[arin-ppml] Policy Question(s)
tedm at ipinc.net
Fri Oct 8 06:41:04 EDT 2010
On 10/6/2010 3:46 AM, Ronald F. Guilmette wrote:
> In message<alpine.BSF.2.00.1010060153520.57601 at atlas.ipinc.net>,
> tedm at ipinc.net wrote:
>>> I have read the applicable documents available on the ARIN web site. They
>>> are ambiguous at best.
>> That is because much of ARIN policy comes from committee. It is the nature
>> of politics that you can often not get consensus on specific policy that
>> prohibits something where you CAN get consensus on GENERAL policy that
>> when interpreted, will prohibit that very same thing. To put it succinctly,
>> people often don't know what they are voting for.
> Well, thank you. You know, for plain simple honesty.
> I well and truly understand... and abide... that every law or rule must be
> interpreted. And for that, we have things like ARIN and the U.S. Judiciary.
> But of course, in the case of the judiciary, when _they_ get done interpreting
> one of their rules, that interpretation quite often gets published, in public,
> and becomes ``binding''. This is great because then, in future, everybody
> knows where they stand and what they can do and not do.
Ah, no. Yes they get published. But in the history of the US Judiciary
an enormous amount of fundamental precedent has been overturned. The
only difference is that the US Judiciary moves at a glacial pace
compared to ARIN.
> But apparently, every time ARIN interprets one of its rules... you know...
> like the judiciary would... to fit some new and novel set of facts... then
> *their* decision gets burried under layers of NDAs, and is never heard from
> Am I the only one who sees a potential problem with this?
I think so. You must remember that it is in the interests of the
Internet Community to encourage orgs to get IP space from their LIRs
and not from the RIRs.
If an org complains on this forum about how difficult it is to figure
out how to navigate the waters to get IP space I usually remind them
that their local friendly ISP is more than happy to give them the IP
space they want without having to spend all that time learning all those
pesky RIR rules and the current interpretations of them.
If we make it easy for anyone to get IP space from the RIRs then we
end up flooding the Internet with BGP advertisements. And let me tell
you my org just dropped a thousand bucks last month into CPU updates
for some of our routers because of DFZ growth, and we were getting used
hardware from a network hardware reseller, and the absolute minimum
update that would work - stuff that isn't in current production, even.
So I kind of am not real sympathetic right now to rolling out the red
carpet to orgs that want space and don't want to do the work to
understand everything that's under discussion here.
>> You really cannot fully understand all ARIN policy unless you understand that
>> ARIN policy consists both of the written policy - and the interpretation of
>> that written policy.
> Right. Believe me, I understood that part before I even posted here the
> first time, and in fact that is precisely _why_ I posted here the first
> time... because I have first-hand knowledge that there is, on the one hand,
> the law, as written, and then there is, on the other hand, the interpretation
> of the law, with respect to various sets of facts, and the two are different
> and separate.
>> But, I don't think ARIN is doing this yet for a very simple reason - there
>> are addresses still available. Instead I think what is happening is
>> that if Mr. Smith shows up on ARIN's door with a block that he "bought"
>>from depository.net, AND with justification for it, that ARIN's hostmaster
>> is granting the transfer but also saying "by the way, you did NOT need to
>> spend $$$ with depository.net, you could have got the IP numbers from
>> us, FREE"
> Free??? Did you say FREE?? Hay! That just happens to be my favorite number!
> But seriously folks, was I asleep? Did I fail to get the memo? Is ARIN
> actually not charging for IP space anymore? Funny, I could have sworn
> I saw a fee chart on their web site just the other day. And I was
> thinking, hay, if I could talk somebody out of their (fee-free?) legacy
> /16, and if I could keep it and ``monitize'' it for, say, ten years, then,
> you know, without going thru all of the fancy schmancy ``present value''
> calculations that people who play with money for a living know about,
> my very rough estimate is that that would be worth approximately
> 10 * $4,500 == $45k. That's minimum, of course, because that only
> represents how much you'd save on fees, you know, relative to your
> competitors who have non-legacy blocks.
Consider that if an org spends money to buy numbers from a broker that
they still have to pay ARIN the same yearly fee that they pay if they
just got the numbers from ARIN. Thus why pay the broker?
>> For example you could approach a legacy address holder who has obviously
>> abandonded their legacy holdings or is sparsely using them, and say
>> "If you sign a contract with me saying that I'm your exclusive IP address
>> rep. I'll guarentee you will get XXX dollars for every block of yours
>> I help you to transfer"
> May I say to them instead ``I'll give you $10k right now for all rights
> and title to that legacy /16 you have lying over there in the corner,
> collecting dust.'' ?
No. You may not because you don't have acceptable justification to
have that /16. The legacy org does because of a (IMHO) rather poor
"deal" that was cut with the legacy holders in ARIN's infancy.
> See, like you said, there's middlemen, and then there's players. Middlemen
> just facilitate transfers from A to B. Players actually buy and hold
> _themselves_ hoping for the price to go up.
> I wanna be a player. So now I just need to know if ARIN will let me put
> _my_ name on any legacy /16 I manage to aquire all existing rights and
> title to, you know, from the original owner, and of course, I'd also
> like to know if they will also delegate reverse DNS to me.
