[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Jimmy Hess mysidia at gmail.com
Fri May 3 12:26:45 EDT 2019 

On Fri, May 3, 2019 at 1:03 AM Hank Nussbacher <hank at efes.iucc.ac.il> wrote:
> "ARIN hereby allocates to you an IP address block and hereby grants you
> sole permission to announce that address block to the Internet."
> Simple enough?
Not that simple, really.

Effectively,   the "Choice to revoke"   suggested by the Proposal/etc would
have a risk of forcing/accelerating fragmentation   from one internet
into multiple  internets;
the moment a RIR decides that a large enough enterprise or carrier
"Has not done enough"
to stop BGP hijacking causing a "revokation" from their registry.

"the internet" itself is not ANY organization's trademark,  and it is
not a specific thing;
internet is a generic word referring to  any network of networks,
whether that be a private
association of 1000 networks or a million networks   --  the phrase "internet"
is not a  trademark for a specific network.   There exists no
authority generally with
any exclusive legal right to permission nor prohibit anything
regarding "the internet" --
IANA, the IETF, the RIRS,  ICANN, etc,  have policies over how they
administer _their_
databases and systems generally,  but no legal authority over "the internet".

In the US and many countries;  RIRs such as ARIN are very limited in the manner
that they could regulate their members as well, even if they wish --
for example,
if ARIN crafted an agreement designed to prevent members offering products or
services related to  a "competing internet",   then the RIRs would likely find
themselves at risk of being in violation of various countries'
Anti-Trust laws --
particularly with the use of threats such as  "Revoking resources"
(although being used for legitimate purposes by the registrant).

ARIN's "permission" is not necessary and not sufficient to "announce" an
address block to "the (generic) internet"  --- ARIN doesn't hold a
patent over the IP or BGP
protocol;  ARIN doesn't hold an intellectual property  granting an
ARIN exclusive
right to use or License the usage of ranges of IP numbers within the
Source field
of an IP packet,  nor  the Prefix field of a BGP announcement.

Registrations made within ARIN's database are records within ARIN's systems
only.    The registrations are
based on notional,  speculative, or anticipated usage  within other
internet(s),  but
there is obviously no warranty that the other internet(s) will honor
the registration
and allow use of that IP number.

Particularly if ARIN were to "Revoke" a resource being used for
legitimate business
purposes by a large enterprise --- some  internets   may be inclined
to adopt a special
local policy  effectively  Declining  ARIN's  resource revokation for
that particular internet.

And there is no network on which ARIN themself can guarantee that an
ARIN Database
registrant or network  Matches the actual user of that IP number on a
particular network.

For example:  If a competing internet  declines to recognize one of
ARIN's resource
revokations, then that internet or group of internets would likely
also agree to decline
to recognize a subsequent registration from that space to a different
organization.

There is no Patent, no Copyright,  nor any other government-granted monopoly
that ANY Organization owns which says, for example that the numbers
0x40000000-0x4fffffff
can only be used according to an ARIN license on a computer network, if you
have devices that send something that looks like an IP packet.

The permission to announce an address block comes from whatever the organization
or organizations owning the networks on that particular "internet"
have agreed to
amongst themselves;  *that group of networks* might require
registration in the RIR
or other databases generally,   or they might have other agreements,
OR a  different idea on how to co-ordinate  their  (generic)
internet's  usage of
IP numbers   that  varies from  the RFC series.

The moment a RIR such as ARIN acts erratically and attempts to "Revoke"
the assignment of a legitimate carrier;  the  "organizations owning
the networks"
--- will have a potential to alter their agreements between themselves to
adjust their contracts to list some "Extra registrations"  -  Instead of merely
relying upon the common IRRs or IRRs;

Seeking to ignore such revokation, and have a significant enough fraction of
worldwide networks shifting  to an alternate permutation of
less-than-global connectivity..

--
-JH

More information about the ARIN-PPML mailing list