CB: I'd normally agree with this. I'd rather take risk as Microsoft than have ARIN take the risk.
But consider: We pay for ARIN services, but ARIN refuses to warranty that the services we pay for (rDNS, RPKI, and Whois) will be available. Why doesn't the RSA warranty those basic and critical operational services? David R Huberman Microsoft Corporation Principal, Global IP Addressing ________________________________ From: Ca By <[email protected]> Sent: Thursday, December 4, 2014 8:00:32 AM To: David Huberman Cc: Andrew Gallo; [email protected] Subject: Re: [arin-ppml] RPKI Relying Agreement On Thu, Dec 4, 2014 at 7:51 AM, David Huberman <[email protected]<mailto:[email protected]>> wrote: Numerous members of the security and network engineering community and I have discussed this over the last 12 months, and the RPA is a show stopper for some of us. Paragraphs 3 and 4 are the key. It's one way warranties (you -> ARIN), just like the RSA. It's thorny because if you put yourself in ARIN's shoes for a moment, you have to balance the risk of bankrupting the company with the responsibility of being a trust anchor. Unfortunately, like many ARIN legal postures, the unwillingness to take on any risk at all is problematic. I am always told ARIN is the community. community = networks ARIN = commuity networks = ARIN Networks want to transfer risk: Network -> ARIN ARIN wants to transfer risk from ARIN -> Networks but, ARIN = Networks = Community ....so it is moot since transfer risk from yourself to yourself is meaningless. That said, networks are more distributed than ARIN from a liability perspective, so better for networks to absorb risk. No? CB I really hope the new Board takes this issue up again in 2015 - the unwillingness to accept any risk even though ARIN is a key part of the internet community, and the one-sidedness of its legal agreements due to same. David R Huberman Microsoft Corporation Principal, Global IP Addressing ________________________________________ From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> on behalf of Andrew Gallo <[email protected]<mailto:[email protected]>> Sent: Thursday, December 4, 2014 7:31 AM To: [email protected]<mailto:[email protected]> Subject: [arin-ppml] RPKI Relying Agreement (cross posted from NANOG) Greetings: In the past few months, I've spoken with, or heard second hand, from a number of organizations that will not or cannot sign ARIN's RPKI Relying Agreement. Acceptance of this agreement is required in order to gain access to ARIN's Trust Anchor Locator (TAL). Given the size and number of these organizations that can't or wont accept the agreement makes me wonder if this is a show stopper that will prevent the adoption of this technology. I've created a quick survey to get an idea of the community's take on this agreement with the idea that if enough organizations indicate it is unacceptable, maybe we can get this agreement changed, or as with other regions, not explicitly required to use the TAL. https://docs.google.com/forms/d/10RLBBpL05n1c_H4unHitlsVqNM3rZI5aXAX8iSBc_Kk/viewform?usp=send_form Thank you _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]<mailto:[email protected]>). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected]<mailto:[email protected]> if you experience any issues. _______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]<mailto:[email protected]>). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected]<mailto:[email protected]> if you experience any issues.
_______________________________________________ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
