On 15 Jul 2022, at 5:04 AM, Owen DeLong <[email protected]<mailto:[email protected]>> wrote: That’s not what Ronald is describing here… Ronald is describing a situation where an organization likely submitted no documentation about the presence or absence of a sufficient tie to the region and ARIN staff likely erroneously missed this detail on their application. ...
Owen - I’m not certain that your recasting of Ronald’s original request is correct, as he most certainly suggested more than ARIN staff missing a detail on the request – On the basis of all of the foregoing, and for the sake of the law abiding Internet user community which prefers not to see ARIN bending rules in order to support online criminal enterprises, ... How many other corporate entities have been accepted for membership by ARIN staff on the basis of mere shell company incorporations within the region where the deception could have been seen (or could now be seen) as readily apparent, … (i.e., suggesting that an “online criminal enterprise" obtained Internet number resources via “deception" …) Such an instance is NOT fraud by the definition above IMHO (and apparently in Ronald’s as well). As such, I think your continued use of the term fraud here is actually incorrect and that the fraud process is likely not the best mechanism for Ronald’s report (though it may be the closest process ARIN currently has). It’s actually the correct process for suggesting that the ARIN review an issuance to see if it was made in error – you might not like the name, but the “Internet Number Resource Fraud Reporting” process is indeed how someone suggests that false or deceptive information was submitted to ARIN (such as an allegation that some party represented having a substantial connection as required per policy where none actually existed.) This discussion has, however, strayed from that central point to also cover certain deficiencies in the disclosure level of the fraud reporting process which I believe should also be addressed, but should not be conflated with Ronald’s original information and concern. Perhaps expanding the fraud reporting process into a suspected policy violation reporting process could address this, or perhaps a separate process for reporting concerns over potential ARIN errors/mistakes/etc. would be best. I don’t have a dog in that particular fight at the moment, but the current mechanism certainly isn’t ideal for addressing the particular situation in question. Given Ronald’s initial assertions, the “Internet Number Resource Fraud Reporting” process serves that exact purpose; i.e., a review of the request to determine the veracity of information against the applicable Internet number resource policy. If you’d like to suggest a different name, feel free to utilize the ARIN suggestion process to offer another name – or even augment/refine via the policy process section 12 of the NRPM that formally covers Internet Number Resource Review to more fully explain and encompass this process you feel that’s more appropriate. Of course, you are correct that this misses the real meat of the issue – the current review process is opaque except in cases where the issuance was determined to be in error (in which case the problem is corrected and a brief summary to that effect is provided.) It certainly doesn’t provide a detailed public justification of the properness of the issuance per the ARIN’s staff implementation of applicable number resource policy against the supplied information from the requester, and it is unclear if such could ever be provided. As I noted earlier, we rather frequently receive reports that allege improper issuance only to find out that that they stem from insufficient understanding of the applicable Internet number resource policy on the part of the submitter. Such is the case with the particular request Ronald noted – despite not receiving any report, for avoidance of doubt we did complete an internal review the request & supporting information and indeed it was issued correctly per the applicable number resource policy at the time of the request. I understand that answer is unlikely to satisfy some without a public dissection of the entire process, but that cannot occur without ARIN violating the confidential nature of requests for Internet number resources. Please utilize the Internet Number Resource Fraud Reporting” process (or whatever future name it might have) to initiate a review of suspect number resource issuance; ARIN will not, in general, act off allegations of this nature made on ARIN-ppml nor are such allegations conformant with the purpose of this mailing list. Thanks! /John John Curran President and CEO American Registry for Internet Numbers
_______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
