[arin-ppml] Policy Proposal: Customer Confidentiality

William Herrin bill at herrin.us
Wed Jun 10 13:13:49 EDT 2009

On Wed, Jun 10, 2009 at 9:36 AM, Divins, David<dsd at servervault.com> wrote:
> The reality is that LEA's and military organizations don't get
> SWIPd as who they really are anyway (I mean, how many times does CIA
> appear in WHOIS) so let's stop pretending that doesn't happen and make
> our lives easier.


That argument is moot. Such organizations are typically unable to
reveal their identities to individuals who don't hold an SCI clearance
with the proper compartment and have a "need to know." This of course
excludes all of ARIN's staff, even under an NDA. With the proposal,
they will still be legally required to further obfuscate their
identities through third parties.

On Tue, Jun 9, 2009 at 12:41 PM, <lar at mwtcorp.net> wrote:
> If it is, the current policy would be in conflict with the FCC under some
> conditions.


The FCC does not require you to publicly reveal information about your
telephone subscribers, but they do require you to let your customer
take their "network address" with them to the next service provider.
As an ISP, would you care to trade one privilege for the other?

On Wed, Jun 10, 2009 at 10:56 AM, Alexander,
Daniel<Daniel_Alexander at cable.comcast.com> wrote:
> I also disagree with the need for whois as a means of validation or
> transparency for ARIN. ARIN can request whatever information they want
> under the RSA. They do not need swips to confirm someone's utilization,
> and if that were the only mechanism being used then we have bigger
> problems to solve. If transparency is truly the goal, then it needs to
> be an all or nothing, and whois has no chance of acting as a directory
> for ALL Internet users.

Straw man Dan. Transparency in internet use would require a directory
of all internet users. Transparency in the address assignment process
requires at the very most a directory of only those users with a
static IP address. And as Owen pointed out, even that much isn't
necessary; you don't need to know every last /32; you only need to
know who is holding nontrivial amounts of space.

On Wed, Jun 10, 2009 at 11:41 AM, Kevin Kargel<kkargel at polartel.com> wrote:
> Ah, but things have changed, you can now buy, sell and trade IP's thanks to
> powers vested by 2009-1.  I know that 2009-1 has words saying that the
> intention is not to create property, but if it walks like a duck and quacks
> like a duck...

Then make it a market Kevin. Paid redaction: Greater of $1 per address
or the market rate for address trades per year to ARIN for each
redacted entry. Payment is made in lieu of providing any information
at all about the block other than its range and which ISP holds it.

On Wed, Jun 10, 2009 at 12:19 PM, Skeeve Stevens<Skeeve at eintellego.net> wrote:
> What do we do, as a foreign company/entity, if we need
> to track down who is doing something (illegal/technical
> issue/etc) and the upstream ISP won't disclose it to us?

File a John Doe suit and subpoena the information, like the RIAA does.

Bill Herrin

William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

More information about the ARIN-PPML mailing list