[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Joe Provo ppml at rsuc.gweep.net
Wed May 1 15:30:46 EDT 2019


[as always, speaking for myself though due to my AC hat I've waited 
until after the petition was decided]

On Sat, Apr 27, 2019 at 09:26:42PM -0700, Ronald F. Guilmette wrote:
[snip]
> Here in our area, we have an entity that builds and maintains most of
> the roads.  It's called CalTrans and it is a unit of the California
> State government.  We also have an entity that decides what the rules
[snip]
> This is just my way of saying that "outsourcing" the enforcement of the
> clearly necessary rules-of-the-road to private parties is, and would be
> a ludicriously unworkable solution, every bit as much as would be the
> outsourcing of the war in Afghanistan to a private corporation (even
> though *that* looney idea *has* actually been floated of late, at least
> by the private parties who would stand to gain from that financially).
> History has taken us down this road (of private entities privinding
> public functions) before, and most of us, at least, have learned the
> appropriate lesson.  It just doesn't work.
> 
> By way of analogy, ARIN paints the lines on the roads and strongly encourages
> everyone to stay in their own lane and to try to drive at all times on the
[snip]

Nope; ARIN is a registry. More appropriate analogies would be a 
registry of deed or title that manage policy regarding subdividing
the same. When there's a conflict regarding such registrations in 
the Real World (in our region), you go to law enforcement and courts. 
Shockingly, that's what's encouraged in our cases.

> Sorry to have to break the bad news to you all, but The Cowboy Era of the
> Internet is over.  It's time to make a few simple rules and all agree to
> live by them.  Because we're not all wild ass cowboys anymore.  We're
> shopkeepers and farmers and bankers and dentists. 
[snip]

To follow your previous line of argument, here you are actually
wanting to *revert* from the current state of engagement actual 
law enforcement to private outsourcing. From this perticular 
never-cowboy, I see the formation of a lynch mob, temeritas in 
extremis.
 
> If someone wants to explain to me how this very minimalist request is totally
> unreasonable, I'm all ears.

This proposal conflates the PDP work by the community on the NRPM 
with ARIN's legal work on [L]RSA. IMO, the proper approach would 
be to file through ACSP, since it specifically exists to take 
"suggestion[s] regarding an existing or potential ARIN service
or practice" (https://account.arin.net/public/acsp). Very simply, 
suggesting the ARIN BoT update the RSA with very specific language 
regarding hijacking and calling out specific actions or remedies. 
That at least express the desired norms in contract, despite the 
reality that most perps will not be under that contract.

Cheers!

Joe

-- 
Posted from my personal account - see X-Disclaimer header.
Joe Provo / Gweep / Earthling 



More information about the ARIN-PPML mailing list