[arin-ppml] POC Validation results in locked out Admins

Martin Hannigan hannigan at gmail.com
Mon Aug 18 17:14:14 EDT 2014


On Mon, Aug 18, 2014 at 4:04 PM, Nate Davis <ndavis at arin.net> wrote:

>
>    From: Martin Hannigan <hannigan at gmail.com>
> Date: Monday, August 18, 2014 at 1:21 PM
> To: "arin-ppml at arin.net" <arin-ppml at arin.net>
> Subject: [arin-ppml] POC Validation results in locked out Admins
>
>
>
>  Confusing. Anyone ever hear of ARIN locking people out of the online
> application for an invalidated POC? With no way to automatically address
> things like employee departures or other errors typically made by provider
> assigned address this seems like its over the top and contrary to an
> accurate whois. It would be easier to simply validate the bad data than to
> go through the operationally expensive efforts to fix it.
>
>  How does this work ARIN?
>
>
>  3.6 Annual Whois POC Validation
> 3.6.1 Method of Annual Verification
>
> During ARIN's annual Whois POC validation, an email will be sent to every
> POC in the Whois database. Each POC will have a maximum of 60 days to
> respond with an affirmative that their Whois contact information is correct
> and complete. Unresponsive POC email addresses shall be marked as such in
> the database. If ARIN staff deems a POC to be completely and permanently
> abandoned or otherwise illegitimate, the POC record shall be marked
> invalid. ARIN will maintain, and make readily available to the community, a
> current list of number resources with no valid POC; this data will be
> subject to the current bulk Whois policy
>
>    Martin - We have some reference information available on ARIN's
> website.
>
>  The middle of the page https://www.arin.net/resources/records.html and
> Recovering A POC section of the page
> https://www.arin.net/resources/request/poc.html
>
>  Users are locked out of *full* ARIN Online functionality only when a POC
> handle which is directly linked to their ARIN Online account hasn't been
> validated within the required timeframe, per policy.  Users that are
>

The policy doesn't state users should be locked out, rather it states a
list will be provided publicly and the POC marked "invalid".  POC
invalidation works. Wheres the list?


locked out of full access can immediately, through ARIN Online, either
> validate the POC handle (if accurate), update the POC handle (if
> inaccurate, but the user still represents the person/role associated with
> the POC handle), or unlink from the POC handle (if the user no longer
> represents the person/role associated with the POC handle) and regain full
> access.  This applies only to POC handles directly linked to the user's web
> account.  It does not apply to POC handles the user isn't directly linked
> to - for example, POC handles for other people/roles on the same Org ID.
>


Most of the fields are related to location, not name. This is a defect in
the update logic. Why we can't update the full record except the linked
resource? If the provider doesn't like it, they could rescind it, but
shunting expensive opex onto both networks for administrative updates
especially when we are paying high fees doesn't seem quite right.


Best,

-M<
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20140818/90932bb5/attachment.html>


More information about the ARIN-PPML mailing list