[arin-ppml] Revisit RPKI TAL Relying Party Agreement?

William Herrin bill at herrin.us
Mon Jan 30 17:30:49 EST 2017

On Mon, Jan 30, 2017 at 2:49 PM, John Curran <jcurran at arin.net> wrote:
>    Is it your belief that other RIRs presently make these materials
> available without
>    legal constraints?   A quick review would show that is not the case; for
> example,
>    access RIPE’s RPKI CA repository data binds one to RIPE’s RPKI repository
> Terms
>    and Conditions
> <https://www.ripe.net/manage-ips-and-asns/resource-management/certification/legal/ripe-ncc-certification-repository-terms-and-conditions>
>    Is it the presence of legal constraints that it is the concern, or the
> fact that ARIN
>    requires explicit downloading (and thus awareness of this fact) that is
> the issue?

Hi John,

Such "shrink wrap" licenses are largely unenforceable. They exist
primarily to discourage the data's users from suing the data's
provider. ARIN takes additional steps to legally bind users to the
agreement. If ARIN's only objective is to avoid losing a lawsuit,
these extra steps are unnecessary and obstructive. You could safely
and effectively provide anonymous access the same way you provide
anonymous access the same way you provide anonymous whois access.

Unless I misunderstand and you already do provide fully anonymous
access to the RPKI respository?

Alternately, you could shorten the agreement to something which does
not generally require legal review. Three single-spaced pages is
excessive for a document which need only say, "AS IS. No warranties
including no warranty of merchantability or fitness for a particular
purpose. Void where prohibited."

Bill Herrin

William Herrin ................ herrin at dirtside.com  bill at herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>

More information about the ARIN-PPML mailing list