their technical infrastructure and customers are within the ARIN region in order to qualify and receive IPv4 and IPv6 addresses. 2. Comments A. ARIN Staff Comments ? This proposal would predominantly formalize ARIN's existing practice with respect to requiring the requestor to have a legal presence in the ARIN region and to operate a network in region. However, the proposal would also create new practice and processes via inclusion of the statement "a plurality of resources requested from ARIN must be justified by technical infrastructure and customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region." ? This could create a scenario where a network can't get IPv4/IPv6 addresses from any RIR. For example, suppose a large network operator from another region wants to establish a presence at a datacenter in Miami. That other regional registry may decline to issue IP addresses for use in the ARIN region, but the requester would also be unable to get IP addresses from ARIN since a majority of their technical infrastructure and customers are located outside the ARIN region. ? It's unclear how the location of hosted customers is defined. If a customer resides or operates outside of ARIN?s region, but leases a dedicated server in Los Angeles, is the customer considered to be within the ARIN region since the hardware they're controlling is within the ARIN region, or are they considered to be outside the region since they reside elsewhere? How about a colocation situation where a customer who resides out of region ships a server to Los Angeles? Does the presence of a customer's hardware in the region make them in-region? ? The phrase "a majority of their technical infrastructure and customers are within the ARIN region" could be read that technical infrastructure and customers should be evaluated together as one pool. That could be problematic. Consider a hosting provider whose technical infrastructure is 100% within the ARIN region. 5% of their customers are located within the ARIN region (assuming "resides within the ARIN region" constitutes in-region). Does that mean a majority of their technical infrastructure and customers are located within the region since when you consider them in total, the majority is in-region? If the intent is to require that the majority of both be in-region, the phrasing should be something like "a majority of both their technical infrastructure and customers" to indicate each item is being evaluated independently. ? Text says, "...and any located outside the region must be interconnected to the ARIN service region." This statement is unclear. Is the intent that discrete networks overseas cannot obtain space from ARIN? (A discrete network meaning a different autonomous system number) ? There are potential implications with respect to IPv6 and proposed policy text; in particular, does the community want an organization to be able to get all space from one RIR when it comes to IPv6? If you are a multinational, and get a huge block from ARIN, and years from now your overseas division has grown and you need more space, you have to go another RIR serving that region? ? Staff notes that policy text would be inserted into NRPM section 2.2. B. ARIN General Counsel - Legal Assessment The current draft seeks to fill an important gap in ARIN?s policies; more specifically, policy guidance that clearly describes the degree to which a proposed recipient of number resources from ARIN has to have real installations and customers in the ARIN region. From a legal standpoint, there are two possible spectrum points of policy to avoid: first, having inadequate policy guidance would leave policy implementation subject to a high degree of staff interpretation; and at the other end, adopting an overly prescriptive guidance or standard that fails to permit multinational business entities to obtain number resources that are needed both in the ARIN region and outside of the ARIN region from ARIN. Both extremes are unattractive for a standard setting organization such as ARIN. In particular, the current text: **** ?plurality of resources requested from ARIN must be justified by technical infrastructure and customers located within the ARIN service region? **** should be carefully evaluated, as it sets the policy requirement of ?plurality? that may prove unnecessarily restrictive in some cases. A lower standard is recommended to avoid otherwise valid requesters for address resources from being precluded from obtaining number resources. Note that policy language which provides for reasonable restrictions (e.g. requiring more than a fictitious or tenuous and limited presence for the recipient to receive the resources in this region and/or clear intention to make use of some of the resources within the region) can be adopted without creating serious legal risk. 3. Resource Impact This policy would have minimal resource impact from an implementation aspect. It is estimated that implementation would occur within 3 months after ratification by the ARIN Board of Trustees. The following would be needed in order to implement: A. Updated guidelines B. Staff training From bill at herrin.us Wed Sep 25 14:33:57 2013 From: bill at herrin.us (William Herrin) Date: Wed, 25 Sep 2013 14:33:57 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <5242FA37.7000304@arin.net> References: <5242FA37.7000304@arin.net> Message-ID: On Wed, Sep 25, 2013 at 10:59 AM, ARIN wrote: > must > provide proof that they (1) are an active business entity legally > operating within the ARIN service region Howdy, Speaking for myself, this is unacceptable. I am adamantly, totally, 100% against this, in concept and execution. This kind of restriction on international commerce is usually reserved for national security issues. Foreign interests own ARIN region infrastructure and do business with ARIN region customers all the time, without registering themselves with the government. Just as ARIN-region businesses do in Europe, Asia and elsewhere. Until there's a need for employees in a country, it's not generally necessary and often inappropriate to incorporate there. I think ARIN should continue to follow the same ordinary business practice everyone else does when it comes to the legal status of its registrants: as long as there's a contactable legal existence somewhere (and it's incumbent on the registrant to prove it) they should pass muster as an organization capable of requesting resources. >, and (2) are operating a > network located within the ARIN service region. In addition to meeting > all other applicable policy requirements, a plurality of new resources "Plurality" is a non-starter for me. You really want to do this, pick a percent. The reasons have all been stated before, both in the previous discussion, the staff comments and the legal assessment. In context, plurality is a sloppy, hard to pin down concept that makes management and analysis needlessly hard. > As reported at the last meeting in Barbados, ARIN staff is having > difficulty verifying organizations out-of-region. In many of the cases, > particularly in VPS (Virtual Private Service), the only information > received on these organizations by ARIN is a customer name and IP > address. This information cannot be properly verified by ARIN. Accuracy > of registration data is critical to not only law enforcement, but the > greater ARIN community as it relates to abuse contact and complaints. In > fact, most issues facing law enforcement are also shared by legitimate > companies attempting, for instance, to identify an organization that has > hijacked their IP address space. Do I correctly read the expectation that the verification process ARIN would apply to its direct registrants is expected to be adopted down stream by service providers as they assign addresses to their customers? What a godawful mess that would make! If not, then how exactly does the draft policy address the problem noted above? I don't say this often, but for all of the reasons above I respectfully encourage the AC to abandon this proposal. The issues raised by our law enforcement colleagues are legitimate, but this approach to solving them is not credible. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From sethm at rollernet.us Wed Sep 25 17:38:01 2013 From: sethm at rollernet.us (Seth Mattinen) Date: Wed, 25 Sep 2013 14:38:01 -0700 Subject: [arin-ppml] tuner Message-ID: <524357B9.3050109@rollernet.us> rtp://239.255.1.1:59001 -- Seth Mattinen sethm at rollernet.us Chief Technology Officer Office: 775-284-0383 Direct: 775-398-5260 Roller Network LLC www.rollernet.us From sethm at rollernet.us Wed Sep 25 17:49:05 2013 From: sethm at rollernet.us (Seth Mattinen) Date: Wed, 25 Sep 2013 14:49:05 -0700 Subject: [arin-ppml] tuner In-Reply-To: <524357B9.3050109@rollernet.us> References: <524357B9.3050109@rollernet.us> Message-ID: <52435A51.4080901@rollernet.us> On 9/25/13 2:38 PM, Seth Mattinen wrote: > rtp://239.255.1.1:59001 > Well, this was obviously sent to the wrong email address, sorry for the noise. =) For the curious: it's an hdhomerun tuner I'm playing with. ~Seth From owen at delong.com Wed Sep 25 17:46:31 2013 From: owen at delong.com (Owen DeLong) Date: Wed, 25 Sep 2013 14:46:31 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <5242FA37.7000304@arin.net> Message-ID: <1AF30D8D-B095-4C0B-A5F5-BB43E006C7F7@delong.com> On Sep 25, 2013, at 11:33 AM, William Herrin wrote: > On Wed, Sep 25, 2013 at 10:59 AM, ARIN wrote: >> must >> provide proof that they (1) are an active business entity legally >> operating within the ARIN service region > > Howdy, > > Speaking for myself, this is unacceptable. I am adamantly, totally, > 100% against this, in concept and execution. > > This kind of restriction on international commerce is usually reserved > for national security issues. Foreign interests own ARIN region > infrastructure and do business with ARIN region customers all the > time, without registering themselves with the government. Just as > ARIN-region businesses do in Europe, Asia and elsewhere. Until there's > a need for employees in a country, it's not generally necessary and > often inappropriate to incorporate there. Foreign interests that own ARIN region infrastructure and do business in the ARIN region are either legally operating within the ARIN service region, or, they are violating the law by doing so, so I am not sure what it is that you find objectionable. For example, a German company operating in Virginia that has filed all of the necessary paperwork, has the proper permits and licenses, etc. would qualify under the above provision. They are: 1. An active business entity 2. Legally operating within the ARIN region > I think ARIN should continue to follow the same ordinary business > practice everyone else does when it comes to the legal status of its > registrants: as long as there's a contactable legal existence > somewhere (and it's incumbent on the registrant to prove it) they > should pass muster as an organization capable of requesting resources. If they aren't operating in the region, why should they be able to receive resources from ARIN instead of having to get them from an RIR that serves someplace that they do operate? Owen From scottleibrand at gmail.com Wed Sep 25 17:54:29 2013 From: scottleibrand at gmail.com (Scott Leibrand) Date: Wed, 25 Sep 2013 14:54:29 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <5242FA37.7000304@arin.net> Message-ID: On Wed, Sep 25, 2013 at 11:33 AM, William Herrin wrote: > On Wed, Sep 25, 2013 at 10:59 AM, ARIN wrote: > > must > > provide proof that they (1) are an active business entity legally > > operating within the ARIN service region > > Howdy, > > Speaking for myself, this is unacceptable. I am adamantly, totally, > 100% against this, in concept and execution. > > This kind of restriction on international commerce is usually reserved > for national security issues. Foreign interests own ARIN region > infrastructure and do business with ARIN region customers all the > time, without registering themselves with the government. Just as > ARIN-region businesses do in Europe, Asia and elsewhere. Until there's > a need for employees in a country, it's not generally necessary and > often inappropriate to incorporate there. > > I think ARIN should continue to follow the same ordinary business > practice everyone else does when it comes to the legal status of its > registrants: as long as there's a contactable legal existence > somewhere (and it's incumbent on the registrant to prove it) they > should pass muster as an organization capable of requesting resources. > I agree. > > > I don't say this often, but for all of the reasons above I > respectfully encourage the AC to abandon this proposal. The issues > raised by our law enforcement colleagues are legitimate, but this > approach to solving them is not credible. > I oppose this proposal, but did not make a motion to abandon it, because I think it deserves a hearing from the community in Phoenix. Unless the community thinks this is an important issue that we need policy around, I will support abandoning it after that meeting. -Scott -------------- next part -------------- An HTML attachment was scrubbed... URL: From bill at herrin.us Wed Sep 25 18:15:29 2013 From: bill at herrin.us (William Herrin) Date: Wed, 25 Sep 2013 18:15:29 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <1AF30D8D-B095-4C0B-A5F5-BB43E006C7F7@delong.com> References: <5242FA37.7000304@arin.net> <1AF30D8D-B095-4C0B-A5F5-BB43E006C7F7@delong.com> Message-ID: On Wed, Sep 25, 2013 at 5:46 PM, Owen DeLong wrote: > On Sep 25, 2013, at 11:33 AM, William Herrin wrote: >> This kind of restriction on international commerce is usually reserved >> for national security issues. Foreign interests own ARIN region >> infrastructure and do business with ARIN region customers all the >> time, without registering themselves with the government. Just as >> ARIN-region businesses do in Europe, Asia and elsewhere. Until there's >> a need for employees in a country, it's not generally necessary and >> often inappropriate to incorporate there. > > Foreign interests that own ARIN region infrastructure and do business in > the ARIN region are either legally operating within the ARIN service region, > or, they are violating the law by doing so, so I am not sure what it is that > you find objectionable. > > For example, a German company operating in Virginia that has filed all > of the necessary paperwork, has the proper permits and licenses, etc. > would qualify under the above provision. Hi Owen, What permits, licenses or other government paperwork would a German company need to own a few routers in Ashburn, buy telco DSL lines on behalf of lata 236 customers and provide Internet access there? >> I think ARIN should continue to follow the same ordinary business >> practice everyone else does when it comes to the legal status of its >> registrants: as long as there's a contactable legal existence >> somewhere (and it's incumbent on the registrant to prove it) they >> should pass muster as an organization capable of requesting resources. > > If they aren't operating in the region, why should they be able to receive > resources from ARIN instead of having to get them from an RIR that serves > someplace that they do operate? Operating legally in a region != has a government registered legal presence in the region ARIN is not qualified to assess the former and would have a very difficult time doing so. Staff and counsel made this point in the analysis of the proposal. The latter penalizes legitimate organizations for failing to register with the government in a manner the government itself has not elected to compel by law, an action far outside ARIN's mission. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From JOHN at egh.com Wed Sep 25 18:27:08 2013 From: JOHN at egh.com (John Santos) Date: Wed, 25 Sep 2013 18:27:08 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: Message-ID: <1130925174302.32729E-100000@Ives.egh.com> On Wed, 25 Sep 2013, William Herrin wrote: > On Wed, Sep 25, 2013 at 10:59 AM, ARIN wrote: [...] > > >, and (2) are operating a > > network located within the ARIN service region. In addition to meeting > > all other applicable policy requirements, a plurality of new resources > > "Plurality" is a non-starter for me. You really want to do this, pick a > percent. > > The reasons have all been stated before, both in the previous > discussion, the staff comments and the legal assessment. In context, > plurality is a sloppy, hard to pin down concept that makes management > and analysis needlessly hard. Huh? "Plurality" is a precisely defined mathematical concept. The part I have a problem with is "a network located within the ARIN service region." Networks intrinsically span service regions. Nodes can be scattered across RIR regions, links between nodes can (and often do) cross regional boundaries, and what's worse, nodes can move, both day-to-day (for example, an international corporation moves its "www.support.foocorp.com" web servers from a data center in Michigan to one in Luxembourg), and totally dynamically, as in load-balancing and site failover, as well as mobile nodes that can cross RIR boundaries at will. In which region is a Liberian-registered cruise ship sailing out of San Diego currently exploring the coast of Patagonia? Or an airplane or the ISS? There needs to be a degree of fuzziness. If we are going to force a regional preponderance of the network (a much vaguer term than "plurality"), to be in ARIN's geographical region, then (1) clearly a network with 30% ARIN, 70% RIPE should be getting its resources from RIPE, but (2) one with 29% ARIN, 28% RIPE, 25% APNIC, and the other 17% spread across Africa and Latin America should get their resources from ARIN, despite having a smaller footprint than the 1st organization. And what of (3), which has 28.99% ARIN, 29.01% RIPE right now, but it could change in the next 15 minutes? Maybe "within 5% of a plurality in the ARIN region" would be a better metric. I think right now, an organization can basically deal with the registry it finds most convenient, whether for geography, language, culture or whatever. The proposal doesn't seem to be about registry shopping (my local RIR rejected my request or has too many restrictions on my trying to commoditize or speculateon the resources, so I'm going take a dip from another well), or double-dipping or playing registries off against each other. Its goal seems to be accountability of the registrants, so I think thats what it should try to do directly. It