[arin-ppml] Draft Policy ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-region Requestors - Revised Problem Statement and Policy Text
owen at delong.com
Mon Sep 16 23:47:39 EDT 2013
On Sep 16, 2013, at 7:51 PM, Milton L Mueller <mueller at syr.edu> wrote:
> This policy took a winding path through the AC review process. In my view, the actual substantive policy proposed is mostly supportable, though we need to have a careful debate about the meaning of "plurality" and whether that is necessary or not.
> There are three other issues, none of which actually have to do with the policy, that I think need to be pointed out:
> 1. I have a problem with the Problem Statement. The first sentence asserts as an accepted policy something that is not really an accepted policy (ARIN number resources should be used primarily in the ARIN region, for ARIN region organizations). In other words, it assumes that we already have a policy on this, then in the second sentence, it says "there is currently no explicit policy guiding staff in this area." That's an obvious self-contradiction. I think the second statement is correct. Before I could favor moving this forward as a recommended policy, I would want to see the Problem Statement revised.
Milton, please read the NRPM…
2.2. Regional Internet Registry (RIR)
Regional Internet Registries (RIRs) are established and authorized by respective regional communities, and recognized by the IANA to serve and represent large geographical regions. The primary role of RIRs is to manage and distribute public Internet address space within their respective regions.
Staff has been tightening up their interpretation of this in recent years. In the past, it used to be relatively easy for any multinational organization headquartered in the ARIN region to get address space for their world-wide network. Today, it is difficult to get ARIN to approve anything not justified by in-region operations.
> 2. The Authors' comments says:
>> As reported at the last meeting in Barbados, ARIN staff is having
>> difficulty verifying organizations out-of-region.
> This is not actually what they said. My recollection of the meeting was that they said they had noticed that they were getting a larger number of out of region requests, and they did not feel as if they had explicit policy guidance on how to handle these requests. Insofar as there are difficulties, te policy of ensuring that the applicant for resources is an active business entity legally operating in the ARIN region solves that problem.
I think the actual reality is somewhere in between these two extreme views of what was said. I believe ARIN is getting a lot of "in-region" requests that are from providers using VPNs to connect out-of-region customers and ARIN lacks guidance on how to treat these requests as to whether to consider them in-region or out-of-region. Frankly, I'm not 100% sure that this proposal addresses the issue raised or helps staff resolve that issue at all.
> 3. I consider the "law enforcement" rationale for this policy to be poorly thought-out and basically pointless. ARIN consists of ~ 20 jurisdictions and the other regions are composed of even more; thus, the idea that confining an RIR's address resource allocations to use within a region will ease the task of law enforcement strikes me as factually untrue, and obviously so. One might ease the task of law enforcement by requiring ALL number resources and ALL communication services to be territorially bound to a single legal jurisdiction - but this "cure" would be worse than the disease as it would fundamentally undermine the global nature of the internet.
While it's not a panacea, I can see some benefit to law enforcement within the region being able to depend on a consistent set of policies for organizations receiving address space from the RIR to have legal presence within the region.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ARIN-PPML