<div dir="ltr"><div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-size:small">I agree with David that it is not the intended function of ARIN to police bad actors, however it is important to be able to keep allocations documented as well as possible. It is very difficult to predetermine bad actors and I’m not sure there is any way in policy to verify that definitively or if it is even worth the effort to try. Bad actors will be bad actors and network operators continue to find ways to mitigate issues from bad actors almost on a daily basis any more. I don’t see that changing regardless of what policy the ARIN community adopts. </div><div><div dir="ltr" class="gmail_signature"></div></div><br></div><div><div class="gmail_default" style="font-size:small">A huge +1 to this statement;</div><br></div><div><p style="margin:0px;font-stretch:normal;font-size:14.3px;line-height:normal;font-family:Arial;color:rgb(26,26,26)"><span style="-webkit-font-kerning: none;"><span class="gmail_default" style="font-size:small">“...</span>but punishing those bad actors is not ARIN's role in society. ARIN needs to manage the risk they represent to ARIN's mission and support those that society has charged with dealing with them, generally law enforcement. <span class="gmail_default" style="font-size:small">"</span></span></p></div><div><br></div><div><div class="gmail_default" style="font-size:small">—</div><div class="gmail_default" style="font-size:small">Brian</div><br></div><div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Feb 28, 2019 at 11:13 AM David Farmer <<a href="mailto:farmer@umn.edu">farmer@umn.edu</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Feb 27, 2019 at 10:51 PM Ronald F. Guilmette <<a href="mailto:rfg@tristatelogic.com" target="_blank">rfg@tristatelogic.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><br>In message <Pine.LNX.4.64.1902271845490.31881@localhost.localdomain>, <br>
<a href="mailto:hostmaster@uneedus.com" target="_blank">hostmaster@uneedus.com</a> wrote:<br>
<br>>Also needed is language that M&A and Bankruptcy transfers of the <br>>IPv4 addresses can only happen when they are transferred to a new owner <br>>ALONG WITH the underlying network equipment/business using those IPv4 <br>>addresses.<br>
<br>That may not even be good enough to prevent abuse.<br></blockquote><div><br></div><div>First, the mission of ARIN and the primary goal of its policies is not to prevent or even limit abuse, the primary goal of ARIN policy is to allocate resources in support of the operation of the Internet, through policies that are fair and impartial, technically sound, and supported by the community that has to abide by them.</div><div><br></div><div>Limiting abuse while important and necessary is actually a secondary goal and the tactics needed to outright prevent abuse are probably run counter to the primary goal. Remember everything you do to limit bad actors also creates burdens on the good actors too, so this is always a balancing act. I not saying good actors should have no burdens, but this is a risk management exercise. The level of the burden we put on good actors needs to be commensurate with the risk bad actors represent to ARIN's mission. </div><div><br></div><div>ARIN could probably greatly limit abuse by requiring proof of 5-year active credit history or $10,000 surety bond for all new organizations doing business with ARIN. But that would create a significant burden for many legitimate organizations starting out. Good actors and bad actors look pretty much the same at first, it takes multiple interactions to develop a pattern that could confirm any suspicions that an entity is a bad actor.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">Nobody should ever underestimate the creativity of financially motivated<br>and ethically bankrupt actors.<br></blockquote><div><br></div><div>I'm not, but punishing those bad actors is not ARIN's role in society. ARIN needs to manage the risk they represent to ARIN's mission and support those that society has charged with dealing with them, generally law enforcement. </div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">Microsoft used to sell certain Windows licenses with the stiputaion that<br>they were only to be used in conjunction with new computers.<br>
<br>It didn't take long for the bottom feeders to start reselling said<br>Windows licenses along with one of the following "new computers":<br>
<br>
<a href="https://bit.ly/2EA1ix6" rel="noreferrer" target="_blank">https://bit.ly/2EA1ix6</a><br></blockquote></div><div><br></div>-- <br><div dir="ltr" class="gmail-m_-3881120054919187360m_-1764405584190524290gmail_signature">===============================================<br>David Farmer <a href="mailto:Email%3Afarmer@umn.edu" target="_blank">Email:farmer@umn.edu</a><br>Networking & Telecommunication Services<br>Office of Information Technology<br>University of Minnesota <br>2218 University Ave SE Phone: 612-626-0815<br>Minneapolis, MN 55414-3029 Cell: 612-812-9952<br>===============================================</div></div></div></div>
_______________________________________________<br>
ARIN-PPML<br>
You are receiving this message because you are subscribed to<br>
the ARIN Public Policy Mailing List (<a href="mailto:ARIN-PPML@arin.net" target="_blank">ARIN-PPML@arin.net</a>).<br>
Unsubscribe or manage your mailing list subscription at:<br>
<a href="https://lists.arin.net/mailman/listinfo/arin-ppml" rel="noreferrer" target="_blank">https://lists.arin.net/mailman/listinfo/arin-ppml</a><br>
Please contact <a href="mailto:info@arin.net" target="_blank">info@arin.net</a> if you experience any issues.<br>
</blockquote></div></div></div>