On Thu, Dec 4, 2014 at 7:51 AM, David Huberman <[email protected] > wrote:
> Numerous members of the security and network engineering community and I > have discussed this over the last 12 months, and the RPA is a show stopper > for some of us. Paragraphs 3 and 4 are the key. It's one way warranties > (you -> ARIN), just like the RSA. > > It's thorny because if you put yourself in ARIN's shoes for a moment, you > have to balance the risk of bankrupting the company with the responsibility > of being a trust anchor. Unfortunately, like many ARIN legal postures, > the unwillingness to take on any risk at all is problematic. > > I am always told ARIN is the community. community = networks ARIN = commuity networks = ARIN Networks want to transfer risk: Network -> ARIN ARIN wants to transfer risk from ARIN -> Networks but, ARIN = Networks = Community ....so it is moot since transfer risk from yourself to yourself is meaningless. That said, networks are more distributed than ARIN from a liability perspective, so better for networks to absorb risk. No? CB > I really hope the new Board takes this issue up again in 2015 - the > unwillingness to accept any risk even though ARIN is a key part of the > internet community, and the one-sidedness of its legal agreements due to > same. > > David R Huberman > Microsoft Corporation > Principal, Global IP Addressing > > ________________________________________ > From: [email protected] <[email protected]> on behalf > of Andrew Gallo <[email protected]> > Sent: Thursday, December 4, 2014 7:31 AM > To: [email protected] > Subject: [arin-ppml] RPKI Relying Agreement > > (cross posted from NANOG) > > > Greetings: > > In the past few months, I've spoken with, or heard second hand, from a > number of organizations that will not or cannot sign ARIN's RPKI Relying > Agreement. Acceptance of this agreement is required in order to gain > access to ARIN's Trust Anchor Locator (TAL). > > Given the size and number of these organizations that can't or wont > accept the agreement makes me wonder if this is a show stopper that will > prevent the adoption of this technology. > > I've created a quick survey to get an idea of the community's take on > this agreement with the idea that if enough organizations indicate it is > unacceptable, maybe we can get this agreement changed, or as with other > regions, not explicitly required to use the TAL. > > > https://docs.google.com/forms/d/10RLBBpL05n1c_H4unHitlsVqNM3rZI5aXAX8iSBc_Kk/viewform?usp=send_form > > > > Thank you > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List ([email protected]). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact [email protected] if you experience any issues. > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List ([email protected]). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > Please contact [email protected] if you experience any issues. >
_______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
