[arin-ppml] Draft Policy ARIN-2018-4: Clarification on IPv6 Sub-Assignments
hostmaster at uneedus.com
hostmaster at uneedus.com
Tue May 15 09:15:34 EDT 2018
I disagree, and think that registration of subassignments should NOT be
required in these cases.
For example, I go to a trade show, and rent a booth. I, representing my
company obtain internet access from the trade show producers (another
company) via wifi. I connect to that wifi using third party software,
that allows me to use the wifi as a WAN link, and receive a /60 of IPv6
space from the host network for use on my devices attached by wire to a
LAN in my booth. I use that internet access all week or weekend during
the entire length of the show. I then pack up my equipment, never to use
that /60 again. In any case, even if this did trigger registration, the
network owner has seven days to make the registration visible, and I will
be long gone.
Why should that short term use trigger a need for registration? If I
abuse that network while connected, the reports will go properly to the
owner/manager of that wifi network, and not me. If registration happened,
the reports of abuse would come to me, and I could hide the abuse from the
wifi company who assigned them to me which is not very desirable.
Other examples include students of universities, who are actually often
given a specific assignment within IPv6 block within the university IP
space for use during their entire time as a student, or an employee on a
BYOD plan being given a specific assignment of space for their device
during their employment, or for that matter even a guest of the public
wifi at that business.
During discussion of 2017-5, it more or less was agreed that the proper
amount of space given to end users should be a minimum of a /64 because of
SLAAC, and the standard amount should in fact be a /48. Unless these
guests/employees/students are given unique routing for their /48 or more
assignment, the current adopted policy does NOT require the registration
of these addresses in SWIP, regardless of the length of use.
Just because the author is thinking of a future where each device/user is
given an entire block of IPv6 space for their use, rather than just a
single address in a /64 that is shared with others. This assignment helps
protect the users from each other by keeping them each on their own block
of addresses. I think the current adopted policy of 2017-5 permits this
use, and all this proposal is doing is to more specifically spell out this
permitted use, since it is unclear to some who read the policy.
Albert Erdmann
Network Administrator
Paradise On Line Inc.
On Tue, 15 May 2018, Roberts, Orin wrote:
> In my opinion, the organisation that holds the parent block is still the responsible party.
> In any case, ARIN considers its members to be organisations and not individuals.
> i.e. students, employees, guests wouldnât fit that criteria.
>
> By its very nature, hotspots do not track the end-users and VPNs are considered private traffic between host and public facing server.
>
> However an Organisation provides resources to another Organisation, however short the timeframe, should be considered a sub-assignment.
>
>
>
> Orin Roberts
>
>
> From: ARIN-PPML <arin-ppml-bounces at arin.net> On Behalf Of Owen DeLong
> Sent: May-14-18 5:04 PM
> To: David Farmer <farmer at umn.edu>
> Cc: ARIN-PPML List <arin-ppml at arin.net>
> Subject: Re: [arin-ppml] Draft Policy ARIN-2018-4: Clarification on IPv6 Sub-Assignments
>
> While students and employees shouldnât be considered temporary in nature, generally speaking the assignment of addresses to their devices is a different matter and is (for most situations) temporary in nature.
>
> Owen
>
>
> On May 14, 2018, at 00:17, David Farmer <farmer at umn.edu<mailto:farmer at umn.edu>> wrote:
> Students in the case of a University or other school, or staff/employees in the case of most organizations shouldn't be considered "temporary", how about "ancillary". On the other hand guest or customers of an organizations "temporary" seems an appropriate description and a timeframe of day or weeks also seems appropriate.
>
> On Fri, May 11, 2018 at 10:00 AM, Owen DeLong <owen at delong.com<mailto:owen at delong.com>> wrote:
> I disagree.
>
> For example, since a university student is one of the examples cited and is entirely appropriate, I would argue that even though the student may have the same address assigned persistently to a desktop computer in a dorm room for months or even years, I believe it is still within policy intent. As such, I believe that âtemporaryâ without clarification as to definite time period is more appropriate.
>
> Does this open up some abuse possibilities and loop-holes? Sure. It does, but so do many of our other policies. In general weâve decided that benefiting the community and creating policy with a clear intent for people of good will to follow is superior to attempting to address every corner case and close every loophole. I see no reason not to follow that modus operandi here.
>
> Owen
>
>
>
> On May 11, 2018, at 7:14 AM, David Farmer <farmer at umn.edu<mailto:farmer at umn.edu>> wrote:
>
> I'd suggest "temporary, in a timeframe of days or weeks," is what we should say. In my mind, implying something like 90 days would probably be approaching an outer limit, and many months or a year exceeds the policy intent we have. That said, I don't think there is a good reason for a bright line within the policy either.