shouldn't matter *where* an organization is based, it should matter whether it is contactable, receives and pays its bills, handles abuse complaints and technical issues, etc. If these are true, local law enforcement should have no problem tracking them down if needed. -- John Santos Evans Griffiths & Hart, Inc. 781-861-0670 ext 539 From owen at delong.com Wed Sep 25 18:44:39 2013 From: owen at delong.com (Owen DeLong) Date: Wed, 25 Sep 2013 15:44:39 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <5242FA37.7000304@arin.net> <1AF30D8D-B095-4C0B-A5F5-BB43E006C7F7@delong.com> Message-ID: On Sep 25, 2013, at 3:15 PM, William Herrin wrote: > On Wed, Sep 25, 2013 at 5:46 PM, Owen DeLong wrote: >> On Sep 25, 2013, at 11:33 AM, William Herrin wrote: >>> This kind of restriction on international commerce is usually reserved >>> for national security issues. Foreign interests own ARIN region >>> infrastructure and do business with ARIN region customers all the >>> time, without registering themselves with the government. Just as >>> ARIN-region businesses do in Europe, Asia and elsewhere. Until there's >>> a need for employees in a country, it's not generally necessary and >>> often inappropriate to incorporate there. >> >> Foreign interests that own ARIN region infrastructure and do business in >> the ARIN region are either legally operating within the ARIN service region, >> or, they are violating the law by doing so, so I am not sure what it is that >> you find objectionable. >> >> For example, a German company operating in Virginia that has filed all >> of the necessary paperwork, has the proper permits and licenses, etc. >> would qualify under the above provision. > > Hi Owen, > > What permits, licenses or other government paperwork would a German > company need to own a few routers in Ashburn, buy telco DSL lines on > behalf of lata 236 customers and provide Internet access there? That would depend on Virginia state law, local ordinances in Ashburn, etc. It's possible that they don't need anything, in which case, they are legally operating there without needing any licenses or permits. If that is the case, they would still meet the test expressed in this policy proposal, so I don't see why you consider it problematic. It's possible that they need at least a business license (in which case, that would be required). Since I'm not familiar with VA law or Ashburn city ordinances, I can't answer that question with any certainty. > > >>> I think ARIN should continue to follow the same ordinary business >>> practice everyone else does when it comes to the legal status of its >>> registrants: as long as there's a contactable legal existence >>> somewhere (and it's incumbent on the registrant to prove it) they >>> should pass muster as an organization capable of requesting resources. >> >> If they aren't operating in the region, why should they be able to receive >> resources from ARIN instead of having to get them from an RIR that serves >> someplace that they do operate? > > Operating legally in a region != has a government registered legal > presence in the region > Correct. However, the policy proposal doesn't state "has a government registered legal presence in the region". It states "Must provide proof that they (1) are an active business entity legally operating within the ARIN service region". Therefore, the requirement expressed is simply that they are: 1. A business entity 2. Active 3. Operating in the ARIN region 4. Not violating the law by operating in the ARIN region These seem like reasonable requirements to me, so I still don't understand your problem with it. > ARIN is not qualified to assess the former and would have a very > difficult time doing so. Staff and counsel made this point in the > analysis of the proposal. I don't see that as a serious issue. As long as the entity provides reasonable documentation to ARIN, ARIN should be able to issue the resources under this policy in good faith. If it later turns out that there is an issue, then this policy enables appropriate action to be taken to reclaim the resources as needed. > The latter penalizes legitimate organizations for failing to register > with the government in a manner the government itself has not elected > to compel by law, an action far outside ARIN's mission. How? If they aren't required to register, then the policy proposal does not require them to register. Owen From owen at delong.com Wed Sep 25 18:55:05 2013 From: owen at delong.com (Owen DeLong) Date: Wed, 25 Sep 2013 15:55:05 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <1130925174302.32729E-100000@Ives.egh.com> References: <1130925174302.32729E-100000@Ives.egh.com> Message-ID: <31676B90-1317-4EDF-9580-30A1A71519A3@delong.com> On Sep 25, 2013, at 3:27 PM, John Santos wrote: > On Wed, 25 Sep 2013, William Herrin wrote: > >> On Wed, Sep 25, 2013 at 10:59 AM, ARIN wrote: > [...] > >> >>> , and (2) are operating a >>> network located within the ARIN service region. In addition to meeting >>> all other applicable policy requirements, a plurality of new resources >> >> "Plurality" is a non-starter for me. You really want to do this, pick a >> percent. >> >> The reasons have all been stated before, both in the previous >> discussion, the staff comments and the legal assessment. In context, >> plurality is a sloppy, hard to pin down concept that makes management >> and analysis needlessly hard. > > Huh? "Plurality" is a precisely defined mathematical concept. > > The part I have a problem with is "a network located within the ARIN > service region." I don't think this is as problematic as you are perceiving. > Networks intrinsically span service regions. Nodes can be scattered > across RIR regions, links between nodes can (and often do) cross regional > boundaries, and what's worse, nodes can move, both day-to-day (for > example, an international corporation moves its "www.support.foocorp.com" > web servers from a data center in Michigan to one in Luxembourg), and > totally dynamically, as in load-balancing and site failover, as well as > mobile nodes that can cross RIR boundaries at will. In which region is a > Liberian-registered cruise ship sailing out of San Diego currently exploring > the coast of Patagonia? Or an airplane or the ISS? In the case of spanning regions and scattered across regions, that is the reason for the "plurality" provision. It allows a company to keep some portion of its assets in region and still address its out-of-region assets so long as none of the other regions contain more of the network using ARIN region numbers than what is in the ARIN region. As to moving, yes, corporations often use DNS changes to move the service for "www.support.foocorp.com" from one place to another (or to balance it across many locations), but that's DNS. Policy here is about the numbers and corporations rarely move the numbers around in such a scheme. (Anycast notwithstanding, but I would treat any cast as used in region so long as at least one site advertising the any cast prefix was in region). Mobile nodes that cross RIR boundaries actually tend to get new numbers when they do so. (At least I haven't roamed across an RIR boundary without being assigned a new IP address when I did so, and I've been across a lot of RIR boundaries. > There needs to be a degree of fuzziness. If we are going to force a > regional preponderance of the network (a much vaguer term than > "plurality"), to be in ARIN's geographical region, then (1) clearly a Yes. > network with 30% ARIN, 70% RIPE should be getting its resources from RIPE, Which would fail the plurality test. > but (2) one with 29% ARIN, 28% RIPE, 25% APNIC, and the other 17% spread > across Africa and Latin America should get their resources from ARIN, Which would pass the plurality test. > despite having a smaller footprint than the 1st organization. And what of > (3), which has 28.99% ARIN, 29.01% RIPE right now, but it could change in > the next 15 minutes? Maybe "within 5% of a plurality in the ARIN region" > would be a better metric. In reality, I think that particular boundary condition is an unlikely corner case. Where is the other 42% of that network, by the way? As I said above, the numbers do not tend to move as quickly as you claim. Names tend to be quite dynamic. Numbers tend to be fairly stable. If they were not, BGP would have a much higher (and unsustainable) level of churn. > I think right now, an organization can basically deal with the registry it > finds most convenient, whether for geography, language, culture or > whatever. The proposal doesn't seem to be about registry shopping (my No, actually, most of the other RIRs are much stricter about out-of-region use of address space than ARIN. > local RIR rejected my request or has too many restrictions on my trying to > commoditize or speculateon the resources, so I'm going take a dip from > another well), or double-dipping or playing registries off against each > other. Its goal seems to be accountability of the registrants, so I think These are definitely one aspect of the intended policy, but not exclusively, no. > thats what it should try to do directly. It shouldn't matter *where* an That is a second aspect of the proposal. > organization is based, it should matter whether it is contactable, > receives and pays its bills, handles abuse complaints and technical > issues, etc. If these are true, local law enforcement should have no > problem tracking them down if needed. I don't think this is just about law enforcement, though the proposal authors are primarily representatives of US and Canadian LE organizations. I do think that the primary intent of the proposal is to address a growing perceived issue with registry shopping. Personally, I'm all for making the process more open to out-of-region usage as you described, but if you look closely at current ARIN operating practice and this policy proposal, you will see that the proposal is actually more liberal about this than current (though not some prior) operating practice. Owen From bill at herrin.us Wed Sep 25 19:04:27 2013 From: bill at herrin.us (William Herrin) Date: Wed, 25 Sep 2013 19:04:27 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <5242FA37.7000304@arin.net> <1AF30D8D-B095-4C0B-A5F5-BB43E006C7F7@delong.com> Message-ID: On Wed, Sep 25, 2013 at 6:44 PM, Owen DeLong wrote: > On Sep 25, 2013, at 3:15 PM, William Herrin wrote: >> What permits, licenses or other government paperwork would a German >> company need to own a few routers in Ashburn, buy telco DSL lines on >> behalf of lata 236 customers and provide Internet access there? > > It's possible that they don't need anything, in which case, they are legally > operating there without needing any licenses or permits. As a Virginian, I'll help you out: in at least one version of that scenario, they in fact don't need anything. (Proposal Draft: Organizations ... must provide proof that they [are] legally operating within the ARIN service region) >> ARIN is not qualified to assess [whether an organization is >> operating legally within the region] and would have a very >> difficult time doing so. > > I don't see that as a serious issue. The cognitive dissonance has blown my mind. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From owen at delong.com Wed Sep 25 19:19:41 2013 From: owen at delong.com (Owen DeLong) Date: Wed, 25 Sep 2013 16:19:41 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <5242FA37.7000304@arin.net> <1AF30D8D-B095-4C0B-A5F5-BB43E006C7F7@delong.com> Message-ID: On Sep 25, 2013, at 4:04 PM, William Herrin wrote: > On Wed, Sep 25, 2013 at 6:44 PM, Owen DeLong wrote: >> On Sep 25, 2013, at 3:15 PM, William Herrin wrote: >>> What permits, licenses or other government paperwork would a German >>> company need to own a few routers in Ashburn, buy telco DSL lines on >>> behalf of lata 236 customers and provide Internet access there? >> >> It's possible that they don't need anything, in which case, they are legally >> operating there without needing any licenses or permits. > > As a Virginian, I'll help you out: in at least one version of that > scenario, they in fact don't need anything. > > > (Proposal Draft: Organizations ... must provide proof that they [are] legally > operating within the ARIN service region) > Proof in that case would be: 1. Proof that they are an active business entity 2. A statement that no additional permits or licenses are required to operate in their present location(s). Again, still not seeing a problem. >>> ARIN is not qualified to assess [whether an organization is >>> operating legally within the region] and would have a very >>> difficult time doing so. >> >> I don't see that as a serious issue. > > The cognitive dissonance has blown my mind. You'll have to be more clear about what you are perceiving as cognitive dissonance, as I do not perceive any. Owen From ebw at abenaki.wabanaki.net Wed Sep 25 19:51:01 2013 From: ebw at abenaki.wabanaki.net (Eric Brunner-Williams) Date: Wed, 25 Sep 2013 16:51:01 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <51CB28D3.5090901@abenaki.wabanaki.net> References: <51CB28D3.5090901@abenaki.wabanaki.net> Message-ID: <524376E5.7030906@abenaki.wabanaki.net> > must > provide proof that they (1) are an active business entity legally > operating within the ARIN service region Well. I concur with Bill Herrin now, as I did in June when the same dead horse was presented for beating (infra). I repeat, the determination of nexus for a variety of ordinary business purposes, unrelated to addresses and routing, is already well established in existing law, and _this_isn't_allocation_policy_. Perhaps we could have corporate counsel offer a 5m brief on personal and subject matter jurisdiction. This proposal should be abandoned. LEOs don't allocate or route, and allocators and routers don't moonlight as LEOs. Eric -------- Original Message -------- Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors Date: Wed, 26 Jun 2013 10:45:55 -0700 From: Eric Brunner-Williams Reply-To: ebw at abenaki.wabanaki.net Organization: wampumpeag To: John Curran CC: arin-ppml at arin.net I don't want to beat this jurisdictional horse much more, but the 1973 allocation of addresses to the TIP at NORSAR, the first extra-territorial allocation of an ARPA address asset, did not arise from a request originating in the US Departments of Justice, or State. Jurisdiction was not an original constraint on allocation. Subsequent allocations to the TIP in London, and later during the Defense Communications Agency management period to sites in the West Pacific and East Atlantic regions similarly did not arise from requests originating in the US Departments of Justice, or State. Jurisdiction as a constraint on allocation is proposed in the present. My point is that it is novel, not required, and not a substitute for existing law establishing nexus for a variety of ordinary business purposes, unrelated to addresses and routing. Eric _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From jcurran at arin.net Wed Sep 25 20:07:58 2013 From: jcurran at arin.net (John Curran) Date: Thu, 26 Sep 2013 00:07:58 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <524376E5.7030906@abenaki.wabanaki.net> References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> Message-ID: <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> On Sep 25, 2013, at 7:51 PM, Eric Brunner-Williams wrote: > ... > I repeat, the determination of nexus for a variety of ordinary > business purposes, unrelated to addresses and routing, is already well > established in existing law, and _this_isn't_allocation_policy_. > > Perhaps we could have corporate counsel offer a 5m brief on personal > and subject matter jurisdiction. To be clear, corporate counsel did review the policy proposal (the legal assessment follows the revised policy text) and found the proposed policy can be adopted without creating serious legal risk. Whether it produces a desirable outcome for the determination of the community, but it does not pose a legal problem if adopted. FYI, /John John Curran President and CEO ARIN From farmer at umn.edu Wed Sep 25 20:11:21 2013 From: farmer at umn.edu (David Farmer) Date: Wed, 25 Sep 2013 19:11:21 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <5242FA37.7000304@arin.net> <1AF30D8D-B095-4C0B-A5F5-BB43E006C7F7@delong.com> Message-ID: <3F2FE51E-6681-43D3-9D6E-58D272CC8031@umn.edu> > On Sep 25, 2013, at 18:04, William Herrin wrote: > >> On Wed, Sep 25, 2013 at 6:44 PM, Owen DeLong wrote: >>> On Sep 25, 2013, at 3:15 PM, William Herrin wrote: >>> What permits, licenses or other government paperwork would a German >>> company need to own a few routers in Ashburn, buy telco DSL lines on >>> behalf of lata 236 customers and provide Internet access there? >> >> It's possible that they don't need anything, in which case, they are legally >> operating there without needing any licenses or permits. > > As a Virginian, I'll help you out: in at least one version of that > scenario, they in fact don't need anything. Bill, I'm no lawyer but the following seems to contradict your statement, at least in my plain English reading. http://www.scc.virginia.gov/clk/befaq/forinva.aspx#a1 Other than googling and seeing what the Internet says, we are out of my element, and I'll wait for legal advice from counsel. > (Proposal Draft: Organizations ... must provide proof that they [are] legally > operating within the ARIN service region) > >>> ARIN is not qualified to assess [whether an organization is >>> operating legally within the region] and would have a very >>> difficult time doing so. >> >> I don't see that as a serious issue. > > The cognitive dissonance has blown my mind. > > > Regards, > Bill Herrin > > > -- > William D. Herrin ................ herrin at dirtside.com bill at herrin.us > 3005 Crane Dr. ...................... Web: > Falls Church, VA 22042-3004 -- =============================================== David Farmer Email:farmer at umn.edu Networking & Telecommunication Services Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 612-626-0815 Minneapolis, MN 55414-3029 Cell: 612-812-9952 =============================================== -------------- next part -------------- An HTML attachment was scrubbed... URL: From JOHN at egh.com Wed Sep 25 20:12:21 2013 From: JOHN at egh.com (John Santos) Date: Wed, 25 Sep 2013 20:12:21 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <31676B90-1317-4EDF-9580-30A1A71519A3@delong.com> Message-ID: <1130925194505.32729B-100000@Ives.egh.com> On Wed, 25 Sep 2013, Owen DeLong wrote: > > On Sep 25, 2013, at 3:27 PM, John Santos wrote: > > > On Wed, 25 Sep 2013, William Herrin wrote: > > > >> On Wed, Sep 25, 2013 at 10:59 AM, ARIN wrote: > > [...] [...] > > > network with 30% ARIN, 70% RIPE should be getting its resources from RIPE, > > Which would fail the plurality test. > > > but (2) one with 29% ARIN, 28% RIPE, 25% APNIC, and the other 17% spread > > across Africa and Latin America should get their resources from ARIN, > > Which would pass the plurality test. > Yes, I don't have a problem with the word "plurality", Bill apparently does... > > despite having a smaller footprint than the 1st organization. And what of > > (3), which has 28.99% ARIN, 29.01% RIPE right now, but it could change in > > the next 15 minutes? Maybe "within 5% of a plurality in the ARIN region" > > would be a better metric. > > In reality, I think that particular boundary condition is an unlikely corner case. > Where is the other 42% of that network, by the way? > As per my example (2), with no more than 25% in any other region. > As I said above, the numbers do not tend to move as quickly as you claim. > Names tend to be quite dynamic. Numbers tend to be fairly stable. If they > were not, BGP would have a much higher (and unsustainable) level of churn. > Most of my addresses (in my tiny little Class C) have moved less than 20 feet in the last 20 years, all are still in the same building :-) This is mostly of academic interest to me as I try to envision the future of the Internet. But also my company is trying to get its foot in the door in IP-based telephony, so Internet addressing and routing policies are of enormous interest to my customers (big telcos), and I need to understand their issues. Is the general consensus that a mobile device would more likely re-number itself as it moves around, rather than transporting its address with it? Even in the glorious (mythical?) future of identity/location separation? If so, then address location (or subnet location, since that is probably what would really be measured) would be much less dynamic and so less problematic than I envisioned. > > I think right now, an organization can basically deal with the registry it > > finds most convenient, whether for geography, language, culture or > > whatever. The proposal doesn't seem to be about registry shopping (my > > No, actually, most of the other RIRs are much stricter about out-of-region > use of address space than ARIN. Okay, didn't know this. [...] > > Owen > > > -- John Santos Evans Griffiths & Hart, Inc. 781-861-0670 ext 539 From bill at herrin.us Wed Sep 25 18:50:33 2013 From: bill at herrin.us (William Herrin) Date: Wed, 25 Sep 2013 18:50:33 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <1130925174302.32729E-100000@Ives.egh.com> References: <1130925174302.32729E-100000@Ives.egh.com> Message-ID: On Wed, Sep 25, 2013 at 6:27 PM, John Santos wrote: > Huh? "Plurality" is a precisely defined mathematical concept. Hi John, Plurality in a steady state system is easily understood. Address management is anything but a steady state system. What do you do when your ARIN region customer with the /19 closes his account, dropping your ARIN-region presence to 15%? Plurality applied to such a dynamic system is just begging for trouble. > The part I have a problem with is "a network located within the ARIN > service region." > > Networks intrinsically span service regions. Nodes can be scattered > across RIR regions, links between nodes can (and often do) cross regional > boundaries, and what's worse, nodes can move, both day-to-day (for > example, an international corporation moves its "www.support.foocorp.com" > web servers from a data center in Michigan to one in Luxembourg), and > totally dynamically, as in load-balancing and site failover, as well as > mobile nodes that can cross RIR boundaries at will. In which region is a > Liberian-registered cruise ship sailing out of San Diego currently exploring > the coast of Patagonia? Or an airplane or the ISS? > > There needs to be a degree of fuzziness. Fair point. Any absolute amount applied to the dynamic system that is address management is begging for trouble. Plurality just happens to be more confusing than most. > If we are going to force a > regional preponderance of the network (a much vaguer term than > "plurality"), to be in ARIN's geographical region, then (1) clearly a > network with 30% ARIN, 70% RIPE should be getting its resources from RIPE, > but (2) one with 29% ARIN, 28% RIPE, 25% APNIC, and the other 17% spread > across Africa and Latin America should get their resources from ARIN, > despite having a smaller footprint than the 1st organization. And what of > (3), which has 28.99% ARIN, 29.01% RIPE right now, but it could change in > the next 15 minutes? Maybe "within 5% of a plurality in the ARIN region" > would be a better metric. Well, I don't agree with that at all. The regionalized registry system makes no sense unless the overwhelming majority of the addresses used within the ARIN region come from ARIN and the overwhelming majority of the addresses used within the RIPE region come from RIPE. The idea that a multinational registrant might get his addresses from RIPE and then deploy half of them in North Carolina just doesn't make sense. Deploying addresses outside the region should be the exceptional case; if the majority of your addresses are deployed outregion, you're doing it wrong. Moreover, the law enforcement objective *is not served* if RIPE region addresses registered to RIPE region entities are deployed in the ARIN region where law enforcement has jurisdiction. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From owen at delong.com Wed Sep 25 21:12:42 2013 From: owen at delong.com (Owen DeLong) Date: Wed, 25 Sep 2013 18:12:42 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <1130925194505.32729B-100000@Ives.egh.com> References: <1130925194505.32729B-100000@Ives.egh.com> Message-ID: <236254C2-2AB2-41C7-8555-FE1464D78B76@delong.com> >> As I said above, the numbers do not tend to move as quickly as you claim. >> Names tend to be quite dynamic. Numbers tend to be fairly stable. If they >> were not, BGP would have a much higher (and unsustainable) level of churn. >> > > Most of my addresses (in my tiny little Class C) have moved less than 20 > feet in the last 20 years, all are still in the same building :-) This > is mostly of academic interest to me as I try to envision the future of > the Internet. But also my company is trying to get its foot in the door > in IP-based telephony, so Internet addressing and routing policies are of > enormous interest to my customers (big telcos), and I need to understand > their issues. As a general rule, if you move around within EU, or within North America, or even within much of Asia, you will often keep the same IP address. In some cases, you will get a new IP address when you cross a national boundary. Other than within Turkey or Russia, I am not aware of anyplace where one can easily cross a continental boundary with a cellular device and not receive a new IP address. I think that traversals from one RIR region to another without renumbering are, therefore, quite rare (Turkey and Russia are entirely in the RIPE region, even the parts that are in Asia). Even if devices move without renumbering, I think RIR qualification for mobile services would be based on the "service delivery address" which is the registered service address for the device, not it's current roaming location. Such is the basis for sales and utility taxes, for example, where applicable in the US. > Is the general consensus that a mobile device would more likely re-number > itself as it moves around, rather than transporting its address with it? > Even in the glorious (mythical?) future of identity/location separation? Depends on the movement, but, again, we are talking about pretty gross scales of movement in most cases when you talk about changing RIRs. For example, one cannot get to any region other than LACNIC from the ARIN region without crossing an ocean. I don't believe it is possible to get to any other RIR region from AfriNIC without crossing an ocean. APNIC and RIPE also have a common land border. > If so, then address location (or subnet location, since that is probably > what would really be measured) would be much less dynamic and so less > problematic than I envisioned. Exactly my point. Owen From owen at delong.com Wed Sep 25 21:24:24 2013 From: owen at delong.com (Owen DeLong) Date: Wed, 25 Sep 2013 18:24:24 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <1130925174302.32729E-100000@Ives.egh.com> <31676B90-1317-4EDF-9580-30A1A71519A3@delong.com> Message-ID: On Sep 25, 2013, at 5:33 PM, Jason Schiller wrote: > > The policy is a little hard to parse... > > On Wed, Sep 25, 2013 at 6:55 PM, Owen DeLong wrote: > | As to moving, yes, corporations often use DNS changes to move the > | service for "www.support.foocorp.com" from one place to another (or > | to balance it across many locations), but that's DNS. Policy here is > | about the numbers and corporations rarely move the numbers around > | in such a scheme. (Anycast notwithstanding, but I would treat any cast > | as used in region so long as at least one site advertising the any cast > | prefix was in region). > > > What I can't tell is if this is changing current ARIN practice, and if so, making > it more restrictive or less restrictive. My understanding is that it would make a slight change to current ARIN practice making it slightly less restrictive. > With respect to a global contiguous network that operates, in part, in the > ARIN service region, and advertises reachability for all of the aggregates > both in the ARIN service region, and outside the ARIN service region, > count their utilization of equipment and customers of this global network > regardless of where they are. Unfortunately, no, this is not entirely current practice. If you can justify everything you need based on in-region devices, then ARIN won't complain about your out-of-region usage, but if you come back for more, you need to be able to justify your additional need strictly using in-region devices. If you tell ARIN that you want numbers for your local office and your POP in London, they will approve you only for the local office. (It used to be that the POP in London was no problem, but not any more). > This seems to be current practice, and suggested by Owen that he still > considers it true wrt his anycast statement. I believe this policy would return us to a better place as described above. > "In addition to meeting all other applicable policy requirements, a > plurality of new resources requested from ARIN must be justified > by technical infrastructure or customers located within the ARIN > service region, and any located outside the region must be > interconnected to the ARIN service region. The same technical > infrastructure or customers cannot be used to justify resources in > more than one RIR." > > This could be read as: > new resources requested from ARIN must be justified by: > 1. technical infrastructure or customers located within the ARIN > service region > > AND > > 2. any [technical infrastructure or customers] located outside the > region [which are] interconnected to the [infrastructure in point 1] in the > ARIN service region. Yes, but with the additional caveat that the quantity of resources justified by [1] must exceed the amount of resources in any other single RIR region justified by [2], and, though the resources in [2] have to be interconnected to the ARIN region, they don't necessarily connect to new devices from [1] rather than old devices that are already deployed. > This would suggest that you get to count the non-ARIN customers that > are attached to the global network, such as the case now, including the > case where an Asian company is providing tunnel services to an LA > gateway that is terminating Asian customers. This is only partially the case now sort of under some circumstances. The proposal would make it universally the case. > This also suggests that you can count utilization of ARIN resources > outside of the ARIN region in a disconnected network that is wholly > outside the ARIN region so long as this utilization doesn't cross the > plurality or 20% or 50% threshold. I don't believe that is true. I believe that the requirement is for the utilization out of region to be entirely on infrastructure that is part of the contiguous interconnection (intra-ORG) with the ARIN region. > My understand is today ARIN does not recognize this utilization at all > suggesting this would loosen current practice. Correct. > > --- > > Based on the tone of the conversation, I suspect the community believes > the reading of the policy is parsed differently: > > new resources requested from ARIN must be justified only by technical > infrastructure or customers located within the ARIN service region. > > [In addition,] any [use] located outside the [ARIN] service region must be > interconnected to [a network in] the ARIN service region. > > > This seems to suggest usage outside the region even in a globally > connected network that is, in part, within the ARIN service region > does not count towards plurality (or whatever minimum percentage) > suggesting this policy is more restrictive than current policy. > > Additionally, I have not seen any object to the next clause: > > "The same technical infrastructure or customers cannot be used to justify > resources in more than one RIR." The intent of this statement is to prevent "double dipping". You can't ask ARIN for resources for the same pieces of your network in Asia that you already received resources from APNIC to number. > --- > > I agree that double counting should not occur, but there are cases when it > is justified to have multiple addresses on a single piece of equipment or > to a single customer. Why can't a mix and match approach work. > > For example imagine a server serving https for two domains. It needs two > IP addresses, one for each domain's cert with IP based vhosting. Should > this operator be precluded from having their previous turned up customers > continue to have RIPE space, but newly turned up customers on the same > server use ARIN space? What if each service is anycasted on machines in > the UE and Europe for diversity, and performance? Can the first customer > on the same hardware use a single IP from RIPE in both locations, and the > second a single IP from ARIN? I think from an RIR perspective, these would not be considered the same infrastructure for addressing purposes. Each of the two web servers is counted separately, even though they happen to be on the same physical piece of hardware. If you have better wording to clarify that intent, I'm sure it would be welcome. > How about a customer that has a RIPE /24 and has grown beyond their > current addresses, should they be precluded from getting an additional > ARIN /24 and keep their RIPE /24? What if the customer has a single > network in both the US and Europe and is multi-homed to a single > provider in the US and Europe? If they have enough additional infrastructure to justify the additional /24, I believe this policy would allow that. I'm not sure I fully comprehend your meaning in the last sentence. > Or in both cases do they have to number out of RIPE space and into ARIN > space? I think this might make more sense if I understood the previous question. Owen > > > ___Jason > > On Wed, Sep 25, 2013 at 6:55 PM, Owen DeLong wrote: > > On Sep 25, 2013, at 3:27 PM, John Santos wrote: > > > On Wed, 25 Sep 2013, William Herrin wrote: > > > >> On Wed, Sep 25, 2013 at 10:59 AM, ARIN wrote: > > [...] > > > >> > >>> , and (2) are operating a > >>> network located within the ARIN service region. In addition to meeting > >>> all other applicable policy requirements, a plurality of new resources > >> > >> "Plurality" is a non-starter for me. You really want to do this, pick a > >> percent. > >> > >> The reasons have all been stated before, both in the previous > >> discussion, the staff comments and the legal assessment. In context, > >> plurality is a sloppy, hard to pin down concept that makes management > >> and analysis needlessly hard. > > > > Huh? "Plurality" is a precisely defined mathematical concept. > > > > The part I have a problem with is "a network located within the ARIN > > service region." > > I don't think this is as problematic as you are perceiving. > > > Networks intrinsically span service regions. Nodes can be scattered > > across RIR regions, links between nodes can (and often do) cross regional > > boundaries, and what's worse, nodes can move, both day-to-day (for > > example, an international corporation moves its "www.support.foocorp.com" > > web servers from a data center in Michigan to one in Luxembourg), and > > totally dynamically, as in load-balancing and site failover, as well as > > mobile nodes that can cross RIR boundaries at will. In which region is a > > Liberian-registered cruise ship sailing out of San Diego currently exploring > > the coast of Patagonia? Or an airplane or the ISS? > > In the case of spanning regions and scattered across regions, that is the > reason for the "plurality" provision. It allows a company to keep some > portion of its assets in region and still address its out-of-region assets so > long as none of the other regions contain more of the network using ARIN > region numbers than what is in the ARIN region. > > As to moving, yes, corporations often use DNS changes to move the > service for "www.support.foocorp.com" from one place to another (or > to balance it across many locations), but that's DNS. Policy here is > about the numbers and corporations rarely move the numbers around > in such a scheme. (Anycast notwithstanding, but I would treat any cast > as used in region so long as at least one site advertising the any cast > prefix was in region). > > Mobile nodes that cross RIR boundaries actually tend to get new numbers > when they do so. (At least I haven't roamed across an RIR boundary without > being assigned a new IP address when I did so, and I've been across a lot > of RIR boundaries. > > > There needs to be a degree of fuzziness. If we are going to force a > > regional preponderance of the network (a much vaguer term than > > "plurality"), to be in ARIN's geographical region, then (1) clearly a > > Yes. > > > network with 30% ARIN, 70% RIPE should be getting its resources from RIPE, > > Which would fail the plurality test. > > > but (2) one with 29% ARIN, 28% RIPE, 25% APNIC, and the other 17% spread > > across Africa and