[arin-ppml] Does this apply to Transfers too?

[Scott Leibrand]

Kevin Kargel wrote:
> The issue here is that any less than scrupulous admin probably also has the
> ability to create any email address he wants to and pass that on to ARIN as
> the contact.  Because of this I really don't see this step adding any real
> world security or fidelity.  Or are you saying that the dishonest people
> would be unlikely to cheat like that?
>   

As an employee of a US public corporation, such an admin likely would 
not face any penalties under today's rules if he stretched the truth on 
an application to ARIN.  But if he also impersonated an officer of the 
company, he would likely face termination, and likely additional 
penalties as well.  Since the benefit of additional address space goes 
to the corporation, rather than to the individual admin, the new set of 
incentives makes it far less likely for such an admin to want to cheat.

In the case of smaller companies where the requestor would personally 
benefit from getting more addresses from ARIN, the requestor likely *is* 
an officer, so the only effect of this new policy would be to possibly 
make it slightly easier for ARIN to go after the requestor for fraud.

> I believe though, that the contact will be made by certified postal mail,
> not by email.  
>   

That is true for the outreach contact, but not for the attestation 
stuff.  According to 
https://www.arin.net/resources/agreements/officer_attest.html, "ARIN 
will send a summary of the request (via e-mail) to the officer with a 
cc: to the requesting POC (Tech or Admin) and ask the officer to attest 
to the validity of the information provided to ARIN", and "The 
certifying officer will be asked to reply to the e-mail and certify the 
data is valid and accurate."

-Scott