[arin-ppml] 134.17.0.0/16

Stephen Sprunk stephen at sprunk.org
Fri May 2 14:25:36 EDT 2008


Thus spake "joe mcguckin" <joe at via.net>
> On May 1, 2008, at 2:28 PM, Owen DeLong wrote:
>> Just out of curiosity, which restrictions do you object to?
>
> From the ARIN website page dealing with Legacy Space:
>
>        Legacy RSA contractually locks in a set of rights, and thus
>        reduces the risk of future change to a minimum.
>
> I find this statement troublesome, since I don't necessarily
> agree that ARIN has any legal standing or authority to change
> any of the terms pertaining to legacy space I control.

IMHO, you misunderstand your situation.  You do not "control" anything 
except your own network.  You're welcome to use any numbers you want on it, 
including (but not limited to) your legacy space.

What ARIN (or any RIR) does is publish a directory of who has what and 
promises that there will be no duplication.  Most orgs pay for the service 
of being listed in that directory.

However, you are _not_ paying for that service; the community is presently 
providing that service to legacy holders for free because it is generally 
accepted as also providing a benefit to those who _are_ paying.

ARIN is under no legal obligation I'm aware of, though, to continue doing so 
if the community adopts policy to the contrary or to not register the same 
space to other orgs.  If you sign an RSA/LRSA, it would be.

> LRSA Agreement:
>
>        If Legacy Applicant fails to comply with the terms of this Legacy
>        Agreement, ARIN may terminate this Legacy Agreement
>        and refuse to provide the Services to Legacy Applicant.
>
> As it currently stands, I'm currently obligated to do nothing. If
> I do nothing, there's no penalty. If I sign the LRSA and fail to
> comply with any of the terms, ARIN could potentially rescind
> the space, as I understand the document.

There's no penalty for doing nothing _today_.  An LRSA guarantees there'll 
be no penalty tomorrow, either, unless you don't comply with the terms, 
which aren't onerous and in fact more lenient than are given to those 
signing the normal RSA.

The LRSA also exempts you from potential future policies that would conflict 
with the LRSA, which you may not be exempt from if you do not sign.  You 
would also be free to switch to any future version of the LRSA (because, 
perhaps, it offers you better terms) or keep your existing version 
indefinitely, a power RSA signers definitely do not have.

>        the term “Services” may include, without limitation, ...  and
>        administration of IP address space related to number resources
>        issued prior to ARIN’s inception on December 22, 1997 in its
>        service area.   IP address space and ASNs shall be defined
>        as “number resources.
>
>        (c) Cooperation. During the term of this Legacy Agreement, Legacy
>        Applicant shall provide ARIN complete, up-to-date and accurate
>        information, assistance, and cooperation that ARIN requests in
>        ARIN’s provision of the Services to Legacy Applicant, including,
>        without limitation, during any review of Legacy Applicant’s
>        utilization of allocated number resources. If Legacy Applicant does
>        not provide ARIN with required information, assistance, or
>        cooperation that ARIN requests, ARIN may: (i) take such failure
>        into account in determining Legacy Applicant’s future
>        allocation/assignment of additional number resources, and/or (ii)
>        terminate this Legacy Agreement.
>
> I'm not currently obligated to provide allocation info. Why the
> threat to terminate the agreement? I would think that failure to
> provide requested info would simply impact future allocations.

If you're in breach of a contract, the usual remedy is for the other party 
to stop providing (or at least guaranteeing to provide) the services 
promised.  In that case, your legacy space would revert to the (ambiguous) 
status it had prior to you signing the LRSA.  Ditto if you choose not to 
renew your LRSA in the future.

>        (d) Prohibited Conduct.
>
> This entire section should be removed. I don't think it's ARIN's
> mandate to enforce the ethical or legal behavior of its membership.

All of the conduct prohibited is directly related to the services ARIN is 
promising to provide and their protection.  You'll find similar clauses in 
any service provider's contract; the telephone company doesn't want you 
DDOSing their 911 center, or assisting others in doing so, either.  If you 
have a problem agreeing to such terms, I don't think we have much to 
discuss...

>        6. FEES; PAYMENTS
>        (b)  If Legacy Applicant does not pay the Annual Legacy
>        Maintenance Fee or other fees that may be owed ARIN
>        hereunder, ARIN shall provide written notification to the Applicant
>        approximately thirty (30) days following the date on which the
>        payment is not made.  If Legacy Applicant fails to make payment
>        in response to the notice of delinquency, ARIN shall provide
>        Legacy Applicant with an additional written notice, by certified
>        or registered mail, return receipt requested, (as appropriate in
>        each country), and, when possible, by e-mail and telephone.
>        ARIN has the right to: (i) revoke the included number resources
>        if unpaid after 12 months of the due date, and/or ARIN is
>        unable to contact the Applicant after 12 months
>
> Once again, the threat of revoking my address space for non-
> payment of maintenence fees.

Keep in mind that's only if you renew your agreement but refuse to pay for 
the services you promised to pay for.  I'd prefer that only option (ii), 
which you snipped, was available to ARIN.  Perhaps that'll be in the next 
revision.

>        9. NO PROPERTY RIGHTS
>
> This means that if ARIN screws something up, they're not liable.
> NetSol tried to hide behind a similar argument, and if I recall
> correctly, they lost.

Um, that's not what that section says.  It says that numbers are not 
property and you agree not to assert claims they are.

Since numbers can't be property (as courts have already ruled, in the case 
of the AACS LA trying to copyright 128-bit encryption keys), this is a 
no-brainer.

>        11. REPRESENTATIONS AND WARRANTIES
>        (b) By Legacy Applicant. Legacy Applicant hereby represents and
>        warrants to ARIN that during the term of this Legacy Agreement:
>        that Legacy Applicant will comply with all applicable laws, rules,
>        and regulations in its use of the Services, including this Legacy
>        Agreement and the Policies.
>
> See above

Again, what is your problem with agreeing not to break the law?  Do you 
intend to do so?  Is your counsel aware of that?

> In general, I find fault with the concept that any termination of  the
> agreement means ARIN immediately revokes the legacy resources.
> I think it would be better if a default or breach of contract simply
> caused the legacy resources to revert to their original state.

I agree.  I would much prefer that termination always result in a return to 
the prior state, i.e. as if the LRSA had never been signed.

> I think you have to ask  what is trying to be accomplished here. If
> ARIN merely wants to encourage legacy resource holders
> to bring their contact information up to date, then just give legacy
> holders the option of paying the maintenance fee without having to
> sign a punitive contract.

I'd prefer that the contract not be punitive, but it's hard to be paying for 
services without a contract at all.  Any payment for services _implies_ a 
contract, and it's better to have it written down than have courts try to 
figure out what was implied at the time.

> This agreement as written obviously has a further agenda: to
> irrevocably place my legacy resources under many of the same
> constraints that are found in the regular RSA.

I disagree with your characterization of the intent.  At most, the LRSA does 
not represent the intent as well as it could, since it was created by 
modifying the existing RSA instead of starting from scratch.

> This legacy RSA is all stick and no carrot.

There's a carrot there, but I agree there's also too much stick.

S

Stephen Sprunk         "God does not play dice."  --Albert Einstein
CCIE #3723         "God is an inveterate gambler, and He throws the
K5SSS        dice at every possible opportunity." --Stephen Hawking 




More information about the ARIN-PPML mailing list