[arin-ppml] Clarify /29 assignment identification requirement

William Herrin bill at herrin.us
Mon Apr 30 12:06:14 EDT 2012

On 4/28/12, John Curran <jcurran at arin.net> wrote:
> On Apr 28, 2012, at 3:50 PM, William Herrin wrote:
>> Of the four folks across this conversation who've levied complaints
>> about ARIN asking for customer identities for /32 users, none have
>> expressed that ARIN inquired into customer identities for their
>> dynamic pools and one expressly stated that ARIN didn't ask about the
>> much larger dynamic pools at all. Four does not make a statistical
>> sample but it does suggest a pattern.
> Indeed, it is an outline of a pleasant pattern that such information
> isn't generally needed nor requested.

Hi John,

That's the positive spin. The negative spin is that it outlines a
pattern of bias in which /32 assignments made and revoked with one
particular set of automation tools are distinctly more likely to get a
free pass than other perfectly legitimate /32 assignment processes.

>> Per your statement above, ARIN considers itself at liberty to inquire
>> into the personally identifiable information (PII) of the smallest and
>> most ephemeral consumers of addresses among the ISP's customers during
>> an ISP's application for addresses. Is that correct?
> Interesting phrasing, but could be literally correct (even if taken
> to extreme...)

In other words, "yes, that's correct." ARIN won't make a habit of
trolling your customer database but the PII for any particular
customer is subject to a demand for production with the expectation
that refusal may result in failing ARIN's audit.

>> Folks, is that what we want?
> A most excellent question, and one which the community should
> definitely discuss.

Bill Herrin

William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

More information about the ARIN-PPML mailing list