[arin-ppml] Upcoming Public Policy Discussions

Ronald F. Guilmette rfg at tristatelogic.com
Wed Oct 19 00:53:50 EDT 2016

In message <67c79971-03c4-8531-ff74-6da8aa42786c at linuxmagic.com>, 
Michael Peddemors <michael at linuxmagic.com> wrote:

>In ARIN-2016-5, we speak of..
>"Efficient utilization of at least 50% of cumulative IPv4
>address blocks already assigned to them"
>I believe this should be extended to also include that the current 
>registrant MUST be compliant with existing policies regarding the proper 
>use of SWIP or 'rwhois' for any IP space they currently operate, insofar 
>as that space is relegated to other parties.
>It should also require that all existing POC information is correct and 
>up to date.  And if they have a reference to a 'rwhois' server, it 
>should be operating, functional and accurate.

Not that my opinion counts for anything, but I would like to second all
of the above.

While reseaching snowshoe spammers and other even worse flavors of
net-miscreants, on an essentially daily basis I come across rwhois
servers that are either entirely dead or that are live but that say
nothing in response to any query sent to them... at least ones about
currently live spammer ranges.  The problem is so bad, and I see it
with such frequency, that these days I just shrug and assume that it's
just one more service provider that I should add to my ever growing
list of ones that can be bribed into applying the rwhois version of
whiteout to certain ranges.

Not that either rwhois data or explicit SWIP data... when those -are-
actually available... routinely bear any cognizable relationship to
actual factually-established reality mind you.  In addition to data
being just plain unavailiable, I also see utter garbage in both rwhois
records and in sub-SWIPs virtually every day.

In theory I could while away my days reporting all of this stuff...
to whom, I'm not even sure, cuz the evidence from where I'm sitting
suggests that nobody gives a damn, or if they do, they are so constrained
that they can't do anything about it... but anyway, I have to eat and
sleep, and take a shower occasionally, and even if I could devote myself
24/7/365 to the task, I'm not sure that I could even make a dent in it.
The problem really is THAT big now.

There's a separate and related problem too.  In a lot of cases, even
when contact data is "accurate", it isn't.  A UPS mailbox is not a
place of business, nor is one at one's local Internet Exchange.  But
exactly such phony baloney bovine excrement apparently passes muster,
accoring to the letter of the rules, so dodgy non-entities continue
to exploit the cracks in the minimalist formal rules, and as they do,
the job of actually being able to identify any actor, either bad or
good, on the Internet becomes a more hopeless task by the day.

(I look forward to the day when somebody sends me a picture of a
miniature desk, with matching miniature chair, phone, computer,
keyboard, monitor and office worker, all somehow magically stuffed
into a 2 inch by 2 inch slot the size of an anonymizing UPS mail
drop box.)

I doubt that I'm saying anything that law enforcement hasn't already
said, in one way or another.  But perhaps I am.  I seriously doubt
that even all of LE in North America, taken together, have tried to
find the true current users of as many different IPv4 addresses and
ranges as I have, over time.  So even they may not know just how bad
things have gotten.

I wish that it were otherwise.

If the transfer of resources might serve as a time, or as an excuse,
to get even some of this mess cleaned up, then I for one am all for it.


More information about the ARIN-PPML mailing list