[arin-tech-discuss] silent expiration of ARIN RPKI objects

Jimmy Hess mysidia at gmail.com
Sun Feb 3 18:31:54 EST 2013 

On 2/1/13, Jay Borkenhagen <jayb at braeburn.org> wrote:
> ARIN, A ROA I had recently registered in ARIN's RPKI system silently expired
> overnight.
> The fact that it expired is not the problem, since I had set the
> expiration date when I submitted it.

> The problem is that it expired silently.

I would say that in all cases, the ultimate renewal  choice should
require manual intervention by the resource holder,  for any action
other than expiration.

I would say that both silent and "noisy"  (with notification)
expirations  have very strong merits -- and silent would very often be
preferred;  I would suggest that ARIN should make it very well
documented, that notification is silent,   or: otherwise, what you
need to do to enable notification.

IOW:  clearly document exactly what will happen before and at
expiration, and include this documentation  in all the appropriate
places.  So noone can ever reasonably say that they expected
expiration to involve notifications that it wouldn't.


Silent is just fine, as long as the fact that it will be silent, AND
the registrant is responsible for planning for this  --  and arranging
to be reminded (if necessary), is clearly understood,  so a registrant
doesn't expect a reminder that they will not be given.



Notify on expire could be a useful feature.    Particularly for
organizations with a small number of records;  Eg.  May reduce errors
and increase use by  orgs with little/no key management that have
difficulty reliably tracking when things such as this would expire.


For others,  "notifications"  could be spurious unwanted
highly-annoying noise;  particularly, if a record is already monitored
by internal systems,  and _intended_  to be allowed to expire.


Furthermore,  notifications by ARIN might create a false sense of
security, encouraging more sloppy resource/key management practices.
  Spam filters, unreliable mail systems, outdated e-mail address, etc,
or other issues,   might    lead to one notification not getting
delivered.


ARIN could receive some unfair blame,  when notifications don't get
through, and a record expires as a result.


Realize, that ARIN sending a notification is a cruch,  not proper
resource management.
If  the key management and resource management by the registrant is
proper,  there should be no need for a reminder,    because good key
management includes
security monitoring as well as keeping note and arranging reminders
regarding expiration dates.    :)


--
-JH

More information about the arin-tech-discuss mailing list