[arin-ppml] Policy Proposal: Whois Integrity Policy Proposal

[Buhrmaster, Gary]

> My intention really is the integrity of whois data.  As an 
> Internet service provider that is part of the larger internet 
> community, we want to know that the records are accurate.  We 
> depend on these records, and the actions we take based on 
> them can affect the community.  We'd like to avoid helping 
> someone use something they aren't authorized to, but that is 
> made difficult if we can not trust old records.  I truly 
> believe a policy like this, is one step toward making it more 
> difficult to steal netblocks.  One step.. I didn't say it was 
> the absolute, or the end all way the prevent theft, just that 
> it raises the bar.  

If the goal is accurate whois (and not to force
the (L)RSA contract on legacy holders, which is
a separate discussion, and I have opinions on
both sides of that debate), then I would propose a 
solution with a much more likely (quick) uptake
would be a "LRSA-lite" contract, of which the
legacy holders (on their part) agree only that
they were previously allocated resources and are
responsible for keeping the whois data
correct/accurate.  Arin would agree to provide
the service for those requestors after some
appropriate vetting process for holders (for
some minor vetting fee), but such contract would
not address the potentially contentious
issues ("ownership", "stewardship", whatever),
which are put off until another day (which will
occur at some point).  In that case, changes
to the whois database would require one of
the LRSA, RSA, or LRSA-lite, and accuracy
and integrity would (possibly) be improved.