[arin-ppml] Fwd: [ARIN-consult] Community Consultation on CKN23-ARIN Now Open

Alfredo Calderon calderon.alfredo at gmail.com
Thu Mar 30 08:28:10 EDT 2017

I support option # 3. It allows for a better management and evaluation
procedure to filter records.

[image: photo]
*Alfredo Calderon*
eLearning Consultant
calderon.alfredo at gmail.com | http://aprendizajedistancia.blogspot.com | Skype:
Alfredo_1212 <#> | wiseintro.co/alfredocalderon
<http://pr.linkedin.com/in/acalderon52>  <http://twitter.com/acalderon52>
<http://www.pinterest.com/acalderon/>  <http://www.slideshare.net/acalderon>
  <http://klout.com/#/acalderon52>  <http://wiseintro.co/alfredocalderon>
Get a signature like this: Click here!

On Mon, Mar 27, 2017 at 3:39 PM, John Curran <jcurran at arin.net> wrote:

> Folks -
>     We have initiated a community consultation on a possible restructuring
> of existing
>     information in the ARIN registry – this is to address the
> long-standing concern that
>     some have expressed with the association of a “No Contact Known”
> point-of-contact
>     (POC) in some registry records that may have potentially valid Admin
> and Tech
>     contact information.
>     If you have hold a strong view on this matter, please see the attached
> consultation
>     announcement and participate in the discussion on the arin-consult
> mailing list.
> Thanks!
> /John
> John Curran
> President and CEO
> ===
> Begin forwarded message:
> *From: *ARIN <info at arin.net>
> *Subject: **[ARIN-consult] Community Consultation on CKN23-ARIN Now Open*
> *Date: *22 March 2017 at 1:24:12 PM EDT
> *To: *<arin-consult at arin.net>
> There are thousands of instances of the ARIN Point of Contact (POC)
> handle “No, Contact Known” or CKN23-ARIN registered in the ARIN
> database, most of them associated with legacy resource records. ARIN
> would like the community to review the history of this situation and the
> proposed solution and provide us with their feedback.
> The creation and addition of this POC handle was due to a combination of
> factors.
>     * In 2002, a database conversion project was done at ARIN that
> created a new database structure and added a new record type
> (Organization ID) as well as new POC types (Admin, Tech, Abuse and NOC).
> When an Org ID didn’t have a clear POC that had been recently updated or
> vetted by ARIN staff, the original resource POC remained on the resource
> record only and no POCs were added to the Org record at all.
>     * In a later 2011 database conversion, reverse DNS delegation
> switched from per-net to per-zone. This created significant hijacking
> potential by allowing resource POCs to change their reverse delegation
> without first being verified by staff as legitimate.
>     * Also in 2011, ARIN added a new business rule that required an Admin
> and a Tech POC on all Org records as a way of enhancing data quality.
>     * Policy 2010-14 was implemented in 2011 and required Abuse POCs on
> all Org records.
> In order to maintain ARIN’s business rules, comply with policy 2010-14,
> and prevent hijackings, several actions were initiated by staff:
>     * CKN23-ARIN was created to become the Admin and Tech POC on Orgs
> that lacked them
>     * Resource POCs of legacy networks that had never been updated or
> validated by ARIN were moved to the Organization record as the Abuse POC
>     * ARIN’s verification and vetting requirements were thus reinstated
> as the Abuse POC had to be vetted before making any changes to the
> record, and therefore could not hijack the resource by adding or
> changing the nameservers
> Over time, the above actions have created several issues:
>     * It is easy for hijackers to identify and target records with CKN23
> (no contact known) as the handle
>     * POCs that were moved from resource tech to Org abuse are not happy
> about no longer having control of their resource record
> There are several different courses of action that ARIN could take to
> resolve the current situation.
> Option 1
> Retain the current status and do nothing
> Option 2
> Restore the resource POCs back to their original state on the
> resource record keeping in mind that this would open up the hijacking
> risk by giving the original resource POC control of the network without
> a verification process
>      * Retain the Abuse POC on the Org record
>      * Retain CKN23-ARIN as Org POC
> Option 3 - **Recommended option**
> Restore the resource POC back to their original state on the
> resource record.   This will allow contacts historically associated with
> a resource record to more readily administer that record going forward.
>      * Retain the Abuse POC on the Org
>      * Replace CKN23-ARIN with a handle that better explains the record’s
> status (e.g. “Legacy Record – See Resource POC”)
>      * Lock all resources associated with these legacy records who have
> had their resource POC restored. This would ensure that any changes made
> by the resource POC would first have to be reviewed by ARIN.
> We would like to thank the ARIN Services Working Group (WG) for their
> helpful review of the proposed change – while the ARIN Services WG did
> not take a formal position in support of or in opposition of the
> proposed change, their review led to improvements in presentation of the
> options
> We are seeking community feedback on this proposed change (Option #3) to
> the ARIN Registry database.
> This consultation will remain open for 60 days - Please provide comments
> to arin-consult at arin.net.
> Discussion on arin-consult at arin.net will close on 22 May 2017.
> If you have any questions, please contact us at info at arin.net.
> Regards,
> John Curran
> President and CEO
> American Registry for Internet Numbers (ARIN)
> _______________________________________________
> ARIN-Consult
> You are receiving this message because you are subscribed to the ARIN
> Consult Mailing
> List (ARIN-consult at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-consult Please contact the
> ARIN Member Services
> Help Desk at info at arin.net if you experience any issues.
> _______________________________________________
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20170330/d01ca805/attachment.html>

More information about the ARIN-PPML mailing list