[ppml] Policy Proposal 2003-3: Residential Customer Privacy

Joe Provo ppml at rsuc.gweep.net
Fri Jul 25 17:59:32 EDT 2003 

On Fri, Jul 25, 2003 at 02:18:14PM -0700, Randy Bush wrote:
> > If there's a *need* for consumption of finite resources, there's
> > a *need* for accountability.
> 
> which is why the RIRs request justification, review engineering
> plans, etc.  despite the current war paranoia and fatherland
[snip]
Please; there's nothing here relating to the ashcroft loons. This
is just like not wanting bogus domain data.  Accountability &
responsibility do not equate to jackboots.

[snip]
> this does not imply relinquishing one's rights to privacy.
Interesting to see the arguments used by the "everyone can have 
their own TLD" crowd pulled out. While there's some municipalities
subsidizing connectivity, last I knew the issue of governmental 
rights of one country were utterly irrelevant to the matter of
registration & resource accountability. If an inalienable right
to (ip addresses|SLDs|TLDS) came to pass, I must have been pulling 
a rip van winkle.

> > I question the premise that "small home-based businesses" desire
> > to conceal their resource utilization is valid.
> 
> we're not discussing their concealing their resource utilization.
> we're discussing concealing their private contact information from
> those who really have no need to know it.

How does a business conduct business under a rock?  How do I address
the matter of their registered packets hitting my machines if they 
hide? If they aren't competant enough to handle management/security
of the devices attached to their networks, what's wrong with pooled 
resources?

What is to prevent any small enterprise from merely labelling 
themselves as 'private residence', regardless of the actual zoning
regulations of their locality?  The public listing criteria for 
small chunks of space is really the problem. The sole purpose
seems to be to remove the responsibility of the ISP: "just contact
this 4-node shop directly". It is ridiculous; differentiation between
residential and commercial is saying that the residential customers 
are more valuable to the registry [?] and won't deter any black hats.
As far as I know, there's never been an issue with, say, restricting 
an rwhois server to giving answeres to the ARIN queries and not Q 
random public ones.

Rather than burning the time to split hairs (residential vs soho vs
commercial vs ...) in policy and encumbering the registry [and isp] 
with more steps (checking zoning in N-fold localities), any 
implication that non-portable small-slice blocks need to be listed
should be revoked. The services providers must not abdicate authority
for policing their customers.

Seriously, adding conditional branches will just bloat the process
and beuaracracy further. The public-reporting-of-small-slices was
interesting, but we [the membership] don't like the implications
given the current network reality and trends. So push the 
responsibility back where it belongs, on the service provider and 
their relationship with the registry. Only blocks directly from the
registry should be a worry within the registry's database; this would
address the concerns covering multihomers/microallocations.

Joe
-- 
             RSUC / GweepNet / Spunk / FnB / Usenix / SAGE

More information about the ARIN-PPML mailing list