[arin-ppml] How bad is it really?

[michael.dillon at bt.com]

> ARIN doesn't have a fraud or abuse department. 

The why do you keep making such a big deal about reporting things to ARIN's
fraud and abuse department?

>The fraud and abuse
> complaints to ARIN are handled by Registration Services almost
> identical
> to the way CCing hostmaster as you mention above will get handled.

Then you should drop the inflamatory language and just tell people to
send an email to Registration Services via the hostmaster email 
address.

> I don't see how reporting this kind of violation of the RSA through the
> ARIN process intended for such reports will result in lawsuits. Could
> you
> please explain that rather bizarre conclusion?

You, as an ARIN official, keep making comments about how these operational
errors are FRAUD. That is getting close to libel and slander. If lots
of others pick up on this language it is only a matter of time before
it spreads and someone makes serious allegations of fraud that threaten
to damage someone's business. At that point, I would expect to see lawsuits
and they would naturally include you, the ARIN official who started it all,
and ARIN itself.

Can we just drop this whole "big stick" attitude and focus on carrots?

ARIN has never made it easy to clean up this kind of thing. If ARIN would
simply engage with some of the larger providers and ask what could be
done to help them audit their IP address records, and clean up leftover
addresses from incomplete decommissioning processes, then I think you
would get much, much further than with threats.

It would also provide an opportunity for providers to share best practice
tips on address auditing and perhaps develop some tools which could be
run internally on management networks to identify unused address blocks.

--Michael Dillon