[arin-ppml] Policy Proposal: Whois Integrity Policy Proposal
Paul Vixie
vixie at isc.org
Tue Aug 19 17:06:40 EDT 2008
> ... I can't speak authoritatively, but I have heard that there are
> institutions who are being advised not to sign the legacy RSA because of
> various provisions in the contract.
no doubt the people offering this hearsay advice are acting on hearsay advice.
> ... I have also heard that said counsels are more concerned with some of
> the provisions in the LRSA than they are regarding the uncertainty of the
> status of their legacy resources. ...
i'd like PPML to hear from those counsels directly, or to hear their words,
literally.
> ... I won't engage in an argument as to whether they are correct or not,
> nor can I speak for the general counsel of my own institution. ...
that makes us even, since i won't engage in speculative arguments. here are
some facts as i know them from ISC's counsel. he said "do you think you'll
ever want to do any of the things that this document says you mustn't do?"
and i said, that basically amounts to selling the address space on e-bay, and
no, that's not a right i think ISC has today, so promising not to do it costs
us nothing. he then said "is there a risk that the original allocator could
come back on you with more egregious implied terms if you don't have this
document signed with their successor in interest?" and i answered, that's
basically the USG and while i don't think they remember allocating this to us,
i have no idea what'll happen when the IANA IPv4 pool runs out, and i can't
rule out the possibility that people without paperwork will be screwed. so
this lawyer, who works for ISC and is a real person that i know, not just
some counsel that i heard somebody else describe, spoke the following words
to me, that i heard with my own ears, i didn't just hear from somebody else
that these words were spoken. he said "then go ahead and sign it."
if anyone else has a first hand account of something a corporate counsel said
when presented with the LRSA, or if some corporate counsel wants to speak in
their own words, then i think it's something PPML should hear.
on the other hand stories about what some counsel might've told somebody
else are not advancing this debate at all.
> SPEAKING FOR MYSELF ONLY: I think the LRSA (or at least the idea of it)
> is the right thing to do, and I especially want to support ARIN and the
> services it provides. I also think that it may not be feasible to ask
> institutions that are bound by certain state and federal guidelines to
> necessarily be able to get on board with the LRSA without some extensive
> review and discussion. Because the policy, as currently written, does
> not specifically address how institutions with legacy resources (or more
> commonly, a mix of legacy and non-legacy resources) would authenticate
> themselves to update whois information in the absence of a signed LRSA, I
> *cannot* support this policy until such provisions are better fleshed
> out.
that's a fair assessment. i'm sure that heather would appreciate it if you
and others offered specific text or specific changes to address that concern.
> It may be possible, as part of ARIN membership, to establish an authentic
> list of resources for which the ARIN member is responsible and allow
> updating of whois information for those resources. It may also be
> possible to create a bare-bones option to pay the $100 fee for record
> maintenance for a certain list of resources without affecting the legal
> status of those resources and without binding the resources to the
> contract. In the current LRSA, if you stop paying the fees, your
> resources are revoked. In the alternative scheme with a bare-bones
> contract, if you stop paying, your whois account is locked and you cannot
> make changes. This fits better with the spirit of the proposal as a
> preventative measure against hijacking, rather than adding another
> "stick" for legacy holders.
this paragraph sounds worthy of a policy proposal in and of itself. are
you game?
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the ARIN-PPML
mailing list