[arin-ppml] 2014-19 and evidence of deployment

Tue Nov 11 00:08:52 EST 2014

In my world view, policy should never assume the requestor is lying.  The same should hold true for ARIN staff.  

No one ever mandated ARIN with stopping the scammers.  I believe it was Rob Seastrom who posted here a long time ago and basically said that ARIN staff are entrusted to do the best job they can in running the registry, but the community shouldn't have expectations that ARIN staff can figure out who's lying and who's not.

But because ARIN got burned by large-scale hijacking in the early 2000s, it has operated under "trust but verify" ever since.  And this fosters the antagonism towards the registry which I think is wholly avoidable.  "Trust but verify" is a bad way to run an RIR, in my experience. 

I hope we can focus on policy language which always assumes a request is bona fide, and let's stop worrying about the 1% of requestors who are lying.  That way, network engineers can spend less time dealing with ARIN, and more time running their networks. 

David R Huberman
Microsoft Corporation
Principal, Global IP Addressing

-----Original Message-----
From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Martin Hannigan
Sent: Monday, November 10, 2014 8:55 PM
To: John Santos
Cc: arin-ppml at arin.net
Subject: Re: [arin-ppml] 2014-19 and evidence of deployment

On Mon, Nov 10, 2014 at 6:17 PM, John Santos <JOHN at egh.com> wrote:
> On Mon, 10 Nov 2014, Martin Hannigan wrote:
>
>> >
>> > "7. Upon verification that the organization has shown evidence of 
>> > deployment of the new discrete network site, [such as, but not 
>> > limited to the
>> > following: a network design showing existing and new discreet 
>> > networks and supporting documentation that the proposed design in 
>> > in progress such as contracts for new space or power, new equipment 
>> > orders, publicly available marketing material describing the 
>> > offering in a new location, or some other significant capital 
>> > investment in the project,] the new networks shall be
>> > allocated:
>> >
>>
>> Let's go back to the original point I made in the last two PPC and 
>> ARIN meetings. How can a company contract for real estate, energy or 
>> network without knowing if they had IP addresses to operate their 
>> business (in this current environment of v4 scarcity and policy 
>> wonkery?)?
>
> Any company with a business plan is taking risks and has to have a 
> fall back plan (even if the plan is "pack it in") for any conceivable 
> eventuality.  You want ARIN to guarantee that they can get IPv4 before 
> they've found a site, bought any equipment, signed any contracts with 
> suppliers or customers, or even made any public announcements of their 
> plans to establish a new site?

Let me get this straight. So one should have a business plans that accounts for spending money that may not actually get to generate any revenue? ARIN has been assigning addresses without this requirement for a decade plus. The ability to forward look (guarantee) has been shrunk and now ARIN is targeting MDN for discriminatory policies and removing any ability to forward look, a normal practice in "business".
The risk of not getting addresses because ARIN is using clueless requirements is very high, not average. This isn't a simple excercise of "win some lose some". There are real dollars at stake (whether you operate a single rack or 1000 racks regardless of how much "power" you
use) and real risks.

This proposal is best summed up as 'wasteful tinkering'.

Best,

-M<
_______________________________________________
PPML
You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-ppml
Please contact info at arin.net if you experience any issues.