<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On Apr 9, 2018, at 14:23 , John Curran <<a href="mailto:jcurran@arin.net" class="">jcurran@arin.net</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" class="">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
On 9 Apr 2018, at 3:49 PM, Steve Noble <<a href="mailto:snoble@sonn.com" class="">snoble@sonn.com</a>> wrote:
<div class="">
<blockquote type="cite" class="">
<div class="">
<div text="#000000" bgcolor="#FFFFFF" class="">Hi John,<br class="">
<br class="">
This is a significant change and while you may personally view it as "modest increase", calling it so for those of us with a single object, is incorrect. I have personally been forced to pay this fee even when ARIN refused to provide any services to me and
note: ARIN has not refunded the money paid while you refused to provide any services,
<span style="font-style: italic;" class="">especially the ones you list below</span>.
</div>
</div>
</blockquote>
<div class=""><br class="">
</div>
<div class="">Steve -</div>
<div class=""> </div>
<div class=""> As discussed perviously on several ARIN mailing lists with you, ARIN does prevent </div>
<div class=""> parties with no clear association with a resource from making changes. I believe that </div>
<div class=""> the specific issue has been cleared up in your case, but recognize that ARIN is also</div>
<div class=""> subject to parties attempting to hijack resources and thus is somewhat pedantic in this </div>
<div class=""> regard. </div></div></div></div></blockquote><div><br class=""></div>Sure, but asking for a refund during the time that you “couldn’t clearly associate him” for</div><div>managing the resources, yet clearly enough associated him to take his money does seem like</div><div>a reasonable request, since clearly even though he was paid in good standing, he was being</div><div>refused ARIN services.</div><div><br class=""><blockquote type="cite" class=""><div class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div class="">
<blockquote type="cite" class="">
<div class="">
<div text="#000000" bgcolor="#FFFFFF" class="">If you are claiming that it costs $150 a year to have an entry in a whois server, I disagree, if nothing else it should be going down.</div>
</div>
</blockquote>
<div class=""><br class="">
</div>
At this time, we charge $100 per year maintenance fee for all end-user resource records,</div>
<div class=""> and that is approximately 15% of ARIN’s total revenue (estimated $2.9M USD of ARIN’s </div>
<div class=""> $20.4M total revenue plan in 2019)</div>
<div class=""><br class="">
</div>
<div class=""> We charge ISPs (and others who opt for it) under a registration services plan that is based </div>
<div class=""> on total number resource holdings, and in total is approximate 75% of ARIN annual revenue </div>
<div class=""> (estimated $14.4M USD of our $20.4M total revenue plan in 2019)</div>
<div class=""><br class="">
</div>
<div class=""> We presently do not bill either customer category separately for making changes, interacting </div>
<div class=""> with ARIN, etc. We could do so, but starting back in 2014 the community spent several </div>
<div class=""> years discussing fee models and ultimately came down to this simple model of having two </div>
<div class=""> major categories: ISP/registration services plan and End-users with Maintenance fees. </div>
<div class=""><br class="">
</div>
<div class=""> That model has generally worked well, but over the next five years will result in a gradual </div>
<div class=""> reduction of ARIN’s financial reserves to approximately 50% of our annual budget. Note </div>
<div class=""> that there are have been times in the past when we had the opposite problem, with reserves </div>
<div class=""> growing beyond our intended range (and ARIN customers concerned that we weren't fast </div>
<div class=""> enough in addressing their requests for improvements to our systems…)</div></div></div></blockquote><div><br class=""></div>And you (and the board) somehow felt that sticking the entirety of this fee increase to the 15%</div><div>without any changes to the other 75% was a good idea why?</div><div><br class=""></div><div><blockquote type="cite" class=""><div class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div class=""> We did add additional staff and have made great progress in improvements to our systems –</div>
<div class=""> this can be seen in both the list of accomplished functionality <<a href="https://www.arin.net/features/" class="">https://www.arin.net/features/</a>></div>
<div class=""> as well as the results of our most recent customer satisfaction survey, which we will talk </div>
<div class=""> about in more detail next week at ARIN 41 in MIami. </div></div></div></blockquote><div><br class=""></div>And what fraction of those additional staff are serving the end-users that generate 15% of current</div><div>revenue?</div><div><br class=""><blockquote type="cite" class=""><div class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div class=""> The question now posed by the ARIN Board of Trustees is whether the facilitator fees and </div>
<div class=""> end-user maintenance fees should be raised, as this would result in approximately $1.4M </div>
<div class=""> per year revenue and allow the organization to maintain a steady reserves position. </div></div></div></blockquote><div><br class=""></div>Why isn’t the board asking about a corresponding increase to ISP fees?</div><div><br class=""></div><div>If we spread this increase across all constituents instead of just end-users and facilitators,</div><div>seems to me that the increase per ORG would be significantly less, would it not?</div><div><br class=""><blockquote type="cite" class=""><div class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div class="">
<blockquote type="cite" class="">
<div class="">
<div text="#000000" bgcolor="#FFFFFF" class="">Looking at your tax filings, In 2015, you reported that more than half of your expenses were compensation at 9.1MM. For 2016 the number appears to be 10.8MM. As Mr. Herrin noted, other organizations that have
the same level of complexity, can do the work with significantly less engineers. As a non-profit you should be focused on delivering value to your customers, not charging more for the same service.</div>
</div>
</blockquote>
<br class="">
</div>
<div class=""> ARIN is indeed focused on delivering more value to its customers – </div>
<div class=""><br class="">
</div>
<div class=""> You may not utilize our two-factor authentication system, our RPKI services, our improved</div>
<div class=""> interface for making resource requests and transfers, our RESTful interface to the registry, </div>
<div class=""> our RDAP services or now-being-refreshed IRR services, but even if you do not use these</div>
<div class=""> services yourself, they make for a better and more accurate registry, and thus improve the </div>
<div class=""> value received by everyone. The Board of Trustees ultimately has to decide the rate that we </div>
<div class=""> invest in our services, the best fee structure for recovery, and the most appropriate financial </div>
<div class=""> position – hence this consultation seeking input on changing the fee schedule as proposed. </div></div></div></blockquote><div><br class=""></div>RESTful shouldn’t be costing more at this point. It’s a completed project.</div><div><br class=""></div><div>RDAP should be nearing completion, so that shouldn’t be an ongoing cost increase (or at least not a significant one).</div><div><br class=""></div><div>Similarly with RPKI, but, if I have to choose between discarding RPKI and paying more per year, that’s an easy choice and RPKI doesn’t win. In it’s current (and likely permanent) state, RPKI is little more than a cryptographically signed indicator of what to prepend to your spoofed announcements. Please explain how that provides a better and/or more accurate registry or improves the value received by anyone?</div><div><br class=""></div><div>I agree the surge was necessary while there were some serious problems with legacy systems that needed to be retired. However, that effort should be approaching completion and as such, I’d rather see us un-surge even if it delays implementation of some new or upcoming features.</div><div><br class=""></div><div>Owen</div><div><br class=""></div><br class=""></body></html>