Andrew That is correct. We have different ways to verify someone is authorized to act on behalf of an organization through the Org Create process. We do this today, nothing new is required to allow for this to happen.
Sent from my iPhone On Apr 2, 2019, at 7:59 PM, Andrew Dul <andrew....@quark.net<mailto:andrew....@quark.net>> wrote: On 4/2/2019 4:17 PM, Jo Rhett wrote: On Apr 1, 2019, at 4:45 PM, Owen DeLong <o...@delong.com<mailto:o...@delong.com>> wrote: as it occurs to me that the following dilemma comes into play: I, as a contractor, often create ORG records for (and at the request of) my clients. I'm not their ISP and I'm not creating the records without their knowledge or informed consent (which is the real problem here). In fact, I only create them when I am in the process of preparing an IP and/or ASN request for them. I agree completely with everything Owen said, as I often work in the same capacity. There also exists situations where a data center (or other organizations) which doesn't own or provide IP assists its customers with preparation of documents for self-management. Perhaps even coarser, there are datacenter utilities and programs that help people prepare or fill out forms. This is under the direction or express action of the customer, but may be generated programatically. It's hard to read the current proposal and understand the responsibilities in that context. I think we should be friendly to automation opportunities for people who only interact with ARIN once or twice in their organization's lifetime. (especially in the v6 era) The staff assessment of this draft policy perhaps helps with the understanding of how ARIN staff will implement this policy. And maybe will help illuminate if additional clarity is needed. === Draft Policy 2018-05 requires that only an authorized contact, that is verified by ARIN, be allowed to create new organization records. The request must be submitted directly to ARIN by the verified authorized contact and no third-parties shall be allowed to create organization records on behalf of the new organization. === The use-case of a contractor working for an organization is a valid use case that we need to consider in the implementation of this policy. The draft policy states that "authorized contact representing an entity" can create org-id records. This might be the case of an additional step to verify that a contractor is authorized to create a record on an organizations behalf. But, I believe the text itself allows for an authorized "contact/contractor" to create an org-id for a specified organization. Andrew _______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML@arin.net<mailto:ARIN-PPML@arin.net>). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact i...@arin.net<mailto:i...@arin.net> if you experience any issues.
_______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML@arin.net). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact i...@arin.net if you experience any issues.