Latin America should get their resources from ARIN, > > Which would pass the plurality test. > > > despite having a smaller footprint than the 1st organization. And what of > > (3), which has 28.99% ARIN, 29.01% RIPE right now, but it could change in > > the next 15 minutes? Maybe "within 5% of a plurality in the ARIN region" > > would be a better metric. > > In reality, I think that particular boundary condition is an unlikely corner case. > Where is the other 42% of that network, by the way? > > As I said above, the numbers do not tend to move as quickly as you claim. > Names tend to be quite dynamic. Numbers tend to be fairly stable. If they > were not, BGP would have a much higher (and unsustainable) level of churn. > > > I think right now, an organization can basically deal with the registry it > > finds most convenient, whether for geography, language, culture or > > whatever. The proposal doesn't seem to be about registry shopping (my > > No, actually, most of the other RIRs are much stricter about out-of-region > use of address space than ARIN. > > > local RIR rejected my request or has too many restrictions on my trying to > > commoditize or speculateon the resources, so I'm going take a dip from > > another well), or double-dipping or playing registries off against each > > other. Its goal seems to be accountability of the registrants, so I think > > These are definitely one aspect of the intended policy, but not exclusively, > no. > > > thats what it should try to do directly. It shouldn't matter *where* an > > That is a second aspect of the proposal. > > > organization is based, it should matter whether it is contactable, > > receives and pays its bills, handles abuse complaints and technical > > issues, etc. If these are true, local law enforcement should have no > > problem tracking them down if needed. > > I don't think this is just about law enforcement, though the proposal authors > are primarily representatives of US and Canadian LE organizations. I do > think that the primary intent of the proposal is to address a growing perceived > issue with registry shopping. > > Personally, I'm all for making the process more open to out-of-region usage > as you described, but if you look closely at current ARIN operating practice > and this policy proposal, you will see that the proposal is actually more > liberal about this than current (though not some prior) operating practice. > > Owen > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > > > > -- > _______________________________________________________ > Jason Schiller|NetOps|jschiller at google.com|571-266-0006 > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jschiller at google.com Wed Sep 25 21:33:58 2013 From: jschiller at google.com (Jason Schiller) Date: Wed, 25 Sep 2013 21:33:58 -0400 Subject: [arin-ppml] Fwd: Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <1130925174302.32729E-100000@Ives.egh.com> <31676B90-1317-4EDF-9580-30A1A71519A3@delong.com> Message-ID: Seems my posts didn't show up... trying again... (Owen, did you get it the first time around? Can you repost it if it doesn't show up?) ---------- Forwarded message ---------- From: Jason Schiller Date: Wed, Sep 25, 2013 at 8:33 PM Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised To: Owen DeLong Cc: John Santos , "arin-ppml at arin.net" The policy is a little hard to parse... On Wed, Sep 25, 2013 at 6:55 PM, Owen DeLong wrote: | As to moving, yes, corporations often use DNS changes to move the | service for "www.support.foocorp.com" from one place to another (or | to balance it across many locations), but that's DNS. Policy here is | about the numbers and corporations rarely move the numbers around | in such a scheme. (Anycast notwithstanding, but I would treat any cast | as used in region so long as at least one site advertising the any cast | prefix was in region). What I can't tell is if this is changing current ARIN practice, and if so, making it more restrictive or less restrictive. With respect to a global contiguous network that operates, in part, in the ARIN service region, and advertises reachability for all of the aggregates both in the ARIN service region, and outside the ARIN service region, count their utilization of equipment and customers of this global network regardless of where they are. This seems to be current practice, and suggested by Owen that he still considers it true wrt his anycast statement. "In addition to meeting all other applicable policy requirements, a plurality of new resources requested from ARIN must be justified by technical infrastructure or customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region. The same technical infrastructure or customers cannot be used to justify resources in more than one RIR." This could be read as: new resources requested from ARIN must be justified by: 1. technical infrastructure or customers located within the ARIN service region AND 2. any [technical infrastructure or customers] located outside the region [which are] interconnected to the [infrastructure in point 1] in the ARIN service region. This would suggest that you get to count the non-ARIN customers that are attached to the global network, such as the case now, including the case where an Asian company is providing tunnel services to an LA gateway that is terminating Asian customers. This also suggests that you can count utilization of ARIN resources outside of the ARIN region in a disconnected network that is wholly outside the ARIN region so long as this utilization doesn't cross the plurality or 20% or 50% threshold. My understand is today ARIN does not recognize this utilization at all suggesting this would loosen current practice. --- Based on the tone of the conversation, I suspect the community believes the reading of the policy is parsed differently: new resources requested from ARIN must be justified only by technical infrastructure or customers located within the ARIN service region. [In addition,] any [use] located outside the [ARIN] service region must be interconnected to [a network in] the ARIN service region. This seems to suggest usage outside the region even in a globally connected network that is, in part, within the ARIN service region does not count towards plurality (or whatever minimum percentage) suggesting this policy is more restrictive than current policy. Additionally, I have not seen any object to the next clause: "The same technical infrastructure or customers cannot be used to justify resources in more than one RIR." --- I agree that double counting should not occur, but there are cases when it is justified to have multiple addresses on a single piece of equipment or to a single customer. Why can't a mix and match approach work. For example imagine a server serving https for two domains. It needs two IP addresses, one for each domain's cert with IP based vhosting. Should this operator be precluded from having their previous turned up customers continue to have RIPE space, but newly turned up customers on the same server use ARIN space? What if each service is anycasted on machines in the UE and Europe for diversity, and performance? Can the first customer on the same hardware use a single IP from RIPE in both locations, and the second a single IP from ARIN? How about a customer that has a RIPE /24 and has grown beyond their current addresses, should they be precluded from getting an additional ARIN /24 and keep their RIPE /24? What if the customer has a single network in both the US and Europe and is multi-homed to a single provider in the US and Europe? Or in both cases do they have to number out of RIPE space and into ARIN space? ___Jason On Wed, Sep 25, 2013 at 6:55 PM, Owen DeLong wrote: > > On Sep 25, 2013, at 3:27 PM, John Santos wrote: > > > On Wed, 25 Sep 2013, William Herrin wrote: > > > >> On Wed, Sep 25, 2013 at 10:59 AM, ARIN wrote: > > [...] > > > >> > >>> , and (2) are operating a > >>> network located within the ARIN service region. In addition to meeting > >>> all other applicable policy requirements, a plurality of new resources > >> > >> "Plurality" is a non-starter for me. You really want to do this, pick a > >> percent. > >> > >> The reasons have all been stated before, both in the previous > >> discussion, the staff comments and the legal assessment. In context, > >> plurality is a sloppy, hard to pin down concept that makes management > >> and analysis needlessly hard. > > > > Huh? "Plurality" is a precisely defined mathematical concept. > > > > The part I have a problem with is "a network located within the ARIN > > service region." > > I don't think this is as problematic as you are perceiving. > > > Networks intrinsically span service regions. Nodes can be scattered > > across RIR regions, links between nodes can (and often do) cross regional > > boundaries, and what's worse, nodes can move, both day-to-day (for > > example, an international corporation moves its "www.support.foocorp.com > " > > web servers from a data center in Michigan to one in Luxembourg), and > > totally dynamically, as in load-balancing and site failover, as well as > > mobile nodes that can cross RIR boundaries at will. In which region is a > > Liberian-registered cruise ship sailing out of San Diego currently > exploring > > the coast of Patagonia? Or an airplane or the ISS? > > In the case of spanning regions and scattered across regions, that is the > reason for the "plurality" provision. It allows a company to keep some > portion of its assets in region and still address its out-of-region assets > so > long as none of the other regions contain more of the network using ARIN > region numbers than what is in the ARIN region. > > As to moving, yes, corporations often use DNS changes to move the > service for "www.support.foocorp.com" from one place to another (or > to balance it across many locations), but that's DNS. Policy here is > about the numbers and corporations rarely move the numbers around > in such a scheme. (Anycast notwithstanding, but I would treat any cast > as used in region so long as at least one site advertising the any cast > prefix was in region). > > Mobile nodes that cross RIR boundaries actually tend to get new numbers > when they do so. (At least I haven't roamed across an RIR boundary without > being assigned a new IP address when I did so, and I've been across a lot > of RIR boundaries. > > > There needs to be a degree of fuzziness. If we are going to force a > > regional preponderance of the network (a much vaguer term than > > "plurality"), to be in ARIN's geographical region, then (1) clearly a > > Yes. > > > network with 30% ARIN, 70% RIPE should be getting its resources from > RIPE, > > Which would fail the plurality test. > > > but (2) one with 29% ARIN, 28% RIPE, 25% APNIC, and the other 17% spread > > across Africa and Latin America should get their resources from ARIN, > > Which would pass the plurality test. > > > despite having a smaller footprint than the 1st organization. And what > of > > (3), which has 28.99% ARIN, 29.01% RIPE right now, but it could change in > > the next 15 minutes? Maybe "within 5% of a plurality in the ARIN region" > > would be a better metric. > > In reality, I think that particular boundary condition is an unlikely > corner case. > Where is the other 42% of that network, by the way? > > As I said above, the numbers do not tend to move as quickly as you claim. > Names tend to be quite dynamic. Numbers tend to be fairly stable. If they > were not, BGP would have a much higher (and unsustainable) level of churn. > > > I think right now, an organization can basically deal with the registry > it > > finds most convenient, whether for geography, language, culture or > > whatever. The proposal doesn't seem to be about registry shopping (my > > No, actually, most of the other RIRs are much stricter about out-of-region > use of address space than ARIN. > > > local RIR rejected my request or has too many restrictions on my trying > to > > commoditize or speculateon the resources, so I'm going take a dip from > > another well), or double-dipping or playing registries off against each > > other. Its goal seems to be accountability of the registrants, so I > think > > These are definitely one aspect of the intended policy, but not > exclusively, > no. > > > thats what it should try to do directly. It shouldn't matter *where* an > > That is a second aspect of the proposal. > > > organization is based, it should matter whether it is contactable, > > receives and pays its bills, handles abuse complaints and technical > > issues, etc. If these are true, local law enforcement should have no > > problem tracking them down if needed. > > I don't think this is just about law enforcement, though the proposal > authors > are primarily representatives of US and Canadian LE organizations. I do > think that the primary intent of the proposal is to address a growing > perceived > issue with registry shopping. > > Personally, I'm all for making the process more open to out-of-region usage > as you described, but if you look closely at current ARIN operating > practice > and this policy proposal, you will see that the proposal is actually more > liberal about this than current (though not some prior) operating practice. > > Owen > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- _______________________________________________________ Jason Schiller|NetOps|jschiller at google.com|571-266-0006 -- _______________________________________________________ Jason Schiller|NetOps|jschiller at google.com|571-266-0006 -------------- next part -------------- An HTML attachment was scrubbed... URL: From jschiller at google.com Wed Sep 25 20:33:52 2013 From: jschiller at google.com (Jason Schiller) Date: Wed, 25 Sep 2013 20:33:52 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <31676B90-1317-4EDF-9580-30A1A71519A3@delong.com> References: <1130925174302.32729E-100000@Ives.egh.com> <31676B90-1317-4EDF-9580-30A1A71519A3@delong.com> Message-ID: The policy is a little hard to parse... On Wed, Sep 25, 2013 at 6:55 PM, Owen DeLong wrote: > | As to moving, yes, corporations often use DNS changes to move the | service for "www.support.foocorp.com" from one place to another (or | to balance it across many locations), but that's DNS. Policy here is | about the numbers and corporations rarely move the numbers around | in such a scheme. (Anycast notwithstanding, but I would treat any cast | as used in region so long as at least one site advertising the any cast | prefix was in region). What I can't tell is if this is changing current ARIN practice, and if so, making it more restrictive or less restrictive. With respect to a global contiguous network that operates, in part, in the ARIN service region, and advertises reachability for all of the aggregates both in the ARIN service region, and outside the ARIN service region, count their utilization of equipment and customers of this global network regardless of where they are. This seems to be current practice, and suggested by Owen that he still considers it true wrt his anycast statement. "In addition to meeting all other applicable policy requirements, a plurality of new resources requested from ARIN must be justified by technical infrastructure or customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region. The same technical infrastructure or customers cannot be used to justify resources in more than one RIR." This could be read as: new resources requested from ARIN must be justified by: 1. technical infrastructure or customers located within the ARIN service region AND 2. any [technical infrastructure or customers] located outside the region [which are] interconnected to the [infrastructure in point 1] in the ARIN service region. This would suggest that you get to count the non-ARIN customers that are attached to the global network, such as the case now, including the case where an Asian company is providing tunnel services to an LA gateway that is terminating Asian customers. This also suggests that you can count utilization of ARIN resources outside of the ARIN region in a disconnected network that is wholly outside the ARIN region so long as this utilization doesn't cross the plurality or 20% or 50% threshold. My understand is today ARIN does not recognize this utilization at all suggesting this would loosen current practice. --- Based on the tone of the conversation, I suspect the community believes the reading of the policy is parsed differently: new resources requested from ARIN must be justified only by technical infrastructure or customers located within the ARIN service region. [In addition,] any [use] located outside the [ARIN] service region must be interconnected to [a network in] the ARIN service region. This seems to suggest usage outside the region even in a globally connected network that is, in part, within the ARIN service region does not count towards plurality (or whatever minimum percentage) suggesting this policy is more restrictive than current policy. Additionally, I have not seen any object to the next clause: "The same technical infrastructure or customers cannot be used to justify resources in more than one RIR." --- I agree that double counting should not occur, but there are cases when it is justified to have multiple addresses on a single piece of equipment or to a single customer. Why can't a mix and match approach work. For example imagine a server serving https for two domains. It needs two IP addresses, one for each domain's cert with IP based vhosting. Should this operator be precluded from having their previous turned up customers continue to have RIPE space, but newly turned up customers on the same server use ARIN space? What if each service is anycasted on machines in the UE and Europe for diversity, and performance? Can the first customer on the same hardware use a single IP from RIPE in both locations, and the second a single IP from ARIN? How about a customer that has a RIPE /24 and has grown beyond their current addresses, should they be precluded from getting an additional ARIN /24 and keep their RIPE /24? What if the customer has a single network in both the US and Europe and is multi-homed to a single provider in the US and Europe? Or in both cases do they have to number out of RIPE space and into ARIN space? ___Jason On Wed, Sep 25, 2013 at 6:55 PM, Owen DeLong wrote: > > On Sep 25, 2013, at 3:27 PM, John Santos wrote: > > > On Wed, 25 Sep 2013, William Herrin wrote: > > > >> On Wed, Sep 25, 2013 at 10:59 AM, ARIN wrote: > > [...] > > > >> > >>> , and (2) are operating a > >>> network located