[arin-ppml] About needs basis in 8.3 transfers
Mike Burns
mike at iptrading.com
Sat Jun 7 09:59:08 EDT 2014
Hi Owen,
Sorry for the top-post.
Owen, you continue to deny the danger to the registry posed by the needs
test, comparing it to crackpot beliefs and describing it as FUD.
It is indeed hard to demonstrate registry inaccuracies, even when aware of
them, due to registry access, confidentiality, and non-disclosure
agreements.
But earlier in this thread I mentioned the presence of what I called zombie
corporations in the registry.
These are companies in many states of dormancy whose sole asset is their
address allocation and a vague corporate state.
These entities are sold to those who can not demonstrate need. ARIN is not
notified. Whois does not change.
But the visibility into the real owner of the registration is practically
nil. This is a direct result of the needs test.
Nobody wants to pay real-estate-sized prices and not have their investment
recorded in Whois. The people who do this do it because they need the
addresses and can't get them "legitimately".
This problem was acknowledged by John Curran as a potential route for those
who want addresses but can't justify their entire purchase. He also
mentioned contracts that lock up addresses, to be transferred over time as
ARIN needs tests permit. Both these problems exist in the real world and I
have been party to these agreements. Zombie corporation acquisitions fall
within policy, so I refuse to wear the bad actor label.
I also pointed out that the public information in the Microsoft/Nortel deal
included the fact that none of the blocks sold were registered in Whois to
Nortel.Which means that if Microsoft had not decided after the auction
finished that they would cut a secret modified LRSA with ARIN, they could
have purchased the corporate husks of the original registrants, the Bay
Networks and Synoptics and Wellfleet corporate shells and ip address assets.
Then Microsoft would have had no problems advertising, routing, and using
the space. The only issue would have been Whois. That apparently was not
much of an issue for Nortel, which never did anything to change Whois after
acquiring those companies in the decade after their acquisition.
This is a real danger which I have seen in the wild many times, one which
John Curran acknowledged, and one which leads directly counter to our
primary stewardship role of registering the addresses accurately.
It's fine to make a decision based on balancing conservation, which you feel
applies to priced space, with registration, which you agree is our primary
role. But you can't reach an appropriate balance if you deny the facts,
which you seem to do by demanding some sort of proof of this apparent danger
to the registry.
Many of us are not so sanguine about registry accuracy in the face of the
current situation, and to your credit you are willing to compromise in the
direction of making temporary changes to the needs test requirement in hopes
of finding evidence one way or the other. This conversation is not in the
context of 2014-14, a proposal to remove the needs test from some IPv4
transfers, with size and frequency limits which are designed to prevent any
fear of hoarding or speculation. In the context of 2014-14, then, arguments
about hoarding and speculation can be distracting.
I'm sure people like Matthew Kaufman, Milton Mueller, David Huberman and
many others believe that the needs test should be removed entirely. I fall
in this camp, too. So 2014-14 is a request for these people to also
compromise, as it only removes the needs test for smaller transfers, and
only one such transfer per year per registrant. Perhaps both sides can come
together using the size of the needs-free transfer as a method of
fine-tuning their compromise. Owen thinks a temporary size of /20 is worthy
of consideration, and McTim thinks a /24 is the right size. I invite anybody
who agrees that a compromise here is in order to volunteer what sized block
would, in this context, make the proposal worthy of your support.
Regards,
Mike
----- Original Message -----
From: "Owen DeLong" <owen at delong.com>
To: "Matthew Kaufman" <matthew at matthew.at>
Cc: <arin-ppml at arin.net>
Sent: Saturday, June 07, 2014 3:34 AM
Subject: Re: [arin-ppml] About needs basis in 8.3 transfers
On Jun 6, 2014, at 10:04 AM, Matthew Kaufman <matthew at matthew.at> wrote:
> On 6/6/2014 2:31 PM, Owen DeLong wrote:
>>
>>> On Jun 6, 2014, at 9:59 AM, Matthew Kaufman <matthew at matthew.at> wrote:
>>>
>>>> On 6/6/2014 7:24 AM, Owen DeLong wrote:
>>>> Removing needs basis from 8.3 transfers doesn’t do that and it has a
>>>> number of other harmful outcomes as previously discussed.
