[arin-ppml] Draft Policy ARIN-2019-2: Waiting List Block Size Restriction

Ronald F. Guilmette rfg at tristatelogic.com
Thu Feb 28 17:22:37 EST 2019 

In message <8BCFAD94-B3F8-4280-9120-EBB9E6C488DA at arin.net>, 
John Curran <jcurran at arin.net> wrote:

>We have seen requests made by multiple parties after the 12 month post-issuance
>hold down period that have subsequently been withdrawn once ARIN sought
>further information on why such recently issued resources are now suddenly
>no longer needed.   In some cases, we have initiated number resource review
>on such parties, which have resulted in revocation of number resources as
>a result.

Well, that's something anyway.  It's not quite as pleasing as having the
actually identities of the specific shady operators in question out on
the table, but as this is all that I, and everybody here, are likely to
get, I guess it will have to do.

John you seem to be OK with giving out summry information about all this,
as long as none of it can be easily personalized to any one specific
Bad Actor (which might then lauch a frivolous defamation suit) so please
allow me to ask if you can provide any summary data on the following
two points regarding these incidents:

    1)  What is the per-country geographical breakdown of the (alleged)
        Bad Actors in the total sum of these cases that are you presently
        aware of?  Are 100% of these things incorporated in the United
        States?

    2)  Can you provide us with a summary figure, showing, for all of these
        incidents that you are presently aware of, the average length of
        time, in days, between the incorporation of the entities involved
        and their very first ARIN IP space requests?

>As noted earlier, a highly disproportionate rate of transfers occurring
>immediately after the 12 month prohibition of space received via the waiting
>list policy is quite suggestive of potential number resource fraud, but is
>not (in and of itself) be determinative of such.  While ARIN has reviewed
>specific situations and deemed number resource fraud has occurred,  we do not
>comment publicly on such matters as they are inherently legal situations
>(e.g. you would not want ARIN making public statements about your purported
>fraud absent an opportunity to avail your legal rights, and ARIN would be
>doing a disservice to its community making such statements and creating
>unnecessary legal risk.)

We are all prisoners of the present, longstanding and unfortunate civil
legal context of these United States.  Well, anyway, those of us who are
U.S. residents are.  It is therefore not possible for me to argue effectively
against John's self-evident prudence in this instance.  That having been
said, I cannot help but wish it were otherwise, and that John was at full
liberty to name names.  But that is a journalistic endeavor, which admittedly
is not well suited to ARIN itself.

One of these days, in my abundant spare time, I shall attempt to write
some sort of AI-driven tool that can deduce and detect instances of untoward
behavior, based strictly on the observed day-to-day changes in the WHOIS
data base, with an eye towards making any results from that public.  It is
arguably a pity that someone outside ARIN needs to do this, but at present,
and based on John's reasonable litigation concerns, there would seem to be
no other way.


Regards,
rfg

More information about the ARIN-PPML mailing list