[ARIN-consult] Community Consultation on CKN23-ARIN Now Open

Adam Brenner adam at solidnetwork.org
Wed Apr 26 11:31:16 EDT 2017 

All,

Sorry for the spam if you got this message twice, but I suspect that 
ARIN's mailing list is not properly setup to handle domains that have 
DMARC records setup.

I had to disable DMARC on my entire domain to get this message posted.


@John: this should _probably_ be fixed if you want to solicit feedback 
from the community. :-)

https://wiki.list.org/DEV/DMARC
> The DMARC authors essentially acknowledge that adopting DMARC
> requires changing mailing list habits.  You cannot continue to
> run your mailing list the way you always have, in DMARC
> compatible way.


Responses to the original thread inline:

On 03/22/2017 10:24 AM, ARIN wrote:
> 
> Option 3 - **Recommended option**
> 
> Restore the resource POC back to their original state on the
> resource record.   This will allow contacts historically associated with
> a resource record to more readily administer that record going forward.

Won't this allow easier for hijacking? I am going off the assumption 
that original POC records have domains that expired.

Random idea: ARIN could query all records and see if the domain has 
expired or/and check if the creation date is newer then the date in its 
database. If a record matches to any of those: perhaps do not restore to 
the original state? Or.. am I over thinking this?

>        * Retain the Abuse POC on the Org
>        * Replace CKN23-ARIN with a handle that better explains the record’s
> status (e.g. “Legacy Record – See Resource POC”)

Isn't that the same thing? Replace the current handle with a new handle? 
I do not get it. Could still query the database and find all records 
that have the new handle.

If you include text like "Legacy Record" you are also spilling more 
information to the public about the resource: Legacy, etc. What other 
status do you plan to use and share with the public?

>        * Lock all resources associated with these legacy records who have
> had their resource POC restored. This would ensure that any changes made
> by the resource POC would first have to be reviewed by ARIN.
> 

I like it.


Out of curiosity how large of an impact is this to the ARIN community? 
You mentioned thousands of instances in the opening thread and many are 
legacy resources. I know you can not go into too much specificity, but 
is this 50% of all ARIN IP resources? 10%?

This would better gauge the importance of the impact which did not come 
out clear in the original email.


/adam

-- 
Adam Brenner, Chief Executive Officer
SolidNetwork Technologies, Inc.

More information about the ARIN-consult mailing list