[arin-ppml] Registry functioning (was: Re: ARIN-PPML 2015-2)

David Conrad drc at virtualized.org
Thu Jun 4 18:00:35 EDT 2015 

Bill,

> On Jun 4, 2015, at 7:45 AM, Bill Woodcock <woody at pch.net> wrote:
>> On Jun 4, 2015, at 5:29 AM, David Conrad <drc at virtualized.org> wrote:
>> 
>> Failing to update the contact information of a buyer of heroin means that law enforcement will no longer have records that reflect reality, thereby defeating the point of law enforcement.
> 
> Or something to that effect.

Interesting of you to associate IPv4 with heroin. Does that make IPv6 methadone?

> But the point of law enforcement is to enforce laws, not to stand by passively and record infractions.

As far as I am aware, ARIN is not law enforcement nor are they the Internet Police. They, like the other RIRs, have been entrusted by the global community to provide a very limited set of services documented first in RFC 2050, then in RFC 7020 which obsoleted 2050.  Those services are:

1) Allocation Pool Management: irrelevant in this context since there is no allocation pool
2) Hierarchical Allocation: irrelevant in this context since nothing is being allocated
3) Registration Accuracy: relevant in this context.

You will note in that list that "enforcing needs based justification in exchanges of already allocated address space between private parties" is not actually listed. The fact that ARIN provides additional services to the ARIN community is perfectly fine (as long as that community agrees of course), but those services do not override the core functionality requirements, such as ensuring registry accuracy, provided to the Internet community as a whole.

> Just as the point of a regulatory agency is to act in the public good, not just stand by and document infractions.

As I've said repeatedly, I would have no argument with ARIN _documenting_ non-conformance to ARIN community agreed policies.  Documenting non-conformance to local policy does not damage registry accuracy (one could argue it improves it). Ignoring updates to the registry does, and not just for the ARIN community, but to the Internet community as a whole.

> That’s like the ISO 9000 alternative to governance.  Screw up as much as you like, but document in triplicate.  Not actually useful.

On the contrary. Having accurate information on the source of attacks can be quite useful, at least in an operational sense for real law enforcement, anti-abuse folks, consumer protection groups, etc. But those aren't ARIN's roles. Operating a registry is not being Johnny Lawman on the Internet. Sorry if that's too boring for you.

Regards,
-drc

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20150604/b9b0752b/attachment.sig>

More information about the ARIN-PPML mailing list