[arin-ppml] New Version of ARIN-prop-126: Compliance Requirement
cgrundemann at gmail.com
Fri Apr 22 14:00:43 EDT 2011
On Wed, Feb 16, 2011 at 09:53, Martin Hannigan <hannigan at gmail.com> wrote:
> On Wed, Feb 16, 2011 at 10:34 AM, Chris Grundemann
>> 12.6 - Update to: Except in cases of fraud, an organization shall be
>> given a minimum of thirty (30) days to respond. If an organization
>> does not respond within those thirty (30) days, ARIN may cease
> So they can take up to a minimum of thirty days to respond, and if
> they exceed the minimum they get the hammer dropped on them? You mean
The org gets at least 30 days, after that period expires, ARIN *may*
take action. This provision requires that ARIN give them *at least* 30
days to respond.
>> time after ninety (90) days have passed, ARIN may initiate resource
>> revocation as allowed in paragraph 12.5. ARIN shall negotiate a longer
>> term with the organization if ARIN believes the organization is
>> working in good faith to substantially restore compliance and has a
>> valid need for additional time to renumber out of the affected blocks.
> It's expensive and complex to respond to section 12 audits. This
> increases that expense for member orgs. It gives the Corporation too
> much leeway to do harm to its members, more than the substantial
> amount that we already allow through "discretion". Discretion also
> results in unpredictability. Policy should be as predictable as
> possible. That "discretion" could result in significant litigation and
> additional potentially unnecessary legal expenses. 
This policy requires that ARIN give the org 90 days to comply and then
allows ARIN staff to give the org more time. I think that this
actually increases predictability and provides more protection for
organizations. I don't see how it increases expense for members,
perhaps you can explain further?
> These audits take time and people. Some of these audits also "appear"
> to be being conducted with what might be questionable "probable
> cause" as a result of tip-line like fraud reporting activity. A
> majority of the fraud reports seem to be false positives. Revocation
> is the ultimate hammer and ARIN already has that power.
> Not in favor of this proposal. Section 12 is already ripe for abuse.
> ARIN should never shut off reverse unless a network is revoked since
> the possible collateral damage is too high and will likely cause
> problems for many others depending upon who gets crunked with this
> proposal. I would support a cap on answer-days to the path of
> revocation, but this proposal appears to be overkill based on the
> current data points that we have demonstrating a real problem (none).
> 1. https://www.arin.net/resources/fraud/results/third_quarter_2010.html
> 2. https://www.arin.net/about_us/corp_docs/budget.html
> In 2010, ARIN budgeted .5M for legal expenses. ARIN has recently
> suggested that some proposals may interfere with fee reductions for
> members. The 2011 budget is not posted and I have no idea what that
> number will be or what the corporation thinks performance to that
> number will be).
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML