[arin-ppml] Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Marilson Mapa marilson.mapa at gmail.com
Mon Apr 29 11:39:23 EDT 2019

Jimmy Hess, that explains absolutely nothing. ARIN has a PDA that replaced
the previous one on 01-14-2013. And apparently shaped to exempt the entire
community from any responsibility. The management of Internet number
resources in the ARIN region excludes any liability for unlawful acts by
partners or customers. Rules of an entity created by the entity itself are
far from credible. Being ratified by ICANN does not support, does not
bless, only incorporates accomplices. Using it as an excuse not to take
responsibility in the wrongful acts of your partners and customers is bad

Make new PDA, be decent and fulfill your duties as citizens that are far
above any own code of conduct. Or adopt a third way and be "neutral" as Mr.
Albert Erdmann.


Em dom, 28 de abr de 2019 às 16:13, Jimmy Hess <mysidia at gmail.com> escreveu:

> On Sun, Apr 28, 2019 at 11:22 AM Marilson Mapa <marilson.mapa at gmail.com>
> wrote:
> >
> > Jordi, you're being naive by not considering the true reasons of the
> members of the AC.
> The members of the AC doing their job  rejecting propositions which
> cannot be valid policies
> under the PDP.
> https://www.arin.net/participate/policy/pdp/
> > 3.1. Policies, not Processes, Fees, or Services
> ...
> >ARIN’s general business processes, fees,
> > and services are not within the purview of the Policy Development Process
> -----
> ARIN-prop-266's  language
> (1) Describes "procedures that ARIN staff will use to implement the
> policies"
>       Which a number policy cannot contain,      For example,
>       a number policy cannot contain procedures such as these:
>         a> ARIN will select a pool of worldwide experts....
>         b> Accidental cases or those that can’t be clearly classified
> as intentional, will receive a warning....
>         c> [ARIN] It must therefore rely on external parties, both to
> report hijacks
>         c> and determine whether they are deliberate.
>         d>As soon as the involved parties are identified, they will be
> notified....
>         e> The experts will only consider those cases which persist....
>  f>        The entirety of "5.0 the expert's pool" and "6.0 procedure"
>         > A call will be made, every two years, to the global
> community including the requirements
>          >The procedure must incorporate, at least, the following
> steps:....
> (2)
>        Describes general business processes, such as:
>         > The ARIN will provide a public web-based form ....
> (3)   Describes services,  which are outside the purview of number
> policy, such as:
>        > The tool will have a section in case of sensible information....
> (2) References items which are not guidelines to be followed in number
> resource management.
> For example:
>      >  A hijack is understood to be the announcement of routes
> through BGP to third parties
>      Operation of BGP protocol is not within the scope of number resource
>     policies.  Number resource management policies do not determine
> internet
>     standards, and do not decide which standards a pair of co-operating
>     network operators choose to use when agreeing to interconnect
> their networks.
>     Interconnecting providers MAY agree to use registered numbers in some
>     contexts, but not others,  for example,  they may agree that a provider
>     uses certain private AS numbers  or certain IPv4 "Squat space";
> however,
>     at the same time,  they might agree the private AS number should be
>     substituted or removed in certain contexts or propagations.
>     A set of peering networks may choose not to use BGP,  or they may
> modify the
>     standard arbitrarily;   interconnection contracts/agreements and
> routing
>     policies are private,  and ARIN is neither a contracting party in these
>     agreements,  nor a party with a legitimate interest in these
> agreements.
>     The routing tables, FIB, RIB, and other contents of memory on a
> router are the
>     private proprietary property of the organization whom
> administrates that router -- the
>     use of assigned numbers in BGP routing data when communicating
> with other routers
>     and permission to promulgate announcements, etc,  and their
> agreement to follow
>     IETF standards and BCP regarding the origination and propagation of
> routes,
>     Is only due to contents of the private interconnection agreements
> between
>     co-operating network operators.
>     It is within these interconnection agreements that rules should be
> established
> by co-operating providers within the contracts  to require conditions
> that prevent
> BGP Hijacking  and state that  willfully facilitating or failing to
> prevent Hijacking
> should be a breach of co-operating providers' Peering Terms of Service.
> https://www.arin.net/participate/policy/pdp/
> > 3.1. Policies, not Processes, Fees, or Services
> >
> > Internet number resource policies developed through the PDP describe the
> > policies and guidelines to be followed in number resource management,
> > not the procedures that ARIN staff will use to implement the policies.
> > ARIN staff develops appropriate procedures to implement policies after
> > they are adopted.
> >
> > Internet number resource policies are also distinctly separate from ARIN
> > general business practices. ARIN’s general business processes, fees,
> > and services are not within the purview of the Policy Development Process
> >
> > Marilson
> --
> -JH
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20190429/77413a9d/attachment-0002.html>

More information about the ARIN-PPML mailing list