[ppml] FW: No transfer policies are needed
tedm at ipinc.net
Tue Apr 22 14:40:13 EDT 2008
> -----Original Message-----
> From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net] On
> Behalf Of Kevin Kargel
> Sent: Tuesday, April 22, 2008 7:24 AM
> To: ppml at arin.net
> Subject: Re: [ppml] FW: No transfer policies are needed
> Being as at this point IP addresses are not transferrable
> property then doesn't that make every transaction where an
> ISP grants leased use of IP addresses to it's customers for
> off site termination without SWIP or other registration a de
> facto black market (or at least grey market)
> transaction? That would say we have a pretty widespread and common
> place black market in existance today.
No it doesen't because the ISP that is granting the lease is
STILL responsible for it.
If someone takes the IP number that this ISP leases out and
goes and uploads a bunch of child porn from it, Interpol is
going to come knocking on that ISP's door, and they are going
to suddenly find that all of these academic arguments about
how they are not responsible just because they forgot to SWIP
it, will be thrown out the window. They ARE responsible and
a court will not let them off the hook about it until they cough
up the names of the perpretrators.
What I think the people throwing around the term "IPv4 black market"
are meaning, is a situation where an ISP holding an IPv4 block
"sells" it to another independent organization, then the "selling"
ISP essentially lies to the RIR (ie: violates it's RSA) to get the
receiving organization to become the holder of record of the block.
In other words, suppose you have a small ISP "SmallCo Inc." that
owns an IPv4 block it doesen't need.
You have an ISP named "MCI Corp" that needs more IPv4 and does
not meet the utilization criteria to get it from ARIN
SmallCo secretly sells it's block to MCI Corp.
SmallCo sends a name-change in to ARIN claiming it's spinning off it's
ISP operations to a separate company named "NewCo Inc" ARIN changes the
record on the block.
MCI Corp then registers the company name "NewCo Inc" as a subsidiary
of MCI Corp. in whatever state it's incorporated in.
Another "black market" scenario would be for a large org that did not
meet utilization criteria to create an independent company, use that
company to obtain a block from ARIN, then "buy" that independent company.
Of course, that only works before IPv4 runout.
I am not familiar enough with the existing language of the various RSA's
that the RIR's use to know if such behaviour is explicitly prohibited but
I think it is, certainly it violates the intent.
In any case, I would assume that ARIN would have the guts to revoke
on any blocks that were transferred in this manner, if it discovered them.
Thus, I think the risks of block revocation would likely make an "IPv4 black
But, there is an old saying in criminal behaviour that the liklihood of a
crime happening is inversely proportional to the penalty, and the risk
of being caught.
If ARIN spends very little effort checking up the validity of address
requests, and in cases where it does find fraud (because someone rats it
out for example) it does little more than a hand-slapping and does NOT
revoke the holding, then it would definitely encourage an IPv4 black
market to form post-runout.
We see this all the time in government regulation of polluters, for example.
The typical MO of the EPA when it discovers a polluter, is to tell the
polluter that if they spend the money to install pollution control that
they will only get a token fine and nobody will go to jail.
As a result, this encourages industry to pollute because the polluters know
that if they are caught, the penalties are merely what they would have to
do to comply with the law in the first place - and the money they saved
during the years of operating without the expensive pollution controls
will far and away exceed what they lose on the token fine.
More information about the ARIN-PPML