Info Archive

ARIN XXII Remote Participation and Webcast

Member Services — 2008-08-29T12:57:57Z

Even if you can’t join us in LA for ARIN XXII, you can still play a
vital role. To facilitate community participation, ARIN offers free
remote participation to any individual. Registered remote participants
may post questions or comments, via e-mail, which will be moderated and
presented during normal question and answer periods throughout the agenda.

All ARIN XXII activities involving public participation and comment,
including the Open Policy Hour and the ARIN Public Policy and Members
Meetings will be webcast. Only remote registrants will be able to submit
questions and comments, and all remote participants are subject to the
Remote Participation Acceptable Use Policy (AUP).

Registration for remote participation is available through our online
meeting registration system. To register, please visit the ARIN XXII
home page: http://www.arin.net/ARIN-XXII/, click the "Register for the
Meeting" button at the top of the page, choose "ARIN XXII Remote
Participant" from the drop-down box, and complete the subsequent form.
The live meeting webcast is available without registering as a remote
participant.

Additional information about remote participation and the webcast,
including the Remote Participation AUP, is available at:

http://www.arin.net/ARIN-XXII/webcast.html

Webcast access details will be posted through the link above before the
meeting. The webcast will begin Tuesday, 14 October 2008 at 6:00 PM PDT
(UTC/GMT -7 hours).

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

Policy Proposal: Whois Authentication Alternatives

Member Services — 2008-08-26T12:54:29Z

On 21 August 2008, the ARIN Advisory Council (AC) postponed making a
decision regarding this proposal until their next meeting, "because the
proposal will not make it into the process for the ARIN meeting in
October as it came in after the deadline."

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

Member Services wrote:

ARIN received the following policy proposal. In accordance with the ARIN
Internet Resource Policy Evaluation Process, the proposal is being
posted to the ARIN Public Policy Mailing List (PPML) and being placed on
ARIN's website.

The ARIN Advisory Council (AC) will review this proposal at their next
regularly scheduled meeting. The AC may decide to:

1. Accept the proposal as written. If the AC accepts the proposal,
it will be posted as a formal policy proposal to PPML and it will be
presented at a Public Policy Meeting.

2. Postpone their decision regarding the proposal until the next
regularly scheduled AC meeting in order to work with the author. The AC
will work with the author to clarify, combine or divide the proposal. At
their following meeting the AC will accept or not accept the proposal.

3. Not accept the proposal. If the AC does not accept the proposal,
the AC will explain their decision via the PPML. If a proposal is not
accepted, then the author may elect to use the petition process to
advance their proposal. If the author elects not to petition or the
petition fails, then the proposal will be closed.

The AC will assign shepherds in the near future. ARIN will provide the
names of the shepherds to the community via the PPML.

In the meantime, the AC invites everyone to comment on this proposal on
the PPML, particularly their support or non-support and the reasoning
behind their opinion. Such participation contributes to a thorough
vetting and provides important guidance to the AC in their deliberations.

The ARIN Internet Resource Policy Evaluation Process can be found at:
http://www.arin.net/policy/irpep.html

Mailing list subscription information can be found at:
http://www.arin.net/mailing_lists/

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

## * ##

Policy Proposal Name: Whois Authentication Alternatives

Author: Michael Sinatra

Proposal Version: 1

Submission Date: August 19, 2008

Proposal type: new

Policy term: permanent

Policy statement:

In addition to current processes ARIN has to authenticate holders
of historical resources, ARIN will also allow holders of resources
to authenticate themselves for the purposes of updating WHOIS
information for a given resource according to the following mechanism:

A holder of resources not governed by any type of RSA (i.e. legacy
or regular) may work with ARIN staff to establish an inventory of
those resources legitimately maintained by the holder. ARIN staff
will work to authenticate each resource claimed by the holder. Upon
successful completion of the authentication process, the holder
will be entitled to make updates to whois information for those
resources for a period of one year, with an option for renewal.
For ARIN non-members, ARIN will charge a maintenance fee to recover
costs associated with the authentication process and whois maintenance.
For ARIN members, the fee will be waived or discounted at ARIN's
discretion. Renewal is automatic pending the payment of maintenance
or membership fees. Failure to pay fees will result in the whois
information being "locked," and updates to the information will not
be possible.

Successful authentication and the payment of membership and/or
maintenance fees does not confer any rights upon the holder such
as those that would be granted by an RSA (legacy or regular).

