Hi,
On Fri, 3 May 2019, Jimmy Hess wrote:
On Fri, May 3, 2019 at 1:03 AM Hank Nussbacher <[email protected]> wrote:
"ARIN hereby allocates to you an IP address block and hereby grants you
sole permission to announce that address block to the Internet."
Simple enough?
Not that simple, really.
Effectively, the "Choice to revoke" suggested by the Proposal/etc would
have a risk of forcing/accelerating fragmentation from one internet
into multiple internets;
the moment a RIR decides that a large enough enterprise or carrier
"Has not done enough"
to stop BGP hijacking causing a "revokation" from their registry.
Sorry, but that is not part of the proposal. An upstream can't be
made responsible by someone else's actions. The upstream is not generating
the hijacks, only who is doing that can be the subject of a report...
"the internet" itself is not ANY organization's trademark, and it is
not a specific thing;
Well, this is not really about "the internet". If someone injects hijacks
over an internet exchange, that shouldn't be acceptable -- and it
generally isn't at internet exchanges.
internet is a generic word referring to any network of networks,
whether that be a private
association of 1000 networks or a million networks -- the phrase "internet"
is not a trademark for a specific network. There exists no
authority generally with
any exclusive legal right to permission nor prohibit anything
regarding "the internet" --
IANA, the IETF, the RIRS, ICANN, etc, have policies over how they
administer _their_
databases and systems generally, but no legal authority over "the internet".
That's simply a way of saying: nothing can be done by anyone, when really
that isn't true.
In the US and many countries; RIRs such as ARIN are very limited in the manner
that they could regulate their members as well, even if they wish --
for example,
if ARIN crafted an agreement designed to prevent members offering products or
services related to a "competing internet", then the RIRs would likely find
themselves at risk of being in violation of various countries'
Anti-Trust laws --
particularly with the use of threats such as "Revoking resources"
(although being used for legitimate purposes by the registrant).
Probably too much legalese and speculation.
ARIN's "permission" is not necessary and not sufficient to "announce" an
address block to "the (generic) internet" --- ARIN doesn't hold a
patent over the IP or BGP
protocol; ARIN doesn't hold an intellectual property granting an
ARIN exclusive
right to use or License the usage of ranges of IP numbers within the
Source field
of an IP packet, nor the Prefix field of a BGP announcement.
Yes, but if it happens to revoke a prefix (for any reason), most people
(globally) will acknowledge it and in general will act accordingly
(routing-wise).
Registrations made within ARIN's database are records within ARIN's systems
only. The registrations are
based on notional, speculative, or anticipated usage within other
internet(s), but
there is obviously no warranty that the other internet(s) will honor
the registration
and allow use of that IP number.
That's perfectly fine if those parties in alternative Internets don't
really need anything from ARIN. If they happen to need something from
ARIN (or the other RIRs), then they better abide by the current community
rules.
Particularly if ARIN were to "Revoke" a resource being used for
legitimate business
purposes by a large enterprise --- some internets may be inclined
to adopt a special
local policy effectively Declining ARIN's resource revokation for
that particular internet.
Sure. But what about if they leaked it to "the internet" thus disrupting
communications between two other parties...? They wouldn't be liable?
And there is no network on which ARIN themself can guarantee that an
ARIN Database
registrant or network Matches the actual user of that IP number on a
particular network.
For example: If a competing internet declines to recognize one of
ARIN's resource
revokations, then that internet or group of internets would likely
also agree to decline
to recognize a subsequent registration from that space to a different
organization.
"Competing internet" i think is something we are not trying to address...
There is no Patent, no Copyright, nor any other government-granted monopoly
that ANY Organization owns which says, for example that the numbers
0x40000000-0x4fffffff
can only be used according to an ARIN license on a computer network, if you
have devices that send something that looks like an IP packet.
Fine, so anyone can try to intercept anyone's communications? And attack
other networks trying to deflect attribution for such attacks?
It doesn't really sound pretty.
The permission to announce an address block comes from whatever the organization
or organizations owning the networks on that particular "internet"
have agreed to
amongst themselves; *that group of networks* might require
registration in the RIR
or other databases generally, or they might have other agreements,
OR a different idea on how to co-ordinate their (generic)
internet's usage of
IP numbers that varies from the RFC series.
Fine, different internet, different rules. The proposal is not about
alternative internets.
The moment a RIR such as ARIN acts erratically and attempts to "Revoke"
the assignment of a legitimate carrier; the "organizations owning
the networks"
If they work well in "alternative internets", i don't see how they will be
able to accuse ARIN of disrupting anything.........
--- will have a potential to alter their agreements between themselves to
adjust their contracts to list some "Extra registrations" - Instead of merely
relying upon the common IRRs or IRRs;
Unauthenticated IRRs are significantly part of the problem.
Everyone needs to know where a prefix is supposed to be originated.
Seeking to ignore such revokation, and have a significant enough fraction of
worldwide networks shifting to an alternate permutation of
less-than-global connectivity..
You do know that already happens in a number of more closed
countries/economies, right?
Regards,
Carlos
--
-JH
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
