[ppml] Revised Policy Proposal Resource Reclamation
Kevin - Your.Org
kevin at your.org
Mon Apr 30 19:19:03 EDT 2007
On Apr 30, 2007, at 3:26 PM, Owen DeLong wrote:
> 2. ARIN may conduct such reviews:
> a. when any new resource is requested,
> b. whenever ARIN has cause to believe that the resources had
> originally been obtained fraudulently, or
> c. at any other time without cause unless a prior review has
> been completed in the preceding 12 months.
I'm fine with A and B, but I can't say I support clause C in there as
it's written. While I don't think anyone at ARIN is malicious or
would conduct reviews unnecessarily, this strikes me as a blank check
to get an undefined "audit" every year that would require furnishing
arbitrary amounts of paperwork to comply.
Getting paperwork and justification materials together when
requesting additional space is a predictable cost that can be planned
for in advance, and argued that it's necessary for business expansion
or whatever. More space = more revenue, so it's an investment. And,
the worst case that can happen there is you walk away no worse off
than you started, if the expenses/time required exceed what it's
worth to you. Especially for a small business where regular
allocation requests aren't made, these costs can be significant.
A random inspection is at least as much effort, more risk (you risk
losing what you already have if you're unable to satisfy whatever
undocumented requirements there are for this) so you're probably
going to have to invest more time/money in making sure you get it
right, and a money hole in terms of what you get out of it.
I can only see three reasons why an audit would need to take place.
You're asking for more space(you initiate this, you're planning for
it in advance, and you can walk away if you get in over your head),
you lied on your last application(all you would have to do is prove
you didn't lie), or whatever justification you used in a previous
application doesn't apply anymore(you've downsized and you really
should be giving space back.) Are there any other reasons why an
audit should take place, other than "because someone felt like it"?
If not, spell that out.
2. ARIN may conduct such reviews:
a. when any new resource is requested,
b. whenever ARIN has cause to believe that the resources had
originally been obtained fraudulently, or
c. whenever ARIN has cause to believe the justification for the
resources no longer exists.
Along with some kind of definition of exactly what a review entails,
how much time you have to respond to one, can it be appealed, etc. As
your proposal stands, it seems like ARIN can request arbitrary
amounts of paperwork
While I understand that several people's interpretations of the
existing policy already gives ARIN the right to do this now, if we're
going to enumerate this policy specifically, don't turn it into the
ability to audit every organization every year without cause, with no
definition of what an audit even is, how the procedure is supposed to
work, or why you can get audited.
More information about the ARIN-PPML