Rationale:

ARIN needs to protect whois data from hijacking, but the current
mechanisms for authenticating holders (especially legacy holders)
are limited. The current method, signing a Legacy RSA, may not be
a viable option in the near term for such legacy holders for a
variety of legal reasons. In the interest of: (a) protecting whois
data; (b) keeping whois up-to-date for the Internet community; and
(c) recovering costs associated with WHOIS and in-addr.arpa delegation,
an alternative authentication mechanism needs to be established for
holders of historical resources. This proposal does not intend to
discount either type of RSA, and it attempts to specifically stay
out of the way of the RSAs.

NOTE: This proposal assumes the existence of some form of policy
such as that proposed by the "Whois Integrity Policy Proposal."

Timetable for implementation: Immediate

Policy Proposal 2008-7: Whois Integrity Policy Proposal

Member Services — 2008-08-26T12:52:32Z

On 21 August 2008, the ARIN Advisory Council (AC) concluded its review
of "Whois Integrity Policy Proposal" and accepted it as a formal policy
proposal for discussion by the community.

The proposal is designated Policy Proposal 2008-7: Whois Integrity
Policy Proposal. The proposal text is below and can be found at:
http://www.arin.net/policy/proposals/2008_7.html

All persons in the community are encouraged to discuss Policy Proposal
2008-7 prior to it being presented at the ARIN XXII Public Policy
Meeting. Both the discussion on the Public Policy Mailing List
and at the Public Policy Meeting will be used to determine the community
consensus regarding this policy proposal.

AC shepherds for this proposal are Paul Andersen and Bill Darte.

The ARIN Internet Resource Policy Evaluation Process can be found at:
http://www.arin.net/policy/irpep.html

ARIN's Policy Proposal Archive can be found at:
http://www.arin.net/policy/proposals/proposal_archive.html

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

## * ##

Policy Proposal 2008-7:
Whois Integrity Policy Proposal

Author: Heather Schiller

Proposal Version: 1

Submission Date: August 15, 2008

Policy statement:

To ensure the integrity of information in the ARIN WHOIS Database a
resource must be under an RSA (either legacy or traditional) in order to
update the WHOIS record. ARIN will not update historical information in
the ARIN Whois Database until the resource holder can prove the
organization's right to the resource.

Rationale:

ARIN currently maintains WHOIS and in-addr.arpa delegation records in a
best-effort fashion. In many cases ARIN does not have a formal
agreement with the legacy resource holders. Legacy records are
frequently out of date and have become an increasingly popular target
for hijackers. Having up to date contact information and a formal
relationship with legacy record holders would assist ARIN and ISP's in
ensuring these records are maintained accurately. A similar policy was
successfully adopted in the APNIC region.
(http://www.apnic.net/policy/proposals/prop-018-v001.html)

Timetable for implementation:

Within sixty (60) days of approval - with notification to current POC
email addresses listed on historical assignments, or as soon as
reasonable for ARIN staff.

Policy Proposal 2008-6: Emergency Transfer Policy for IPv4 Addresses

Member Services — 2008-08-26T12:50:04Z

On 21 August 2008, the ARIN Advisory Council (AC) concluded its review
of "Emergency Transfer Policy for IPv4 Addresses" and accepted it as a
formal policy proposal for discussion by the community.

The proposal is designated Policy Proposal 2008-6: Emergency Transfer
Policy for IPv4 Addresses. The proposal text is below and can be found at:
http://www.arin.net/policy/proposals/2008_6.html

All persons in the community are encouraged to discuss Policy Proposal
2008-6 prior to it being presented at the ARIN XXII Public Policy
Meeting. Both the discussion on the Public Policy Mailing List
and at the Public Policy Meeting will be used to determine the community
consensus regarding this policy proposal.

AC shepherds for this proposal are Owen DeLong and Stacy Hughes.

The ARIN Internet Resource Policy Evaluation Process can be found at:
http://www.arin.net/policy/irpep.html

ARIN's Policy Proposal Archive can be found at:
http://www.arin.net/policy/proposals/proposal_archive.html

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

## * ##

Policy Proposal 2008-6
Emergency Transfer Policy for IPv4 Addresses

Author: Bill Darte

Proposal Version: 1.0

Submission Date: August 15, 2008

Proposal type: New

Policy term: Temporary

Policy statement:

8.2.1 Emergency Transfer Policy for IPv4 Addresses

For a period of 3 years from policy implementation, transfer of ARIN
IPv4 addresses between two entities in the ARIN region, without the
active involvement of ARIN as an intermediary, will be considered
legitimate and will be documented accordingly under the following
conditions:

1. Transfer takes place from a holder of IPv4 addresses recognized by
ARIN as the legitimate and exclusive holder of those resources.

