[arin-ppml] [ARIN-consult] Community Consultation on CKN23-ARIN Now Open

Owen DeLong owen at delong.com
Wed Mar 29 13:33:44 EDT 2017

I support recommended option 3.


> On Mar 27, 2017, at 12:39 , John Curran <jcurran at arin.net> wrote:
> Folks - 
>     We have initiated a community consultation on a possible restructuring of existing 
>     information in the ARIN registry – this is to address the long-standing concern that
>     some have expressed with the association of a “No Contact Known” point-of-contact
>     (POC) in some registry records that may have potentially valid Admin and Tech 
>     contact information.  
>     If you have hold a strong view on this matter, please see the attached consultation 
>     announcement and participate in the discussion on the arin-consult mailing list. 
> Thanks!
> /John
> John Curran
> President and CEO
> ===
>> Begin forwarded message:
>> From: ARIN <info at arin.net <mailto:info at arin.net>>
>> Subject: [ARIN-consult] Community Consultation on CKN23-ARIN Now Open
>> Date: 22 March 2017 at 1:24:12 PM EDT
>> To: <arin-consult at arin.net <mailto:arin-consult at arin.net>>
>> There are thousands of instances of the ARIN Point of Contact (POC)
>> handle “No, Contact Known” or CKN23-ARIN registered in the ARIN
>> database, most of them associated with legacy resource records. ARIN
>> would like the community to review the history of this situation and the
>> proposed solution and provide us with their feedback.
>> The creation and addition of this POC handle was due to a combination of
>> factors.
>>     * In 2002, a database conversion project was done at ARIN that
>> created a new database structure and added a new record type
>> (Organization ID) as well as new POC types (Admin, Tech, Abuse and NOC).
>> When an Org ID didn’t have a clear POC that had been recently updated or
>> vetted by ARIN staff, the original resource POC remained on the resource
>> record only and no POCs were added to the Org record at all.
>>     * In a later 2011 database conversion, reverse DNS delegation
>> switched from per-net to per-zone. This created significant hijacking
>> potential by allowing resource POCs to change their reverse delegation
>> without first being verified by staff as legitimate.
>>     * Also in 2011, ARIN added a new business rule that required an Admin
>> and a Tech POC on all Org records as a way of enhancing data quality.
>>     * Policy 2010-14 was implemented in 2011 and required Abuse POCs on
>> all Org records.
>> In order to maintain ARIN’s business rules, comply with policy 2010-14,
>> and prevent hijackings, several actions were initiated by staff:
>>     * CKN23-ARIN was created to become the Admin and Tech POC on Orgs
>> that lacked them
>>     * Resource POCs of legacy networks that had never been updated or
>> validated by ARIN were moved to the Organization record as the Abuse POC
>>     * ARIN’s verification and vetting requirements were thus reinstated
>> as the Abuse POC had to be vetted before making any changes to the
>> record, and therefore could not hijack the resource by adding or
>> changing the nameservers
>> Over time, the above actions have created several issues:
>>     * It is easy for hijackers to identify and target records with CKN23
>> (no contact known) as the handle
>>     * POCs that were moved from resource tech to Org abuse are not happy
>> about no longer having control of their resource record
>> There are several different courses of action that ARIN could take to
>> resolve the current situation.
>> Option 1
>> Retain the current status and do nothing
>> Option 2
>> Restore the resource POCs back to their original state on the
>> resource record keeping in mind that this would open up the hijacking
>> risk by giving the original resource POC control of the network without
>> a verification process
>>      * Retain the Abuse POC on the Org record
>>      * Retain CKN23-ARIN as Org POC
>> Option 3 - **Recommended option**
>> Restore the resource POC back to their original state on the
>> resource record.   This will allow contacts historically associated with
>> a resource record to more readily administer that record going forward.
>>      * Retain the Abuse POC on the Org
>>      * Replace CKN23-ARIN with a handle that better explains the record’s
>> status (e.g. “Legacy Record – See Resource POC”)
>>      * Lock all resources associated with these legacy records who have
>> had their resource POC restored. This would ensure that any changes made
>> by the resource POC would first have to be reviewed by ARIN.
>> We would like to thank the ARIN Services Working Group (WG) for their
>> helpful review of the proposed change – while the ARIN Services WG did
>> not take a formal position in support of or in opposition of the
>> proposed change, their review led to improvements in presentation of the
>> options
>> We are seeking community feedback on this proposed change (Option #3) to
>> the ARIN Registry database.
>> This consultation will remain open for 60 days - Please provide comments
>> to arin-consult at arin.net <mailto:arin-consult at arin.net>.
>> Discussion on arin-consult at arin.net <mailto:arin-consult at arin.net> will close on 22 May 2017.
>> If you have any questions, please contact us at info at arin.net <mailto:info at arin.net>.
>> Regards,
>> John Curran
>> President and CEO
>> American Registry for Internet Numbers (ARIN)
>> _______________________________________________
>> ARIN-Consult
>> You are receiving this message because you are subscribed to the ARIN Consult Mailing
>> List (ARIN-consult at arin.net <mailto:ARIN-consult at arin.net>).
>> Unsubscribe or manage your mailing list subscription at:
>> http://lists.arin.net/mailman/listinfo/arin-consult <http://lists.arin.net/mailman/listinfo/arin-consult> Please contact the ARIN Member Services
>> Help Desk at info at arin.net <mailto:info at arin.net> if you experience any issues.
> _______________________________________________
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20170329/580223af/attachment.html>

More information about the ARIN-PPML mailing list