[arin-ppml] Clarify /29 assignment identification requirement

Jack Bates jbates at brightok.net
Thu Apr 26 19:25:43 EDT 2012

On 4/26/2012 5:39 PM, William Herrin wrote:
> Where ARIN must evaluate a LIR's IPv4 address utilization in order to
> perform any duty, ARIN shall not compel the production of customer
> identities for any customer holding a total of less than 8 IPv4
> addresses unless all reasonable alternatives for verifying utilization
> have been exhausted.

I think it would be wiser to establish a structure of guidelines for 
auditing, personally. It appears ARIN also likes unfiltered configs or 
access to read unfiltered configs in routers, which provides much more 
detailed information concerning the network than the required 
justification (snmp communities, firewall rules, encrypted passwords). 
This would also cover the privacy issue of smaller customers.

It would also be nice to place limits on if the data itself is kept by 
ARIN or purged. Does ARIN really need to keep private data indefinitely 
versus keeping that such data was received and signed off on by a 
representative? I'm not sure how long such data is currently kept. 
Perhaps John can say.


More information about the ARIN-PPML mailing list