[arin-ppml] Clarify /29 assignment identification requirement
jbates at brightok.net
Thu Apr 26 19:25:43 EDT 2012
On 4/26/2012 5:39 PM, William Herrin wrote:
> Where ARIN must evaluate a LIR's IPv4 address utilization in order to
> perform any duty, ARIN shall not compel the production of customer
> identities for any customer holding a total of less than 8 IPv4
> addresses unless all reasonable alternatives for verifying utilization
> have been exhausted.
I think it would be wiser to establish a structure of guidelines for
auditing, personally. It appears ARIN also likes unfiltered configs or
access to read unfiltered configs in routers, which provides much more
detailed information concerning the network than the required
justification (snmp communities, firewall rules, encrypted passwords).
This would also cover the privacy issue of smaller customers.
It would also be nice to place limits on if the data itself is kept by
ARIN or purged. Does ARIN really need to keep private data indefinitely
versus keeping that such data was received and signed off on by a
representative? I'm not sure how long such data is currently kept.
Perhaps John can say.
More information about the ARIN-PPML