[ppml] Revised Policy Proposal Resource Reclamation

Kevin - Your.Org kevin at your.org
Mon Apr 30 19:19:03 EDT 2007 

On Apr 30, 2007, at 3:26 PM, Owen DeLong wrote:
> 		2.  ARIN may conduct such reviews:
> 			a. when any new resource is requested,
> 			b. whenever ARIN has cause to believe that the resources had  
> originally been obtained fraudulently, or
> 			c. at any other time without cause unless a prior review has  
> been completed in the preceding 12 months.


I'm fine with A and B, but I can't say I support clause C in there as  
it's written. While I don't think anyone at ARIN is malicious or  
would conduct reviews unnecessarily, this strikes me as a blank check  
to get an undefined "audit" every year that would require furnishing  
arbitrary amounts of paperwork to comply.

Getting paperwork and justification materials together when  
requesting additional space is a predictable cost that can be planned  
for in advance, and argued that it's necessary for business expansion  
or whatever. More space = more revenue, so it's an investment. And,  
the worst case that can happen there is you walk away no worse off  
than you started, if the expenses/time required exceed what it's  
worth to you. Especially for a small business where regular  
allocation requests aren't made, these costs can be significant.

A random inspection is at least as much effort, more risk (you risk  
losing what you already have if you're unable to satisfy whatever  
undocumented requirements there are for this) so you're probably  
going to have to invest more time/money in making sure you get it  
right, and a money hole in terms of what you get out of it.

I can only see three reasons why an audit would need to take place.  
You're asking for more space(you initiate this, you're planning for  
it in advance, and you can walk away if you get in over your head),  
you lied on your last application(all you would have to do is prove  
you didn't lie), or whatever justification you used in a previous  
application doesn't apply anymore(you've downsized and you really  
should be giving space back.) Are there any other reasons why an  
audit should take place, other than "because someone felt like it"?  
If not, spell that out.

I'd support:

		2.  ARIN may conduct such reviews:
			a. when any new resource is requested,
			b. whenever ARIN has cause to believe that the resources had  
originally been obtained fraudulently, or
			c. whenever ARIN has cause to believe the justification for the  
resources no longer exists.

Along with some kind of definition of exactly what a review entails,  
how much time you have to respond to one, can it be appealed, etc. As  
your proposal stands, it seems like ARIN can request arbitrary  
amounts of paperwork

While I understand that several people's interpretations of the  
existing policy already gives ARIN the right to do this now, if we're  
going to enumerate this policy specifically, don't turn it into the  
ability to audit every organization every year without cause, with no  
definition of what an audit even is, how the procedure is supposed to  
work, or why you can get audited.

-- Kevin

More information about the ARIN-PPML mailing list