2. Transfer takes place to a recipient that has documented operational
need in accordance with current ARIN policy and that signs an RSA with
ARIN covering those resources in advance of transfer.

3. Transfer of addresses takes place in such a way that the original
contiguous block(s) are not disaggregated into more than 4 resultant
network blocks each being greater than or equal to the current minimum
sizes specified in applicable ARIN policy.

4. Transfer is complete and unrestricted and is supported by
documentation that ARIN deems satisfactory.

Rationale:

In order for ARIN to fulfill its mission and to facilitate a continuing
supply of IPv4 address resources to its service community when ARIN
resources are no longer adequate, and to preserve the integrity of
documentation and ARIN services for those resources, this policy may be
implemented. Its intent is to preserve the current tradition of
need-based allocation/assignments for those still needing IPv4 resources
during a transition period as the industry adopts IPv6. This policy is
not intended to create a 'market' for such transfers and does not
introduce or condone the monetization of address resources or a view of
addresses as property. It does recognize that organizations making
available unused or no longer needed address resources may incur certain
costs that might be compensated by those acquiring the resources. This
policy is intended to be transient and light-weight and does not
encourage a sustained or continuing role for IPv4, but rather helps to
mitigate a transitional crisis that may emerge while the industry adopts
IPv6 in accordance with the recommendation of ARIN's Board of Trustees.

Timetable for implementation:

This policy, once ratified by the ARIN Board of Trustees, would be
implemented when either the free-pool of IANA addresses is exhausted or
IPv4 address resources in the ARIN Region reaches a threshold of
scarcity recognized by the ARIN Board of Trustees as requiring this
policy implementation.

Policy Proposal: whois POC e-mail cleanup

Member Services — 2008-08-21T13:55:59Z

ARIN received the following policy proposal. In accordance with the ARIN
Internet Resource Policy Evaluation Process, the proposal is being
posted to the ARIN Public Policy Mailing List (PPML) and being placed on
ARIN's website.

The ARIN Advisory Council (AC) will review this proposal at their next
regularly scheduled meeting. The AC may decide to:

1. Accept the proposal as written. If the AC accepts the proposal,
it will be posted as a formal policy proposal to PPML and it will be
presented at a Public Policy Meeting.

2. Postpone their decision regarding the proposal until the next
regularly scheduled AC meeting in order to work with the author. The AC
will work with the author to clarify, combine or divide the proposal. At
their following meeting the AC will accept or not accept the proposal.

3. Not accept the proposal. If the AC does not accept the proposal,
the AC will explain their decision via the PPML. If a proposal is not
accepted, then the author may elect to use the petition process to
advance their proposal. If the author elects not to petition or the
petition fails, then the proposal will be closed.

The AC will assign shepherds in the near future. ARIN will provide the
names of the shepherds to the community via the PPML.

In the meantime, the AC invites everyone to comment on this proposal on
the PPML, particularly their support or non-support and the reasoning
behind their opinion. Such participation contributes to a thorough
vetting and provides important guidance to the AC in their deliberations.

The ARIN Internet Resource Policy Evaluation Process can be found at:
http://www.arin.net/policy/irpep.html

Mailing list subscription information can be found at:
http://www.arin.net/mailing_lists/

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

## * ##

Policy Proposal Name: whois POC e-mail cleanup

Author: Ted Mittelstaedt

Proposal Version: 1

Submission Date: 8/20/2008

Proposal type: new

Policy term: permanent

Policy statement:

Under Directory Services in the NRPM

add section 3.6 titled "Reliability of Whois information"

3.6.1 ARIN will use an automated system that once a year will attempt
to e-mail all separate e-mail addresses in the directory. (including
abuse addresses) At it's discretion, ARIN will attempt to contact by
regular mail or phone all POC entries that have invalid e-mail addresses
(i.e. e-mail addresses that bounce mail sent to them) and give them a 3
month deadline for correction of their mail address. The automated
system will not use a mail cluster or other mail transmission software
that is incompatible with commonly available anti-spam technologies,
such as greylisting.

LIR POC's that fail to respond to paper mails or telephone calls will
have Their e-mail address replaced with "REFUSED RESPONSE" in the
directory. Non-legacy POCs will be requested to remedy the situation by
their next billing date. At it's discretion and considering the size or
number of complaints about an organization, ARIN may require the
organization to supply accurate contact information in it's directory
entry as a condition of accepting payment from the organization for
registration renewals.

POCs belonging to blocks reassigned by LIRs who fail to respond will be
replaced by the POC of the reassigning LIR.

