[arin-ppml] LRSA requirement for resources being transferred (Was: ARIN-prop-136 Services Opt-out Allowed for Unaffiliated Address Blocks

Matthew Kaufman matthew at matthew.at
Fri Feb 25 00:19:20 EST 2011

On 2/24/2011 5:36 PM, Owen DeLong wrote:
> On Feb 24, 2011, at 5:17 PM, Matthew Kaufman wrote:
>> On 2/24/2011 5:13 PM, Scott Leibrand wrote:
>>> On Thu, Feb 24, 2011 at 4:58 PM, Matthew Kaufman <matthew at matthew.at 
>>> <mailto:matthew at matthew.at>> wrote:
>>>     And note, by the way, that I am currently OPPOSED to this policy
>>>     proposal.
>>>     But also believe we need a way to allow transfers to happen
>>>     without risk to the seller in the case where the seller hasn't
>>>     signed the LRSA. (Specifically, the case where one starts a
>>>     transfer, signs the LRSA only because it is required for the
>>>     transfer, and then the transfer fails to happen for external
>>>     reasons... how can one un-sign the LRSA at that point?)
>>> I think this may indeed be the crux of the issue at least in many cases
>> This is half the issue. The second is a perception that if one could 
>> transfer legacy non-LRSA resources to another party without that 
>> party having to sign the LRSA, those might in fact be slightly more 
>> valuable to said third party (and thus command a higher price).
> The recipient of legitimately transferred resources must sign the RSA, 
> not the LRSA.

Yes, I mis-typed. If it were possible to transfer legacy non-LRSA 
resources to a new holder that themselves could avoid signing the RSA, 
those addresses *might* be perceived as having more value. (I'm not sure 
that's true, but it might be.)

> There is no ability to legitimately transfer resources without the 
> recipient signing an RSA. This is true
> even in the merger and acquisition policy.
> Resources transferred outside of policy without the recipient signing 
> an RSA can, and should, at least
> in most cases, be de-registered and registered to other parties 
> operating within the ARIN policy
> framework. While I support the idea that ARIN should continue to 
> provide services to legacy holders
> on the original terms whether or not they sign an LRSA, as far as I 
> know, those terms do not include
> any transferability (other than M&A as covered in NRPM 8.2).

I'm not sure I follow the reasoning. Resources that are not under RSA or 
LRSA may or may not be transferable without following the terms outlined 
in the NRPM. We don't really know the answer to that question.

> As such, I do not believe that there
> exists benefit to the community in ARIN extending the kindness they 
> grant to legacy holders
> to third-party recipients of space from legacy holders through an 
> unauthorized transfer process.

So the issue is that if ARIN believes that legacy non-LRSA resources are 
not transferable and yet the transferer and the transferee believe they 
are, we have a problem.

There's two courses of actions for the transfering parties to take in 
this case: not tell ARIN (which is bad for the database quality), or sue 
ARIN (which is bad for ARIN in other ways).

Or we could change the policy to make it more appealing.

>> It isn't necessarily of benefit to ARIN to further this dichotomy, so 
>> this is a harder one to solve.. but the first one is probably more 
>> important (and easier) to solve if we want to.
> The fact that legacy holders received their addresses through an 
> undocumented and informal
> community process rather than under the contracted structure we have 
> in place today is
> an accident of history. It should not be extended to new recipients of 
> addresses.
> Legacy or not, ARIN registrations are not transferrable other than as 
> expressed in NRPM 8.

Prove this. I'm with you for the non-legacy, and for legacy with a 
signed LRSA, but I'm not sure how you'd prove it for legacy non-LRSA.

> This requires that the recipient sign an RSA.

Right now that's the case, which may drive these transfers outside of 
ARIN's view.

> There is no problem there. That is to the benefit of the community and 
> is the correct
> course for ARIN to take. Promulgating the contractless registrations 
> to additional
> third parties is unfair to existing resource holders under RSA and to 
> the ARIN community.

Everything about IPv4 addressing is unfair, and it is going to be a 
whole lot less fair really soon.

> Legacy holders are grandfathered under current operating practice. New 
> parties
> are not entitled to and should not receive such special dispensation.

That's an opinion that seems to be fairly widely held, certainly.

Legacy holders may resort to other means, given this stance, however. 
(Transfers that ARIN can't see and/or transit arrangements that look a 
whole lot like address leasing)

Matthew Kaufman

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20110224/01137e4a/attachment.html>

More information about the ARIN-PPML mailing list