within the ARIN service region. In addition to meeting > >>> all other applicable policy requirements, a plurality of new resources > >> > >> "Plurality" is a non-starter for me. You really want to do this, pick a > >> percent. > >> > >> The reasons have all been stated before, both in the previous > >> discussion, the staff comments and the legal assessment. In context, > >> plurality is a sloppy, hard to pin down concept that makes management > >> and analysis needlessly hard. > > > > Huh? "Plurality" is a precisely defined mathematical concept. > > > > The part I have a problem with is "a network located within the ARIN > > service region." > > I don't think this is as problematic as you are perceiving. > > > Networks intrinsically span service regions. Nodes can be scattered > > across RIR regions, links between nodes can (and often do) cross regional > > boundaries, and what's worse, nodes can move, both day-to-day (for > > example, an international corporation moves its "www.support.foocorp.com > " > > web servers from a data center in Michigan to one in Luxembourg), and > > totally dynamically, as in load-balancing and site failover, as well as > > mobile nodes that can cross RIR boundaries at will. In which region is a > > Liberian-registered cruise ship sailing out of San Diego currently > exploring > > the coast of Patagonia? Or an airplane or the ISS? > > In the case of spanning regions and scattered across regions, that is the > reason for the "plurality" provision. It allows a company to keep some > portion of its assets in region and still address its out-of-region assets > so > long as none of the other regions contain more of the network using ARIN > region numbers than what is in the ARIN region. > > As to moving, yes, corporations often use DNS changes to move the > service for "www.support.foocorp.com" from one place to another (or > to balance it across many locations), but that's DNS. Policy here is > about the numbers and corporations rarely move the numbers around > in such a scheme. (Anycast notwithstanding, but I would treat any cast > as used in region so long as at least one site advertising the any cast > prefix was in region). > > Mobile nodes that cross RIR boundaries actually tend to get new numbers > when they do so. (At least I haven't roamed across an RIR boundary without > being assigned a new IP address when I did so, and I've been across a lot > of RIR boundaries. > > > There needs to be a degree of fuzziness. If we are going to force a > > regional preponderance of the network (a much vaguer term than > > "plurality"), to be in ARIN's geographical region, then (1) clearly a > > Yes. > > > network with 30% ARIN, 70% RIPE should be getting its resources from > RIPE, > > Which would fail the plurality test. > > > but (2) one with 29% ARIN, 28% RIPE, 25% APNIC, and the other 17% spread > > across Africa and Latin America should get their resources from ARIN, > > Which would pass the plurality test. > > > despite having a smaller footprint than the 1st organization. And what > of > > (3), which has 28.99% ARIN, 29.01% RIPE right now, but it could change in > > the next 15 minutes? Maybe "within 5% of a plurality in the ARIN region" > > would be a better metric. > > In reality, I think that particular boundary condition is an unlikely > corner case. > Where is the other 42% of that network, by the way? > > As I said above, the numbers do not tend to move as quickly as you claim. > Names tend to be quite dynamic. Numbers tend to be fairly stable. If they > were not, BGP would have a much higher (and unsustainable) level of churn. > > > I think right now, an organization can basically deal with the registry > it > > finds most convenient, whether for geography, language, culture or > > whatever. The proposal doesn't seem to be about registry shopping (my > > No, actually, most of the other RIRs are much stricter about out-of-region > use of address space than ARIN. > > > local RIR rejected my request or has too many restrictions on my trying > to > > commoditize or speculateon the resources, so I'm going take a dip from > > another well), or double-dipping or playing registries off against each > > other. Its goal seems to be accountability of the registrants, so I > think > > These are definitely one aspect of the intended policy, but not > exclusively, > no. > > > thats what it should try to do directly. It shouldn't matter *where* an > > That is a second aspect of the proposal. > > > organization is based, it should matter whether it is contactable, > > receives and pays its bills, handles abuse complaints and technical > > issues, etc. If these are true, local law enforcement should have no > > problem tracking them down if needed. > > I don't think this is just about law enforcement, though the proposal > authors > are primarily representatives of US and Canadian LE organizations. I do > think that the primary intent of the proposal is to address a growing > perceived > issue with registry shopping. > > Personally, I'm all for making the process more open to out-of-region usage > as you described, but if you look closely at current ARIN operating > practice > and this policy proposal, you will see that the proposal is actually more > liberal about this than current (though not some prior) operating practice. > > Owen > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact info at arin.net if you experience any issues. > -- _______________________________________________________ Jason Schiller|NetOps|jschiller at google.com|571-266-0006 -------------- next part -------------- An HTML attachment was scrubbed... URL: From ebw at abenaki.wabanaki.net Wed Sep 25 23:13:04 2013 From: ebw at abenaki.wabanaki.net (Eric Brunner-Williams) Date: Wed, 25 Sep 2013 20:13:04 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> Message-ID: <5243A640.7050602@abenaki.wabanaki.net> On 9/25/13 5:07 PM, John Curran wrote: >> ... >> > I repeat, the determination of nexus for a variety of ordinary >> > business purposes, unrelated to addresses and routing, is already well >> > established in existing law, and _this_isn't_allocation_policy_. >> > >> > Perhaps we could have corporate counsel offer a 5m brief on personal >> > and subject matter jurisdiction. > To be clear, corporate counsel did review the policy proposal (the legal > assessment follows the revised policy text) and found the proposed policy > can be adopted without creating serious legal risk. Whether it produces > a desirable outcome for the determination of the community, but it does > not pose a legal problem if adopted. Clarity is good. The assertion for -6 is that some extraordinary act by the resource allocator is necessary to support some unrelated goal, viz, a nexus sufficient to support personal jurisdiction, and, as an inseparable collateral, personal jurisdiction is, per -6, a necessary resource allocation criteria. My observation is that existing law is sufficient to determine personal jurisdiction, and, ab initio (1973), jurisdiction was not relevant to resource allocation or utilization. The liability of the resource allocator (ARIN) was never an issue. To restate, for the benefit of -6 evangelicals, corporate counsel _could_ offer a 5m brief on personal and subject matter jurisdiction to offer that the jurisdictional determination issue was solved long before -6 was offered. Another source of authority can be found to offer that -6 adds a rule to the resource allocation that does not originate from the original delegating agency (ARPA/DARPA/NSF). Eric Brunner-Williams Eugene, Oregon From jcurran at arin.net Thu Sep 26 06:51:17 2013 From: jcurran at arin.net (John Curran) Date: Thu, 26 Sep 2013 10:51:17 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <5243A640.7050602@abenaki.wabanaki.net> References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <5243A640.7050602@abenaki.wabanaki.net> Message-ID: <36B9E2E1-447B-4582-8490-B0331E8D3F3C@arin.net> On Sep 25, 2013, at 11:13 PM, Eric Brunner-Williams wrote: > The assertion for -6 is that some extraordinary act by the resource > allocator is necessary to support some unrelated goal, viz, a nexus > sufficient to support personal jurisdiction, and, as an inseparable > collateral, personal jurisdiction is, per -6, a necessary resource > allocation criteria. > > My observation is that existing law is sufficient to determine > personal jurisdiction, and, ab initio (1973), jurisdiction was not > relevant to resource allocation or utilization. The proponents of 2013-6 provided three reasons for the proposal as summarized below: 1. The rapid depletion of IPv4 space resulting from the present situation. 2. The challenging environment for law enforcement investigations, including the opportunity unscrupulous organizations to manipulate the system and acquire large blocks of ARIN IP address space for nefarious purposes. 3. The direct contravention of the Regional Internet Registry system resulting from ARIN assigning resources outside the region and implications for the current model. Your assertion that "personal jurisdiction" is the basis for the proposal may be alluded to by point #2, but it is also possible that this point refers to any number of aspects relating to law enforcement, and not simply determination of jurisdiction. Either way, it is not the role of ARIN staff (including its counsel) to argue the challenges that others may or may not have with current or proposed address policy. It is our job to note whether the policy is implementable and/or poses significant risk to performance of ARIN's mission. This has been done. > To restate, for the benefit of -6 evangelicals, corporate counsel > _could_ offer a 5m brief on personal and subject matter jurisdiction > to offer that the jurisdictional determination issue was solved long > before -6 was offered. You should feel free to explain your views on this matter on the list, including how it mitigates point #2 above. Supporting (or arguing against) those views is not the role of the ARIN staff, but a task for the rest of the community to take up as appropriate. Thanks! /John John Curran President and CEO ARIN From drc at virtualized.org Thu Sep 26 07:31:49 2013 From: drc at virtualized.org (David Conrad) Date: Thu, 26 Sep 2013 13:31:49 +0200 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <5243A640.7050602@abenaki.wabanaki.net> References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <5243A640.7050602@abenaki.wabanaki.net> Message-ID: <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> Eric, On Sep 26, 2013, at 5:13 AM, Eric Brunner-Williams wrote: > jurisdiction was not relevant to resource allocation or utilization. Why then do we have regional registries? On the contrary, within all regions, jurisdiction _is_ relevant. Specifically, if you are not legally registered in the respective regions, you cannot obtain resources from the RIR for that region. Where there is a difference is where the network is being run. Of the RIRs with space remaining, ARIN is unique: they will allocate to anyone legally registered in the ARIN region regardless of where the network will be operated. While this is ... friendly, it obviously implies the remaining ARIN free pool is going to be drained at a higher rate than it would be otherwise. I'm a bit skeptical ISPs in the ARIN region are so sanguine about running out of IPv4 addresses earlier than they would otherwise because ISPs in Asia & Europe are drawing on ARIN's free pool. This is, of course, unrelated to what the addresses are used for. To be honest, that part of the policy seems to me to be a bright and shiny object for ratholing. As I understand it (having spoken with the original proposer of the policy), the LEA interest is because bad guys are obtaining blocks from ARIN and using those addresses for nefarious purposes outside of US, thereby complicating the efforts by LEA to make things for the bad guys harder at the source. However, it is easy to get into low value, high noise discussions about how it's easy to get around this sort of policy, how it will/won't help, etc. Since it isn't really relevant to the inter-regional policy aspect, I'm not sure the time spent on the discussion is worth the effort. > Another source of authority can be found to > offer that -6 adds a rule to the resource allocation that does not > originate from the original delegating agency (ARPA/DARPA/NSF). You mean like pretty much every rule the RIRs have come up with since their creation? Regards, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: From bill at herrin.us Thu Sep 26 08:49:47 2013 From: bill at herrin.us (William Herrin) Date: Thu, 26 Sep 2013 08:49:47 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <3F2FE51E-6681-43D3-9D6E-58D272CC8031@umn.edu> References: <5242FA37.7000304@arin.net> <1AF30D8D-B095-4C0B-A5F5-BB43E006C7F7@delong.com> <3F2FE51E-6681-43D3-9D6E-58D272CC8031@umn.edu> Message-ID: On Wed, Sep 25, 2013 at 8:11 PM, David Farmer wrote: >> On Sep 25, 2013, at 18:04, William Herrin wrote: >>> On Wed, Sep 25, 2013 at 6:44 PM, Owen DeLong wrote: >>> It's possible that they don't need anything, in which case, they are legally >>> operating there without needing any licenses or permits. > >> As a Virginian, I'll help you out: in at least one version of that >> scenario, they in fact don't need anything. > > Bill, I'm no lawyer but the following seems to contradict your statement, at > least in my plain English reading. > > http://www.scc.virginia.gov/clk/befaq/forinva.aspx#a1 http://leg1.state.va.us/cgi-bin/legp504.exe?000+cod+13.1-757 B. The following activities, among others, do not constitute transacting business within the meaning of subsection A: 5. Selling through independent contractors; 6. Soliciting or obtaining orders, whether by mail or through employees or agents or otherwise, if the orders require acceptance outside this Commonwealth before they become contracts; 9. Owning, without more, real or personal property; C. The list of activities in subsection B is not exhaustive. So, yeah. There are scenarios in which registration is required and there are scenarios in which it's not. Look at the sentences above. That's a challenge for a judge to make an assessment, let alone ARIN. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From jcurran at arin.net Thu Sep 26 08:59:46 2013 From: jcurran at arin.net (John Curran) Date: Thu, 26 Sep 2013 12:59:46 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <5243A640.7050602@abenaki.wabanaki.net> <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> Message-ID: On Sep 26, 2013, at 7:31 AM, David Conrad wrote: > On Sep 26, 2013, at 5:13 AM, Eric Brunner-Williams wrote: >> ... >> Another source of authority can be found to >> offer that -6 adds a rule to the resource allocation that does not >> originate from the original delegating agency (ARPA/DARPA/NSF). > > You mean like pretty much every rule the RIRs have come up with since their creation? Indeed, as is the nature of having community-based governance for number resources. The US Government is quite aware that this is the case, and "is supportive of the policies, processes, and procedures agreed upon by the Internet technical community through ARIN." FYI, /John John Curran President and CEO ARIN From farmer at umn.edu Thu Sep 26 09:17:31 2013 From: farmer at umn.edu (David Farmer) Date: Thu, 26 Sep 2013 08:17:31 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <5242FA37.7000304@arin.net> <1AF30D8D-B095-4C0B-A5F5-BB43E006C7F7@delong.com> Message-ID: <524433EB.1050207@umn.edu> On 9/25/13 17:15 , William Herrin wrote: > On Wed, Sep 25, 2013 at 5:46 PM, Owen DeLong wrote: >> On Sep 25, 2013, at 11:33 AM, William Herrin wrote: >>> This kind of restriction on international commerce is usually reserved >>> for national security issues. Foreign interests own ARIN region >>> infrastructure and do business with ARIN region customers all the >>> time, without registering themselves with the government. Just as >>> ARIN-region businesses do in Europe, Asia and elsewhere. Until there's >>> a need for employees in a country, it's not generally necessary and >>> often inappropriate to incorporate there. >> >> Foreign interests that own ARIN region infrastructure and do business in >> the ARIN region are either legally operating within the ARIN service region, >> or, they are violating the law by doing so, so I am not sure what it is that >> you find objectionable. >> >> For example, a German company operating in Virginia that has filed all >> of the necessary paperwork, has the proper permits and licenses, etc. >> would qualify under the above provision. > > Hi Owen, > > What permits, licenses or other government paperwork would a German > company need to own a few routers in Ashburn, buy telco DSL lines on > behalf of lata 236 customers and provide Internet access there? > > >>> I think ARIN should continue to follow the same ordinary business >>> practice everyone else does when it comes to the legal status of its >>> registrants: as long as there's a contactable legal existence >>> somewhere (and it's incumbent on the registrant to prove it) they >>> should pass muster as an organization capable of requesting resources. >> >> If they aren't operating in the region, why should they be able to receive >> resources from ARIN instead of having to get them from an RIR that serves >> someplace that they do operate? > > Operating legally in a region != has a government registered legal > presence in the region > > ARIN is not qualified to assess the former and would have a very > difficult time doing so. Staff and counsel made this point in the > analysis of the proposal. Please help me understand where you are reading this in the staff and legal assessment? That is not how I'm reading it. I mostly see concerns regarding the "plurality" standard. I concede these issues, but I need to better understand the communities preferred direction on this issue, "plurality", a flat percentage, say like 20%, or eliminating any regional justification constraint at all. This will be a major question at the PPM. Also, John said "corporate counsel did review the policy proposal ... and found the proposed policy can be adopted without creating serious legal risk." > The latter penalizes legitimate organizations for failing to register > with the government in a manner the government itself has not elected > to compel by law, an action far outside ARIN's mission. Would you prefer the "legal presence" language used previously? There were questions about what was intended by "legal presence". So, I tried