[ppml] Policy Proposal 2007-15: Authentication ofLegacyResources

Stephen Sprunk stephen at sprunk.org
Wed Jul 25 15:45:29 EDT 2007 

Thus spake "Ted Mittelstaedt" <tedm at ipinc.net>
>>From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net]On Behalf Of
>>Owen DeLong
>>
>>I oppose this proposal as written.
>>
>>While I am in favor of some of the general intent of this proposal, I
>>take issue with the following:
>>
>>1. Termination of changes to records.
>>
>> The information in WHOIS is already horribly out of date for
>> many records.  Refusing to register changes for those organizations
>> willing to register their changes but unwilling to sign an RSA is a
>> disservice to the ARIN community and does not really provide
>> any meaningful incentive to sign the RSA.
>
> This is a circular argument.  Your saying that people who are
> unwilling to sign an RSA are going to change their minds if a
> meaningful incentive is provided, yet you don't think that refusing
> to register changes is a meaningful incentive.

It's not a meaningful incentive, and it harms the community because it's 
harder for the rest of us to track down who the current contacts are for 
legacy space.  It goes beyond useless and is actually counterproductive.

If you want to incent someone to do something, you have to offer something 
they want.  Legacy holders don't care what's in WHOIS because they derive no 
benefit from _their own_ records being correct.  After all, _they_ know who 
the contacts are because they _are_ the contacts.  In fact, having WHOIS be 
wrong is a benefit because spammers will stop bugging them...

>>2. Fees
>>
>> ARIN is not really in a position to demand fees from legacy holders.
>
> Yes, without an RSA they cannot demand fees.
>
>> We should make it possible for legacy holders to enter into an
>> RSA without requiring fees.
>
> The entire point of an RSA is to get fees out of an address holder.

No, the point of the RSA is to establish a contractual relationship between 
ARIN and the current holder of resources and to subject those resources to 
public policy as determined by the community.  Fees are optional.

> What possible use is a signed RSA to the community that does
> not levy fees?

See above.

Note that the legacy holders who've spoken up here have no argument with 
signing the RSA or paying the current $100/yr fee.  What they're asking for 
is to be exempt from public policy, or at least parts thereof that adversely 
affect them.

> The long and short of it is that the only argument that has any
> weight at all for letting the legacy holders continue to get a free
> ride is that they somehow have a "moral" right to get a free ride
> because they were promised one.

ARIN made a promise to do something, and it's doing it.  We cannot ignore 
that promise simply because you find it inconvenient.  It's taken a long 
time for ARIN to build a good reputation in the community, and it'd be 
stupid of us to throw that away by ignoring promises made and then expect 
people to trust us in the future with such a track record.

S

Stephen Sprunk      "Those people who think they know everything
CCIE #3723         are a great annoyance to those of us who do."
K5SSS                                             --Isaac Asimov

More information about the ARIN-PPML mailing list