No, of course not. And if you know that anyone out there
is doing this - including what was it, "depository.net" then as others
have said, turn the buggers in. Rat them out to the RIR so that the
RIR can pull their addresses. Don't try copying them!
>> But, an "IP Investment bank" which operated as a straight broker plus
>> also gained ownership over IP address blocks (like how many stock brokerage
>> houses which also played the market did with stocks not too long ago)
>> in order to "sell" them would be a violation, in my interpretation.
> A violation of what, exactly?
> I guess you mean of NRPM section 8, but I don't think I saw anything really
> concrete in there that was an actual prohibition. (Can you quote me the
> actual prohibition language out of the NRPM?)
> And again, are we talking about the letter of the law, or are we talking
> about its interpretation, and existing precedents?
>> IMHO you would be a fool to attempt to invest or setup an "IP investment
> Well, that's what seemed to me might be a profitable thing to do, and I
> am not at all persuaded that ARIN could really stop me (or anyone) if
> somebody did that, and if they were dealing only in legacy blocks.
>> You cannot "sell" an IP block because IP
>> addresses are not property and thus cannot be owned.
> Ok, ok. So I'll use the terms ``leased'' and ``sub-leased'' instead.
> Or ``sub-leased right-to-use'' or whatever the lawyers decide to call
> it. Will that work?
No. Proper terminology is in NRPM and your just going to alienate
the knowledgeable people here if you insist on using property-related
> (This is starting to remind me of the old bar joke... you know... Nobody
> ever actually ``buys'' beer. You just rent it. I guess that we could
> say that about everything, because we'll all die eventually, and all that
> beer we drank and all that food we consumed, and all of those PlayStations
> we threw into the dumpster after they stopped working will all be returned
> to the earth someday, one way or the other.)
Yes, you can say that about everything, if you take the long view. And
they won't be returned to the Earth, but to the Universe.
>> When they start censoring you THEN you can complain.
> Ummm... I guess you don't see the rather obvious logical falacy in what
> you just said...
> ... but as I look at it some more, what you just said is actually awfully
> darned humorous. Did you copyright that, or may I use it as a .sig?
Heh. I think that when I signed on to the list I probably clicked some
boilerplate that made it copyrighted by ARIN. Use it as a sig. My
favorite sig is "If what you just read didn't make you snot milk out
your nose when you laughed then my post was a failure" but I don't use
>> The RIR (unfortunately, IMHO) at the current time does not owe you or I or any
>> one an explanation of why a particular block ownership has suddenly changed.
>> I personally
>> and professionally wish this was not the case. But the problem is that so man
>> of the players out there regard this sort of data as competitive secrets data
>> that the RIR is in the position where it absolutely MUST guarentee the parties
>> involved in block transfers confidentiality under a legal NDA or practically
>> nobody would deal at all with ARIN.
> So much for ``open'' Internet governance.
>> we compromised and sacrificed transparency so that we could get compliance.
> I'm wondering if it occured to anybody, during the making of that decision,
> that what such a decision inevitably yields is an impenetrable Star Chamber,
> making un-reviewable decisions, in secret, that nobody ever even finds out
> about, let alone being able to question or understand.
Ah, but we didn't 'make' that decision. It evolved out of committee.
Like I mentioned at first, the beauty of the stuff that comes out of
committee is that people don't often realize what they are voting for.
I think the Universe laughs when people find out that they are being
forced to follow rules and regulations that they made themselves.
> I mean yes, I'm quite sure that all the people involved are of sound and
> good character... I take that as a given. I'm sure they're all good
> people trying their best to do the right thing. But the very _notion_
> of secrecy rubs the wrong way for some people. I just happen to be one
> of them.
And you are living in the US today and with that attitude you think your
of sound mind. How sweet! A romantic!
>> I think that this is a rather amusing interpretation of what's going on.
>> I am quite sure that there's no "gravy train" out there, at least, not
> Well, that's your view, based on what you know... But how do you know?
Logic. In short, why would a legitimate number requesting org buy IP
blocks from an "IP investment house" today when they can still get
IPv4 for free from ARIN or the other RIRs. I recognize a criminal might
want to buy. But since fraudulent use of IP space will get it taken
away by the RIR that criminal is going to be spending a lot of money
I think once IPv4 runout has occurred, and a lot of people are looking
> I mean how does anybody know? As you've noted, all these decisions
> about what may or may not get transfered, and to whom, are being made at
> this point, and have been made, since ARIN took over, with the same level
> of secrecy as the election of the next pope, i.e. total. Right? Because
> everybody (or at any rate, a majority) wanted it that way. OK fine. I
> get that part. But now, here we are, and you actually can't tell me
> for certain, one way or the other, whether or not there's some Internet
> version of Gordon Gecko out there already, buying up IP real estate,
> quietly and secretly, and getting all those blocks quietly transfered
> to himself... or rather to his various paper subsidiaries... , again,
> very quietly. (Perhaps this sounds far fetched, but do you happen to
> know about a company called Tactara? Do you know how much IP real
> estate they've managed to amass, by hook or by crook?)
