<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Dec 4, 2014 at 7:51 AM, David Huberman <span dir="ltr"><<a href="mailto:David.Huberman@microsoft.com" target="_blank">David.Huberman@microsoft.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Numerous members of the security and network engineering community and I have discussed this over the last 12 months, and the RPA is a show stopper for some of us. Paragraphs 3 and 4 are the key. It's one way warranties (you -> ARIN), just like the RSA.<br>
<br>
It's thorny because if you put yourself in ARIN's shoes for a moment, you have to balance the risk of bankrupting the company with the responsibility of being a trust anchor. Unfortunately, like many ARIN legal postures, the unwillingness to take on any risk at all is problematic.<br>
<br></blockquote><div><br></div><div>I am always told ARIN is the community. </div><div><br></div><div>community = networks</div><div><br></div><div>ARIN = commuity</div><div><br></div><div>networks = ARIN</div><div><br></div><div>Networks want to transfer risk: Network -> ARIN</div><div><br></div><div>ARIN wants to transfer risk from ARIN -> Networks</div><div><br></div><div>but, ARIN = Networks = Community ....so it is moot since transfer risk from yourself to yourself is meaningless.</div><div><br></div><div>That said, networks are more distributed than ARIN from a liability perspective, so better for networks to absorb risk.</div><div><br></div><div>No?</div><div><br>CB</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I really hope the new Board takes this issue up again in 2015 - the unwillingness to accept any risk even though ARIN is a key part of the internet community, and the one-sidedness of its legal agreements due to same.<br>
<br>
David R Huberman<br>
Microsoft Corporation<br>
Principal, Global IP Addressing<br>
<br>
________________________________________<br>
From: <a href="mailto:arin-ppml-bounces@arin.net">arin-ppml-bounces@arin.net</a> <<a href="mailto:arin-ppml-bounces@arin.net">arin-ppml-bounces@arin.net</a>> on behalf of Andrew Gallo <<a href="mailto:akg1330@gmail.com">akg1330@gmail.com</a>><br>
Sent: Thursday, December 4, 2014 7:31 AM<br>
To: <a href="mailto:ARIN-PPML@arin.net">ARIN-PPML@arin.net</a><br>
Subject: [arin-ppml] RPKI Relying Agreement<br>
<div class="HOEnZb"><div class="h5"><br>
(cross posted from NANOG)<br>
<br>
<br>
Greetings:<br>
<br>
In the past few months, I've spoken with, or heard second hand, from a<br>
number of organizations that will not or cannot sign ARIN's RPKI Relying<br>
Agreement. Acceptance of this agreement is required in order to gain<br>
access to ARIN's Trust Anchor Locator (TAL).<br>
<br>
Given the size and number of these organizations that can't or wont<br>
accept the agreement makes me wonder if this is a show stopper that will<br>
prevent the adoption of this technology.<br>
<br>
I've created a quick survey to get an idea of the community's take on<br>
this agreement with the idea that if enough organizations indicate it is<br>
unacceptable, maybe we can get this agreement changed, or as with other<br>
regions, not explicitly required to use the TAL.<br>
<br>
<a href="https://docs.google.com/forms/d/10RLBBpL05n1c_H4unHitlsVqNM3rZI5aXAX8iSBc_Kk/viewform?usp=send_form" target="_blank">https://docs.google.com/forms/d/10RLBBpL05n1c_H4unHitlsVqNM3rZI5aXAX8iSBc_Kk/viewform?usp=send_form</a><br>
<br>
<br>
<br>
Thank you<br>
_______________________________________________<br>
PPML<br>
You are receiving this message because you are subscribed to<br>
the ARIN Public Policy Mailing List (<a href="mailto:ARIN-PPML@arin.net">ARIN-PPML@arin.net</a>).<br>
Unsubscribe or manage your mailing list subscription at:<br>
<a href="http://lists.arin.net/mailman/listinfo/arin-ppml" target="_blank">http://lists.arin.net/mailman/listinfo/arin-ppml</a><br>
Please contact <a href="mailto:info@arin.net">info@arin.net</a> if you experience any issues.<br>
_______________________________________________<br>
PPML<br>
You are receiving this message because you are subscribed to<br>
the ARIN Public Policy Mailing List (<a href="mailto:ARIN-PPML@arin.net">ARIN-PPML@arin.net</a>).<br>
Unsubscribe or manage your mailing list subscription at:<br>
<a href="http://lists.arin.net/mailman/listinfo/arin-ppml" target="_blank">http://lists.arin.net/mailman/listinfo/arin-ppml</a><br>
Please contact <a href="mailto:info@arin.net">info@arin.net</a> if you experience any issues.<br>
</div></div></blockquote></div><br></div></div>