to clarify this in plain language. Is there other text that would clarify this intent? Thanks -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From farmer at umn.edu Thu Sep 26 09:44:52 2013 From: farmer at umn.edu (David Farmer) Date: Thu, 26 Sep 2013 08:44:52 -0500 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <1130925174302.32729E-100000@Ives.egh.com> <31676B90-1317-4EDF-9580-30A1A71519A3@delong.com> Message-ID: <52443A54.2050001@umn.edu> On 9/25/13 20:24 , Owen DeLong wrote: > > On Sep 25, 2013, at 5:33 PM, Jason Schiller > wrote: > >> >> The policy is a little hard to parse... If you have suggestions to improve the readability of the text I'd be happy to hear them. >> On Wed, Sep 25, 2013 at 6:55 PM, Owen DeLong > > wrote: >> >> | As to moving, yes, corporations often use DNS changes to move the >> | service for "www.support.foocorp.com >> " from one place to another (or >> | to balance it across many locations), but that's DNS. Policy here is >> | about the numbers and corporations rarely move the numbers around >> | in such a scheme. (Anycast notwithstanding, but I would treat any cast >> | as used in region so long as at least one site advertising the any cast >> | prefix was in region). >> >> >> What I can't tell is if this is changing current ARIN practice, and if >> so, making it more restrictive or less restrictive. > > My understanding is that it would make a slight change to current ARIN > practice making it slightly less restrictive. > >> With respect to a global contiguous network that operates, in part, in >> the ARIN service region, and advertises reachability for all of the >> aggregates both in the ARIN service region, and outside the ARIN service >> region, count their utilization of equipment and customers of this global >> network regardless of where they are. > > Unfortunately, no, this is not entirely current practice. If you can > justify everything you need based on in-region devices, then ARIN won't > complain about your out-of-region usage, but if you come back for more, > you need to be able to justify your additional need strictly using > in-region devices. If you tell ARIN that you want numbers for your local > office and your POP in London, they will approve you only for the local > office. (It used to be that the POP in London was no problem, but not any > more). > >> This seems to be current practice, and suggested by Owen that he still >> considers it true wrt his anycast statement. > > I believe this policy would return us to a better place as described > above. In another aspect this is a little less restrictive than current operational practice as well, this is discussed in the following from the Advisory Council Comment Section; "Current operational practice is to require an organization be formed within the ARIN service region. However, if this were applied by all the RIRs, a global network would be required to have a minimum of five subsidiaries, one formed in each of the five RIR regions, this seems overly burdensome. Good resource policy should consider the consequences of all RIRs adopting the same policy." >> "In addition to meeting all other applicable policy requirements, a >> plurality of new resources requested from ARIN must be justified >> by technical infrastructure or customers located within the ARIN >> service region, and any located outside the region must be >> interconnected to the ARIN service region. The same technical >> infrastructure or customers cannot be used to justify resources in >> more than one RIR." >> >> This could be read as: >> new resources requested from ARIN must be justified by: >> 1. technical infrastructure or customers located within the ARIN >> service region >> >> AND >> >> 2. any [technical infrastructure or customers] located outside the >> region [which are] interconnected to the [infrastructure in point 1] >> in the ARIN service region. > > Yes, but with the additional caveat that the quantity of resources justified > by [1] must exceed the amount of resources in any other single RIR region > justified by [2], and, though the resources in [2] have to be interconnected > to the ARIN region, they don't necessarily connect to new devices from > [1] rather than old devices that are already deployed. > >> This would suggest that you get to count the non-ARIN customers that >> are attached to the global network, such as the case now, including the >> case where an Asian company is providing tunnel services to an LA >> gateway that is terminating Asian customers. > > This is only partially the case now sort of under some circumstances. > The proposal would make it universally the case. I'm with you so far. >> This also suggests that you can count utilization of ARIN resources >> outside of the ARIN region in a disconnected network that is wholly >> outside the ARIN region so long as this utilization doesn't cross the >> plurality or 20% or 50% threshold. Why doesn't this fail your #2 above? Even if it doesn't, the policy text says "...and any located outside the region *must be* interconnected to the ARIN service region." The "must be" is intended to disallow out of region disconnected or discrete networks, justifying ARIN resources. This is clarified by the following from the Advisory Council Comment Section; "While resources received from ARIN may be used outside the ARIN region, a common technical infrastructure must interconnect the use of these resources to the ARIN region. This provides a necessary nexus with the ARIN service region for such out of region use. Therefore, if a discrete network is operating within another region, not interconnected to the ARIN region, then resources for that discrete network should be requested from that region's RIR." > I don't believe that is true. I believe that the requirement is for the > utilization out of region to be entirely on infrastructure that is part > of the contiguous interconnection (intra-ORG) with the ARIN region. That would be the intent. >> My understand is today ARIN does not recognize this utilization at all >> suggesting this would loosen current practice. > > Correct. Neither is this intended to. Any text you have that clarifies this intent is welcome. >> --- >> >> Based on the tone of the conversation, I suspect the community believes >> the reading of the policy is parsed differently: >> >> new resources requested from ARIN must be justified only by technical >> infrastructure or customers located within the ARIN service region. >> >> [In addition,] any [use] located outside the [ARIN] service region >> must be >> interconnected to [a network in] the ARIN service region. >> >> This seems to suggest usage outside the region even in a globally >> connected network that is, in part, within the ARIN service region >> does not count towards plurality (or whatever minimum percentage) >> suggesting this policy is more restrictive than current policy. >> >> Additionally, I have not seen any object to the next clause: >> >> "The same technical infrastructure or customers cannot be used to justify >> resources in more than one RIR." > > The intent of this statement is to prevent "double dipping". You can't ask > ARIN for resources for the same pieces of your network in Asia that you > already received resources from APNIC to number. Correct, as discussed in the following from Advisory Council Comments Section; "From previous discussions of the topic, "double dipping" should not be allowed, that is using the same technical infrastructure or customers to justify resources from ARIN and another RIR at the same time." >> --- >> >> I agree that double counting should not occur, but there are cases when it >> is justified to have multiple addresses on a single piece of equipment or >> to a single customer. Why can't a mix and match approach work. >> >> For example imagine a server serving https for two domains. It needs two >> IP addresses, one for each domain's cert with IP based vhosting. Should >> this operator be precluded from having their previous turned up customers >> continue to have RIPE space, but newly turned up customers on the same >> server use ARIN space? What if each service is anycasted on machines in >> the UE and Europe for diversity, and performance? Can the first customer >> on the same hardware use a single IP from RIPE in both locations, and the >> second a single IP from ARIN? > > I think from an RIR perspective, these would not be considered the same > infrastructure for addressing purposes. Each of the two web servers is > counted separately, even though they happen to be on the same physical > piece of hardware. > > If you have better wording to clarify that intent, I'm sure it would be > welcome. Definitely. >> How about a customer that has a RIPE /24 and has grown beyond their >> current addresses, should they be precluded from getting an additional >> ARIN /24 and keep their RIPE /24? What if the customer has a single >> network in both the US and Europe and is multi-homed to a single >> provider in the US and Europe? > > If they have enough additional infrastructure to justify the additional > /24, I believe this policy would allow that. I believe so as well, sounds like they meet the other policy requirements, the intent would be to allow it. The intent would be to prevent them from getting an additional /24 from both ARIN and RIPE, if they only really justify one additional /24 in totality. However, if they can justify an additional /24 separately using the ARIN portion of the network for ARIN and the RIPE portion of the network for RIPE, they should be allowed one from each. > I'm not sure I fully comprehend your meaning in the last sentence. > >> Or in both cases do they have to number out of RIPE space and into ARIN >> space? > > I think this might make more sense if I understood the previous question. I don't think renumbering should be necessary and it isn't intended in my opinion. Thanks for exploring more of the policies intent, any suggestions for text would be appreciated. -- ================================================ David Farmer Email: farmer at umn.edu Office of Information Technology University of Minnesota 2218 University Ave SE Phone: 1-612-626-0815 Minneapolis, MN 55414-3029 Cell: 1-612-812-9952 ================================================ From bill at herrin.us Thu Sep 26 11:30:07 2013 From: bill at herrin.us (William Herrin) Date: Thu, 26 Sep 2013 11:30:07 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <5242FA37.7000304@arin.net> Message-ID: On Wed, Sep 25, 2013 at 5:54 PM, Scott Leibrand wrote: > I oppose this proposal, but did not make a motion to abandon it, because I > think it deserves a hearing from the community in Phoenix. Hi Scott, Of course, you're right on this point. Please consider my view modified accordingly. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From bill at herrin.us Thu Sep 26 11:35:59 2013 From: bill at herrin.us (William Herrin) Date: Thu, 26 Sep 2013 11:35:59 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> Message-ID: On Wed, Sep 25, 2013 at 8:07 PM, John Curran wrote: > To be clear, corporate counsel did review the policy proposal (the legal > assessment follows the revised policy text) and found the proposed policy > can be adopted without creating serious legal risk. Whether it produces > a desirable outcome for the determination of the community, but it does > not pose a legal problem if adopted. Hi John, Requesting a clarification: Should this draft be adopted and implemented, staff will not accept a new ORG registration unless the registering organization is a government within the ARIN region -or- a business registered with a government within the region. Is that accurate? If not, would you tell us what criteria staff would apply when determining whether to accept or reject an ORG registration? Thanks, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From jcurran at arin.net Thu Sep 26 14:21:00 2013 From: jcurran at arin.net (John Curran) Date: Thu, 26 Sep 2013 18:21:00 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> Message-ID: <843CEB5F-B65B-4E6A-B601-7AA620D6281A@arin.net> On Sep 26, 2013, at 11:35 AM, William Herrin wrote: > >> On Wed, Sep 25, 2013 at 8:07 PM, John Curran wrote: >> To be clear, corporate counsel did review the policy proposal (the legal >> assessment follows the revised policy text) and found the proposed policy >> can be adopted without creating serious legal risk. Whether it produces >> a desirable outcome for the determination of the community, but it does >> not pose a legal problem if adopted. > > Hi John, > > Requesting a clarification: > > Should this draft be adopted and implemented, staff will not accept a > new ORG registration unless the registering organization is a > government within the ARIN region -or- a business registered with a > government within the region. > > Is that accurate? That is correct (and reflects current practice handling resource requests.) FYI, /John John Curran President and CEO ARIN From gary.buhrmaster at gmail.com Thu Sep 26 15:06:52 2013 From: gary.buhrmaster at gmail.com (Gary Buhrmaster) Date: Thu, 26 Sep 2013 19:06:52 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <843CEB5F-B65B-4E6A-B601-7AA620D6281A@arin.net> References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <843CEB5F-B65B-4E6A-B601-7AA620D6281A@arin.net> Message-ID: On Thu, Sep 26, 2013 at 6:21 PM, John Curran wrote: ... > That is correct (and reflects current practice handling resource requests.) John, I support the policy, but I do have a few questions that would help finalize my thinking (that I do not recall seeing asked or answered). I understand that any answers are going to be more WAGs than facts, and you may not have the information or ability to provide the answers, but any answers would help me (and perhaps others) recognize the implications of such a change (if any)? I'll accept as many additional caveats you want to add to any response. * If this policy was in place for (say) the last year, what is the order of magnitude of number of requests that would have been referred to another RIR (1, 10, 100, 1000)? * If this policy was in place for (say) the last year, can you break down the requests by the RIR that the requester appeared to be have their plurality? * If this policy was in place for (say) the last year, what is the order of magnitude of the IPv4 numbers that would not have been issued by ARIN (/24 ... /8)? Thanks. Gary From owen at delong.com Fri Sep 27 13:39:45 2013 From: owen at delong.com (Owen DeLong) Date: Fri, 27 Sep 2013 10:39:45 -0700 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <5243A640.7050602@abenaki.wabanaki.net> <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> Message-ID: <7DF1E996-D747-4103-B626-90C4014441A8@delong.com> > Of the RIRs with space remaining, ARIN is unique: they will allocate to anyone legally registered in the ARIN region regardless of where the network will be operated. While this is ... friendly, it obviously implies the remaining ARIN free pool is going to be drained at a higher rate than it would be otherwise. I'm a bit skeptical ISPs in the ARIN region are so sanguine about running out of IPv4 addresses earlier than they would otherwise because ISPs in Asia & Europe are drawing on ARIN's free pool. All of the RIRs have space remaining. Some of them have restrictions on how one can obtain their remaining IPv4 space and a very limited supply of IPv4, but all of the RIRs have plenty of IPv6 available and they all have ASNs available. Owen From narten at us.ibm.com Fri Sep 27 17:31:33 2013 From: narten at us.ibm.com (Thomas Narten) Date: Fri, 27 Sep 2013 17:31:33 -0400 Subject: [arin-ppml] Weekly posting summary for ppml@arin.net Message-ID: <201309272131.r8RLVX1o003329@cichlid.raleigh.ibm.com> Total of 40 messages in the last 7 days. script run at: Fri Sep 27 01:00:00 EDT 2013 Messages | Bytes | Who --------+------+--------+----------+------------------------ 15.00% | 6 | 19.38% | 80504 | owen at delong.com 20.00% | 8 | 13.71% | 56954 | bill at herrin.us 5.00% | 2 | 16.24% | 67446 | jschiller at google.com 7.50% | 3 | 9.88% | 41035 | info at arin.net 7.50% | 3 | 9.60% | 39886 | farmer at umn.edu 10.00% | 4 | 6.13% | 25444 | jcurran at arin.net 7.50% | 3 | 4.76% | 19778 | narten at us.ibm.com 5.00% | 2 | 4.41% | 18301 | drc at virtualized.org 5.00% | 2 | 3.41% | 14174 | john at egh.com 5.00% | 2 | 3.19% | 13250 | ebw at abenaki.wabanaki.net 5.00% | 2 | 2.42% | 10050 | sethm at rollernet.us 2.50% | 1 | 2.88% | 11949 | john.sweeting at twcable.com 2.50% | 1 | 2.41% | 10021 | scottleibrand at gmail.com 2.50% | 1 | 1.57% | 6535 | gary.buhrmaster at gmail.com --------+------+--------+----------+------------------------ 100.00% | 40 |100.00% | 415327 | Total From drc at virtualized.org Fri Sep 27 19:06:41 2013 From: drc at virtualized.org (David Conrad) Date: Sat, 28 Sep 2013 01:06:41 +0200 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <7DF1E996-D747-4103-B626-90C4014441A8@delong.com> References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <5243A640.7050602@abenaki.wabanaki.net> <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> <7DF1E996-D747-4103-B626-90C4014441A8@delong.com> Message-ID: Owen, On Sep 27, 2013, at 7:39 PM, Owen DeLong wrote: >> Of the RIRs with space remaining, ARIN is unique: they will allocate to anyone legally registered in the ARIN region regardless of where the network will be operated. While this is ... friendly, it obviously implies the remaining ARIN free pool is going to be drained at a higher rate than it would be otherwise. I'm a bit skeptical ISPs in the ARIN region are so sanguine about running out of IPv4 addresses earlier than they would otherwise because ISPs in Asia & Europe are drawing on ARIN's free pool. > > All of the RIRs have space remaining. Some of them have restrictions on how one can obtain their remaining IPv4 space and a very limited supply of IPv4, but all of the RIRs have plenty of IPv6 available and they all have ASNs available. Um. Seriously? Do you honestly think there is anyone on this list who is unfamiliar with the last /8 policies of the other RIRs or the fact that APNIC and RIPE have entered their last /8 phases? This kind of pedantic nitpicking is why I gave up on PPML years ago. I don't suppose it'd be possible to focus on the actual issues associated with this policy? Regards, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: From David.Huberman at microsoft.com Fri Sep 27 19:17:00 2013 From: David.Huberman at microsoft.com (David Huberman) Date: Fri, 27 Sep 2013 23:17:00 