Hi Chris,
I understand and will wait for a proposal for any further discussion.
Things got confused with the two threads.
Regards,
Mike
---- On Wed, 22 Sep 2021 18:12:29 -0400 Chris Woodfield <[email protected]>
wrote ----
Mike -
The sample language I proposed was not intended to be interpreted as a proposed
change to the ARIN RSA, but as a potential policy proposal. I do see how the
current text could make that easy to misinterpret, and I’m happy to update the
text to clarify as such.
Thanks,
-C
On Sep 22, 2021, at 2:08 PM, Mike Burns <mailto:[email protected]> wrote:
The devil is in the details, and ARIN staff relies on clear guidance from the
community, which I feel your proposal lacks.
What’s more I am not sure we can debate RSA changes on the PPML anyway.
Is that allowed? I thought the RSA was the domain of the Board.
The entropy of the Internet tends to byzantine connections.
Regards,
Mike
From: Chris Woodfield <mailto:[email protected]>
Sent: Wednesday, September 22, 2021 4:56 PM
To: Mike Burns <mailto:[email protected]>
Cc: PPML <mailto:[email protected]>
Subject: Re: [arin-ppml] Draft Policy ARIN-2021-6: Remove Circuit Requirement
I disagree. There are a number of other parts of the NRPM that explicitly gives
ARIN staff the discretion to consider whether or not a specific request or
allocation is in line with policy, and this discretion is put in place
specifically to avoid the sort of whack-a-mole (yes, I’m happy to keep using
that phrase) technical workaround arms race that would need to be engaged in
otherwise.
To your question as to whether a pencil-thin VPN would meet the test, that’s
exactly the question that this language gives ARIN staff the leeway to decide
or not.
To put a bit more simply - intentions matter, and intentionally violating the
spirit of a policy should not be allowed by ARIN.
-C
On Sep 22, 2021, at 1:43 PM, Mike Burns <mailto:[email protected]> wrote:
Hi Chris,
If you are serious about your proposal, then yes, it’s important to consider
every potential issue, and not serious to refer to them as whack-a-mole. That
is what the policy development process is all about.
"No signatory to any ARIN RSA is permitted to issue addresses to customers who,
in ARIN’s belief and discretion, are not contracting for a bona fide _network_
connectivity service _provided by the signatory_ that makes use of the
allocated addresses"
So I can make assignments of my address space to other networks, who can then
advertise and use them with their own connectivity. That sounds a lot like
leasing in practice, if not funding. Kind of hard to know who the customer
actually is. Suppose I assign some of that pool to one of my customers via the
cloud. So I am not connected to my customer at all, did I violate the RSA?
Of course you know a pencil-thin VPN would meet the test, but there are many
more moles to whack.
Regards,
Mike
From: Chris Woodfield <mailto:[email protected]>
Sent: Wednesday, September 22, 2021 4:25 PM
To: Mike Burns <mailto:[email protected]>; PPML <mailto:[email protected]>
Subject: Re: [arin-ppml] Draft Policy ARIN-2021-6: Remove Circuit Requirement
On Sep 22, 2021, at 1:12 PM, Mike Burns <mailto:[email protected]> wrote:
(Back to this thread because I promised.)
Thanks for calling out an obvious bug, I should have noticed it myself. Updated
clause, changes bracketed by underlines:
"No signatory to any ARIN RSA is permitted to issue addresses to customers who,
in ARIN’s belief and discretion, are not contracting for a bona fide _network_
connectivity service _provided by the signatory_ that makes use of the
allocated addresses"
-C
Say I am the registrant and I assign the block to my cloud provider to
advertise under their ASN and connectivity.
No, because the cloud provider is not your customer.
Did I violate the RSA?
What if the cloud provider offers payment if I share my pool with other users
of that cloud network?
That would be an RSA violation, as at that point, the cloud provider *does*
become your customer, that is purchasing the use of your address space, but not
a connectivity service to them.
We can play the whack-a-mole game as long as you like, but the main point of
the chosen language is that it gives ARIN staff the discretion to see through
attempts at working around any sort of technical definition of an address
lease, and call out the practice for what it is, no matter how the organization
attempts to claim otherwise via an increasingly-byzantine technical structure.
-C
Regards,
Mike
From: ARIN-PPML <mailto:[email protected]> On Behalf Of Mike Burns
Sent: Wednesday, September 22, 2021 11:50 AM
To: 'Chris Woodfield' <mailto:[email protected]>; 'PPML'
<mailto:[email protected]>
Subject: Re: [arin-ppml] Draft Policy ARIN-2021-6: Remove Circuit Requirement
Hi Chris,
I am still unclear. So the “risk” you refer to is the inability to purchase new
blocks using leases as justification?
I’m not entirely sure how that constitutes a risk, unless you mean they will
run out of addresses they need for themselves. Is that their risk?
It seems like you are objecting to a proposal to allow using leased addresses
as justification by simply stating that you don’t like leasing.
Why can’t you stand behind this distribution method, can you be clear on your
objection to leasing?
Because certainly this proposal facilitates leasing.
