If this is the first and only incident of a resource being inadvertently reassigned to a different organization, then I’d estimate that ARIN has an error rate that is much, *much* lower than, say, the error rate of DNS registrars handling domain transfers. The key qualifier is the “if” - this could be the only time this has happened, or just the first incident that has public awareness (at least in as long as I’ve been paying attention). While it’s entirely reasonable that ARIN would not report other incidents contemporaneously due to customer privacy concerns, I don’t think it’s inappropriate to ask if there have been other incidents like this, and if so, how many and how recently.
If nothing else, I expect that this will be a topic of the next Policy Experience Report, either from the stage or from the mics. Probably both. -Chris > On Dec 15, 2025, at 15:08, Tom Beecher via NANOG <[email protected]> > wrote: > > ARIN hasn’t exhibited a pattern of this error. They haven’t exhibited a > pattern of similar errors. > > Every single one of us has, at some point made a decision to defer dealing > with something because of resourcing, timing, frequency of potential > mistake, etc. Anyone who says otherwise is full of shit. > > There’s no reason to get all verklempt over this. > > On Mon, Dec 15, 2025 at 16:06 David Conrad via NANOG <[email protected]> > wrote: > >> Hank, >> >> On Dec 14, 2025, at 9:48 PM, Hank Nussbacher via NANOG < >> [email protected]> wrote: >>> A masterclass in owning a mistake and handling it properly. >> >> “Owning”? Sure. "Handling it properly"? Time will tell. >> >> The issue here is that RIRs were created to have precisely one job, namely >> to ensure the allocation of unique resources. Everything else is secondary. >> And ARIN failed at that one job. >> >> It is, of course, true that mistakes (to put it politely) happen. People >> are fallible, bugs exist, systems crash, etc. What matters in the context >> of “core mission" is how much the organization's policies, processes, and >> priorities played in those mistakes. It appears updating systems to address >> “known weaknesses" was not prioritized, that internal processes were >> apparently not followed, and that policies were not in place to ensure ARIN >> could not fail in its core mission. Outside of the impact to the direct >> customers and a potential degradation in trust in ARIN’s service, there is >> a larger context: at a time when the RIR system as a whole is facing >> increased scrutiny due to governance concerns, changes in its operational >> role due to (and failures in) RPKI, threats from various actors, etc., this >> isn’t a good look. >> >> ARIN has made a number of promises and presumably over time, there will be >> information about how it is living up to those promises. Hopefully, that >> information will show ARIN is "handling it properly”. >> >> Regards, >> -drc >> >> >> >> _______________________________________________ >> NANOG mailing list >> >> https://lists.nanog.org/archives/list/[email protected]/message/BP4LWM6SGTFEYHZRSVMFZR4QVWFAWAHD/ > _______________________________________________ > NANOG mailing list > https://lists.nanog.org/archives/list/[email protected]/message/T6BYEYDW2F6CVYBENOEFM26DPVLV4B5F/ _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/XV5MLLVV6ZRD7MDAHF5CSTMSGLKRJDHD/
