[arin-ppml] Policy Proposal: Whois Authentication Alternatives

John Santos JOHN at egh.com
Wed Aug 20 17:28:27 EDT 2008


On Wed, 20 Aug 2008, Ted Mittelstaedt wrote:

> 
> 
> > -----Original Message-----
> > From: Michael Sinatra [mailto:michael at rancid.berkeley.edu] 
> > Sent: Wednesday, August 20, 2008 11:40 AM
> > To: Ted Mittelstaedt
> > Cc: 'Member Services'; arin-ppml at arin.net
> > Subject: Re: [arin-ppml] Policy Proposal: Whois 
> > Authentication Alternatives
> > 
> > 
> > Thanks, Ted.
> > 
> > On 08/20/08 11:25, Ted Mittelstaedt wrote:
> > > Am I correct in assuming that this proposal presumes that legacy 
> > > holders who have NOT signed an RSA will not be permitted to modify 
> > > their whois data, unless they have gone through this 
> > "authentication 
> > > process"?
> > 
> > Yes, if the "Whois Integrity Policy" and the policy are adopted.
> > 
> > > I wasn't aware that legacy holders, today, are not 
> > permitted to update 
> > > their whois data with ARIN unless they have signed a Legacy 
> > RSA.  Is 
> > > that true?
> > 
> > It is not currently true.  It *appears* that it would be made true if 
> > the "Whois Integrity Policy" were adopted.
> > 
> > > I am not happy with the verbage:
> > > 
> > > "...This proposal assumes the existence of some form of
> > >  policy such as that proposed by the "Whois Integrity 
> > Policy Proposal..."
> > 
> > Are you not happy with the verbiage or are you not happy with the 
> > assumption itself?
> > 
> 
> The assumption.
> 
> > > The proposer is asking that we consider a "meta" policy 
> > proposal, that 
> > > is, a proposal that applies to a proposal under consideration. I 
> > > disagree with this.
> > 
> > I wouldn't call it a meta proposal, but your general 
> > impression is correct.
> > 
> > > I would prefer the proposer of this proposal should instead 
> > work with 
> > > the authors of the current proposals under consideration, 
> > such as the 
> > > "Whois Integrity Policy Proposal" to incorporate his ideas into the 
> > > existing proposals, rather than submitting a meta-proposal. Or if 
> > > those authors refuse to do that, then he can submit a competing 
> > > proposal that does the same thing that an existing proposal 
> > does, plus 
> > > his modifications.
> > 
> > The proposal was submitted in order to express language that 
> > would allow 
> > me, and perhaps others, to support Heather's proposal.  I'd actually 
> > argue that the proposals be combined, but I don't know 
> > Heather's view on 
> > this and do not wish to speak for her.  (She has not yet responded to 
> > the thread on her proposal, so I don't know if she's aware of the 
> > comments.)  If Heather wants to take language from my proposal and 
> > incorporate it into hers, then I'll happily withdraw my proposal.
> > 
> 
> I think you should have taken Heathers proposal, add your ideas, and
> submitted
> it as a competing proposal to Heathers.
> 
> > The intent of my proposal was to give the AC additional language that 
> > would make a general whois integrity proposal more palatable 
> > for legacy 
> > holders who are trying to work out issues with their GCs and 
> > the LRSA. 
> 
> I know.  The problem here is that one of the main reasons for
> signing the LRSA is to get whois integrity.  Keep in mind that
> the ARIN community did not give up the right to go after legacy numbering
> that non-LRSA legacy signatories hold, after the termination of
> the availability of the LRSA next year.
> 
> In short, the LRSA is a defence by legacy holders that the community
> isn't going to come after their holdings.  Your and Heather's proposals
> basically take away the reason a legacy holder has to sign the LRSA in
> the first place.
> 
> The LRSA availability sunsets next year.  I would vote to oppose any
> attempt to extend it's availability after the availability sunsets.  As
> a fee-paying member I would prefer at that time to see ARIN go after the
> legacy
> holders who aren't under LRSA and take away IPv4 that they are not using
> or advertising.  By then the Legacy holders who haven't signed the LRSA
> will have had enough time to look at the LRSA to sign it and there is
> no point in holding out that particular carrot any more.

So the LRSA "carrot" seems to be "We won't hit you with this stick".
Sounds like the Piranha Brothers to me.


> 
> Ted
> 
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to 
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
> 
> 

-- 
John Santos
Evans Griffiths & Hart, Inc.
781-861-0670 ext 539




More information about the ARIN-PPML mailing list