[arin-ppml] Errors in 2007-14 Revision 3.2
owen at delong.com
Tue Oct 14 17:47:30 EDT 2008
Unfortunately, somehow the version 3.2 that was sent to the mailing list
was apparently the result of applying the intended 3.2 updates to an
version than 3.1.
Below is the corrected 3.2 which for clarity I will call version 3.3.
Apologies for any inconvenience or misunderstanding. The updates
conducted remain the same...
Section 3 updated to address concerns from ARIN staff.
Section 7 and 8 changed to address concerns from legal.
Policy Proposal 2007-14
Resource Review Process
Author: Owen DeLong, Stephen Sprunk
Proposal Version: 3.3
Date: 14 October 2008
Proposal type: modify
Policy term: permanent
Add the following to the NRPM:
1. ARIN may review the current usage of any resources maintained in
the ARIN database. The organization shall cooperate with any request
from ARIN for reasonable related documentation.
2. ARIN may conduct such reviews:
a. when any new resource is requested,
b. whenever ARIN has reason to believe that the resources were
originally obtained fraudulently or in contravention of existing
c. at any other time without having to establish cause unless a prior
review has been completed in the preceding 24 months.
3. At the conclusion of a review in which ARIN has solicited
information from the resource holder, ARIN shall communicate to the
resource holder that the review has been concluded and what, if any,
further actions are required.
4. Organizations found by ARIN to be materially out of compliance
with current ARIN policy shall be requested or required to return
resources as needed to bring them into (or reasonably close to)
4a. The degree to which an organization may remain out of compliance
shall be based on the reasonable judgment of the ARIN staff and shall
balance all facts known, including the organization’s utilization rate,
available address pool, and other factors as appropriate so as to
avoid forcing returns which will result in near-term additional
requests or unnecessary route de-aggregation.
4b. To the extent possible, entire blocks should be returned. Partial
address blocks shall be returned in such a way that the portion
retained will comprise a single aggregate block.
5. If the organization does not voluntarily return resources as
requested, ARIN may revoke any resources issued by ARIN as required to
bring the organization into overall compliance. ARIN shall follow the
same guidelines for revocation that are required for voluntary return
in the previous paragraph.
6. Except in cases of fraud, or violations of policy, an organization
shall be given a minimum of six months to effect a return. ARIN shall
negotiate a longer term with the organization if ARIN believes the
organization is working in good faith to substantially restore
compliance and has a valid need for additional time to renumber out of
the affected blocks.
7. ARIN shall continue to provide services for the resource(s) while
their return or revocation is pending, except any maintenance fees
assessed during that period shall be calculated as if the return or
revocation was complete.
8. This policy does not create any additional authority for ARIN to
revoke legacy address space. However, the utilization of legacy
resources shall be considered during a review to assess overall
9. In considering compliance with policies which allow a timeframe
(such as a requirement to assign some number of prefixes within 5
years), failure to comply cannot be measured until after the timeframe
specified in the applicable policy has elapsed. Blocks subject to such
a policy shall be assumed in compliance with that policy until such
time as the specified time since issuance has elapsed.
Delete NRPM sections 4.1.2, 4.1.3, 4.1.4
Remove the sentence "In extreme cases, existing allocations may be
affected." from NRPM section 184.108.40.206.
Under current policy and existing RSAs, ARIN has an unlimited
authority to audit or review a resource holder's utilization for
compliance at any time and no requirement to communicate the results
of any such review to the resource holder.
This policy attempts to balance the needs of the community and the
potential for abuse of process by ARIN in a way that better clarifies
the purpose, scope, and capabilities of ARIN and codifies some
appropriate protections for resource holders while still preserving
the ability for ARIN to address cases of fraud and abuse on an
The intended nature of the review is to be no more invasive than what
usually happens when an organization applies for additional resources.
Additionally, paragraph 2c prevents ARIN from doing excessive without-
The authors believe that this update addresses the majority of the
feedback received from the community to date and addresses most of the
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ARIN-PPML