>>>>
>>> Can you name a harmful outcome of removing needs basis from 8.3
>>> transfers that doesn't already exist in the form of contracts that lock
>>> sellers to future buyers and/or contracts that allow the use of address
>>> space by another entity?
>> As I have stated, we cannot block all mechanisms which circumvent policy.
>> Yes, you can still produce the negative outcomes by circumventing the
>> intent of policy. Bad actors will, of course do so. If you have
>> strategies for effectively preventing bad actors from doing so, then I am
>> open to discussing those.
>>
>> If you just want to use the fact that bad actors can circumvent policy by
>> means we cannot control as a justification for eliminating policy, then
>> this has been discussed and I still find that position unconvincing.
>>
>>
>
> That's only the first part of said justification. First off, lets stop
> calling them "bad actors": A company with shareholders that knows it will
> need IPv4 space over the next 3 years has employees that are legally
> obligated to enter contracts that will ensure that they can acquire that
> space once ARIN can not longer provide it. These contracts will take the
> form of right of first refusal, lock-ups, or leasing of space and none of
> them can be controlled or prevented by ARIN. The employees are not acting
> in bad faith and the companies are not as a result "bad actors". They are
> simply participants in a market for a limited resource... no need to
> assign a value judgement to them.
Why should I stop calling community members who will choose to circumvent
the intent of policy in favor of their own greed over the wishes of the
community bad actors?
The employees have no such obligation unless the management of the company
chooses to move the company in that direction.
> And there will be "needs justification"... only it will be done by the
> interaction of the market and their CFO... the company will work out how
> much space it needs over what it believes is a reasonable planning horizon
> and then use that as justification for releasing the funds necessary to
> enter into those contracts.
I call BS. This is the somewhat idealized case. The less idealized case is
“We can gain a market advantage over our competitors by investing a couple
of billion dollars in tying up as much of the available address space as
possible.” Sure, no one organization is likely to achieve this kind of
capture, especially under current policies. However, remove the needs test
from policy and you’ve disabled several of the safeguards currently built
into policy in favor of a free-for-all where a small number of companies
behaving in this manner could, indeed, prevent the vast majority of
competing organizations from obtaining address space going forward.
> Next, I and many others believe that there is a danger to the registry
> once such a market becomes prevalent. Specifically, that the accuracy of
> the registry will suffer. It will, more and more often, fail to reflect
> who is using and/or controlling the use of the address space, instead
> containing some historical trivia.
Yes, and many people believe in various things ranging from tin foil hats to
virgin birth. I prefer to base policy decisions on documented fact rather
than religion and FUD.
> I can foresee an avalanche effect, where as the registry becomes less and
> less accurate, participants in the IPv4 market find it less and less
> necessary to ensure that their own transfers or leases are reflected in
> the registry... a sort of "broken windows" effect where it simply becomes
> more and more acceptable to not care.
That’s certainly one worst case scenario. I would argue that if that were to
occur, it would likely drive IPv6 adoption more than it would actually harm
the IPv4 situation. YMMV.
> If you think that's a likely outcome, and that such a thing would be bad
> for ARIN, you should support making it easier for people who are doing
> perfectly legitimate things to record those things in the registry. I do.
I think it’s a very unlikely outcome and I don’t think it would be bad for
ARIN. I think it would be bad for those attempting to continue to use the
IPv4 internet if it were to happen, but not hugely so, at least initially. I
think it would be a slow progression of increasing pain (much like NAT and
CGN have already been).
You keep calling transfers outside of policy “perfectly legitimate”, but in
reality, they are not perfectly legitimate. Can we please stop trying to
call violators of policy and circumventers of policy intent “perfectly
legitimate”?
> If you think that the market prices and the long-term risk created by the
> introduction of IPv6 make hoarding and speculation or even significantly
> overestimating ones own need unlikely, then there's no reason to oppose
> removing specific needs justification as a requirement to record a
> transfer in the registry. I don’t.
I do not believe that they do this at all. So I believe that there is reason
to oppose removing specific needs justification as a requirement to record a
transfer in the registry.
Owen
_______________________________________________
PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-ppml
Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML
mailing list