[arin-ppml] Reclamation of Number Resources

John Curran jcurran at arin.net
Fri Jul 15 07:54:49 EDT 2022 

On 15 Jul 2022, at 5:04 AM, Owen DeLong <owen at delong.com<mailto:owen at delong.com>> wrote:
That’s not what Ronald is describing here… Ronald is describing a situation where an organization likely submitted no documentation about the presence or absence of a sufficient tie to the region and ARIN staff likely erroneously missed this detail on their application.
...

Owen -

I’m not certain that your recasting of Ronald’s original request is correct, as he most certainly suggested more than ARIN staff missing a detail on the request –

On the basis of all of the foregoing, and for the sake of the law abiding
Internet user community which prefers not to see ARIN bending rules in order
to support online criminal enterprises,  ...
How many other corporate entities have been accepted for
membership by ARIN staff on the basis of mere shell company incorporations
within the region where the deception could have been seen (or could now be
seen) as readily apparent, …

(i.e., suggesting that an “online criminal enterprise" obtained Internet number resources via “deception" …)


Such an instance is NOT fraud by the definition above IMHO (and apparently in Ronald’s as well). As such, I think your continued use of the term fraud here is actually incorrect and that the fraud process is likely not the best mechanism for Ronald’s report (though it may be the closest process ARIN currently has).

It’s actually the correct process for suggesting that the ARIN review an issuance to see if it was made in error – you might not like the name, but the “Internet Number Resource Fraud Reporting” process is indeed how someone suggests that false or deceptive information was submitted to ARIN (such as an allegation that some party represented having a substantial connection as required per policy where none actually existed.)


This discussion has, however, strayed from that central point to also cover certain deficiencies in the disclosure level of the fraud reporting process which I believe should also be addressed, but should not be conflated with Ronald’s original information and concern. Perhaps expanding the fraud reporting process into a suspected policy violation reporting process could address this, or perhaps a separate process for reporting concerns over potential ARIN errors/mistakes/etc. would be best. I don’t have a dog in that particular fight at the moment, but the current mechanism certainly isn’t ideal for addressing the particular situation in question.

Given Ronald’s initial assertions, the “Internet Number Resource Fraud Reporting” process serves that exact purpose; i.e., a review of the request to determine the veracity of information against the applicable Internet number resource policy.   If you’d like to suggest a different name, feel free to utilize the ARIN suggestion process to offer another name – or even augment/refine via the policy process section 12 of the NRPM that formally covers Internet Number Resource Review to more fully explain and encompass this process you feel that’s more appropriate.

Of course, you are correct that this misses the real meat of the issue – the current review process is opaque except in cases where the issuance was determined to be in error (in which case the problem is corrected and a brief summary to that effect is provided.)   It certainly doesn’t provide a detailed public justification of the properness of the issuance per the ARIN’s staff implementation of applicable number resource policy against the supplied information from the requester, and it is unclear if such could ever be provided.

As I noted earlier, we rather frequently receive reports that allege improper issuance only to find out that that they stem from insufficient understanding of the applicable Internet number resource policy on the part of the submitter.   Such is the case with the particular request Ronald noted – despite not receiving any report, for avoidance of doubt we did complete an internal review the request & supporting information and indeed it was issued correctly per the applicable number resource policy at the time of the request.   I understand that answer is unlikely to satisfy some without a public dissection of the entire process, but that cannot occur without ARIN violating the confidential nature of requests for Internet number resources.

Please utilize the Internet Number Resource Fraud Reporting” process (or whatever future name it might have) to initiate a review of suspect number resource issuance; ARIN will not, in general, act off allegations of this nature made on ARIN-ppml nor are such allegations conformant with the purpose of this mailing list.

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers








-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20220715/96556fa6/attachment.htm>

More information about the ARIN-PPML mailing list