[arin-ppml] Draft Policy 2012-3: ASN Transfers

Mon Apr 2 14:09:48 EDT 2012

On Sat, Mar 31, 2012 at 2:48 PM, Tom Vest <tvest at eyeconomics.com> wrote:

>
> On Mar 26, 2012, at 3:51 PM, Martin Hannigan wrote:
>
> > On Sat, Mar 24, 2012 at 12:03 AM, Matthew Kaufman <matthew at matthew.at>
> wrote:
> >> On 3/23/2012 8:18 PM, Owen DeLong wrote:
> >>>
> >>> On Mar 23, 2012, at 5:26 PM, Matthew Kaufman wrote:
> >>>
> >>>> On 3/16/2012 2:23 PM, Tom Vest wrote:
> >>>>>
> >>>>> The knowledge that route (a) was originated by AS (x) is only
> meaningful
> >>>>> insofar as one has some set of high-confidence beliefs/expectations
> about AS
> >>>>> (x). However, if AS (x) can change hands at will, henceforth no such
> >>>>> confidence will be possible for the overwhelming majority if not all
> ASes.
> >>>>
> >>>> I would point out that this fact is *already* true, as ASNs are
> >>>> transferred through merger and acquisition all the time, and have
> been for
> >>>> over a decade.
> >>>>
> >>>> I don't see anyone proposing a policy where an entity is required to
> >>>> return (and have permanently marked as unavailable) their ASN when
> ownership
> >>>> changes... I see, for instance, that AS 1 and AS 701 are still out
> there,
> >>>> despite the above happening several times, and yet nothing terrible
> has
> >>>> happened as a result.
> >>>>
> >>> I don't see acquiring the reputation of a network when acquiring the
> >>> entire network as being all that likely to be harmful.
> >>
> >>
> >> What makes you think that ASNs acquired through M&A transfer always come
> >> with "the entire network"?
> >>
> >>
> >>
> >>>  At the time of acquisition, the network is still behaving according to
> >>> its reputation and what is done will cause necessary modifications to
> that
> >>> reputation as time goes by.
> >>
> >>
> >> Yes. Perhaps immediately, as the new owners are of course entirely
> different
> >> people with likely different motivations. The network might immediately
> have
> >> vastly different traffic patterns. Etc.
> >>
> >>
> >>>
> >>> On the other hand, I can see tremendous potential for mischief when
> >>> acquiring an AS Number on the open market without having to take on the
> >>> operation of said network as part of the package.
> >>
> >>
> >> No different than the current situation. You simply make more money for
> the
> >> lawyers when you require that it use the M&A transfer process.
> >>
> >>
> >>> I think these are very different scenarios.
> >>>
> >>> Again, I think we're seeing enough problems created by allowing
> transfers
> >>> with IPv4 addresses
> >>
> >>
> >> Really? What problems are those? From where I sit, I've seen none.
> >>
> >> And are those any different than the problems that already existed with
> >> transfers of IPv4 addresses via M&A transfer?
> >
> >
> > I've said similar things in this thread and I'll simply add +1.
> >
> > What we seem to be talking about here, at least from the counter
> > argument perspective, is a desire to regulate business process instead
> > of providing a technically sound and useful mechanism to enable ASN
> > transfers.  As someone involved in peering with literally hundreds of
> > networks, I'm not convinced that there is a risk that I need to be so
> > concerned about that I would want to disallow ASN transfers,
> > especially without a single real life incident that is compelling
> > enough to warrant a change in thought.
> >
> > Adopting this policy will allow ARIN to "get out of the way" and
> > legitimize what's already transpiring on a regular basis.  This is a
> > good thing.
> >
> >
> > Best,
> >
> > -M<
>
>
>

[ clip ]

>
> If adopted, an ASN transfer proposal like the one under discussion would
> inevitably contribute to the accelerated erosion of that third-party
> authentication mechanism that (almost) everyone has to rely on.
>

I'm still not sure exactly what third party authentication scheme you are
talking about.

>
> As a thought experiment, I urge you to consider how you might feel if you
> *were not* actively "involved in peering with literally hundreds of
> networks," and *could not* rely on [NETWORK] unique private capabilities as
> a complete substitute for the identification/authentication mechanisms that
> are embodied in current AS distribution policies.
>
>
No change. Transferring ASN's is at least innocuous as transferring v4
prefixes with regards to stewardship.

Best,

-M<
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20120402/66630e30/attachment.htm>