<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><br><div><div>On Sep 30, 2008, at 1:39 AM, Eliot Lear wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"> <div bgcolor="#ffffff" text="#000000"> Kevin,<br> <br> You argued in essence that just because something is happening it should not be condoned. That is a very fair argument. However, it has to be balanced with ARIN's other priorities. In this case, as has been repeatedly stated, if the regulatory authority and capability of ARIN is such that the transfers cannot be stopped, then the result will be that they will occur anyway, and that such transfers have a deleterious impact elsewhere. Robert Bonomi's comments should not understated as a necessary function of ARIN when he wrote the following:<br> <blockquote type="cite"> <pre wrap="">The <span class="moz-txt-underscore"><span class="moz-txt-tag">_</span>only<span class="moz-txt-tag">_</span></span> "unresolved" question today, is whether or not the RIRs are going
to be 'in the loop' for those transactions, <b class="moz-txt-star"><span class="moz-txt-tag">*</span>when<span class="moz-txt-tag">*</span></b> they occur.
</pre> </blockquote> Here are three cases where accuracy matters:<br> <ul> <li>Various law enforcement agencies and other parties seeking to either protect the public or to protect private rights need to be able to determine who is the responsible party for a given address, when it can be shown that it was involved in either a criminal or tortuous act. The whois database plays a key role in providing those people information. It is by no means perfect, and it is not the only means to provide the information, but it is never-the-less useful. By encouraging people NOT to update the records through a black market, the database accuracy can and will degrade over time.</li> <li>The ability to resolve legitimate disputes over address space is degraded when it can be shown that ARIN's records do not reflect reality. If two customers attempt to use the same address space, service providers may or may not turn to ARIN to understand who owns the block. And if they do, customers may be able to challenge ARIN to say that their record keeping is inaccurate.<br> </li> <li>Over the longer term, it should be possible to more tightly bind the routing system to the records found in the ARIN database. This is, perhaps, what John Schnizlein referred to as “cryptographic saran-wrap”, but could eliminate a form of attack that currently can be found on the Internet - the hijacking of prefixes for nefarious purposes. Once again, in order for ARIN to perform this function, its database must be sufficiently accurate that the service providers believe they can trust the system. Absent that trust it will be very difficult to secure the routing system as it is currently instantiated.</li> </ul> </div></blockquote>1.<span class="Apple-tab-span" style="white-space:pre"> </span>Prefix hijacking occurs today.</div><div>2.<span class="Apple-tab-span" style="white-space:pre"> </span>Unauthorized transfers are, essentially a pathological case of prefix hijacking.</div><div>3.<span class="Apple-tab-span" style="white-space:pre"> </span>If you can explain how the above three points are addressed for a hijacked prefix</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>which was hijacked from a defunct resource holder, then, you have the exact</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>answer needed for dealing with a black market.</div><div><br></div><div>Owen</div><div><br></div></body></html>