[ppml] Last Call for Comment: Policy Proposal 2002-6

Taylor, Stacy Stacy_Taylor at icgcomm.com
Fri Nov 15 11:47:22 EST 2002 

Right!
I believe that:
*  The scope of the policy must be clarified to prevent abuse:  An
organization can only CIDR up if they turn in 3/4 of the space in the next
largest CIDR.
*  The policy should apply only to CIDRs smaller than /17: larger blocks
must be justified.
*  There should be a two level time frame for renumbering: 6 months for
smaller blocks; 12 for larger.
*  A mechanism for enforcement of renumbering time frames must be generated
and implemented.

This policy should not go forward as it is currently drafted.

Thanks,
Stacy
-----Original Message-----
From: Sweeting, John [mailto:John.Sweeting at teleglobe.com]
Sent: Friday, November 15, 2002 7:55 AM
To: ppml at arin.net
Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6


I would like to point out that the Policy Proposal 2002-6 does not mention
re-issuing of the returned address space. If enough people feel strongly
that this Policy should be "Tabled" until that issue is addressed then they
should state that fact. If people feel strongly that the wording needs to be
changed to make it a better policy and keep it from being abused then that
should also be stated (along with suggested wording or changes to make it
better). If they just plain feel that it is not a good policy at all (as
Einar has done) then please state that along with your reasons for feeling
that way. If we want to discuss all the issues with SPAM, Blocklisting and
other issues associated with USED IP space then lets start a new thread for
that. What we really need to see on these Last Call replies are the feelings
one way or the other on whether this policy should be approved by the BoT
and put in place. Thank you all.

-----Original Message-----
From: Bill Darte [mailto:billd at cait.wustl.edu]
Sent: Friday, November 15, 2002 9:23 AM
To: 'Mury'
Cc: ppml at arin.net
Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6


I think Mury's suggestions are near the mark on this issue.
RIRs maintain a list of returned space
RIRs defer allocating from list until needed) then allocate from list First
In/First Out
RIRs employ tests (if possible?) to determine suitability - worst stuff goes
to top of list
RIRs would make an effort to publicize service to Blacklisters

Other thoughts? 

Obviously there is a 'cost' to this service. Is the reclamation for
aggregation worth the cost?

Bill Darte


> -----Original Message-----
> From: Mury [mailto:mury at goldengate.net]
> Sent: Thursday, November 14, 2002 9:30 PM
> To: Dr. Jeffrey Race
> Cc: Jill Kulpinski; ppml at arin.net
> Subject: RE: [ppml] Last Call for Comment: Policy Proposal 2002-6
> 
> 
> 
> I'm not sure I should comment because I did not read all of the posts
> regarding this.  However, I'll take a chance at being flamed 
> for repeating
> someone else or being off-topic.
> 
> Didn't this start with someone not wanting used space, 
> because used space
> can have legacy consequences?  Those consequences being 
> black-listed IPs,
> existing servers outside the IP block still thinking they 
> need to talk to
> those IPs for a service long gone, etc.
> 
> It seems to me like it is very similiar to getting a recycled 1-800
> number.  It sucks.
> 
> I really don't see how the RIRs can effectively revoke the IP space of
> spammers.  That is going to take a lot of effort and probably 
> result in a
> lot of days sitting in court.  That's not to say that I 
> wouldn't like to
> see it happen, but I don't think that is a viable answer.
> 
> Why can't the RIR maintain a list of returned IP space?  Blacklisting
> services that are worth using could easily cross check their 
> blacklisted
> IPs against that list.
> 
> The RIRs should also recycle the IPs on a first in first out basis to
> minimize any legacy traffic going to those IPs.  It's not perfect, but
> statistically it makes sense.  Of course they could also advertise all
> unallocated IPs to themselves or an outside service to check 
> for abnormal
> amounts of legacy traffic and not assign blocks that are 
> being hit hard.
> 
> It's hard for me to imagine that if IP space is returned and it is not
> recycled for a year or two that a blacklisting service 
> couldn't find the
> resources to remove that IP space from their lists and for a very high
> percentage of the legacy traffic to have vanished.
> 
> Anyone using a blacklisting service that can't keep something 
> like that up
> to date can't possibly trust their accuracy anyway.  And in 
> my experience
> most blacklisters are savvy enough to appreciate and utilize 
> a list that
> the RIR's could easily maintain.
> 
> Mury
> 
> 
> 
> 
> On Fri, 15 Nov 2002, Dr. Jeffrey Race wrote:
> 
> > On Thu, 14 Nov 2002 12:28:53 -0800, Jill Kulpinski wrote:
> > >This whole issue regarding blacklists seems to be growing 
> each day and more
> > >rapidly in the past few months.  I would love to know what 
> to tell Customers who
> > >are assigned space that was once used by some other 
> Customer who got it
> > >blacklisted on one of the thousands of lists out there.  I 
> can not control who
> > >creates a blacklist, nor who uses it to set up filters, so 
> is there really any
> > >means of providing a Customer address space that will 
> never be blacklisted?  No.
> > >But they want temporary fixes in the meantime which is an 
> impractical solution.
> > >I would love to hear other people's thoughts on this but I 
> realize I may be
> > >getting off of the topic a bit.
> >
> >
> > It is completely on topic for the reasons you state.
> >
> > In general,  announcement on Spam-L and NANAE that the 
> ownership of IP address
> > space has been taken over by new non-spammer user will 
> cause many or most of
> > the blocklists to remove the previously offending 
> addresses.   However some
> > blocklist managers don't follow these groups assiduously, 
> some blocklist
> > managers have a several-month waiting period, and some 
> blocklist managers have
> > a policy NEVER to admit traffic from any once-polluted 
> address space, possibly
> > because they have been lied to so many times.
> >
> > So there is NO universal retrospective solution.
> >
> > Therefore, and this is the simple point I have been trying 
> to make here,
> > there remains only a prospective solution.    That is what 
> you have to face,
> > and face now, because the use of blocklists is growing 
> rapidly and possibly
> > exponentially.  It is the only defense we victims have 
> against the present
> > irresponsible management of IP address space and domain names.
> >
> > The RIRs are responsible for the proper management, express and
> > implied, of the IP address space allocated to them.  Since 
> recycling of
> > IP address space obviously will occur over the years, decades and
> > centuries, the RIRs have a duty to prevent pollution of the 
> resources
> > they manage.  The pollution comes from spamming.   This 
> means the RIRs
> > have to have a clear policy that IP address users must not 
> spam, must
> > not allow spammers on their networks, and must have 
> hair-trigger management
> > systems in place to identify incipient spammers and 
> penalize them (because
> > blocklist additions can occur in days).  (All this is 
> eminently doable now
> > by presently existing technical measures, and many ISPs do 
> indeed use such
> > measures.)  Any user who violates this rule must have his 
> IP address space
> > withdrawn. That is the only sanction that anyone will pay 
> attention to.
> >
> > In short, the RIRs have to take on a role to act, probably 
> agggressively
> > and violently, against abuse of the resources they manage, 
> by the people
> > to whom they entrust these resources.   If you list members 
> are not willing
> > to rise up and force them to prevent spammers from pissing 
> in the pool,
> > then don't complain about how the water tastes when you 
> swim in it.  It
> > is the result of your own (in)action.
> >
> > Jeffrey Race
> >
>

More information about the ARIN-PPML mailing list