[ppml] Policy Proposal 2007-15: Authentication ofLegacyResources

[Stephen Sprunk]

Thus spake "Lee Dilkie" <Lee at dilkie.com>
> Stephen Sprunk wrote:
>> Note that the legacy holders who've spoken up here have no
>> argument with signing the RSA or paying the current $100/yr fee.
>> What they're asking for is to be exempt from public policy, or at
>> least parts thereof that adversely affect them.
>
> Actually Stephen. While I support all your arguments (and Owen's
> POV as well), *I* do have a problem with a $100/yr fee when I
> get almost *nothing* in return. I hardly think RDNS costs $100/yr
> to hold my records*. And trying to extort that much money for such
> a nominal service is, well, extortion. Or would be if it actually
> mattered all that much.

Perhaps the fee is too high; one would have to get detailed accounting 
information from ARIN on what their services actually cost for various types 
of subscribers, how much goes towards amortizing fixed costs, etc.  That's 
somewhat off-topic here; I think arin-discuss is the correct list for that.

> Also, I think the whole point of getting legacy holders to sign the
> RSA *is* to bring them into the public policy fold, not continue
> their exemption.

That's some people's intent.  Others of us are willing to extend the 
exemptions because our goal is merely to have them in the fold and we know 
that even if we revoked legacy resources (which is fraught with legal 
complications), it wouldn't appreciably change the IPv4 exhaustion timeline.

Legacy blocks in particular are popular targets for spammers because ARIN 
doesn't have any contractual relationship to determine who the legitimate 
holder/contact for a given block is.  Tracking that down costs ARIN a lot of 
money, and getting the legacy space under RSA -- even without fees -- would 
be a net savings to us all.

> * - and before you point out that ARIN's $10M/yr buget does all
> sorts of other "good" things, not one single "good" thing affects
> those end-users who are not growing their networks.

You never use RDNS for any network maintained by ARIN?  You never use WHOIS? 
You've never sent a message to a mailing list run by ARIN, such as this one? 
Someone has to pay for those things.

> If you want to get into a discussion on what's "fair", ask yourself if
> it's "fair" that all your membership pays excessive fees that are
> used to subsidize new requests.

New requests have a significantly larger fee which covers the up-front costs 
involved in making an assignment or allocation.  They are not "subsidized" 
by maintenance fees AFAICT.

>> ARIN made a promise to do something, and it's doing it.  We
>> cannot ignore that promise simply because you find it
>> inconvenient.  It's taken a long time for ARIN to build a good
>> reputation in the community, and it'd be stupid of us to throw
>> that away by ignoring promises made and then expect
>> people to trust us in the future with such a track record.
>
> I've watched this list for months now. My views on ARIN were neutral
> before (lack of exposure/contact). They certainly are not anymore. I
> asked around at work and ARIN certainly does have a reputation, but it
> isn't a good one. And I can see why. Poisonous vitriolic attitudes
> towards legacy holders (them damn free-loaders!), a complete lack of
> understanding on how to roll out and encourage ipv6, the roll ipv4 will
> play in the future and for how long....
...
> Now. It's entirely possible (and I hope it is) that my views are
> shaped by a minority of the membership, a vocal minority that
> frequents this list.

Please take a closer look; there are certain high-volume commenters that 
have such attitudes, but the majority of commenters are bright, reasonable 
folks who are just trying to determine the best path for the community.  And 
then there's the vast, silent majority...

The policy process, unfortunately, is a bit like making sausage.  There's 
lots of kooky stuff that gets proposed, and lots of trolls trying to disrupt 
the process.  However, please don't confuse that with what policies actually 
get approved and implemented -- those are pretty reasonable.

> I hope that ARIN proper (the staff) does have a good sense of
> their purpose and tries to moderate things down to reasonable
> levels. I am encouraged by a number of staff recommendations
> against proposals that came out earlier this year.

I haven't seen staff explicitly take any position; they seem to restrain 
themselves to commenting on wording and logistical issues with proposals, 
not whether they're good ideas or not.

You may be confusing some of the more rational folks here with staffers, or 
taking the occasional personal comment by BoT or AC members as being some 
sort of official stand.

> Anyway. My take on this policy? It's a thinly veiled grab at the
> legacy holders (again).

This particular one?  I agree.  I seriously doubt it, or anything along the 
same lines, will get passed in Albuquerque.

S

Stephen Sprunk      "Those people who think they know everything
CCIE #3723         are a great annoyance to those of us who do."
K5SSS                                             --Isaac Asimov