[arin-ppml] Regarding unauthorized changes (Re: Policy question)

[Jimmy Hess]

On 9/20/12, John Curran <jcurran at arin.net> wrote:

Number resources are assigned to the organization that own the
newtork(s) resources are assigned to;  the resources don't belong to
the authorized POCs,  whether ARIN thinks a person or their "Arin
Online account" are an authorized contact or not...  that is an
expediency.

Contacts have no right to request changes on their organization's
behalf, and represent that they are authorized,   if  their role
within the organization no longer exists and  has changed in such a
manner,  as they would not be authorized to make the change, so in
theory... there should be little possibility at all whatsoever of a
"dispute of authorized status",   ARIN should listen to  whatever
organization  signed the RSA, actually contracted for the resources,
and can prove that with suitable notarized documents.


For example, if an organization fires their employee who is also their
Administrative POC, but ARIN is not informed.    The former
administrative POC is no longer authorized within the organization to
make changes.

If that person,  still listed as a POC for the resource, comes to
ARIN,   and requests unauthorized changes,  such as a change of
address,  or deletion of  other contacts, and they are executed,
because ARIN was never informed that the contact is no longer
authorized.....


Will ARIN revert those changes, and replace the Admin POC with the new
one,  when provided a suitable attestation by the officers of the
organization?


If not, perhaps the policy in place is  not really adequate....


>    the changes to the records, and the changes were all made by authorized
>    contacts for the resources and the registry was updated correctly.  Note
> also
>    this matter has not involved a question of judgement by ARIN, but simply
> that
>    an ARIN Online account for the party holding the resources made the
> change
[snip]


--
-JH