[arin-ppml] Draft Policy ARIN-2019-2: Waiting List Block Size Restriction
jcurran at arin.net
Tue Feb 26 21:41:42 EST 2019
On 26 Feb 2019, at 5:51 PM, Ronald F. Guilmette <rfg at tristatelogic.com> wrote:
> I see rampant abuse of the Internet, day in and day out, every bit of which
> involves number resources, said resources having been obtained, by hook or
> by crook, and virtually all of this online evil that I see is the proverbial
> "riddle, wrapped in a mystery, inside an enigma", apparently because the
> Good Stewards of the address space wanted it that way. Therefore, my friends,
> please do not begrudge me for asking for a little transparency from time
> to time, even if I know ahead of time that I'm totally unlikely to get it.
> Call me old-fashioned if you like, but I'd just like to know, every once
> and awhile, who exactly is screwing me and/or all of us. That alone would
> be a most refreshing change.
ARIN cannot publish more specific information about fraudulent resource requests, as the detailed justifications for number resources is based on significant technical information that is subject to non-disclosure agreements with ARIN (i.e. the very same agreements that you each enter into before supplying detailed business and network information to ARIN.)
If you wish complete transparency regarding fraudulent requests, that can be accommodated, but first requires the community to come to consensus that requests for number resource activities (issuance/transfers/updates) should be made publicly. To my knowledge, there has been no proposal or discussion of this stance within the ARIN community.
I can provide the following information which summarizes some of the nature of the fraudulent activity that we’ve been seeing:
- Multiple blocks received via the waiting list policy that transferred 13 months after receipt, particularly large blocks
- Large blocks obtained by multiple organizations via similar waiting list policy requests and then all transferred via 8.2 to a single organization for monetization
To characterize the fraudulent activities better, consider the following:
Since the waiting list policy came into operation, 682 blocks have been issued (668 blocks of /18 and above, 14 of /16 or /17 in size) Of those blocks issued, 25 have been subsequently transferred (19 of which were /18 and above, 6 of which /16 or /17 in size); i.e. only 3% of the smaller blocks issued have been transferred, whereas 42% of the largest block sizes issued (/16 and /17) were subsequently transferred. The significant difference in the proportion of requests subsequently transferred should raise concern within the community, and resource review by ARIN has indeed borne evidence of significant calculated efforts to fraudulently obtain larger blocks for subsequent monetization.
The question before the community is _not_ whether you believe that significant fraud is occurring and whether the issuance per the waiting list policy should be suspended – that actually has already occurred after review & due consideration by the ARIN Board of Trustees. The question now before the community is whether there is a some waiting list issuance policy that will fulfill the desired purpose without encouraging similar gamesmanship.
I hope this information aids in your policy development efforts,
President and CEO
American Registry for Internet Numbers
More information about the ARIN-PPML