>
> Thanks.
>
> On Fri, May 11, 2018 at 4:31 AM, JORDI PALET MARTINEZ via ARIN-PPML <arin-ppml at arin.net<mailto:arin-ppml at arin.net>> wrote:
> We donât care if temporary is taken as âhours, minutes, days, months or yearsâ?
>
> When we have the examples as âstudents, employees, etc.â, I think it is clear the intent but removing them we are missing this piece, unless the staff interprets the policy manual looking at the original âcompleteâ justification text of the policy proposal. However, that has the disadvantage that the community (a newcomer) it not recalling the background of the policy proposal, thatâs why I was using the examples in my original text.
>
> Regards,
> Jordi
>
>
> De: Owen DeLong <owen at delong.com<mailto:owen at delong.com>>
> Fecha: jueves, 10 de mayo de 2018, 17:19
> Para: JORDI PALET MARTINEZ <jordi.palet at consulintel.es<mailto:jordi.palet at consulintel.es>>
> CC: <arin-ppml at arin.net<mailto:arin-ppml at arin.net>>
> Asunto: Re: [arin-ppml] Draft Policy ARIN-2018-4: Clarification on IPv6 Sub-Assignments
>
> I think the best word would be temporary.
>
> As you have said, it denotes a connection which is transient in nature. You come, you get an address while youâre connected, then you leave.
>
> This is temporary. Even if youâre there for several days (as in a hotel guest network), itâs still temporary in nature.
>
> Owen
>
>
> On May 10, 2018, at 8:29 AM, JORDI PALET MARTINEZ via ARIN-PPML <arin-ppml at arin.net<mailto:arin-ppml at arin.net>> wrote:
>
> I donât think that will help, on the contrary ⦠you can use both static or dynamic mechanism for both temporary and non-temporary assignments.
>
> What I think it was clear is the differentiation between a âpermanent broadband serviceâ and a temporary service (you come to your workplace and get connectivity while youâre there, same if you are a âguest visitorâ).
>
> So it still looks to me that ânon-permanentlyâ is more obvious? Maybe ânon-continuouslyâ?
>
>
> Regards,
> Jordi
>
>
> De: Chris Woodfield <chris at semihuman.com<mailto:chris at semihuman.com>>
> Fecha: jueves, 10 de mayo de 2018, 15:19
> Para: JORDI PALET MARTINEZ <jordi.palet at consulintel.es<mailto:jordi.palet at consulintel.es>>
> CC: <arin-ppml at arin.net<mailto:arin-ppml at arin.net>>
> Asunto: Re: [arin-ppml] Draft Policy ARIN-2018-4: Clarification on IPv6 Sub-Assignments
>
> The two terms, from my reading, are synonymous but carry different implications, with the term ânon-permanentlyâ implying a longer period of time than âtemporarily". In practice, It will most likely be a distinction built into how addresses are assigned by the organization (i.e. static or dynamic assignment); would using that as our distinction be a useful avenue to explore?
>
> -C
>
>
> On May 10, 2018, at 8:07 AM, JORDI PALET MARTINEZ <jordi.palet at consulintel.es<mailto:jordi.palet at consulintel.es>> wrote:
>
> When I first used âtemporarilyâ in a preliminary version of the proposal, I was argued that it is not clear then if it is âminutes, hours, days, â¦â, so non-permanently, looks like clearer in that sense ⦠It may be a matter of not being native English speaker.
>
>
> Regards,
> Jordi
>
>
> De: ARIN-PPML <arin-ppml-bounces at arin.net<mailto:arin-ppml-bounces at arin.net>> en nombre de John Santos <john at egh.com<mailto:john at egh.com>>
> Fecha: jueves, 10 de mayo de 2018, 15:01
> Para: <arin-ppml at arin.net<mailto:arin-ppml at arin.net>>
> Asunto: Re: [arin-ppml] Draft Policy ARIN-2018-4: Clarification on IPv6 Sub-Assignments
>
> I find the word "temporarily" even more obvious than "non-permanently". If those two words don't mean the same thing, then we definitely need a definition.
>
> On 5/10/2018 5:08 AM, JORDI PALET MARTINEZ wrote:
> What will be your opinion if I amend this proposal, so it works for both IPv4 and IPv6, having this text in section 2.5 (Allocate and Assign), make it shorter and more generic:
>
> âA unique IPv4 or IPv6 address or a unique IPv6 /64 prefix, which is non-permanently provided to third parties, shall not be considered an assignmentâ
>
> Alternatively, if we donât want to go so far as to define the âsizeâ:
>
> âAn IPv4 or IPv6 block of address, which is non-permanently provided to third parties, shall not be considered an assignmentâ
>
> I didnât found short-term defined in the NRPM. Do you still think we need to define âpermanentlyâ ? I think saying non-permanently it is quite obvious, but maybe folks disagree â¦
>
> Regards,
> Jordi
>
>
> De: ARIN-PPML <arin-ppml-bounces at arin.net><mailto:arin-ppml-bounces at arin.net> en nombre de Jo Rhett <jrhett at netconsonance.com><mailto:jrhett at netconsonance.com>
> Fecha: miércoles, 9 de mayo de 2018, 20:37
> Para: <andrew.dul at quark.net><mailto:andrew.dul at quark.net>
> CC: <arin-ppml at arin.net><mailto:arin-ppml at arin.net>
> Asunto: Re: [arin-ppml] Draft Policy ARIN-2018-4: Clarification on IPv6 Sub-Assignments
>
> "Nominative, verb indirect" isn't English ;) Clean english structure would be:
>
> "A unique address or a unique /64 prefix that is non-permanently provided to third parties shall not be considered an assignment. "
>
> Or if you really want a descriptive phrase that modifies the nominative you can get commas like so:
>
>
>
>
> "A unique address or a unique /64 prefix, which is non-permanently provided to third parties, shall not be considered an assignment."
>
> I would also argue that this phrase is very vague unless "permanently" is defined elsewhere in the document. Wasn't there some phrasing around short-term assignment? (sorry, too busy/too lazy to grab the entire doc right now)
>
> On Fri, May 4, 2018 at 6:40 PM Andrew Dul <andrew.dul at quark.net<mailto:andrew.dul at quark.net>> wrote:
> I'd like to suggest that the proposed policy text be shorted and clarified. I don't believe all the examples are necessary in the definition section.
>
> Add to the end of NRPM Section 2.5 - https://www.arin.net/policy/nrpm.html#two5
>
> Current draft text:
>
> The fact that a unique address or even a unique /64 prefix is non-permanently provided to third parties, on a link operated by the original receiver of the assignment, shall not be considered a sub-assignment. This includes, for example, guests or employees (devices or servers), hotspots, and point-to-point links or VPNs. The provision of addressing for permanent connectivity or broadband services is still considered a sub-assignment. Only the addressing of the point-to-point link itself can be permanent and that addressing can't be used (neither directly or indirectly) for the actual communication.
>
> My suggested rewrite:
>
> A unique address or a unique /64 prefix that is non-permanently provided to third parties, shall not be considered an assignment.
>
>
>
> On 4/24/2018 11:57 AM, David Farmer wrote:
> I note that the text in question is the subject of an editorial change that the AC has recently forwarded to Board for review, at a minimum the policy text need to be updated to account for this editorial change. Further, I do not support the text as written.
>
> I support a change to section 2 that is not quite so IPv6 specific and focused more on the idea that providing hotspot, guest access, or other such temporary access does not necessitate the making of re-assignments from a policy perspective. Furthermore, such uses are not in conflict with the conditions of an assignment (made by ARIN) or re-assignment (made by an ISP or LIR). Also, If the details of RFC8273 need to be mentioned at all, they should be someplace in section 6, not in section 2, the definitions of assign, allocate, re-assign and re-allocate should remain agnostic about IP version.
>
> Thanks.
>
> On Mon, Apr 23, 2018 at 2:22 PM, ARIN <info at arin.net<mailto:info at arin.net>> wrote:
> On 18 April 2018 the ARIN Advisory Council (AC) accepted "ARIN-prop-254: Clarification on IPv6 Sub-Assignments" as a Draft Policy.
>
> Draft Policy ARIN-2018-4 is below and can be found at:
> https://www.arin.net/policy/proposals/2018_4.html
>
> You are encouraged to discuss all Draft Policies on PPML. The AC will evaluate the discussion in order to assess the conformance of this draft policy with ARIN's Principles of Internet number resource policy as stated in the Policy Development Process (PDP). Specifically, these principles are:
>
> * Enabling Fair and Impartial Number Resource Administration
> * Technically Sound
> * Supported by the Community
>
> The PDP can be found at:
> https://www.arin.net/policy/pdp.html
>
> Draft Policies and Proposals under discussion can be found at:
> https://www.arin.net/policy/proposals/index.html
>
> Regards,
>
> Sean Hopkins
> Policy Analyst
> American Registry for Internet Numbers (ARIN)
>
>
>
> Draft Policy ARIN-2018-4: Clarification on IPv6 Sub-Assignments
>
> Problem Statement:
>
> When the policy was drafted, the concept of assignments/sub-assignments did not consider a practice very common in IPv4 which is replicated and even amplified in IPv6: the use of IP addresses for point-to-point links or VPNs.
