Can anyone (policy expert) help me out with some ambiguities regarding the selection procedures of the Expert's Pool? These clarifications are important for me to be able to make a decision on supporting/rejecting the [arin-ppml] Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation.
I understand ARIN will manage the expert's pool, which entity will make the final decision on the selection of an expert? Will it be ARIN or ARIN members? What specific talents, body of knowledge, experiences will someone need to be selected as an unbiased/credible expert? Mike Arbrouet, CISSP ________________________________ From: ARIN-PPML <[email protected]> on behalf of Marilson Mapa <[email protected]> Sent: Monday, April 29, 2019 10:39:23 AM To: Jimmy Hess Cc: ARIN-PPML List Subject: Re: [arin-ppml] Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation Jimmy Hess, that explains absolutely nothing. ARIN has a PDA that replaced the previous one on 01-14-2013. And apparently shaped to exempt the entire community from any responsibility. The management of Internet number resources in the ARIN region excludes any liability for unlawful acts by partners or customers. Rules of an entity created by the entity itself are far from credible. Being ratified by ICANN does not support, does not bless, only incorporates accomplices. Using it as an excuse not to take responsibility in the wrongful acts of your partners and customers is bad faith. Make new PDA, be decent and fulfill your duties as citizens that are far above any own code of conduct. Or adopt a third way and be "neutral" as Mr. Albert Erdmann. Marilson Em dom, 28 de abr de 2019 às 16:13, Jimmy Hess <[email protected]<mailto:[email protected]>> escreveu: On Sun, Apr 28, 2019 at 11:22 AM Marilson Mapa <[email protected]<mailto:[email protected]>> wrote: > > Jordi, you're being naive by not considering the true reasons of the members > of the AC. The members of the AC doing their job rejecting propositions which cannot be valid policies under the PDP. https://www.arin.net/participate/policy/pdp/ > 3.1. Policies, not Processes, Fees, or Services ... >ARIN’s general business processes, fees, > and services are not within the purview of the Policy Development Process ----- ARIN-prop-266's language (1) Describes "procedures that ARIN staff will use to implement the policies" Which a number policy cannot contain, For example, a number policy cannot contain procedures such as these: a> ARIN will select a pool of worldwide experts.... b> Accidental cases or those that can’t be clearly classified as intentional, will receive a warning.... c> [ARIN] It must therefore rely on external parties, both to report hijacks c> and determine whether they are deliberate. d>As soon as the involved parties are identified, they will be notified.... e> The experts will only consider those cases which persist.... f> The entirety of "5.0 the expert's pool" and "6.0 procedure" > A call will be made, every two years, to the global community including the requirements >The procedure must incorporate, at least, the following steps:.... (2) Describes general business processes, such as: > The ARIN will provide a public web-based form .... (3) Describes services, which are outside the purview of number policy, such as: > The tool will have a section in case of sensible information.... (2) References items which are not guidelines to be followed in number resource management. For example: > A hijack is understood to be the announcement of routes through BGP to third parties Operation of BGP protocol is not within the scope of number resource policies. Number resource management policies do not determine internet standards, and do not decide which standards a pair of co-operating network operators choose to use when agreeing to interconnect their networks. Interconnecting providers MAY agree to use registered numbers in some contexts, but not others, for example, they may agree that a provider uses certain private AS numbers or certain IPv4 "Squat space"; however, at the same time, they might agree the private AS number should be substituted or removed in certain contexts or propagations. A set of peering networks may choose not to use BGP, or they may modify the standard arbitrarily; interconnection contracts/agreements and routing policies are private, and ARIN is neither a contracting party in these agreements, nor a party with a legitimate interest in these agreements. The routing tables, FIB, RIB, and other contents of memory on a router are the private proprietary property of the organization whom administrates that router -- the use of assigned numbers in BGP routing data when communicating with other routers and permission to promulgate announcements, etc, and their agreement to follow IETF standards and BCP regarding the origination and propagation of routes, Is only due to contents of the private interconnection agreements between co-operating network operators. It is within these interconnection agreements that rules should be established by co-operating providers within the contracts to require conditions that prevent BGP Hijacking and state that willfully facilitating or failing to prevent Hijacking should be a breach of co-operating providers' Peering Terms of Service. https://www.arin.net/participate/policy/pdp/ > 3.1. Policies, not Processes, Fees, or Services > > Internet number resource policies developed through the PDP describe the > policies and guidelines to be followed in number resource management, > not the procedures that ARIN staff will use to implement the policies. > ARIN staff develops appropriate procedures to implement policies after > they are adopted. > > Internet number resource policies are also distinctly separate from ARIN > general business practices. ARIN’s general business processes, fees, > and services are not within the purview of the Policy Development Process > > Marilson -- -JH
_______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
