+1 works for me. Owen
> On Feb 5, 2018, at 13:12 , Potter, Amy <[email protected]> wrote: > > In response to the staff & legal assessment for 2017-3, we are proposing the > following new language for subsection 3.6.5: > > 3.6.5 > > An invalid POC is restricted to payment and contact update functionality > within ARIN Online. As a result, an organization without any valid POCs will > be unable to access further functionalities within ARIN Online until at least > one Admin or Tech POC validates that their information is accurate or > modifies a POC to contain accurate information. > > ARIN STAFF & LEGAL ASSESSMENT > Draft Policy ARIN-2017-03 > Update to NPRM 3.6: Annual Whois POC Validation > https://arin.net/policy/proposals/2017_3.html > <https://arin.net/policy/proposals/2017_3.html> > > > Date of Assessment: 3 January 2018 > > ___ > 1. Summary (Staff Understanding) > > Draft Policy 2017-03 establishes the specific Whois Points of Contact (POCs) > that are required to be verified annually. It further identifies which > organizations are covered by this policy according to the type of resources > that it holds i.e. direct assignments, direct allocations, AS numbers from > ARIN (or one of its predecessor registries) or a reallocation from an > upstream ISP. It specifically excludes reassignments made to downstream end > user customers. DP 2017-03 defines the procedure to be followed to ensure the > above specified POCs are verified through an email notification on an annual > basis. It instructs ARIN staff to marked POC records deemed completely and > permanently abandoned or otherwise illegitimate as invalid in Whois. It also > directs action to be taken if an ADMIN or TECH POC has been marked invalid. > > ___ > 2. Comments > > A. ARIN Staff Comments > > * 3.6.2 Specified Public Whois Points of Contact for Verification: Lists the > 4 types of POCs that must be verified annually. This is very clear. > * 3.6.3 Organizations Covered by this Policy: Clearly states qualifications > for an Organization’s POCs to require annual verification as well as those > that do not require it. This is clear. > * 3.6.4 Procedure for Verification: Describes the steps in the verification > process. This is clear. > * 3.6.5 Non-Responsive Point of Contact Records: This section is unclear > regarding the scope of the impact to an organization having non-responsive > POCs, as the phrase "any organization lacking a validated Admin or Tech POC > will be unable to access the full suite of functionality” fails to specify > the allowed/prohibited functionality for organizations lacking a valid > contact. Absent further clarification, ARIN staff will interpret this to > mean that an organization without at least one validated Admin or Tech POC > will only be able to access payment and contact update functionality within > ARIN Online, regardless of the contact used for access. For organizations > that have at least one valid Admin or Tech contact, the organization will be > able to access full functionality of ARIN Online, even if access is via one > of its other non-responsive POCs. If instead the desired policy outcome is > that only a validated Admin or Tech POC may access full ARIN Online > functionality, then the policy text should be clarified to that effect. > * The proposed policy does not impact ARIN’s ability to provide ongoing > registry services for number resources, only the ability of impacted > organizations to make changes to their number resources and related services. > * This policy could be implemented as written. > > B. ARIN General Counsel – Legal Assessment > > * There are no material legal issues regarding this proposal. > > > ___ > 3. Resource Impact > > Implementation of this policy would have minimal resource impact. It is > estimated that implementation could occur within 3 months after ratification > by the ARIN Board of Trustees. The following would be needed in order to > implement: > > * Updated guidelines and internal procedures > * Staff training > * Minimal engineering work > > ___ > 4. Proposal / Draft Policy Text Assessed > > Draft Policy ARIN-2017-3: Update to NPRM 3.6: Annual Whois POC Validation > > Version Date: 14 November 2017 > > Problem Statement: > > Many of the Point of Contacts listed in ARIN's public Whois database contain > out-of-date and inaccurate contact information. > > Policy Statement: > > Current Text: > > 3.6 Annual Whois POC Validation > 3.6.1 Method of Annual Verification > During ARIN's annual Whois POC validation, an email will be sent to every POC > in the Whois database. Each POC will have a maximum of 60 days to respond > with an affirmative that their Whois contact information is correct and > complete. Unresponsive POC email addresses shall be marked as such in the > database. If ARIN staff deems a POC to be completely and permanently > abandoned or otherwise illegitimate, the POC record shall be marked invalid. > ARIN will maintain, and make readily available to the community, a current > list of number resources with no valid POC; this data will be subject to the > current bulk Whois policy. > > Proposed Revised Text: > > 3.6 Annual Validation of ARIN's Public Whois Point of Contact Data > 3.6.1 Annual POC Verification > ARIN will perform an annual verification of specific Points of Contact > registered in the public Whois using the criteria and procedures outlined in > sections 3.6.2, 3.6.3, and 3.6.4. > 3.6.2 Specified Public Whois Points of Contact for Verification > Each of the following Points of Contact are to be verified annually, and will > be referred to as Point of Contact or POC throughout this policy, and should > be understood to be both organization and resource POCs: > - Admin > - Tech > - NOC > - Abuse > 3.6.3 Organizations Covered by this Policy > This policy applies to every Organization that has a direct assignment, > direct allocation, or AS number from ARIN (or one of its predecessor > registries) or a reallocation from an upstream ISP. This includes but is not > limited to upstream ISPs and their downstream ISP customers (as defined by > NRPM 2.5 and 2.6), but not reassignments made to their downstream end user > customers. > 3.6.4 Procedure for Verification > An annual email notification will be sent to each of the Points of Contact > outlined in section 3.6.2 on an annual basis. Each Point of Contact will have > up to sixty (60) days from the date of the notification in which to respond > with an affirmative that their Whois contact information is correct and > complete or to submit new data to correct and complete it. If after careful > analysis, ARIN staff deems a POC to be completely and permanently abandoned > or otherwise illegitimate, the POC record shall be marked invalid in Whois. > 3.6.5 Non-Responsive Point of Contact Records > Once a non-responsive POC has been marked invalid in the public Whois, any > organization lacking a validated Admin or Tech POC will be unable to access > the full suite of functionality within ARIN Online until the invalid POC(s) > have either validated that their information is accurate or modified their > POC to contain up-to-date information. > > Comments: > > Timetable for implementation: to be based upon discussions with ARIN's staff. > > _______________________________________________ > PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List ([email protected] > <mailto:[email protected]>). > Unsubscribe or manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/arin-ppml > <http://lists.arin.net/mailman/listinfo/arin-ppml> > Please contact [email protected] <mailto:[email protected]> if you experience any > issues.
_______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
