[arin-ppml] RPKI Relying Agreement

Ca By cb.list6 at gmail.com
Thu Dec 4 11:00:32 EST 2014 

On Thu, Dec 4, 2014 at 7:51 AM, David Huberman <David.Huberman at microsoft.com
> wrote:

> Numerous members of the security and network engineering community and I
> have discussed this over the last 12 months, and the RPA is a show stopper
> for some of us.  Paragraphs 3 and 4 are the key. It's one way warranties
> (you -> ARIN), just like the RSA.
>
> It's thorny because if you put yourself in ARIN's shoes for a moment, you
> have to balance the risk of bankrupting the company with the responsibility
> of being a trust anchor.   Unfortunately, like many ARIN legal postures,
> the unwillingness to take on any risk at all is problematic.
>
>
I am always told ARIN is the community.

community = networks

ARIN = commuity

networks = ARIN

Networks want to transfer risk: Network -> ARIN

ARIN wants to transfer risk from ARIN -> Networks

but, ARIN = Networks = Community ....so it is moot since transfer risk from
yourself to yourself is meaningless.

That said, networks are more distributed than ARIN from a liability
perspective, so better for networks to absorb risk.

No?

CB


> I really hope the new Board takes this issue up again in 2015 - the
> unwillingness to accept any risk even though ARIN is a key part of the
> internet community, and the one-sidedness of its legal agreements due to
> same.
>
> David R Huberman
> Microsoft Corporation
> Principal, Global IP Addressing
>
> ________________________________________
> From: arin-ppml-bounces at arin.net <arin-ppml-bounces at arin.net> on behalf
> of Andrew Gallo <akg1330 at gmail.com>
> Sent: Thursday, December 4, 2014 7:31 AM
> To: ARIN-PPML at arin.net
> Subject: [arin-ppml] RPKI Relying Agreement
>
> (cross posted from NANOG)
>
>
> Greetings:
>
> In the past few months, I've spoken with, or heard second hand, from a
> number of organizations that will not or cannot sign ARIN's RPKI Relying
> Agreement.  Acceptance of this agreement is required in order to gain
> access to ARIN's Trust Anchor Locator (TAL).
>
> Given the size and number of these organizations that can't or wont
> accept the agreement makes me wonder if this is a show stopper that will
> prevent the adoption of this technology.
>
> I've created a quick survey to get an idea of the community's take on
> this agreement with the idea that if enough organizations indicate it is
> unacceptable, maybe we can get this agreement changed, or as with other
> regions, not explicitly required to use the TAL.
>
>
> https://docs.google.com/forms/d/10RLBBpL05n1c_H4unHitlsVqNM3rZI5aXAX8iSBc_Kk/viewform?usp=send_form
>
>
>
> Thank you
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20141204/c762d009/attachment.htm>

More information about the ARIN-PPML mailing list