[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Carlos Friaças cfriacas at fccn.pt
Fri May 3 17:48:11 EDT 2019 


On Fri, 3 May 2019, John Curran wrote:

(...)
> Hank -
>
> Yes, ARIN could add a statement to that effect to the registration 
> services agreement ? note that the granting of rights to the address 
> block in the registry is already present, so it?s really the addition of 
> the grant of  "sole permission to announce that address block to the 
> Internet? that would be added.

Hi,

But the data in the registry exists so that anyone can know who is the 
owner of a prefix, right?

The holdership allows the holder to announce to a single external party or 
to all the networks in the world (i.e. commonly, "the internet").
This needs to be explicit?
It isn't implicit that the registry data exists because the holder may 
want to actually use (at some point) the numbering resource?




> The problem with such a statement is that it is either: 1) meaningless, 
> or 2) creates obligations on recipients that are not clearly stated.

I fail to see "obligations on recipients". The only obligation needed is 
NOT announcing other parties' numbering resources.



> The reason why is that ISPs have the ability to configure their routers 
> as they see fit, including deciding what routes they announce and what 
> routes they accept.

As long as they announce their own routes, or routes they have 
authorization to announce...



> If the community wants to infringe on this freedom, then we need to be 
> very clear on that point.

As a numbering resource holder (i.e. the org i work for) i certainly don't 
want to grant "the freedom" to originate OUR numbering resources to 
anyone! :-))))

The device may enable that, but the community should self-regulate to 
minimize these events.



> ARIN ?granting permission? for an ISP to announce a particular address 
> block doesn?t have any meaning (they already can announce anything they 
> wish) unless it also implies that ARIN doesn?t grant one permission to 
> announce other not-assigned address blocks _and_ that you agree that 
> your unauthorized announcement would be some form of breach of the 
> agreement.
>
> In effect:. ?Address Holder agrees to only route to the Internet its 
> own address blocks, or those address blocks for which it has obtained 
> permission of the registrant as listed in the Internet Number Registry 
> System.?

Yes.



> Does the reformulation help clarify why the addition of that 
> responsibility might be seen by some as rather significant?  If you 
> actually intend it to be a meaningful change, then it should include the 
> corresponding obligation in clear and uncertain terms.

Yes, i have no doubt it is a significant change. This gap is huge. Not 
sure if the proposal can effectively fully close it, but we will certainly 
try.



> It?s possible that such a change is reasonable if the community wishes, 
> but absent a clear and unified expression of support, ARIN could not 
> consider adding such obligations to registry customers.

That's clear. Thanks.


Best Regards,
Carlos



> Thanks!
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
>
>
>
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>

More information about the ARIN-PPML mailing list