On 4/2/2019 4:17 PM, Jo Rhett wrote:
On Apr 1, 2019, at 4:45 PM, Owen DeLong <[email protected]
<mailto:[email protected]>> wrote:
as it occurs to me that the following dilemma comes into play:
I, as a contractor, often create ORG records for (and at the request
of) my clients. I’m not their ISP and I’m not creating the records
without their knowledge or informed consent (which is the real
problem here). In fact, I only create them when I am in the process
of preparing an IP and/or ASN request for them.
I agree completely with everything Owen said, as I often work in the
same capacity.
There also exists situations where a data center (or other
organizations) which doesn't own or provide IP assists its customers
with preparation of documents for self-management. Perhaps even
coarser, there are datacenter utilities and programs that help people
prepare or fill out forms. This is under the direction or express
action of the customer, but may be generated programatically.
It's hard to read the current proposal and understand the
responsibilities in that context. I think we should be friendly to
automation opportunities for people who only interact with ARIN once
or twice in their organization's lifetime. (especially in the v6 era)
The staff assessment of this draft policy perhaps helps with the
understanding of how ARIN staff will implement this policy. And maybe
will help illuminate if additional clarity is needed.
===
Draft Policy 2018-05 requires that only an authorized contact, that is
verified by ARIN, be allowed to create new organization records. The
request must be submitted directly to ARIN by the verified authorized
contact and no third-parties shall be allowed to create organization
records on behalf of the new organization.
===
The use-case of a contractor working for an organization is a valid use
case that we need to consider in the implementation of this policy. The
draft policy states that "authorized contact representing an entity" can
create org-id records. This might be the case of an additional step to
verify that a contractor is authorized to create a record on an
organizations behalf. But, I believe the text itself allows for an
authorized "contact/contractor" to create an org-id for a specified
organization.
Andrew
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
