[ppml] Policy Proposal: Authentication of Legacy Resources

Owen DeLong owen at delong.com
Fri Jul 6 13:13:51 EDT 2007

While I like the intent of the policy, I would oppose this policy as  

1.	While a bit softer, it's still somewhat of a strong-arm approach  
to the
	legacy issue and I think ARIN would get farther with outreach than
	tactics like this.

2.	I would encourage Andrew to work with Leo and get something closer
	to Leo's proposal on the table as a policy proposal.

3.	I'm not convinced legacy holders will have any desire or reason to
	pay fees to ARIN even with this policy.

4.	Prohibiting changes to records is an absolute mistake.  We do not  
	to further discourage legacy holders from keeping their records up to


On Jul 6, 2007, at 9:33 AM, Andrew Dul wrote:

> I've been working on this policy with a few people from the AC for  
> a couple of months.  Given today's discussion on the PPML, it  
> seemed like an appropriate time to submit it to the policy process.
> ==============
> 1.	Policy Proposal Name: Authentication of Legacy Resources
> 2.	Author
>    a.	name: Andrew Dul
>    b.	email: andrew.dul at quark.net
>    c.	telephone: +1 206-359-8130
>    d.	organization: Perkins Coie LLP
> 3.	Proposal Version: 1.0
> 4.	Submission Date: 07012007
> 5.	Proposal type: New
> 6.	Policy term: Permanent
> 7.	Policy statement:
> Add new NRPM section 4.9 - Legacy Records
> Legacy resource record holders shall be permitted to sign an  
> registration services agreement which permits the organization  
> which is currently using the resources as of January 1, 2007 to  
> continue to use those resources as long as a registration services  
> agreement is signed by the organization and the organization is not  
> past-due on their annual maintenance fee.  ARIN will evaluate and  
> verify the chain of custody of any resource records prior to  
> executing a registration services agreement with an organization.
> If a legacy resource holder requests additional IPv4 resources all  
> IPv4 resources (legacy and non-legacy) shall be evaluated to  
> determine utilization for additional assignments under NRPM  
> sections 4.2 or 4.3.
> ARIN shall use all reasonable methods to attempt to contact legacy  
> record holders starting on January 1, 2008.
> ARIN shall also post information on the public website regarding  
> this outreach to legacy resource holders.
> No changes shall be made to legacy resource records which are not  
> covered by a registration services agreement after December 31, 2007.
> Add new NRPM section 7.3 - Legacy Reverse Delegation Records
> Legacy IP address record holders who have not signed a registration  
> services agreement with ARIN will have their name server  
> delegations for the in-addr.arpa zone removed starting on June 30,  
> 2009.  All name server delegations shall be removed from the in- 
> addr.arpa zone by December 31, 2009.
> If an individual contacts ARIN and claims to represent a legacy  
> record holder after the removal of an organization's name server  
> delegations, the individual shall be permitted to request a one- 
> time 6 month reinstatement of their name server delegations.  This  
> 6 month period is intended to allow an organization to work in good  
> faith to establish a registration services agreement.
> 8.	Rationale:
> An ARIN Legacy resource holder is an organization which was issued  
> number resources prior to the formation of ARIN and whose  
> registration information was not transferred to another RIR through  
> the Early Registration Transfer Project (http://www.arin.net/ 
> registration/erx).    Legacy resource holders were issued number  
> resources through an informal process.  This policy proposal  
> attempts to bring these legacy resource holders into a formal  
> agreement with ARIN, the manager of the IP numbering resources for  
> many of the legacy record holders.
> Some legacy resource holders have expressed concerns about  
> committing to a registration services agreement when the legacy  
> resource holder cannot be assured that they will be permitted to  
> retain and their resources for the long-term.  This policy proposal  
> also does not preclude existing legacy space holders, who may have  
> signed another version of the registration services agreement from  
> having the same commitment level.  It is suggested that the Board  
> of Trustees formalize the annual maintenance fees for legacy  
> resource holders at a level similar to the $100 USD per year for  
> end-sites.
> This policy sets in place a notification period of 18 months to  
> contact all legacy resource holders and creates an incentive for  
> the holders to formalize their relationship with ARIN.   The dates  
> in this policy proposal were arbitrarily chosen based upon an  
> expected ratification by the ARIN Board of Trustees by December 31,  
> 2007.  If this policy is implemented after December 31, 2007, the  
> trigger dates in the policy should be adjusted appropriately.
> Given the informal relationship under which the resources were  
> granted, ARIN current maintains the records including WHOIS and in- 
> addr.arpa delegations in a best-effort fashion.  Many believe that  
> ARIN may not be obligated to maintain these records.  ARIN has  
> experienced some difficulty maintaining these records.  Legacy  
> records have been a popular target for hijackers, in part due to  
> the out of date information contained in these records.  Having up  
> to date contact information would assist ARIN and ISP's in insuring  
> the stability of the Internet.
> This policy proposal sets a termination date for in-addr.arpa  
> delegation services for legacy resource record holders who have not  
> formalized their relationship with ARIN through a registration  
> services agreement.   The 6 month period of delegation record  
> removal was intended to provide ARIN the flexibility of removing  
> the records on a gradual plan during second half of 2009 and to  
> avoid a large change on a single day.
> Legacy resource holders who sign a registration services agreement  
> would continue to receive all the services that are currently  
> provided by ARIN plus they would be eligible for any future  
> services that ARIN may offer, such as cryptographic signing of  
> resource records.
> 9.	Timetable for implementation: As stated in policy
> 10.	Meeting presenter: Andrew Dul
> _______________________________________________
> This message sent to you through the ARIN Public Policy Mailing List
> (PPML at arin.net).
> Manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/ppml

More information about the ARIN-PPML mailing list