[ppml] Policy Proposal: Authentication of Legacy Resources

[Rich Emmings]

On Tue, 10 Jul 2007, William Herrin wrote:

> If there is active RDNS then there are two more POCs: the operator of
> the DNS server and registrant of the forward domains referenced.
>
> If there is an active route then there is another POC: the AS
> announcing the route.

Agreed about the DNS, but taking a bad example here:

I know one record where the end user is getting their service from an 
upstream ISP, with split dns, one @ upstream ISP, and one local.  The local 
DNS is not globally pingable which is wrong, but the way it is.  The global 
DNS is an error, referencing a virtual mail domain, which no longer supports 
dns services so it isn't accurate either.  The ARIN contact for the network 
record is a BITNET address.  Record last updated over 10 year ago.  No 
AS, no dual homing.)

They have been encourged many times in the past to fix things.  They were 
told the global DNS server they were using was going away.  They've been 
told their contact data is ancient and wrong.

This is a large live network.

Revoking their registration (so it could be reassigned) it would cause much problems.


I could provide the correct info to ARIN, except I'm not POC.  I supposed if 
they want to create a template, 3rd party reporting, I could report it, they 
could call the number, etc, and could verify it, and then update their data 
at their end, if they wanted to.


> If neither of these things exist then there is a very limited amount of 
> damage we can do by revoking the registration. Even then, we can borrow a 
> lesson from property law and set up an escheat process.

Treat these as property, and I think you open a large can of worms.