> Am I saying this _is_ happening _generally_ and other than in the one
> special case I just mentioned? Of course not. Not at all. Am I saying
> that anyone at ARIN is giving unfair advantage to any one party, or even
> to any set of favored parties? Again, no, of course not. Not at all.
> What I _am_ saying is that secrecy breeds suspicion.
>> I'm also quite sure that a lot of these people like this depository.net
>> are hoping that there might be a gravy train and are trying to put their
>> claim in it, should such train ever come down the tracks.
> As far as we know, the train is already rolling. Secrecy, remember?
> Everything is under a thick warm fuzzy blanket of NDAs.
> What I _can_ tell you is that I've made a special study of so-called
> snowshoe spammers. These people consume (and lay waste to) IP space
> just like the proverbial stuff-through-a-goose. And when I find...
> within the IPv4 space... another one of these operations... of which
> there are hundreds, as we speak, sometimes it is obvious where they
> are getting their IP space, i.e. from crooked ISPs that are lying to
> ARIN about their sub-allocations and their effective utilization rates.
> But at other times, it is not at all obvious how one of these criminals
> managed to glom onto a big fat hunk of IP space in a time of alleged shortage.
> Such cases perplex me. And I would argue that secrecy in these cases
> not only doesn't provide an answer to me personally, more importantly,
> in my opinion, it is counter to the best interests of the community.
> It's like saying that child molesters have a right-of-privacy, and so
> we ain't gonna tell you when one moves in two doors down from you.
> That used to be acceptable, but in a lot of places, it isn't anymore.
> Well, ok, I didn't actually intend to get off on this at all. I know
> full well that the secrecy isn't going away anytime soon. And I don't
> fault anybody at ARIN for its existance, because, as you noted, it was
> a ``community'' decision, made long ago, and basically, the lawyers won.
> (Note: *Not* ARIN's lawyers... everybody else's.) But to say that it's
> a done deal and a fully settled matter, decided long long ago... well...
> that's what a lot of people used to say about the privacy rights of
> child molesters. In short, times change, and rules evolve. I can hope
> And a whole lot less secrecy wouldn't just help to get more spammers
> off the streets. It also seems to me to be a prerequsite for the
> development of a fair and open marketplace for IP space... a marketplace
> that even ARIN itself floated a proposal for a couple of years ago. I
> mean can you really imagine being a business man and investing your
> own money in an environment where your major assets, your stock in
> trade, may be subject to effective confiscation at any moment by a
> secretive Star Chamber whose decisions are un-reviewable? No investor
> in his right mind would put his money into THAT! Well... no _ordinary_
> investor. So what we will predictably end up with, as the exhaustion
> end game starts to unfold, will be some real slick operators... definite
> black market types that will charge people truly astronomical prices
> for even a tiny bit of IP turf. They'll have to, in order to make up
> for their potentially very high ``breakage'' rate.
Ah, but you miss the point entirely here. We WANT this. The WORST
THING for the Internet would be for IPv4 to become a permanent fixture
on the Internet - which would happen if a fair and open marketplace
developed for it. Such a happening would add an entirely useless layer
of people as Internet gatekeepers and not even filling a spaceship
and crashing it into a distant class M planet as the Golgafrinchens
did would solve the problem.
The IPv4 transfer policy was put into the NRPM as a band-aid. Many
people, including myself, opposed it and argued against it. Your
essentially wanting to base a permanent, ongoing business on this
one policy rule, which is exactly the kind of thing that I predicted
someone would want to do when I argued against it being stuck in
there in the first place.
IPv4 has big engineering problems on the modern Internet, everyone
realizes that now. But not everyone seems to realize that it has even
worse political and business problems.
It would be like if the Federal government mandated that ALL auto
license plates in the United States would have UNIQUE numbers of
no more than 8 digits because it would make it slightly easier for
a photo radar to issue a speeding ticket for an out of state driver,
where the vehicle owner had the plate in a frame that obscured the
state name. Instantly you create a shortage where none exists now,
instantly you add huge administrative overhead. (Why do you think
that states are going from single-color license plates to picture
plates? It's because photo radar is black and white and the picture
lets them determine the plate's state.)
For example, ARIN spends a lot of labor and time verifying that an
address requester has justification for however many numbers they want.
This is because there's a shortage of IPv4. With IPv6 there is not
a shortage, thus ARIN can simply rubber stamp justification evidence for
any /32 requests. This saves money and time.
Which means that eventually our fees should decrease.
So, LET the IPv4 black market go to the gougers. It will just make
people switch to IPv6 all that much faster and save mountains of money
for everyone on the Internet.
>> But the idea that all you need to do is throw up a Wordpress website with a
>> few IP transfer templates on it and sit back and have oodles of money
>> rolling in for doing nothing is a lot of baloney. It's not going to happen.
> Me personally? I never had anything like THAT even remotely in mind.
> I'm old fashioned. I believe in making money the old fashion way,
> earning it.
Then, earn it like I suggested, as in being a middleman, and when that
peters out a few years after IPv4 runout, find something else to do.
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML