[arin-ppml] Policy Proposal: Whois Integrity Policy Proposal

Kevin Oberman oberman at es.net
Tue Aug 19 13:27:16 EDT 2008


Keith,

I think you are mis-reading the proposal and I think the wording needs
some serious work as I am not sure that you are.

I believe that this proposal is an attempt to prevent the hijacking of
legacy space. There have been to cases of such hijacking that have
gotten a fair amount of attention and another that was confusion over
who owned a legacy block. These all resulted from modification of ARIN
records for legacy spaces by people who should not have been able to
modify it, but were able to do so due to the lack of confirmed data on
legacy space.

I do not think that this is an effort to make life difficult for legacy
holders (including my employer), but to prevent the theft of their
address space.

Heather, can you clarify? (Seems that Verizon Business was involved in
one to the cases I mentioned...not as a hijacker, of course.)
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net			Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751


> Date: Tue, 19 Aug 2008 12:04:11 -0400
> From: "Keith Medcalf" <kmedcalf at dessus.com>
> Sender: arin-ppml-bounces at arin.net
> 
> 
> This is a really stupid idea and I, for one, am completely against it.
> 
> My Legacy /24 registration data is up-to-date.  If the intention is that I not update it anymore then the proper course of action is to note that the resources are "delegated" outside of the ARIN system (by the US DoC or DDNNIC for example) and then REMOVE PUBLIC VISIBILITY of all my personal information.
> 
> I sure the Legacy resource holders can come up with a completely separate system to monitor those resources -- and without needing to use EXTORTION to get it going. 
> 
> > -----Original Message-----
> > From: arin-ppml-bounces at arin.net 
> > [mailto:arin-ppml-bounces at arin.net] On Behalf Of Member Services
> > Sent: Monday, 18 August, 2008 10:39
> > To: arin-ppml at arin.net
> > Subject: [arin-ppml] Policy Proposal: Whois Integrity Policy Proposal
> > 
> > ARIN received the following policy proposal. In accordance 
> > with the ARIN
> > Internet Resource Policy Evaluation Process, the proposal is being
> > posted to the ARIN Public Policy Mailing List (PPML) and 
> > being placed on
> > ARIN's website.
> > 
> > The ARIN Advisory Council (AC) will review this proposal at their next
> > regularly scheduled meeting. The AC may decide to:
> > 
> >      1. Accept the proposal as written. If the AC accepts the 
> > proposal,
> > it will be posted as a formal policy proposal to PPML and it will be
> > presented at a Public Policy Meeting.
> > 
> >      2. Not accept the proposal. If the AC does not accept 
> > the proposal,
> > the AC will explain their decision via the PPML. If a proposal is not
> > accepted, then the author may elect to use the petition process to
> > advance their proposal. If the author elects not to petition or the
> > petition fails, then the proposal will be closed.
> > 
> > The AC will assign shepherds in the near future. ARIN will provide the
> > names of the shepherds to the community via the PPML.
> > 
> > In the meantime, the AC invites everyone to comment on this 
> > proposal on
> > the PPML, particularly their support or non-support and the reasoning
> > behind their opinion. Such participation contributes to a thorough
> > vetting and provides important guidance to the AC in their 
> > deliberations.
> > 
> > The ARIN Internet Resource Policy Evaluation Process can be found at:
> > http://www.arin.net/policy/irpep.html
> > 
> > Mailing list subscription information can be found at:
> > http://www.arin.net/mailing_lists/
> > 
> > Regards,
> > 
> > Member Services
> > American Registry for Internet Numbers (ARIN)
> > 
> > 
> > ## * ##
> > 
> > Policy Proposal Name:  Whois Integrity Policy Proposal
> > 
> > Author: Heather Schiller
> > 
> > Proposal Version: 1
> > 
> > Submission Date:  August 15, 2008
> > 
> > Policy statement:
> > 
> > To ensure the integrity of information in the ARIN WHOIS Database a
> > resource must be under an RSA (either legacy or traditional) 
> > in order to
> > update the WHOIS record.  ARIN will not update historical 
> > information in
> > the ARIN Whois Database until the resource holder can prove the
> > organization's right to the resource.
> > 
> > 
> > Rationale:
> > 
> > ARIN currently maintains WHOIS and in-addr.arpa delegation 
> > records in a
> > best-effort fashion.  In many cases ARIN does not have a formal
> > agreement with the legacy resource holders.  Legacy records are
> > frequently out of date and have become an increasingly popular target
> > for hijackers.  Having up to date contact information and a formal
> > relationship with legacy record holders would assist ARIN and ISP's in
> > ensuring these records are maintained accurately.  A similar 
> > policy was
> > successfully adopted in the APNIC region.
> > (http://www.apnic.net/policy/proposals/prop-018-v001.html)
> > 
> > Timetable for implementation:
> > 
> > Within sixty (60) days of approval - with notification to current POC
> > email addresses listed on historical assignments, or as soon as
> > reasonable for ARIN staff.
> > 
> > 
> > 
> > 
> > _______________________________________________
> > PPML
> > You are receiving this message because you are subscribed to
> > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> > Unsubscribe or manage your mailing list subscription at:
> > http://lists.arin.net/mailman/listinfo/arin-ppml
> > Please contact info at arin.net if you experience any issues.
> > 
> 
> 
> 
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 224 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20080819/a728345d/attachment-0001.sig>


More information about the ARIN-PPML mailing list