[ARIN-consult] [ARIN-Suggestions] NEW ACSP 2019.17: RSA Change

Mon Aug 5 13:42:13 EDT 2019

While I generally support the idea behind this change, the specifics of the
language added to the RSA matters significantly. Furthermore, I do not
believe that the language added to the RSA should be specific to routing.
The language added to the RSA should be more generic, such as a commitment
to not deliberately interfere with another registrant's use of the
resources that are registered to them within the context of their use on
Internet and not limited to any specific form of interference. Where making
route announcements for blocks without permission of the registrant should
be a specific example of such prohibited interference.

Also, ARIN will need to create formal procedures, in addition to the
informal procedures discussed in the following;

https://teamarin.net/2019/05/06/how-does-arin-handle-reports-of-route-hijacking/

I think only the registrant affected should be able to formally make a
complaint and such a complaint is only actionable by ARIN after the accused
is given a formal opportunity to cure the complaint.

I think this type of change to the RSA is important and within the scope of
the industry self-regulatory framework that the RIR system is intended to
provide. Further, such a change promotes an equitable registry system,
entities that are unwilling to respect other's registrations do not deserve
the protections afforded to them by the registry system. For the RIR system
to be taken seriously and provide effective industry self-regulation it
needs a mechanism to sanction those that systematically and egregiously
thwart the fundamental intent of the registry system, especially when such
activities constitute deliberate interference with the proper operation of
the Internet.

That said, while in my opinion, this change is necessary, it is only a very
small part of the overall fix for the problem, as most incidents are
neither systematic or egregious, and are usually not deliberate, most
incidences are merely accidental. In addition this change to the RSA, the
industry needs to adopt best practices for routing security, including
route filtering and RPKI, to prevent and mitigate these accidental
incidents, such as promoted by the MANRS program;

https://www.manrs.org/

Thanks.

On Wed, Jul 31, 2019 at 2:24 PM ARIN <info at arin.net> wrote:

> On 31 July, we received a new suggestion, numbered 2019.17 upon confirmed
> receipt, that ARIN update its Registration Services Agreement. Staff is
> reviewing this suggestion and will issue a formal response once analysis
> is complete.
>
> The full text of the suggestion may be found below or at:
>
> https://www.arin.net/participate/community/acsp/suggestions/2019-17/
>
> ***
>
> Description: ARIN should modify its Registration Services Agreement so
> that address holders agree to only announce routing for its own address
> blocks, or those address blocks for which it has obtained permission of
> the registrant as listed in the Internet Number Registry System.
>
> Value to Community: The additional value to the community would be that
> ARIN address holders would be far less likely to hijack routes as it
> would represent a breach of their agreement with ARIN.
>
> Timeframe: Not specified
>
> ***
>
> Regards,
>
> Communications and Member Services
> American Registry for Internet Numbers (ARIN)
>
>
>
> _______________________________________________
> arin-suggestions mailing list
> arin-suggestions at arin.net
> https://lists.arin.net/mailman/listinfo/arin-suggestions
>

-- 
===============================================
David Farmer               Email:farmer at umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-consult/attachments/20190805/25865919/attachment.htm>