[arin-ppml] 2014-19 and evidence of deployment
Frank Bulk
frnkblk at iname.com
Thu Nov 20 22:39:36 EST 2014
Do we have data that suggests that only 1% of the requests (or the resources
those requests represent) are fraudulent? My guess is that it's higher.
Frank
-----Original Message-----
From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On
Behalf Of David Huberman
Sent: Monday, November 10, 2014 11:09 PM
To: Martin Hannigan; John Santos
Cc: arin-ppml at arin.net
Subject: Re: [arin-ppml] 2014-19 and evidence of deployment
In my world view, policy should never assume the requestor is lying. The
same should hold true for ARIN staff.
No one ever mandated ARIN with stopping the scammers. I believe it was Rob
Seastrom who posted here a long time ago and basically said that ARIN staff
are entrusted to do the best job they can in running the registry, but the
community shouldn't have expectations that ARIN staff can figure out who's
lying and who's not.
But because ARIN got burned by large-scale hijacking in the early 2000s, it
has operated under "trust but verify" ever since. And this fosters the
antagonism towards the registry which I think is wholly avoidable. "Trust
but verify" is a bad way to run an RIR, in my experience.
I hope we can focus on policy language which always assumes a request is
bona fide, and let's stop worrying about the 1% of requestors who are lying.
That way, network engineers can spend less time dealing with ARIN, and more
time running their networks.
David R Huberman
Microsoft Corporation
Principal, Global IP Addressing
-----Original Message-----
From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On
Behalf Of Martin Hannigan
Sent: Monday, November 10, 2014 8:55 PM
To: John Santos
Cc: arin-ppml at arin.net
Subject: Re: [arin-ppml] 2014-19 and evidence of deployment
On Mon, Nov 10, 2014 at 6:17 PM, John Santos <JOHN at egh.com> wrote:
> On Mon, 10 Nov 2014, Martin Hannigan wrote:
>
>> >
>> > "7. Upon verification that the organization has shown evidence of
>> > deployment of the new discrete network site, [such as, but not
>> > limited to the
>> > following: a network design showing existing and new discreet
>> > networks and supporting documentation that the proposed design in
>> > in progress such as contracts for new space or power, new equipment
>> > orders, publicly available marketing material describing the
>> > offering in a new location, or some other significant capital
>> > investment in the project,] the new networks shall be
>> > allocated:
>> >
>>
>> Let's go back to the original point I made in the last two PPC and
>> ARIN meetings. How can a company contract for real estate, energy or
>> network without knowing if they had IP addresses to operate their
>> business (in this current environment of v4 scarcity and policy
>> wonkery?)?
>
> Any company with a business plan is taking risks and has to have a
> fall back plan (even if the plan is "pack it in") for any conceivable
> eventuality. You want ARIN to guarantee that they can get IPv4 before
> they've found a site, bought any equipment, signed any contracts with
> suppliers or customers, or even made any public announcements of their
> plans to establish a new site?
Let me get this straight. So one should have a business plans that accounts
for spending money that may not actually get to generate any revenue? ARIN
has been assigning addresses without this requirement for a decade plus. The
ability to forward look (guarantee) has been shrunk and now ARIN is
targeting MDN for discriminatory policies and removing any ability to
forward look, a normal practice in "business".
The risk of not getting addresses because ARIN is using clueless
requirements is very high, not average. This isn't a simple excercise of
"win some lose some". There are real dollars at stake (whether you operate a
single rack or 1000 racks regardless of how much "power" you
use) and real risks.
This proposal is best summed up as 'wasteful tinkering'.
Best,
-M<
_______________________________________________
PPML
You are receiving this message because you are subscribed to the ARIN Public
Policy Mailing List (ARIN-PPML at arin.net).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-ppml
Please contact info at arin.net if you experience any issues.
_______________________________________________
PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-ppml
Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML
mailing list