The automated e-mails will have a text string titled "ARIN Automated POC
e-mail test" identifying them so that automated trouble ticket systems
can be programmed to automatically delete the mail messages instead of
replying to them.

Other standard mailing list practices will be followed by ARIN to insure
the absence of e-mail loops, etc.

3.6.1 ARIN will supply a report to the community, updated monthly, that
lists the percentage of "REFUSED RESPONSE" POCs, the percentage of POCs
that accept e-mails, and the percentage of POC addresses that have not
responded but have not yet been notified by paper mail or telephone.

Rationale:

As the entire Internet community gets closer to the date that IPv4 will
be exhausted, more attention is being focused on the possibility that
there is significant amounts of allocated IPv4 that is abandoned. There
are also concerns that as the amount of usable IPv4 space gets more and
more crowded, that Internet criminals are turning to abandoned IPv4
space that is still listed as allocated in the whois directories to use
to make attacks on hosts on the Internet. Because of these reasons, it
is becoming more important that users of ARIN's whois data have a
reasonable expectation that it is accurate.

The current NRPM has a mechanism for adding, modifying, and deleting
POCs. However it also carries an assumption that POCs belonging to
defunct companies will be removed when the bills for allocated IP
addressing cease being paid, and the address resources are then returned
to the ARIN pool as a result. The problem is that this assumption does
not hold true for so-called "Legacy" IP address holders since they do
not pay a yearly fee. Furthermore, billing for the IP addressing
allocations is done through paper mail, thus it is possible for a POC to
have a valid street address, but an invalid E-mail address, and not be
caught because they are current on their account. This is becoming a
serious issue because contacting a POC via a street address is too slow
for victims of an attack from a hijacked IP block to be able to complain
to the block owners and the block owners to be able to catch the
perpetrators.

Timetable for implementation: Immediate

Policy Proposal: Whois Authentication Alternatives

Member Services — 2008-08-20T14:47:27Z

ARIN received the following policy proposal. In accordance with the ARIN
Internet Resource Policy Evaluation Process, the proposal is being
posted to the ARIN Public Policy Mailing List (PPML) and being placed on
ARIN's website.

The ARIN Advisory Council (AC) will review this proposal at their next
regularly scheduled meeting. The AC may decide to:

1. Accept the proposal as written. If the AC accepts the proposal,
it will be posted as a formal policy proposal to PPML and it will be
presented at a Public Policy Meeting.

2. Postpone their decision regarding the proposal until the next
regularly scheduled AC meeting in order to work with the author. The AC
will work with the author to clarify, combine or divide the proposal. At
their following meeting the AC will accept or not accept the proposal.

3. Not accept the proposal. If the AC does not accept the proposal,
the AC will explain their decision via the PPML. If a proposal is not
accepted, then the author may elect to use the petition process to
advance their proposal. If the author elects not to petition or the
petition fails, then the proposal will be closed.

The AC will assign shepherds in the near future. ARIN will provide the
names of the shepherds to the community via the PPML.

In the meantime, the AC invites everyone to comment on this proposal on
the PPML, particularly their support or non-support and the reasoning
behind their opinion. Such participation contributes to a thorough
vetting and provides important guidance to the AC in their deliberations.

The ARIN Internet Resource Policy Evaluation Process can be found at:
http://www.arin.net/policy/irpep.html

Mailing list subscription information can be found at:
http://www.arin.net/mailing_lists/

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

## * ##

Policy Proposal Name: Whois Authentication Alternatives

Author: Michael Sinatra

Proposal Version: 1

Submission Date: August 19, 2008

Proposal type: new

Policy term: permanent

Policy statement:

In addition to current processes ARIN has to authenticate holders
of historical resources, ARIN will also allow holders of resources
to authenticate themselves for the purposes of updating WHOIS
information for a given resource according to the following mechanism:

A holder of resources not governed by any type of RSA (i.e. legacy
or regular) may work with ARIN staff to establish an inventory of
those resources legitimately maintained by the holder. ARIN staff
will work to authenticate each resource claimed by the holder. Upon
successful completion of the authentication process, the holder
will be entitled to make updates to whois information for those
resources for a period of one year, with an option for renewal.
For ARIN non-members, ARIN will charge a maintenance fee to recover
costs associated with the authentication process and whois maintenance.
For ARIN members, the fee will be waived or discounted at ARIN's
discretion. Renewal is automatic pending the payment of maintenance
or membership fees. Failure to pay fees will result in the whois
information being "locked," and updates to the information will not
be possible.

