[ppml] Policy Proposal 2005-2: Directory Services Overhaul
william at elan.net
Fri Apr 15 19:25:29 EDT 2005
On Fri, 15 Apr 2005, Owen DeLong wrote:
>>> There is no reason to believe that an ISP is going to
>>> lose their /14 because a /24 within it is broken. This is
>>> unrealistic overreaching. However, if a /28 is delegated
>>> lamely, and ARIN cannot reach the upstream ARIN subscriber,
>>> then, ARIN would, IMHO, be right to suspend IN-ADDR service
>>> for the relevant /24. Eventually, the upstream subscriber
>>> will either respond (in the form of renewal) or ARIN should
>>> reclaim the resource anyway.
>> Wouldn't that impose collateral damage on the other /28 delegees
>> surrounding them?
> Yes, but, if their upstream is completely unresponsive to ARIN, that
> is the least of the collateral damage they can expect when their ISP
> starts having allocations reclaimed. Remember, this only happens
> if the ISP is non-responsive to ARIN, not the individual /28 holder.
I think the way to clear out when network resource maybe suspended should
be based on that all contacts listed for network resource are not
responsive. I note that title of proposes section 3.2.1 is already
"Non-Responsive Contacts", I believe this is good and section should be
focused only on that and then we should have separate section (3.2.2)
that details regarding when resource is considered invalid and what
happens to thatresource then (i.e. that arin can choose to make resource
as invalid, suspend IN-addr serves or completely remove resource from
whois depending on how long the problem continues).
Also as has been noted many times the biggest problem with privacy that
people see is that their names are automatically listed for the resource
without their permission. While current policies do not really require
that, many ISPs do not know it and I think it should be clear that only
contacts that agreed to have their name listed should be in the ARIN
public database. If we focus on that you'll see that there is really no
reason afterward (for privacy or similar reasons) to not be listing
network blocks in public whois (and ISP have to send the blocks to
ARIN anyway so it does not save anything in data storage or workload
for either ISP or ARIN).
As such I propose that section 3.2 be adjusted of proposed poolicy be
adjusted as follows:
3.2 Directory Information Made Public
ARIN shall publish verified contact information and the resource(s)
allocated (including identification for that allocation, like date of
allocation or other information identified by ARIN) in the APID.
All contact information listed in APID should be made available with
express permission of such contact and ARIN shall afterward from
time-time verify this information and insure it is correct to the best
of ARIN's ability. ARIN staff shall maintain verification criteria and
post it on the ARIN web site.
3.2.1 Non-Responsive Contacts
If ARIN is unable to verify contact information via the normal verification
procedure ARIN shall notify other contacts of the same organization in
an atempt to reach contact being verified. If there is are no other
contacts available and contact information remains unverified, ARIN should
mark this contact as INVALID.
Third parties may report the inability to make contact with a party via
information in the APID. In this case ARIN shall attempt the perform
verification procedure for that contact immediately. If a response is
received, ARIN should document that a problem occurred, and the response
from the resource holder. Contacts who fail to respond to third parties
more than 4 times per month for three months may be listed as INVALID
at the discretion of ARIN staff.
If a third party source submits reports of the inability to make contact
that are subsequently disproved, ARIN may choose to ignore reports from
3.2.2 Suspension of Network Resources
If for any network resource all contacts listed are INVALID, ARIN should
attempt to notify the parent of the resource to have the information
updated. If there is no parent, or if the data is not corrected in a
reasonable amount of time the resource shall be SUSPENDED and IN-ADDR
and other services for such resource shall no longer be made available.
Once the resource is suspended ARIN shall make one more request of all
contacts listed with the resource and the parent resource (if available),
and if no response is received in a reasonable amount of time the resource
maybe be reclaimed at the discretion of ARIN staff.
The ARIN staff shall publish the time thresholds and procedural details to
implement this policy on the ARIN web site.
If a resource is reclaimed under no circumstances shall the holder of that
resource be entitled to a refund of any fees.
william at elan.net
More information about the ARIN-PPML