[ppml] Policy Proposal 2007-3 - Staff Assessment
Ed.Lewis at neustar.biz
Fri Apr 13 10:55:45 EDT 2007
At 10:34 -0400 4/13/07, Member Services wrote:
>ARIN Staff Assessment
I don't know if this is the first time these were sent in advance,
I'm glad to see the assessments before the meeting.
> 3. NRPM section 12.3 contains procedural language which constrains
>ARIN's ability to act in the best interest of all parties. It is too
>restrictive and detailed.
I have a question about this - this is about the "proposed" 12.3 as
seen in the appendix? (OK, maybe this is a stupid question as there
is no current 12.) I.e.,:
>ADDITION TO THE NRPM
>ARIN accepts X.509-signed transactions as authentic communication from
>authorized Points of Contact. POCs may denote their records
>"crypt-auth," subsequent to which unsigned communications shall not be
>deemed authentic with regard to those records.
I don't see how it is "too" restrictive and detailed. I don't mean
to say that I disagree, I'm not clear on the criticism levied on the
What if a POC has both an PGP-signed-by-ARIN key and an ARIN issued
X.509 certificate? (More of a question to the proposal writers than
to staff I suppose.) Will either "PGP-signed" or "X.509-signed"
templates/mail be accepted and unsigned templates/mail be dropped?
> 4. At this time, ARIN's functionality covers only e-mail based
>communication. The policy uses the general term, "communication", which
>may be interpreted to cover other forms of electronic interaction such
>as web-based communication. The only other "communication" that is
>directly tied into a specific POC is voting. Should the Election System
>need to be modified to allow x.509 authentication, assuming we could use
>parts of the existing system, a ballpark estimate on implementation
>would be 3-4 months.
> 5. We recommend that a new NRPM section be created, "12.
>Communications" and that 12.1 be "Authentication". The subsequent
>numbering would change appropriately.
What about 12.1 being "Template Submission and Response" and 12.1.x
being "Authentication? Given the comment in 4, that's where I
thought 5 would lead.
PS - and we thought the IPv4 sunset policy was complicated...
Edward Lewis +1-571-434-5468
Sarcasm doesn't scale.
More information about the ARIN-PPML