On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote:
Hi Albert,
El 2/5/19 15:02, "[email protected] en nombre de [email protected]"
<[email protected] en nombre de [email protected]> escribió:
On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote:
>2. CONDITIONS OF SERVICE
>
>(1) The exclusive right to be the registrant of the Included Number
>Resources within the ARIN database;
>(2) The right to use the Included Number Resources within the ARIN
>database;
This above kinda sums up the issue. My understanding is this language
comes from the RSA.
While the document grants the right to be the registrant and use the
"Included Number Resources", other language stating that you cannot use
someone elses number resources without the permission of the registrant of
those OTHER resources is missing from the RSA. That is what needs fixing.
Of course, it is not easy to amend the RSA. Therefore it is being
advanced to add the BGP hijacking language to the NRPM, which each ARIN
RSA signer has also agreed to follow.
If the language is added to the NRPM and the hijacker is an ARIN RSA
signer, enforcement could be up to and including the revoke of all ARIN
resources. However, all the worldwide resources are NOT assigned to ARIN,
therefore nothing can really be done by ARIN in these cases where the
hijacker is NOT an ARIN member.
As a result, the Advisory Committee declared it totally out of scope, even
though it does appear in scope if the hijacking is being done by an ARIN
RSA signer.
Unless this conflict can be solved, it is out of scope, at least when it
would be applied to non ARIN RSA signers. However, I think it is in scope
when hijacking of ARIN assigned resources occur by an ARIN RSA signer.
When a policy proposal is sent to a specific RIR, I understand that if finally,
that results, thru the PDP, in a policy, will be only in scope of the members
of that RIR.
That's why, we have two ways of doing it:
1) A global policy, which requires same text reach consensus in all the 5 RIRs
(and it may be more difficult and slower to achieve), or
2) An equivalent policy in each of the 5 RIRs, which is the path we decided for
this specific policy proposal.
So, I don't see a "conflict" in that aspect, just part of the process, and as you say, a
proposal can't be declared out-of-scope because "it will only apply" to this or that
region.
When I've observed similar problems in the policy manuals of different regions, I always
tried to follow the same path, and most of the time, it works, because even having
different "cultures", we all work in the same Internet.
Regards,
Jordi
The only potential issue is that the policy adopted in each region must
apply to ALL BGP Hijacking, not just the region involved. Otherwise the
bad actors will simply choose to hijack numbers in a different region to
avoid the policy.
Also, I assume we are mostly discussing hijacking of IPv4 resources, much
of which are clearly related to their short supply. I am unaware of any
real effort currently being made to hijack IPv6 resources.
Albert Erdmann
Network Administrator
Paradise On Line Inc.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