Successful authentication and the payment of membership and/or
maintenance fees does not confer any rights upon the holder such
as those that would be granted by an RSA (legacy or regular).

Rationale:

ARIN needs to protect whois data from hijacking, but the current
mechanisms for authenticating holders (especially legacy holders)
are limited. The current method, signing a Legacy RSA, may not be
a viable option in the near term for such legacy holders for a
variety of legal reasons. In the interest of: (a) protecting whois
data; (b) keeping whois up-to-date for the Internet community; and
(c) recovering costs associated with WHOIS and in-addr.arpa delegation,
an alternative authentication mechanism needs to be established for
holders of historical resources. This proposal does not intend to
discount either type of RSA, and it attempts to specifically stay
out of the way of the RSAs.

NOTE: This proposal assumes the existence of some form of policy
such as that proposed by the "Whois Integrity Policy Proposal."

Timetable for implementation: Immediate

Policy Proposal 2008-4: Minimum Allocation in the Caribbean Region - Revised

Member Services — 2008-08-18T17:09:15Z

Policy Proposal "Policy Proposal 2008-4: Minimum Allocation in the
Caribbean Region" has been revised. This proposal is open for discussion
on this mailing list and will be on the agenda at the upcoming ARIN
Public Policy Meeting.

The authors requested it be stated that the changes were strictly
formatting and adding NRPM section numbers.

The current policy proposal text is provided below and is also available
at: http://www.arin.net/policy/proposals/2008_4.html

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

## * ##

Policy Proposal 2008-4
Minimum Allocation in the Caribbean Region

Author: Cathy Aronson and Paul Andersen

Proposal Version: 2008-4.02

Date: 18 August 2008

Proposal type: new

Policy term: renewable

Policy statement:

Add the following as section 4.8 of NRPM:

4.8. Minimum Allocation. The minimum IPv4 allocation size for ISPs
from the Caribbean portion of the ARIN region is /22.

4.8.1. Allocation Criteria.

* The requesting organization must show the efficient
utilization of an entire previously allocated /22 from their
upstream ISP. This allocation (/22) may have been provided
by an ISP's upstream provider(s), and does not have to be
contiguous address space. The organization must meet the
requirement of efficient use of 4 /24s.

* A multi-homed organization must show the efficient
utilization of an entire previously allocated /23 from their
upstream ISP. This allocation (/23) may have been provided
by an ISP's upstream provider(s), and does not have to be
contiguous address space. The organization must meet the
requirement of efficient use of 2 /24s.

* Utilization Reporting and Justification. All other ARIN policies
regarding the reporting of justification information for the
allocation of IPv4 and IPv6 address space will remain in effect.

Rationale:

ARIN staff have noted that organizations in the Caribbean region have
problems meeting the current criteria due to the fact that the
population in the region is smaller than that of Canada and the US.
There is also a lack of competition with many countries in the region
faced with a monopoly or duopoly situation in terms of transport providers.

To spur development in the region a similar proposal was passed in this
region for the portion of the African region that ARIN administered
prior to the formation of AfriNIC. This proposal seeks a similar outcome.

Timetable for implementation: immediate

Revisions Made:

* 2008-4.02 - Minor edit to specify proposed NRPM section number

Policy Proposal 2008-3: Community Networks IPv6 Allocation - Revised

Member Services — 2008-08-18T17:04:50Z

Policy Proposal "2008-3: Community Networks IPv6 Allocation" has been
revised. This proposal is open for discussion on this mailing list and
will be on the agenda at the upcoming ARIN Public Policy Meeting.

The current policy proposal text is provided below and is also available
at: http://www.arin.net/policy/proposals/2008_3.html

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

## * ##

Policy Proposal 2008-3

Community Networks IPv6 Allocation

Author: Joshua King

Date: 18 August 2008

Proposal type: new

Policy term: permanent

Policy statement:

[Add Section 2.8 to the NRPM.]

2.8 Community Network

A community network is a generic reference to any network that is

operated by a group of people living in a particular local area

organized for the purposes of delivery or provision of free or low-cost

network services to the residents of an incorporated or unincorporated

regional municipality, city, town, village, rural municipality,

township, county, district or other municipality or other such

geographic space, however designated. Legal responsibility for the

network as a whole must be held by an organization either possessing

federal non-profit status or fiscally sponsored by a non-profit

organization.

[Modify 6.5.8.1b as follows.]

b. qualify for an IPv4 assignment or allocation from ARIN under the IPv4

policy currently in effect or be a Community Network as defined in

Section 2.8, with allocation criteria defined in section 6.5.9.