I guess we are coming to the crux of things now, I’ve asked a few people who
have opposed this policy why, and for some it comes down to disapproving of
leasing. Now I’ve asked why.
A good reason, to me, is that leasing often serves the needs of miscreants. But
leasing is allowed, so miscreants are currently being served. My experience
tells me that miscreants have the advantage over most incumbent lessors, who
are generally not in the business of leasing addresses.
ARIN policy prevents newcomers into the leasing business, and I think
professional lessors will provide some balance against miscreants if they were
allowed to enter that market.
Regards,
Mike
From: Chris Woodfield <mailto:[email protected]>
Sent: Wednesday, September 22, 2021 11:33 AM
To: PPML <mailto:[email protected]>
Cc: Owen DeLong <mailto:[email protected]>; Mike Burns <mailto:[email protected]>
Subject: Re: [arin-ppml] Draft Policy ARIN-2021-6: Remove Circuit Requirement
I’m speaking to the risk that an organization that engages in leasing address
blocks without providing related connectivity services. Given that these blocks
cannot currently be used as justification for additional space, an organization
that does so would not qualify for additional space should they require it,
unless they are falsifying the nature of the allocations in their justification
documentation (which, of course, is a policy violation that could lead to that
organizations’s allocations being reclaimed if discovered).
This policy proposal, per the problem statement, is explicitly aimed at
removing that risk, and as such, putting ARIN’s stamp of approval on this type
of lease practice, and in fact, allows organizations to require additional
space which it could then lease out, without the need to provide the network
services associated with the blocks being leased. Which is a type of IP block
monetization that I simply cannot stand behind.
As such, I remain opposed to this proposal.
-C
On Sep 22, 2021, at 7:00 AM, Mike Burns <mailto:[email protected]> wrote:
Hi Chris,
Can you be more specific on which inherent risk this policy would remove?
Somebody +1’d this, but I don’t understand what you mean.
I don’t even know which party’s risk is being commented on.
Regards,
Mike
From: ARIN-PPML <mailto:[email protected]> On Behalf Of Chris Woodfield
Sent: Tuesday, September 21, 2021 9:21 PM
To: Owen DeLong <mailto:[email protected]>
Cc: PPML <mailto:[email protected]>
Subject: Re: [arin-ppml] Draft Policy ARIN-2021-6: Remove Circuit Requirement
On Sep 21, 2021, at 10:22 AM, Owen DeLong <mailto:[email protected]> wrote:
This policy doesn’t affect that… Leasing of address space you already have is
permitted under current policy and cannot be grounds for revocation of address
space.
The change in this policy proposal is not to permit or deny leasing, but to
permit leased addresses to be considered utilized for purposes of determining
eligibility for additional address acquisition.
You are correct that the proposal may not permit or prohibit leasing, but it
does (intentionally, per the problem statement) remove one of the inherent
risks of the practice, and as such, in my view, is effectively an endorsement.
As such, my opposition stands.
-C
Owen
On Sep 21, 2021, at 08:22 , Chris Woodfield <mailto:[email protected]> wrote:
Writing in opposition. I do not support the practice of leasing IP address
resources. Organizations who have received larger amounts of IP address space
than what they are efficiently utilizing are free to relieve themselves of
their excess space via the transfer market.
Thanks,
-Chris
On Sep 21, 2021, at 8:06 AM, ARIN <mailto:[email protected]> wrote:
On 16 September 2021, the ARIN Advisory Council (AC) accepted "ARIN-prop-302:
Remove Circuit Requirement " as a Draft Policy.
Draft Policy ARIN-2021-6 is below and can be found at:
https://www.arin.net/participate/policy/drafts/2021_6/
You are encouraged to discuss all Draft Policies on PPML. The AC will evaluate
the discussion in order to assess the conformance of this draft policy with
ARIN's Principles of Internet number resource policy as stated in the Policy
Development Process (PDP). Specifically, these principles are:
* Enabling Fair and Impartial Number Resource Administration
* Technically Sound
* Supported by the Community
The PDP can be found at:
https://www.arin.net/participate/policy/pdp/
Draft Policies and Proposals under discussion can be found at:
https://www.arin.net/participate/policy/drafts/
Regards,
Sean Hopkins
Senior Policy Analyst
American Registry for Internet Numbers (ARIN)
Draft Policy ARIN-2021-6: Remove Circuit Requirement
Problem Statement:
Current ARIN policy prevents the use of leased-out addresses as evidence of
utilization.
Policy statement:
Replace
“2.4. Local Internet Registry (LIR) A Local Internet Registry (LIR) is an IR
that primarily assigns address space to the users of the network services that
it provides. LIRs are generally Internet Service Providers (ISPs), whose
customers are primarily end users and possibly other ISPs.”
with
“2.4. Local Internet Registry (LIR) A Local Internet Registry (LIR) is an IR
that primarily assigns address space to users of the network. LIRs are
generally Internet Service Providers (ISPs), whose customers are primarily end
users and possibly other ISPs.”
Timetable for implementation: Immediate
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (mailto:[email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact mailto:[email protected] if you experience any issues.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (mailto:[email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact mailto:[email protected] if you experience any issues.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
