[ARIN-consult] Community Consultation on CKN23-ARIN Now Open
jcurran at arin.net
Wed Mar 29 17:44:52 EDT 2017
On 29 Mar 2017, at 5:21 PM, Steven Noble <snoble at sonn.com> wrote:
> Hi John,
> Now that I have had more time to look at it, I believe you do state the issue I have :
> " * POCs that were moved from resource tech to Org abuse are not happy about no longer having control of their resource record"
> The entire reason I wanted to get back control of my AS was to update the physical address nothing else. My reasoning was that the address should be current and correct. Obviously an AS is not as valuable as IP space, which I believe is what this mainly is addressing (no pun intended).
> Do you have more data about what the POCs are having issues with? If these POCs are upset I assume you must be unable to vet them, otherwise they would have control of the resource.
We’ve heard some organizations express concern over the fact that they were originally
listed on network record, and through no action of their own, are no longer visible in a
similar manner now that there are organization and network records. It’s not a question
of whether they can vet their organization, but simply a question of the appearance.
> I think clarity on what is necessary to put the correct data into the record would be useful.
Evidence that the party is a valid representative to the organization that was issued
the number resources, or its legal successor.
> I do agree that CKN23 should be removed as both the email and phone number are invalid and I believe at a minimum the POC should contain actionable data.
> I do agree that putting resource POCs back in where there is reasonable suspicion that the POC is invalid/hijacked should trigger a lock.
Understood – the challenge with such an approach would be algorithmically determining
the factors that constitute “reasonable suspicion” in a deterministic/equitable manner, and
yet cannot be easily bypassed by those who wish to hijack resources.
Presently, all of these resources are effectively locked, i.e. parties asserting control must go
through Org recovery to have their POC associated with the organization. We not proposing
any change to this process - we are only making the organization record have more useful
information than just showing "CKN-23".
> I am having issue with POCs who are still at the same ORG with the same contact information being locked, which would be a small subset I believe. Said POCs would not have done anything wrong and their requests should be honored with minimal interference.
> Possibly this is what ARIN is planning to do, i.e. an old record with an old POC gets updated, triggers abuse who then can easily vet that the POC is valid. Where as an old record with a new POC would require more intensive vetting.
The proposed registry change doesn’t make any more parties subject to vetting, nor
any less – it is, as noted above, whether we retain CKN-23 in these organization
records or the previous values from the underlying historic network records.
Thank you for the excellent feedback!
President and CEO
More information about the ARIN-consult