[arin-ppml] New Version of ARIN-prop-126: Compliance Requirement

Wed Feb 16 12:03:01 EST 2011

> >
> > 12.4 - Update to: Organizations found by ARIN to be out of
compliance
> > with current ARIN policy shall be required to update reassignment
> > information or return resources as needed to bring them into (or
> > reasonably close to) compliance.
> >
> > 1. The degree to which an organization may remain out of compliance
> > shall be based on the reasonable judgment of the ARIN staff and
shall
> > balance all facts known, including the organization's utilization
> > rate, available address pool, and other factors as appropriate so as
> > to avoid forcing returns which will result in near-term additional
> > requests or unnecessary route de-aggregation.
> > 2. To the extent possible, entire blocks should be returned. Partial
> > address blocks shall be returned in such a way that the portion
> > retained will comprise a single aggregate block.
> >
> > (leave 12.5 as is)
> >
> > 12.6 - Update to: Except in cases of fraud, an organization shall be
> > given a minimum of thirty (30) days to respond. If an organization
> > does not respond within those thirty (30) days, ARIN may cease
> > providing reverse DNS services to that organization. If progress of
> > resource returns or record corrections is not visible within sixty
> > (60) days after correspondence with ARIN began, ARIN will cease
> > providing reverse DNS services for the resources in question. At any
> > time after ninety (90) days have passed, ARIN may initiate resource
> > revocation as allowed in paragraph 12.5. ARIN shall negotiate a
> longer
> > term with the organization if ARIN believes the organization is
> > working in good faith to substantially restore compliance and has a
> > valid need for additional time to renumber out of the affected
> blocks.
> >
> > Rationale:
> >
> > Version 2 addresses several staff and legal concerns with the
> original
> > text of this policy by clarifying the language and making it more
> > concrete.
> >
> > To date the community has not documented or firmly established use
of
> > an effective enforcement mechanism. This policy will support current
> > policy and compel those who are allocated ARIN resources to maintain
> > the proper WHOIS records in accordance with ARIN NRPM. While it is
> > recognized this is not an absolute solution to ensure compliance, it
> > is the best method under current ARIN policies.
> >
> > Timetable for implementation: Immediate

So what this seems to be saying is that in addition to the original
conditions that existed when address blocks were first issued, some
continuing auditing is to be done which continuously audits members to
ensure that they constantly meet the issuing requirements of the blocks
they hold and if not, they will be revoked?  So one must meet the
allocation policy in perpetuity?  I am not sure this is good policy for
a few reasons.  

The primary reason being that going forward, this policy will apply
mostly for IPv6 assignments.  Placing this policy in the context of IPv6
seems that is causes a lot of work for very little gain to the
community.  The only likely result is additional "churn" in v4
assignments which will act to further destabilize things in the v4 space
after runout.

In addition, reading this portion closely:

> > 1. The degree to which an organization may remain out of compliance
> > shall be based on the reasonable judgment of the ARIN staff and
shall
> > balance all facts known, including the organization's utilization
> > rate, available address pool, and other factors as appropriate so as
> > to avoid forcing returns which will result in near-term additional
> > requests or unnecessary route de-aggregation.
> > 2. To the extent possible, entire blocks should be returned. Partial
> > address blocks shall be returned in such a way that the portion
> > retained will comprise a single aggregate block.

The available address pool is basically "unlimited" and probably will be
for the next several decades. I would sooner favor a resolution that
deprecated the issuing of any IPv4 addresses and says that after ARIN
runs out of addresses for general issue, they would no longer issue any
more for any reason except "critical infrastructure" and ipv6 migration
purposes.  In other words, after ARIN runout, new v4 addresses
allocations will be issued only for v6 migration and those allocations
would be temporary (say 2 to 5 years) and would then have to be
returned.

Any new policy impacting address allocations must, in my opinion, be
viewed in the context of IPv6 and I don't see how this policy benefits
the community in that context.  If it is to apply only to v4 addresses,
it must state so else it applies to all address space.  And even then I
would be more likely to support a proposal that says "once they are
gone, they are gone".