>
> In the case of IPv6, instead of unique addresses, the use of unique prefixes (/64) is increasingly common.
>
> Likewise, the policy failed to consider the use of IP addresses in hotspots, or the use of IP addresses by guests or employees in Bring Your Own Device (BYOD) and many other similar cases.
>
> Finally, the IETF has recently approved the use of a unique /64 prefix per interface/host (RFC8273) instead of a unique address. This, for example, allows users to connect to a hotspot, receive a /64 such that they are âisolatedâ from other users (for reasons of security, regulatory requirements, etc.) and they can also use multiple virtual machines on their devices with a unique address for each one (within the same /64).
>
> Section 2.5 (Definitions/Allocate and Assign), explicitly prohibits such assignments, stating that âAssignments... are not to be sub-assigned to other partiesâ.
>
> This proposal clarifies this situation in this regard and better define the concept, particularly considering new uses of IPv6 (RFC8273), by means of a new paragraph.
>
> 5. Policy Statement
>
> Actual Text
>
> ⢠Assign - To assign means to delegate address space to an ISP or end-user, for specific use within the Internet infrastructure they operate. Assignments must only be made for specific purposes documented by specific organizations and are not to be sub-assigned to other parties.
>
> New Text
>
> ⢠Assign - To assign means to delegate address space to an ISP or end-user, for specific use within the Internet infrastructure they operate. Assignments must only be made for specific purposes documented by specific organizations and are not to be sub-assigned to other parties.
>
> The fact that a unique address or even a unique /64 prefix is non-permanently provided to third parties, on a link operated by the original receiver of the assignment, shall not be considered a sub-assignment. This includes, for example, guests or employees (devices or servers), hotspots, and point-to-point links or VPNs. The provision of addressing for permanent connectivity or broadband services is still considered a sub-assignment. Only the addressing of the point-to-point link itself can be permanent and that addressing can't be used (neither directly or indirectly) for the actual communication.
>
>
>
> 6. Comments
>
> a. Timetable for implementation:
>
> Immediate
>
> b. Anything else:
>
> Situation in other regions: This situation, has already been corrected in RIPE, and the policy was updated in a similar way, even if right now there is a small discrepancy between the policy text that reached consensus and the RIPE NCC Impact Analysis. A new policy proposal has been submitted to amend that, and the text is the same as presented by this proposal at ARIN. Same text has also been submitted to AfriNIC, LACNIC and APNIC.
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
>
>
>
> --
> ===============================================
> David Farmer Email:farmer at umn.edu<mailto:Email%3Afarmer at umn.edu>
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE<https://maps.google.com/?q=2218+University+Ave+SE&entry=gmail&source=g> Phone: 612-626-0815
> Minneapolis, MN 55414-3029 Cell: 612-812-9952
> ===============================================
>
>
>
>
>
> _______________________________________________
>
> PPML
>
> You are receiving this message because you are subscribed to
>
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
>
> Unsubscribe or manage your mailing list subscription at:
>
> http://lists.arin.net/mailman/listinfo/arin-ppml
>
> Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
> _______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.consulintel.es<http://www.consulintel.es/>
> The IPv6 Company
>
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
>
>
>
>
>
>
> _______________________________________________
>
> ARIN-PPML
>
> You are receiving this message because you are subscribed to
>
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
>
> Unsubscribe or manage your mailing list subscription at:
>
> https://lists.arin.net/mailman/listinfo/arin-ppml
>
> Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
>
>
>
>
> --
>
> John Santos
>
> Evans Griffiths & Hart, Inc.
>
> 781-861-0670 ext 539
> _______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.consulintel.es<http://www.consulintel.es/>
> The IPv6 Company
>
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
>
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.consulintel.es<http://www.consulintel.es/>
> The IPv6 Company
>
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
>
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.consulintel.es<http://www.consulintel.es/>
> The IPv6 Company
>
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
>
>
>
> --
> ===============================================
> David Farmer Email:farmer at umn.edu<mailto:Email%3Afarmer at umn.edu>
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE<https://maps.google.com/?q=2218+University+Ave+SE&entry=gmail&source=g> Phone: 612-626-0815
> Minneapolis, MN 55414-3029 Cell: 612-812-9952
> ===============================================
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
>
>
>
>
> --
> ===============================================
> David Farmer Email:farmer at umn.edu<mailto:Email%3Afarmer at umn.edu>
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE Phone: 612-626-0815
> Minneapolis, MN 55414-3029 Cell: 612-812-9952
> ===============================================
>
More information about the ARIN-PPML
mailing list