[Add Section 6.5.9 to the NRPM.]

6.5.9 Community Network Allocations

6.5.9.1. Initial assignment size

Organizations defined as Community Networks under section 2.8 are

eligible to receive a direct assignment. The minimum size of the

assignment is /48. Organizations requesting a larger assignment must

provide documentation of the characteristics of the Community Network's

size and architecture that require the use of additional subnets. An

HD-Ratio of .94 with respect to subnet utilization within the network

must be met for all assignments larger than a /48.

These assignments shall be made from a distinctly identified prefix and

shall be made with a reservation for growth of at least a /44. This

reservation may be assigned to other organizations later, at ARIN's

discretion.

6.5.9.2. Subsequent assignment size

Additional assignments may be made when the need for additional subnets

is justified. Justification will be determined based on a detailed plan

of the network's architecture and the .94 HD-Ratio metric. When

possible, assignments will be made from an adjacent address block.

6.5.9.3. Number of customers

Community Networks seeking an allocation must demonstrate that they

provide for a user base of at least 100 through connectivity to homes

and businesses, public facilities, public access points, or mobile

users. Community Networks with user bases of under 200 must also submit

a plan for doubling their service base over the next year.

Rationale:

There are currently a number of projects globally that aim to develop

community network infrastructure and related technologies. These are

usually coordinated by volunteer-run, grassroots organizations which

lack many of the resources of traditional internet service providers and

other network operators. They have diverse goals, including public

policy, software development, and implementation of community services

and resources. Many of them provide services free of charge, and thus

lack any paying user base. However, in order to create and maintain

community networks that are often composed of hundreds if not thousands

of inexpensive consumer-grade network devices, a significant amount of

address space will be required. Current-generation workarounds to this

problem, such as NAT, not only make it difficult to develop

next-generation decentralized network technology by segmenting the

community's architecture from the Internet as a whole, but will cease to

be as viable a stopgap as the Internet moves towards IPv6 integration.

Community-based, volunteer-run organizations that are operated with an

eye towards the public good often do not have the resources to qualify

as an LIR under the current policy. They are often multi-homed networks

utilizing multiple, relatively inexpensive consumer-grade internet

uplinks and lacking the funds to meet the qualifications for an IPv4

allocation, but which wish an avenue to develop future IPv6 capability

for their constituent users. By establishing a procedure by which these

organizations can seek to acquire the resources they require for further

development, ARIN can reach out to this active community and establish a

small but definite space for them in the future of Internet.

Timetable for implementation: Immediate.

Policy Proposal: Whois Integrity Policy Proposal

Member Services — 2008-08-18T14:38:53Z

Policy Proposal: Emergency Transfer Policy for IPv4 Addresses

Member Services — 2008-08-18T14:35:03Z

ARIN received the following policy proposal. In accordance with the ARIN
Internet Resource Policy Evaluation Process, the proposal is being
posted to the ARIN Public Policy Mailing List (PPML) and being placed on
ARIN's website.

The ARIN Advisory Council (AC) will review this proposal at their next
regularly scheduled meeting. The AC may decide to:

1. Accept the proposal as written. If the AC accepts the proposal,
it will be posted as a formal policy proposal to PPML and it will be
presented at a Public Policy Meeting.

2. Not accept the proposal. If the AC does not accept the proposal,
the AC will explain their decision via the PPML. If a proposal is not
accepted, then the author may elect to use the petition process to
advance their proposal. If the author elects not to petition or the
petition fails, then the proposal will be closed.

The AC will assign shepherds in the near future. ARIN will provide the
names of the shepherds to the community via the PPML.

In the meantime, the AC invites everyone to comment on this proposal on
the PPML, particularly their support or non-support and the reasoning
behind their opinion. Such participation contributes to a thorough
vetting and provides important guidance to the AC in their deliberations.

The ARIN Internet Resource Policy Evaluation Process can be found at:
http://www.arin.net/policy/irpep.html

Mailing list subscription information can be found at:
http://www.arin.net/mailing_lists/

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

## * ##

Policy Proposal Name: Emergency Transfer Policy for IPv4 Addresses

Author: Bill Darte

Proposal Version: 1.0

Submission Date: August 15, 2008

Proposal type: New

Policy term: Temporary

Policy statement:

8.2.1 Emergency Transfer Policy for IPv4 Addresses

For a period of 3 years from policy implementation, transfer of ARIN
IPv4 addresses between two entities in the ARIN region, without the
active involvement of ARIN as an intermediary, will be considered
legitimate and will be documented accordingly under the following
conditions:

1. Transfer takes place from a holder of IPv4 addresses recognized by
ARIN as the legitimate and exclusive holder of those resources.

2. Transfer takes place to a recipient that has documented operational
need in accordance with current ARIN policy and that signs an RSA with
ARIN covering those resources in advance of transfer.

3. Transfer of addresses takes place in such a way that the original
contiguous block(s) are not disaggregated into more than 4 resultant
network blocks each being greater than or equal to the current minimum
sizes specified in applicable ARIN policy.

4. Transfer is complete and unrestricted and is supported by
documentation that ARIN deems satisfactory.

Rationale:

In order for ARIN to fulfill its mission and to facilitate a continuing
supply of IPv4 address resources to its service community when ARIN
resources are no longer adequate, and to preserve the integrity of
documentation and ARIN services for those resources, this policy may be
implemented. Its intent is to preserve the current tradition of
need-based allocation/assignments for those still needing IPv4 resources
during a transition period as the industry adopts IPv6. This policy is
not intended to create a 'market' for such transfers and does not
introduce or condone the monetization of address resources or a view of
addresses as property. It does recognize that organizations making
available unused or no longer needed address resources may incur certain
costs that might be compensated by those acquiring the resources. This
policy is intended to be transient and light-weight and does not
encourage a sustained or continuing role for IPv4, but rather helps to
mitigate a transitional crisis that may emerge while the industry adopts
IPv6 in accordance with the recommendation of ARIN's Board of Trustees.

Timetable for implementation:

This policy, once ratified by the ARIN Board of Trustees, would be
implemented when either the free-pool of IANA addresses is exhausted or
IPv4 address resources in the ARIN Region reaches a threshold of
scarcity recognized by the ARIN Board of Trustees as requiring this
policy implementation.

[arin-ppml] Fwd: Proposed Revision to 2007-14

Member Services — 2008-08-15T14:44:31Z

Policy Proposal 2007-14: Resource Review Process has been revised. This
proposal is open for discussion on this mailing list and will be on the
agenda at the upcoming ARIN Public Policy Meeting.

The current policy proposal text is provided below and is also available
at: http://www.arin.net/policy/proposals/2007_14.html

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

Owen DeLong wrote:
> Here is a revised 2007-14. It attempts to incorporate the
> feedback received from ARIN XXI and the mailing list up
> to this point as well as feedback from ARIN staff and
> other contributors.
>
> ================================================
>
> Policy Proposal 2007-14
> Resource Review Process
>
> Author: Owen DeLong, Stephen Sprunk
>
> Proposal Version: 3.0
>
> Date: 14 August 2008
>
> Proposal type: modify
>
> Policy term: permanent
>
> Policy statement:
>
> Add the following to the NRPM:
>
> Resource Review
>
> 1. ARIN may review the current usage of any resources covered
> by an ARIN RSA within the terms of that RSA. The organization
> shall cooperate with any request from ARIN for reasonable related
> documentation.
>
> 2. ARIN may conduct such reviews:
>
> a. when any new resource is requested,
>
> b. whenever ARIN has reason to believe that the resources were
> originally obtained fraudulently, or
>
> c. at any other time without having to establish cause unless a prior
> review has been completed in the preceding 24 months.
>
> 3. ARIN shall communicate the results of the review to the organization.
>
> 4. Organizations found by ARIN to be substantially out of compliance
> with current ARIN policy shall be requested or required to return
> resources as needed to bring them into (or reasonably close to)
> compliance.
>
> 4a. The extent to which an organization may remain out of compliance
> shall be based on the reasonable judgment of the ARIN staff and shall
> balance all facts known, including the organizations utilization rate,
> available address pool, and other factors as appropriate so as to avoid
> forcing returns which will result in near-term additional requests or
> unnecessary route de-aggregation.
>
> 4b. To the extent possible, entire blocks should be returned. Partial
> address blocks shall be returned in such a way that the portion retained
> will comprise a single aggregate block.
>
> 5. If the organization does not voluntarily return resources as
> requested, ARIN may revoke any resources issued by ARIN as required to
> bring the organization into overall compliance. ARIN shall follow the
> same guidelines for revocation that are required for voluntary return in
> the previous paragraph.
>
> 6. Except in cases of fraud, or intentional violations of policy, an
> organization shall be given a minimum of six months to effect a return.
> ARIN shall negotiate a longer term with the organization if ARIN
> believes the organization is working in good faith to substantially
> restore compliance and has a valid need for additional time to renumber
> out of the affected blocks.
>
> 7. ARIN shall continue to maintain the resource(s) while their return or
> revocation is pending, except any maintenance fees assessed during
> that period shall be calculated as if the return or revocation was
> complete.
>
> 8. Legacy resources in active use, regardless of utilization, are not
> subject to revocation by ARIN. pursuant to this subsection. However, the
> utilization of legacy resources shall be considered during a review to
> assess overall compliance.
>
> 9. In considering compliance with policies which allow a timeframe (such
> as a requirement to assign some number of prefixes within 5 years)
> failure to comply cannot be measured until after the timeframe specified
> in the applicable policy has elapsed. Blocks subject to such a policy
> shall be assumed in compliance with that policy until such time as the
> specified time since issuance has elapsed.
>
> Delete NRPM sections 4.1.2, 4.1.3, 4.1.4
>
> Remove the sentence "In extreme cases, existing allocations may be
> affected." from NRPM section 4.2.3.1.
>
> Rationale:
>
> Under current policy and existing RSAs, ARIN has an unlimited authority
> to audit or review a resource holder's utilization for compliance at
> any time
> and no requirement to communicate the results of any such review to the
> resource holder.
>
> This policy attempts to balance the needs of the community and the
> potential for abuse of process by ARIN in a way that better clarifies
> the purpose, scope, and capabilities of ARIN and codifies some
> appropriate
> protections for resource holders while still preserving the ability for
> ARIN to address cases of fraud and abuse on an expedited basis.
>
> The intended nature of the review is to be no more invasive than
> what usually happens when an organization applies for additional
> resources. Additionally, paragraph 2c prevents ARIN from doing
> excessive without-cause reviews.
>
> The authors believe that this update addresses the majority of the
> feedback received from the community to date and addresses
> most of the concerns expressed.
>
> Owen
>
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>
>

ARIN Board Adopts Policy Proposal 2007-17: Legacy Outreach and Partial Reclamation

Member Services — 2008-08-15T14:41:24Z

On 11 August 2008 the ARIN Board of Trustees adopted the following
policy proposal as amended by the ARIN Advisory Council:

2007-17: Legacy Outreach and Partial Reclamation

The AC removed the following sentence: "ARIN should reject any
transaction which staff judges is not in the interests of the
community." The AC replaced that sentence with: "Transactions should
only be accepted under this policy if they are in the interests of the
community (e.g. they improve aggregation or result in a net reclamation
of space)."

2007-17 will be implemented no later than 15 November 2008

Policy proposal texts are available at the Policy Proposal Archive which
can be found at:
http://www.arin.net/policy/proposal_archive.html

Regards,

Member Services Department
American Registry for Internet Numbers (ARIN)

Deadline for Policy Proposals - 16 August 2008

Member Services — 2008-08-11T16:13:28Z

The ARIN XXII Public Policy Meeting will take place 15-16 October 2008
in Los Angeles. New policy proposals must be submitted by 23:59 EDT, 16
August 2008, in order to be considered by the ARIN Advisory Council for
possible inclusion on the ARIN XXII agenda. The ARIN Internet Resource
Policy Evaluation Process requires that proposed policies must be
submitted at least 60 days prior to the meeting.

Those who wish to propose new ARIN number resource policies or
modifications to existing policies must submit a Policy Proposal
Template. Send the template via e-mail to policy at arin.net.

The Policy Proposal Template can be found at:
http://www.arin.net/policy/irpep_template.html

The ARIN Internet Resource Policy Evaluation Process can be found at:
http://www.arin.net/policy/irpep.html

Regards,

Member Services
American Registry for Internet Numbers (ARIN)

NRPM version 2008.3 - New Policy Implementation

Member Services — 2008-08-05T18:19:40Z

On 8 July 2008 the ARIN Board of Trustees, acting on the recommendation
of the Advisory Council and noting that the Internet Resource Policy
Evaluation Process had been followed, adopted the following policy
proposals:

Policy Proposal 2008-1: SWIP support for smaller than /29 assignments

Policy Proposal 2007-21: PIv6 for legacy holders with RSA and efficient use

These policies have been incorporated into version 2008.3 of the ARIN
Number Resource Policy Manual (NRPM).

NRPM version 2008.3 is effective 5 August 2008 and supersedes previous
versions. See Appendix A of the NRPM for information regarding changes
to the manual.

The NRPM can be found at:

http://www.arin.net/policy/nrpm.html

Appendix A can be found at:

http://www.arin.net/policy/nrpm_changelog.html

Regards,

Member Services

American Registry for Internet Numbers (ARIN)