[arin-ppml] ARIN-prop-126: Compliance Requirement

David Farmer farmer at umn.edu
Wed Jan 12 12:52:16 EST 2011 

On 1/11/11 16:46 CST, Owen DeLong wrote:
>
> On Jan 11, 2011, at 12:01 PM, David Farmer wrote:
>
>> On 1/11/11 12:57 CST, Jack Bates wrote:
>> ...
>>> I dislike the changes, as they promote ARIN seeking to audit or take
>>> action more swiftly, as it's much easier to break rDNS than it is to
>>> revoke address space. If the matter is serious enough, they should just
>>> revoke the space; not deal with rDNS.
>>
>> I too am seriously concerned about using rDNS as leverage to gain compliance.  If keeping Whois up to date is a real issue, then revoke the resources or apply a financial fine to the offender.  Turning off rDNS is equally likely to create an operation impact for someone else as it is for the offending party, therefore penalizing the wrong party. Using rDNS as an enforcement mechanism is likely to have unintended consequences.
>>
> You do realize that revocation from an ARIN perspective means:
> 	1.	Remove the whois entry
> 	2.	Remove the rDNS delegation
> 	3.	Make appropriate modifications to billing, if any.
>
>> As written I'm opposed to the policy as it is likely to create operation impact on wrong party.
>>
> I'm not sure how revocation is less impactful than rDNS removal. Care to elaborate on your
> thinking here?

Yes, I realize revocation has a large impact and that it is a feature in 
this case.  So in the case of revocation when I as third party runs into 
an issue with rDNS for an address, they do a Whois look-up and find the 
allocation is no longer valid, stop, done, over, move to next trouble 
ticket, it is an invalid assignment.

If ARIN removes rDNS for an allocation but doesn't revoke the 
allocation, removed the Whois entry, how as a third party do I have any 
clue what is going on?  This is what I'm objecting to in using rDNS as a 
leverage to gain compliance.  As proposed rDNS will stop working and 
third parties will not be able to determine why.  This create a 
potentially larger impact on third parties then actual revocation.

The only way I can see a proposal like this working is to add some kind 
of status field into Whois, with a status like "suspended" in this case. 
  I suspect the status would be more or less ignored, but at least a 
third party can find a clue to the cause of the rDNS disruption created 
by this proposal.  Without some kind of published status change, or a 
full revocation, the confusion created for third parties by a proposal 
like creates an unacceptable impact, potentially larger than full 
revocation of the resources in question.

-- 
===============================================
David Farmer               Email:farmer at umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota	
2218 University Ave SE	    Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

More information about the ARIN-PPML mailing list