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <5243A640.7050602@abenaki.wabanaki.net> <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> <7DF1E996-D747-4103-B626-90C4014441A8@delong.com>, Message-ID: David and PPML, The core issue is "should ARIN provide number resources to networks whose customers and users are exclusively outside the ARIN service region?" The genesis of the question is borne of a staff report that Chinese hosting companies are using routing tricks to number their customers in China with ARIN addresses. Moreover, the amount of space being allocated to Chinese companies is highly significant. The policy proposal on the table offers one mechanism to answer, "No" to this question. Lost in the PPML debate so far (from my perspective) is the core question above. As ARIN-region operators, are you ok with what's left in ARIN's inventory going to networks who are, for all intents and purposes, in China? With regards, David Huberman Sent using OWA for iPhone That means I'm mobile so please forgive typos and odd words. ________________________________________ From: arin-ppml-bounces at arin.net on behalf of David Conrad Sent: Friday, September 27, 2013 4:06:41 PM To: Owen DeLong Cc: arin-ppml at arin.net List Subject: Re: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Owen, On Sep 27, 2013, at 7:39 PM, Owen DeLong wrote: >> Of the RIRs with space remaining, ARIN is unique: they will allocate to anyone legally registered in the ARIN region regardless of where the network will be operated. While this is ... friendly, it obviously implies the remaining ARIN free pool is going to be drained at a higher rate than it would be otherwise. I'm a bit skeptical ISPs in the ARIN region are so sanguine about running out of IPv4 addresses earlier than they would otherwise because ISPs in Asia & Europe are drawing on ARIN's free pool. > > All of the RIRs have space remaining. Some of them have restrictions on how one can obtain their remaining IPv4 space and a very limited supply of IPv4, but all of the RIRs have plenty of IPv6 available and they all have ASNs available. Um. Seriously? Do you honestly think there is anyone on this list who is unfamiliar with the last /8 policies of the other RIRs or the fact that APNIC and RIPE have entered their last /8 phases? This kind of pedantic nitpicking is why I gave up on PPML years ago. I don't suppose it'd be possible to focus on the actual issues associated with this policy? Regards, -drc From drc at virtualized.org Fri Sep 27 19:33:34 2013 From: drc at virtualized.org (David Conrad) Date: Sat, 28 Sep 2013 01:33:34 +0200 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <5243A640.7050602@abenaki.wabanaki.net> <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> <7DF1E996-D747-4103-B626-90C4014441A8@delong.com> Message-ID: <8FCAB4CB-88C4-4378-858F-3C3E34679B2B@virtualized.org> David, On Sep 28, 2013, at 1:17 AM, David Huberman wrote: > David and PPML, > > The core issue is "should ARIN provide number resources to networks whose customers and users are exclusively outside the ARIN service region?" The genesis of the question is borne of a staff report that Chinese hosting companies are using routing tricks to number their customers in China with ARIN addresses. Moreover, the amount of space being allocated to Chinese companies is highly significant. > > The policy proposal on the table offers one mechanism to answer, "No" to this question. Lost in the PPML debate so far (from my perspective) is the core question above. > > As ARIN-region operators, are you ok with what's left in ARIN's inventory going to networks who are, for all intents and purposes, in China? Thank you very much for clearly and succinctly laying out the core question associated with this policy. While I might generalize (e.g., not focusing specifically on China even though that was in the staff report -- they're probably just the first/currently most notable), I personally believe the first step in determining whether one agrees or disagrees with this policy would be to answer David's question. Noting that AfriNIC and LACNIC have answered this question in the negative ("no, it is not ok") might be a useful data point to consider. If your answer to David's question is "I'm ok with it", then further discussion is irrelevant. If your answer to David's question is "No, I'm not ok with it", then descent into details of how ARIN staff can establish where a network is might be a worthwhile exercise (although it might be the case that this could be left to ARIN staff to determine as an implementation detail not related to the overall policy). Regards, -drc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: From bill at herrin.us Fri Sep 27 20:11:14 2013 From: bill at herrin.us (William Herrin) Date: Fri, 27 Sep 2013 20:11:14 -0400 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <5243A640.7050602@abenaki.wabanaki.net> <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> <7DF1E996-D747-4103-B626-90C4014441A8@delong.com> Message-ID: On Fri, Sep 27, 2013 at 7:17 PM, David Huberman wrote: > The core issue is "should ARIN provide number resources to > networks whose customers and users are exclusively outside > the ARIN service region?" Hi David, I made that mistake too and Terri corrected me: "Law enforcement simply wants [...] to avoid allocation to organizations/individuals who may intend to utilize IP address space for nefarious purposes, and that should this occur, accurate pointers (requested via subpoena) are available from ARIN for law enforcement to proceed with a criminal investigation." Put bluntly: they want a whodunit database indexed by IP address, and they'd prefer the identified criminals and evidence be accessible for arrest and seizure. If you want to write a proposal about whether addresses are actually employed in a technical capacity within the geographic ARIN service region, you'll choose different words and different concepts. Regards, Bill Herrin -- William D. Herrin ................ herrin at dirtside.com bill at herrin.us 3005 Crane Dr. ...................... Web: Falls Church, VA 22042-3004 From celestea at usc.edu Fri Sep 27 20:24:02 2013 From: celestea at usc.edu (Celeste Anderson) Date: Sat, 28 Sep 2013 00:24:02 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: <5242FA37.7000304@arin.net> References: <5242FA37.7000304@arin.net> Message-ID: PPML, I agree with the intent of this proposal. However, a rewording of the proposed language would make this proposal more palatable, especially if it addresses the concerns raised by staff, advisory council, and legal reviews. --celeste. -----Original Message----- From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of ARIN Sent: Wednesday, September 25, 2013 7:59 AM To: arin-ppml at arin.net Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Revised text for ARIN-2013-6 is below and can be found at: https://www.arin.net/policy/proposals/2013_6.html The AC will evaluate the discussion in order to assess the conformance of this draft policy with ARIN's Principles of Internet Number Resource Policy as stated in the PDP. Specifically, these principles are: * Enabling Fair and Impartial Number Resource Administration * Technically Sound * Supported by the Community The ARIN Policy Development Process (PDP) can be found at: https://www.arin.net/policy/pdp.html Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html Regards, Communications and Member Services American Registry for Internet Numbers (ARIN) ## * ## Draft Policy ARIN-2013-6 Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors Date: 25 September 2013 Problem Statement: ARIN number resources should be used primarily in the ARIN region, for ARIN region organizations. There is currently no explicit policy guiding staff in this area, this proposal seeks to correct that. Policy Statement: Create new policy Section X. X. Resource Justification within ARIN Region Organizations requesting Internet number resources from ARIN must provide proof that they (1) are an active business entity legally operating within the ARIN service region, and (2) are operating a network located within the ARIN service region. In addition to meeting all other applicable policy requirements, a plurality of new resources requested from ARIN must be justified by technical infrastructure or customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region. The same technical infrastructure or customers cannot be used to justify resources in more than one RIR. Authors Comments: Although we represent law enforcement, and have brought forth this issue based upon our concerns and experience from a law enforcement perspective, this is a problem in which the entire ARIN community has a stake. As reported at the last meeting in Barbados, ARIN staff is having difficulty verifying organizations out-of-region. In many of the cases, particularly in VPS (Virtual Private Service), the only information received on these organizations by ARIN is a customer name and IP address. This information cannot be properly verified by ARIN. Accuracy of registration data is critical to not only law enforcement, but the greater ARIN community as it relates to abuse contact and complaints. In fact, most issues facing law enforcement are also shared by legitimate companies attempting, for instance, to identify an organization that has hijacked their IP address space. The expedited depletion of IPv4 address space in the ARIN region certainly seems to negatively impact those organizations currently operating in the region that may need to return to ARIN for additional IPv4 address space. While law enforcement?s concern is that criminal organizations outside of the ARIN region can easily and quickly request large blocks of IPv4 address space from ARIN, organizations that are not truly global organizations, but specific national companies from the RIPE and APNIC regions, also have this capability which is detrimental to true ARIN region organizations. This policy proposal is re-enforcing practices the ARIN staff currently employs to ensure that ARIN IP space is used for and by companies that are legitimate and have a legitimate presence in the ARIN region. This policy will assist in defining clear criteria that will be helpful to ARIN staff and the community. The primary role of RIRs is to manage and distribute public Internet address space within their respective regions. The problem brought forth here clearly undermines the current RIR model; if any organization can acquire IP address space from any region, what then is the purpose of the geographical breakdown of the five RIRs? Advisory Council Comments: The term "Internet number resources" or more simply "resources" should be used instead of "IP Blocks" to more accurately reflect the totality of the Registry. This implies both IPv4 and IPv6, as well as ASNs. While Internet registries are organized on a regional basis, policy must recognize that many networks, services and operations are trans-regional and it would be burdensome and impractical to attempt to strictly enforce territorially exclusive allocations. Therefore, policy should seek to balance the regional structure of address allocation with flexibility of service provision, by ensuring that ARIN's resources are primarily aligned with the ARIN service region but facilitate flexibility and efficiency of use by applicants from any region. There are concerns that out of region organizations should be able to request resources for use within the ARIN service region. The proposed text accommodates this issue by requiring only proof that an organization is "legally operating within the ARIN Service Region". This includes business entities formed in the region, or other business entities with legal branch offices within the region. So, as long as an out of region organization is "legally operating within the ARIN Service Region" they can request resources from ARIN. Current operational practice is to require an organization be formed within the ARIN service region. However, if this were applied by all the RIRs, a global network would be required to have a minimum of five subsidiaries, one formed in each of the five RIR regions, this seems overly burdensome. Good resource policy should consider the consequences of all RIRs adopting the same policy. Previous discussions of the topic indicated that it is difficult to enforce and undesirable for many in the community to dictate where resources are to be used once they are allocated. A strategy to deal with this is to focus the policy on the technical infrastructure and customers used to justify the requested number resources from ARIN, as opposed to where resources are actually used once allocated. This is a subtle but important distinction. While resources received from ARIN may be used outside the ARIN region, a common technical infrastructure must interconnect the use of these resources to the ARIN region. This provides a necessary nexus with the ARIN service region for such out of region use. Therefore, if a discrete network is operating within another region, not interconnected to the ARIN region, then resources for that discrete network should be requested from that region's RIR. A concern was raised that this policy shouldn't limit or interfere with outbound inter-RIR transfers. If we focus on what justifies a request for resources from ARIN, outbound inter-RIR transfers shouldn't be affected, as they are clearly based on the receiving RIR's policies. From previous discussions of the topic, "double dipping" should not be allowed, that is using the same technical infrastructure or customers to justify resources from ARIN and another RIR at the same time. The legal jurisdiction an organization is formed in doesn't necessarily reflect the jurisdictions in which it operates, or even that it operates a network in a jurisdiction. This implies that we should have both technical and legal requirements regarding operating within the ARIN service region in order to receive resources. This policy is not intended to have any retroactive effect. It should not be construed to effect or invalidate any assignment or allocation previously made by ARIN, one of its predecessor registries, or any ISP or other LIR, based on good faith application information. In particular direct assignments previously made to individuals are not invalidated by this policy. However, this policy is intended to disallow any new assignment or allocation made directly to an individual person, consistent with current operational practice. The original text used the term "majority", seeming to describe a "simple," "absolute" or "overall" majority, which means greater than 50%. Many organizations don't have greater than 50% of their users or customers in any one region. A "plurality", "relative majority", "largest of", or more specifically "more than any other RIR's service region" seems to be the intended and appropriate meaning of the term "majority" in this context. Let's clarify that intent by using the term "plurality". The intent is not to require an organization to have an overall plurality of its technical infrastructure and customers within the ARIN service region. Rather, it is to ensure that the plurality of currently requested resources is justified from within the ARIN region. If an organization?s primary, or largest, demand for resources is in another region then the organization should request resources from that region's RIR, at least for the demand within that other RIR's region. Further, it is not intended to limit access to resources intended to be exclusively used within the ARIN region. ########## ARIN Staff and Legal Assessment of the earlier, 4 September 2013, version of the draft DRAFT NUMBER AND NAME: Draft Policy ARIN-2013-6 Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors DATE: 18 September 2013 1. Summary (Staff Understanding) This policy would require requesters to provide proof of legal presence within the ARIN region and to demonstrate that a majority (or plurality) of their technical infrastructure and customers are within the ARIN region in order to qualify and receive IPv4 and IPv6 addresses. 2. Comments A. ARIN Staff Comments ? This proposal would predominantly formalize ARIN's existing practice with respect to requiring the requestor to have a legal presence in the ARIN region and to operate a network in region. However, the proposal would also create new practice and processes via inclusion of the statement "a plurality of resources requested from ARIN must be justified by technical infrastructure and customers located within the ARIN service region, and any located outside the region must be interconnected to the ARIN service region." ? This could create a scenario where a network can't get IPv4/IPv6 addresses from any RIR. For example, suppose a large network operator from another region wants to establish a presence at a datacenter in Miami. That other regional registry may decline to issue IP addresses for use in the ARIN region, but the requester would also be unable to get IP addresses from ARIN since a majority of their technical infrastructure and customers are located outside the ARIN region. ? It's unclear how the location of hosted customers is defined. If a customer resides or operates outside of ARIN?s region, but leases a dedicated server in Los Angeles, is the customer considered to be within the ARIN region since the hardware they're controlling is within the ARIN region, or are they considered to be outside the region since they reside elsewhere? How about a colocation situation where a customer who resides out of region ships a server to Los Angeles? Does the presence of a customer's hardware in the region make them in-region? ? The phrase "a majority of their technical infrastructure and customers are within the ARIN region" could be read that technical infrastructure and customers should be evaluated together as one pool. That could be problematic. Consider a hosting provider whose technical infrastructure is 100% within the ARIN region. 