[arin-ppml] 2011-7 Status FAIL

Kevin Kargel kkargel at polartel.com
Wed Feb 29 11:18:27 EST 2012





From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On
Behalf Of Scott Leibrand
Sent: Tuesday, February 28, 2012 7:56 PM
To: William Herrin
Cc: arin-ppml at arin.net List
Subject: Re: [arin-ppml] 2011-7 Status FAIL


On Tue, Feb 28, 2012 at 5:21 PM, William Herrin <bill at herrin.us> wrote:

On Tue, Feb 28, 2012 at 6:38 PM, Chris Grundemann <cgrundemann at gmail.com>
> FYI: The intent of adding the reverse DNS hook was twofold. First, as
> you very correctly observe, it should help grab attention when needed
> as an intermediate step before revoking resources, kind of a last
> chance mechanism. The other intent is to grab attention when
> revocation is too extreme, such as a failure to register downstream
> delegations in WHOIS. As a community, we have identified time and
> again the need for an accurate WHOIS. This "penny ante" mechanism may
> help ARIN to ensure that the WHOIS database is as accurate and
> complete as possible.

Hi Chris,

I can't think of a single hypothetical case in which revocation is too
extreme but canceling RDNS is an appropriate punishment.

WHOIS isn't up to snuff? Not taking ARIN's complaints seriously? Issue
a revocation with the policy 6-months to renumber out of the block. If
WHOIS magically improves and they pay ARIN's auditing costs so that
the rest of us don't get burned by the bad behavior, then clearly
there's no further need to complete the revocation.

I'm okay with RDNS revocation as a last ditch "we couldn't get in
touch with you any other way" measure, but that use isn't punitive. As
a punitive measure, RDNS revocation is, frankly, beneath ARIN's


Not sure if a non-profit has dignity, but otherwise I would tend to agree
with Bill here.  I'm uncomfortable *requiring* ARIN to stop providing
reverse DNS services.  If we want to give ARIN permission to do so, fine.
(I don't think they'll abuse that tool, or even use it much.)  But I'm still
unconvinced that requiring them to do so serves any useful purpose.

[kjk] To my way of thinking, it is a no-op to include policy "may" in
absence of a "may-not".  Without policy preventing ARIN from modifying or
removing RDNS they already "may" do so.  Specifically allowing something
that is not prohibited is just fluff.


So I'm fine with "If an organization fails to respond within thirty (30)
days, ARIN may cease providing reverse DNS services to that organization."
But I would strike "If progress of resource returns or record corrections
has not occurred within sixty (60) days after ARIN initiated contact, ARIN
shall cease providing reverse DNS services for the resources in question."


It's also worth noting that I support the new 12.4 language, adding "update
reassignment information or" so it reads "Organizations found by ARIN to be
out of compliance with current ARIN policy shall be required to update
reassignment information or return resources as needed to bring them into
(or reasonably close to) compliance."



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20120229/c6c3ca33/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4935 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20120229/c6c3ca33/attachment-0001.bin>

More information about the ARIN-PPML mailing list