[arin-ppml] Draft Policy ARIN-2014-12: Anti-hijack Policy
hannigan at gmail.com
Thu Mar 27 14:18:43 EDT 2014
And if it's in the registry it's in someones name which means THEY can
write the LOA. Even in the case of another advertising a prefix
registered to someone and on their behalf, think routerless location,
the registrant writes the LOA for the upstream to pass off to peers
where and if needed. I do this all the time. The only time I ever have
to write LOA for stuff like this is typically in the AP region.
This sounds more like a giant faux pas than a policy problem to be honest.
Not in support.
On Thu, Mar 27, 2014 at 1:40 PM, David Huberman
<David.Huberman at microsoft.com> wrote:
> ARIN doesn't have the authority to write an LOA for space not explicitly
> registered to an entity in Whois. Is this what happened?!?
> Details would be nice if we're going to discuss 2014-12 in a meaningful way
> David R Huberman
> Microsoft Corporation
> Senior IT/OPS Program Manager (GFS)
> From: Martin Hannigan <hannigan at gmail.com>
> Sent: Thursday, March 27, 2014 10:29 AM
> To: Scott Leibrand
> Cc: David Huberman; arin-ppml at arin.net
> Subject: Re: [arin-ppml] Draft Policy ARIN-2014-12: Anti-hijack Policy
> That's an operational problem. No one should ever accept nor should ARIN
> ever write an LOA for anything except their own registered prefix.
> On Thursday, March 27, 2014, Scott Leibrand <scottleibrand at gmail.com> wrote:
>> The author or shepherds can provide more detail, but this was submitted in
>> response to a recent presentation on research that involved announcing a
>> covering aggregate for a significant fraction of the entire IP space with
>> ARIN providing an LOA that allowed it. Per statements at the mic, the author
>> doesn't want ARIN to allow that to happen again.
>> > On Mar 26, 2014, at 7:55 PM, David Huberman
>> > <David.Huberman at microsoft.com> wrote:
>> > Hi PPML,
>> > Can someone show me where in the mailing list archives this policy was
>> > actively discussed on PPML? I can't find it.
>> > Alternatively, can the policy author or someone who strongly supports
>> > this policy please either post to the list or email me privately and clue me
>> > in? I issued and managed almost every experimental assignment for almost 10
>> > years from 2003 to 2013, and I am lost as to what this policy is saying. I
>> > would like to be educated so I can support, or not support, the efforts that
>> > have been made here.
>> > Thank you!
>> > /david
>> > David R Huberman
>> > Microsoft Corporation
>> > Senior IT/OPS Program Manager (GFS)
>> > -----Original Message-----
>> > From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On
>> > Behalf Of ARIN
>> > Sent: Tuesday, March 25, 2014 11:28 AM
>> > To: arin-ppml at arin.net
>> > Subject: [arin-ppml] Draft Policy ARIN-2014-12: Anti-hijack Policy
>> > On 20 March 2014 the ARIN Advisory Council (AC) accepted
>> > "ARIN-prop-202 Anti-hijack Policy" as a Draft Policy.
>> > Draft Policy ARIN-2014-12 is below and can be found at:
>> > https://www.arin.net/policy/proposals/2014_12.html
>> > You are encouraged to discuss the merits and your concerns of Draft
>> > Policy 2014-12 on the Public Policy Mailing List.
>> > The AC will evaluate the discussion in order to assess the conformance
>> > of this draft policy with ARIN's Principles of Internet Number Resource
>> > Policy as stated in the PDP. Specifically, these principles are:
>> > * Enabling Fair and Impartial Number Resource Administration
>> > * Technically Sound
>> > * Supported by the Community
>> > The ARIN Policy Development Process (PDP) can be found at:
>> > https://www.arin.net/policy/pdp.html
>> > Draft Policies and Proposals under discussion can be found at:
>> > https://www.arin.net/policy/proposals/index.html
>> > Regards,
>> > Communications and Member Services
>> > American Registry for Internet Numbers (ARIN)
>> > ## * ##
>> > Draft Policy ARIN-2014-12
>> > Anti-hijack Policy
>> > Date: 25 March 2014
>> > Problem Statement:
>> > ARIN should not give research organizations permission to hijack
>> > prefixes that have already been allocated. Research organizations announcing
>> > lit aggregates may receive sensitive production traffic belonging to live
>> > networks during periods of instability.
>> > Section 11.7 describes more than allocation size therefore updating the
>> > section heading to something more accurate is appropriate.
>> > Policy statement:
>> > Modify the section 11.7 heading to be more accurate. Modify the first
>> > sentence to prohibit overlapping assignments. Add text at the end to define
>> > how research allocations should be designated and prohibit LOA's without
>> > allocations.
>> > 11.7 Resource Allocation Guidelines
>> > The Numbering Resources requested come from the global Internet Resource
>> > space, do not overlap previously assigned space, and are not from private or
>> > other non-routable Internet Resource space. The allocation size should be
>> > consistent with the existing ARIN minimum allocation sizes, unless small
>> > allocations are intended to be explicitly part of the experiment. If an
>> > organization requires more resource than stipulated by the minimum
>> > allocation sizes in force at the time of their request, their experimental
>> > documentation should have clearly described and justified why this is
>> > required.
>> > All research allocations must be registered publicly in whois. Each
>> > research allocation will be designated as a research allocation with a
>> > comment indicating when the allocation will end. ARIN will not issue a
>> > Letter of Authority (LOA) to route a research prefix unless the allocation
>> > is properly registered in whois.
>> > Comments:
>> > a. Timetable for implementation: Immediate b. Anything else:
>> > _______________________________
More information about the ARIN-PPML