5% of their customers are located within the ARIN region (assuming "resides within the ARIN region" constitutes in-region). Does that mean a majority of their technical infrastructure and customers are located within the region since when you consider them in total, the majority is in-region? If the intent is to require that the majority of both be in-region, the phrasing should be something like "a majority of both their technical infrastructure and customers" to indicate each item is being evaluated independently. ? Text says, "...and any located outside the region must be interconnected to the ARIN service region." This statement is unclear. Is the intent that discrete networks overseas cannot obtain space from ARIN? (A discrete network meaning a different autonomous system number) ? There are potential implications with respect to IPv6 and proposed policy text; in particular, does the community want an organization to be able to get all space from one RIR when it comes to IPv6? If you are a multinational, and get a huge block from ARIN, and years from now your overseas division has grown and you need more space, you have to go another RIR serving that region? ? Staff notes that policy text would be inserted into NRPM section 2.2. B. ARIN General Counsel - Legal Assessment The current draft seeks to fill an important gap in ARIN?s policies; more specifically, policy guidance that clearly describes the degree to which a proposed recipient of number resources from ARIN has to have real installations and customers in the ARIN region. From a legal standpoint, there are two possible spectrum points of policy to avoid: first, having inadequate policy guidance would leave policy implementation subject to a high degree of staff interpretation; and at the other end, adopting an overly prescriptive guidance or standard that fails to permit multinational business entities to obtain number resources that are needed both in the ARIN region and outside of the ARIN region from ARIN. Both extremes are unattractive for a standard setting organization such as ARIN. In particular, the current text: **** ?plurality of resources requested from ARIN must be justified by technical infrastructure and customers located within the ARIN service region? **** should be carefully evaluated, as it sets the policy requirement of ?plurality? that may prove unnecessarily restrictive in some cases. A lower standard is recommended to avoid otherwise valid requesters for address resources from being precluded from obtaining number resources. Note that policy language which provides for reasonable restrictions (e.g. requiring more than a fictitious or tenuous and limited presence for the recipient to receive the resources in this region and/or clear intention to make use of some of the resources within the region) can be adopted without creating serious legal risk. 3. Resource Impact This policy would have minimal resource impact from an implementation aspect. It is estimated that implementation would occur within 3 months after ratification by the ARIN Board of Trustees. The following would be needed in order to implement: A. Updated guidelines B. Staff training _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net if you experience any issues. From jcurran at arin.net Fri Sep 27 22:34:14 2013 From: jcurran at arin.net (John Curran) Date: Sat, 28 Sep 2013 02:34:14 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <5243A640.7050602@abenaki.wabanaki.net> <2CFB3C56-1B70-4266-A5A5-F90F101FCB2B@virtualized.org> <7DF1E996-D747-4103-B626-90C4014441A8@delong.com> Message-ID: On Sep 27, 2013, at 8:11 PM, William Herrin wrote: > On Fri, Sep 27, 2013 at 7:17 PM, David Huberman > wrote: >> The core issue is "should ARIN provide number resources to >> networks whose customers and users are exclusively outside >> the ARIN service region?" > > Hi David, > > I made that mistake too and Terri corrected me: > ... > Put bluntly: they want a whodunit database indexed by IP address, and > they'd prefer the identified criminals and evidence be accessible for > arrest and seizure. Bill - As noted earlier, the proposal that was submitted referenced three reasons = 1. The rapid depletion of IPv4 space resulting from the present situation, 2. The challenging environment for law enforcement investigations, including the opportunity unscrupulous organizations to manipulate the system and acquire large blocks of ARIN IP address space for nefarious purposes, 3. The direct contravention of the Regional Internet Registry system resulting from ARIN assigning resources outside the region and implications for the current model. While the current policy text does not meaningfully change the process that ARIN presently uses for determining if an organization is in the region, the proposed policy text would (as noted in the staff assessment) add the step of confirming that a plurality of resources requested were justified by technical infrastructure and customers located within the region. In that way, the current draft policy does address the question posed by David Huberman and David Conrad earlier on this list; the same question expressed in the first reason in the original policy proposal (i.e. should ARIN continue to provide number resources to requesters operating outside the region, which may accelerate the depletion of the regional IPv4 free pool.) > If you want to write a proposal about whether addresses are actually > employed in a technical capacity within the geographic ARIN service > region, you'll choose different words and different concepts. I believe that that you would choose different words and concepts, but that may not true for others), and in any case the community needs to consider the merits of draft policy text as it is currently written. Thanks! /John John Curran President and CEO ARIN From jcurran at arin.net Fri Sep 27 22:37:29 2013 From: jcurran at arin.net (John Curran) Date: Sat, 28 Sep 2013 02:37:29 +0000 Subject: [arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised In-Reply-To: References: <51CB28D3.5090901@abenaki.wabanaki.net> <524376E5.7030906@abenaki.wabanaki.net> <7566EDA7-3397-4AA2-A387-96F0B018A9D8@corp.arin.net> <843CEB5F-B65B-4E6A-B601-7AA620D6281A@arin.net> Message-ID: <037A7436-7F3E-4C8F-96E0-176FF3E794FA@arin.net> On Sep 26, 2013, at 3:06 PM, Gary Buhrmaster wrote: > On Thu, Sep 26, 2013 at 6:21 PM, John Curran wrote: > ... >> That is correct (and reflects current practice handling resource requests.) > > John, > > I support the policy, but I do have a few questions that > would help finalize my thinking (that I do not recall seeing > asked or answered). I understand that any answers are > going to be more WAGs than facts, and you may not > have the information or ability to provide the answers, > but any answers would help me (and perhaps others) > recognize the implications of such a change (if any)? > I'll accept as many additional caveats you want to add > to any response. > > * If this policy was in place for (say) the last year, what > is the order of magnitude of number of requests that > would have been referred to another RIR (1, 10, 100, 1000)? > > * If this policy was in place for (say) the last year, can > you break down the requests by the RIR that the > requester appeared to be have their plurality? > > * If this policy was in place for (say) the last year, what > is the order of magnitude of the IPv4 numbers that > would not have been issued by ARIN (/24 ... /8)? Gary - We're looking into your concerns, and will see whether we can provide any insights/WAGs can be provided regarding the potential impact of the policy (as compared to past requests.) Thanks for the thought-provoking questions! /John John Curran President and CEO ARIN From info at arin.net Mon Sep 30 10:47:05 2013 From: info at arin.net (ARIN) Date: Mon, 30 Sep 2013 10:47:05 -0400 Subject: [arin-ppml] Recommended Draft Policy ARIN-2013-4: RIR Principles Message-ID: <52498EE9.9090407@arin.net> Correction, this is 2013-4. Recommended Draft Policy ARIN-2013-4 RIR Principles On 19 September 2013 the ARIN Advisory Council (AC) recommended ARIN-2013-4 for adoption, making it a Recommended Draft Policy. ARIN-2013-4 will be presented at ARIN 32, and will be eligible for last call afterward. Draft Policy ARIN-2013-4 is below and can be found at: https://www.arin.net/policy/proposals/2013_4.html You are encouraged to discuss Draft Policy 2013-4 on the PPML prior to the upcoming Public Policy Consultation. Both the discussion on the list and at the meeting will be used by the ARIN Advisory Council to determine the community consensus for adopting this as policy. The ARIN Policy Development Process can be found at: https://www.arin.net/policy/pdp.html Draft Policies and Proposals under discussion can be found at: https://www.arin.net/policy/proposals/index.html Regards, Communications and Member Services American Registry for Internet Numbers (ARIN) ## * ## Recommended Draft Policy ARIN-2013-4 RIR Principles AC's assessment of conformance with the Principles of Internet Number Resource Policy: ARIN-2013-4 "RIR Principles" was moved to recommended draft policy status for adoption discussion at ARIN 32. The majority of the AC believes that documenting the existing principles under which ARIN operates uniquely enables fair and impartial number resource administration and that these principles are technically sound, based on their history and heritage. The AC also notes that the current text, after being revised to incorporate staff and community feedback, now has community support. Date: 14 August 2013 Problem Statement: The original text in RFC 2050 both "describes the registry system for the distribution of globally unique Internet address space and registry operations" and provides "rules and guidelines [principles] governing the distribution of this address space." The currently proposed update (RFC2050bis) "provides information about the current Internet Numbers Registry System used in the distribution of globally unique Internet Protocol (IP) address space and autonomous system (AS) numbers" and "provides information about the processes for further evolution of the Internet Numbers Registry System." This means that the guiding principles of stewardship are not currently being carried forward into the new document. The goals of Conservation (efficient utilization based on need), Routability (hierarchical aggregation), and Registration (uniqueness) are as important, if not more so, now that the transition to IPv6 is upon us. This can be rectified by documenting these principles in RIR policy. Policy Statement (v3 14 August 2013): Section 0: Principles and Goals of the Internet Registry System 0.1. Registration The principle of registration guarantees the uniqueness of Internet number resources. Provision of this public registry documenting Internet number resource allocation, reallocation, assignment, and reassignment is necessary: a) to ensure uniqueness, b) to provide a contact in case of operational/security problems, c) to provide the transparency required to ensure that Internet number resources are efficiently utilized, and d) to assist in IP allocation studies. 0.2. Conservation The principle of conservation guarantees sustainability of the Internet through efficient utilization of unique number resources. Due to the requirement for uniqueness, Internet number resources of each type are drawn from a common number space. Conservation of these common number spaces requires that Internet number resources be efficiently distributed to those organizations who have a technical need for them in support of operational networks. 0.3. Routability The principle of routability guarantees that Internet number resources are managed in such a manner that they may be routed on the Internet in a scalable manner. While routing scalability is necessary to ensure proper operation of Internet routing, allocation or assignment of Internet number resources by ARIN in no way guarantees that those addresses will be routed by any particular network operator. 0.4. Stewardship The principle of stewardship guarantees the application of these principles when managing Internet number resources. The fundamental purpose of Internet number stewardship is to distribute unique number resources to entities building and operating networks thereby facilitating the growth and sustainability of the Internet for the benefit of all. It should be noted that the above goals may sometimes be in conflict with each other and with the interests of individual end-users or network operators. Care must be taken to ensure balance with these conflicting goals given the resource availability, relative size of the resource, and number resource specific technical dynamics, for each type of number resource. For example, Conservation often requires greater consideration in IPv4 address distribution due to the limited size of the address space, Routability has a higher weight for the massive IPv6 address space, and AS numbers place the highest value on Registration because they come from a moderately sized pool and are not subject to aggregation. Comments: a. Timetable for implementation: immediately b. I believe that it would be beneficial for IANA to adopt these principles as well, and encourage the community to consider a global policy proposal. ########## ARIN Staff and Legal Assessment DRAFT NUMBER AND NAME: 2013-4 Principles and Goals of the Internet Registry System DATE: 24 August 2013 1. Summary (Staff Understanding) This policy would add text to the NRPM which codifies the guiding principles of the registry system as registration, conservation, routability, and stewardship. 2. Comments A. ARIN Staff Comments ? This proposal text is clear. ? Staff notes that the proposal does not appear to change any existing processes or procedures. ? It appears that the author's intent is to add these statements as guiding principles into the NRPM. ? Their inclusion into the policy manual will make it more clear to the community the principles under which ARIN has operated. ? For reference, the term ?Registration? already exists in NRPM as follows: ? 4.2.3.7. Registration - Refers to ISPs providing reassignment information, so it's not applicable. ? 6.3.3. Registration - This section has some overlap, could be reduced, but also refers to privacy. ? 6.5.5. Registration - Refers to reassignment information, so it's not applicable. ? The term ?Conservation? exists already in 6.3.5 but is different and specific to IPv6. ? The addition of the term ?Routability? would make a portion of NRPM 4.1.1 redundant. ? The term "Stewardship" would add that word anew to the NRPM. ? The statement about conflicting goals should not refer to any specific type of number resource if it is a principle. o Suggestion - Allow the specific conflicts to exist in the particular section. Remove everything from "For example" on. ? Note also that NRPM 6.3.8 already talks about conflict of goals, noting "aggregation" as the most important goal for IPv6. ? Staff suggests different placement/numbering, in particular, moving the introduction text up into the Abstract section before the TOC, thus freeing up Section 1 for ?RIR Principles?. ? It is worth noting that the ARIN Policy Development Process contains the following: "4. Principles of Internet Number Resource Policy? Internet number resource policy must satisfy three important principles, specifically: 1) enabling fair and impartial number resource administration, 2) technically sound (providing for uniqueness and usability of number resources), and 3) supported by the community." Furthermore that the RFC 7020 contains references to ?1) Allocation Pool Management, 2) Hierarchical Allocation, and 3) Registration Accuracy?. It is suggested that the policy text be reviewed to avoid duplication with these existing principles. B. ARIN General Counsel - Legal Assessment The text of the policy does not create a material legal issue for ARIN. Any effort like this to accurately incorporate in writing the concepts that animate ARIN's activity is a positive development. 3. Resource Impact This policy would have minimal resource impact from an implementation aspect. It is estimated that implementation would occur within 3 months after ratification by the ARIN Board of Trustees. The following would be needed in order to implement: A. Updated guidelines B. Staff training Draft Policy Text: Section 0: Principles and Goals of the Internet Registry System 0.1. Registration The principle of registration guarantees the uniqueness of Internet number resources. Provision of this public registry documenting Internet number resource allocation, reallocation, assignment, and reassignment is necessary: a) to ensure uniqueness, b) to provide a contact in case of operational/security problems, c) to provide the transparency required to ensure that Internet number resources are efficiently utilized, and d) to assist in IP allocation studies. 0.2. Conservation The principle of conservation guarantees sustainability of the Internet through efficient utilization of unique number resources. Due to the requirement for uniqueness, Internet number resources of each type are drawn from a common number space. Conservation of these common number spaces requires that Internet number resources be efficiently distributed to those organizations who have a technical need for them in support of operational networks. 0.3. Routability The principle of routability guarantees that Internet number resources are managed in such a manner that they may be routed on the Internet in a scalable manner. While routing scalability is necessary to ensure proper operation of Internet routing, allocation or assignment of Internet number resources by ARIN in no way guarantees that those addresses will be routed by any particular network operator. 0.4. Stewardship The principle of stewardship guarantees the application of these principles when managing Internet number resources. The fundamental purpose of Internet number stewardship is to distribute unique number resources to entities building and operating networks thereby facilitating the growth and sustainability of the Internet for the benefit of all. It should be noted that the above goals may sometimes be in conflict with each other and with the interests of individual end-users or network operators. Care must be taken to ensure balance with these conflicting goals given the resource availability, relative size of the resource, and number resource specific technical dynamics, for each type of number resource. For example, Conservation often requires greater consideration in IPv4 address distribution due to the limited size of the address space, Routability has a higher weight for the massive IPv6 address space, and AS numbers place the highest value on Registration because they come from a moderately sized pool and are not subject to aggregation. Comments: a. Timetable for implementation: immediately b. I believe that it would be beneficial for IANA to adopt these principles as well, and encourage the community to consider a global policy proposal.