[arin-ppml] ARIN Policy Clarification: Micro-Allocations

Sat Apr 24 12:32:35 EDT 2010

I'm going to take this opportunity to offer my support for this proposal.
However, I would like to stress and make very clear that under no
circumstances does my support for this proposal in any way constitute an
endorsement or support of the root services discussed below by Mr. Palmer.
In fact I do not consider Mr. Palmer's root system to qualify as viable root
infrastructure.

John and I have discussed this at length on the GA. When ARIN develops
policy it is critical that a certain measure of responsibility be taken to
properly qualify the allocation. Critical infrastructure implies some degree
of trust or approval or approval by a government body or standard be applied
to justify the allocation.

It's completely understandable why ARIN would allocate the duty to ICANN.
Technically ICANN runs a trusted root. Even with the mess recently in
Beijing - this root works. So John the next question is - why should we
trust your root? Whats behind it. Root operation implies a great deal of
power over the user. Why should a user trust you and your root?

Because if you do take up the challenge proposed by members here i.e. to
provide a revision to policy - then please address the trust issue.

That said I can proceed to agree with Palmer that the policy is
discriminatory towards other existing root systems outside the IANA core.
There has been considerable growth in non-ICANN root service over the years
and I expect that will increase as more and more people discover that
running their own roots is the most viable way to guarantee security. I'm
sure all of you are aware of the recent hijacking of root server "I" in
Beijing. That root service is still offline as far as I'm aware.

I also strongly object that countries were not included. I don't know if we
can trust the worldroot - but I know we can trust countries to be
responsible for their critical infrastructure. The policy should be revised
to reflect this. I'm against having ICANN as the sole party responsible for
making a decision on this allocation. The same trust ARIN is showing ICANN
should be extended to national governments.

And national governments should object to this type of policy being included
in any other RIR.

Also John .. I offer you my help in drafting such a document. Your position
on the discriminatory issues is correct. But I'm sure you will agree minimum
standards and trust issues should be well addressed in opening up critical
infrastructure allocations.

Now with IPv6 - I think critical infrastructure should be assigned to any
tom dick or harry who applies. There's so much IPv6 space you can assign
critical infrastructure to everyone on the planet. Let marketing establish
who's trusted and who's not.

Thats my two cents.

regards
joe baptista

On Wed, Apr 14, 2010 at 2:27 AM, John Palmer <
jpalmer at american-webmasters.net> wrote:

> In the "ARIN Number Resource Policy Manual" is the following section on
> micro allocations
> "4.4. Micro-allocation
> ARIN will make micro-allocations to critical infrastructure providers of
> the Internet, including public exchange points, core DNS service providers
> (e.g. ICANN-sanctioned root, gTLD, and ccTLD operators) as well as the RIRs
> and IANA. These allocations will be no longer than a /24 using IPv4 or a /48
> using IPv6. Multiple allocations may be granted in certain situations. -
> Exchange point allocations MUST be allocated from specific blocks reserved
> only for this purpose. All other micro-allocations WILL be allocated out of
> other blocks reserved for micro-allocation purposes. ARIN will make a list
> of these blocks publicly available. - Exchange point operators must provide
> justification for the allocation, including: connection policy, location,
> other participants (minimum of two total), ASN, and contact information.
> ISPs and other organizations receiving these micro-allocations will be
> charged under the ISP fee schedule, while end-users will be charged under
> the fee schedule for end-users. This policy does not preclude exchange point
> operators from requesting address space under other policies."
>
> The part the concerns me is that part that says "e.g. ICANN-sanctioned
> root, gTLD and ccTLD operators".
>
> Excuse me, but since when do DNS operators have to be ICANN sanctioned? You
> know that there is such a thing called the Inclusive Namespace. ICANN is not
> the only authorized root network operator.
>
> ARIN is supposed to support the whole community, not just the DNS services
> sanctioned by ICANN.
>
> I would like to propose to the ARIN board that the phrase "(e.g.
> ICANN-sanctioned root, gTLD and ccTLD operators)" be replaced with "(root,
> gTLD and ccTLD operators)".
>
> My company manages and operates the WorldRoot, an Inclusive Namespace root
> network and would like to have 13 micro-allocations for Anycast operations
> of our 13 DNS server sets around the world as well as IP6 microallocations
> in the near future.  As it stands, we will probably be able to populate 3 to
> 4 complete cloneSets (13 servers each) in the next 3 to 5 years. The
> language in Section 4.4 of the NRPM seems to exclude our ability to obtain
> the neccesary number resources and is discriminatory to the Inclusive
> Namespace and therefore in violation of ARIN's mission to serve the ENTIRE
> North American community.
>
> ARIN Board - please take note of my request and respond.
>
> Thanks
> John Palmer - President
> American Webmasters Inc
> (operator of the WorldRoot root server network - http://worldroot.net)
>
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>

-- 
Joe Baptista

www.publicroot.org
PublicRoot Consortium
----------------------------------------------------------------
The future of the Internet is Open, Transparent, Inclusive, Representative &
Accountable to the Internet community @large.
----------------------------------------------------------------
 Office: +1 (360) 526-6077 (extension 052)
    Fax: +1 (509) 479-0084

Personal: http://baptista.cynikal.net/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20100424/8372234c/attachment.htm>