subject:"\[arin\-ppml\] Draft Policy 2017\-03\: Update to NPRM 3.6\: Annual Whois POC Validation"

Re: [arin-ppml] Draft Policy 2017-03: Update to NPRM 3.6: Annual Whois POC Validation

2018-02-13 Thread Brian Jones

I support this draft policy with the new language.

—
Brian

On Mon, Feb 5, 2018 at 4:12 PM Potter, Amy  wrote:

> In response to the staff & legal assessment for 2017-3, we are proposing
> the following new language for subsection  3.6.5:
>
>
>
> 3.6.5
>
> An invalid POC is restricted to payment and contact update functionality
> within ARIN Online. As a result, an organization without any valid POCs
> will be unable to access further functionalities within ARIN Online until
> at least one Admin or Tech POC validates that their information is accurate
> or modifies a POC to contain accurate information.
>
>
>
> *ARIN STAFF & LEGAL ASSESSMENT*
>
> *Draft Policy ARIN-2017-03*
>
> *Update to NPRM 3.6: Annual Whois POC Validation*
>
> https://arin.net/policy/proposals/2017_3.html
>
>
>
>
>
> *Date of Assessment:  3 January 2018*
>
>
>
> ___
>
> *1.  Summary (Staff Understanding)*
>
>
>
> Draft Policy 2017-03 establishes the specific Whois Points of Contact
> (POCs) that are required to be verified annually. It further identifies
> which organizations are covered by this policy according to the type of
> resources that it holds i.e. direct assignments, direct allocations, AS
> numbers from ARIN (or one of its predecessor registries) or a reallocation
> from an upstream ISP. It specifically excludes reassignments made to
> downstream end user customers. DP 2017-03 defines the procedure to be
> followed to ensure the above specified POCs are verified through an email
> notification on an annual basis. It instructs ARIN staff to marked POC
> records deemed completely and permanently abandoned or otherwise
> illegitimate as invalid in Whois. It also directs action to be taken if an
> ADMIN or TECH POC has been marked invalid.
>
>
>
> ___
>
> *2.  Comments*
>
>
>
> A.  ARIN Staff Comments
>
>
>
> * 3.6.2 Specified Public Whois Points of Contact for Verification:  Lists
> the 4 types of POCs that must be verified annually. This is very clear.
>
> * 3.6.3 Organizations Covered by this Policy: Clearly states
> qualifications for an Organization’s POCs to require annual verification as
> well as those that do not require it. This is clear.
>
> * 3.6.4 Procedure for Verification: Describes the steps in the
> verification process. This is clear.
>
> * 3.6.5 Non-Responsive Point of Contact Records: This section is unclear
> regarding the scope of the impact to an organization having non-responsive
> POCs, as the phrase "any organization lacking a validated Admin or Tech POC
> will be unable to access the full suite of functionality” fails to specify
> the allowed/prohibited functionality for organizations lacking a valid
> contact.  Absent further clarification, ARIN staff will interpret this to
> mean that an organization without at least one validated Admin or Tech POC
> will only be able to access payment and contact update functionality within
> ARIN Online, regardless of the contact used for access.  For organizations
> that have at least one valid Admin or Tech contact, the organization will
> be able to access full functionality of ARIN Online, even if access is via
> one of its other non-responsive POCs.  If instead the desired policy
> outcome is that only a validated Admin or Tech POC may access full ARIN
> Online functionality, then the policy text should be clarified to that
> effect.
>
> * The proposed policy does not impact ARIN’s ability to provide ongoing
> registry services for number resources, only the ability of impacted
> organizations to make changes to their number resources and related
> services.
>
> * This policy could be implemented as written.
>
>
>
> *B.  ARIN General Counsel – Legal Assessment*
>
>
>
> * There are no material legal issues regarding this proposal.
>
>
>
>
>
> ___
>
> *3.  Resource Impact*
>
>
>
> Implementation of this policy would have minimal resource impact. It is
> estimated that implementation could occur within 3 months after
> ratification by the ARIN Board of Trustees. The following would be needed
> in order to implement:
>
>
>
> * Updated guidelines and internal procedures
>
> * Staff training
>
> * Minimal engineering work
>
>
>
> ___
>
> 4*. Proposal / Draft Policy Text Assessed*
>
>
>
> Draft Policy ARIN-2017-3: Update to NPRM 3.6: Annual Whois POC Validation
>
>
>
> *Version Date:* 14 November 2017
>
>
>
> *Problem Statement:*
>
>
>
> Many of the Point of Contacts listed in ARIN's public Whois database
> contain out-of-date and inaccurate contact information.
>
>
>
> *Policy Statement:*
>
>
>
> *Current Text*:
>
>
>
> 3.6 Annual Whois POC Validation
>
> 3.6.1 Method of Annual Verification
>
> During ARIN's annual Whois POC validation, an email will be sent to every
> POC in the Whois database. Each POC will have a maximum of 60 days to
> respond with an affirmative that their Whois contact information is correct
> and complete. Unresponsive POC email addresses shall be marked as such in
> the database. If ARIN staff deems a POC to be

Re: [arin-ppml] Draft Policy 2017-03: Update to NPRM 3.6: Annual Whois POC Validation

2018-02-06 Thread Owen DeLong

+1 works for me.

Owen

> On Feb 5, 2018, at 13:12 , Potter, Amy  wrote:
> 
> In response to the staff & legal assessment for 2017-3, we are proposing the 
> following new language for subsection  3.6.5:
>  
> 3.6.5 
> 
> An invalid POC is restricted to payment and contact update functionality 
> within ARIN Online. As a result, an organization without any valid POCs will 
> be unable to access further functionalities within ARIN Online until at least 
> one Admin or Tech POC validates that their information is accurate or 
> modifies a POC to contain accurate information. 
>  
> ARIN STAFF & LEGAL ASSESSMENT
> Draft Policy ARIN-2017-03
> Update to NPRM 3.6: Annual Whois POC Validation
> https://arin.net/policy/proposals/2017_3.html 
> 
>  
>  
> Date of Assessment:  3 January 2018
>  
> ___
> 1.  Summary (Staff Understanding)
>  
> Draft Policy 2017-03 establishes the specific Whois Points of Contact (POCs) 
> that are required to be verified annually. It further identifies which 
> organizations are covered by this policy according to the type of resources 
> that it holds i.e. direct assignments, direct allocations, AS numbers from 
> ARIN (or one of its predecessor registries) or a reallocation from an 
> upstream ISP. It specifically excludes reassignments made to downstream end 
> user customers. DP 2017-03 defines the procedure to be followed to ensure the 
> above specified POCs are verified through an email notification on an annual 
> basis. It instructs ARIN staff to marked POC records deemed completely and 
> permanently abandoned or otherwise illegitimate as invalid in Whois. It also 
> directs action to be taken if an ADMIN or TECH POC has been marked invalid.
>  
> ___
> 2.  Comments
>  
> A.  ARIN Staff Comments
>  
> * 3.6.2 Specified Public Whois Points of Contact for Verification:  Lists the 
> 4 types of POCs that must be verified annually. This is very clear.
> * 3.6.3 Organizations Covered by this Policy: Clearly states qualifications 
> for an Organization’s POCs to require annual verification as well as those 
> that do not require it. This is clear.
> * 3.6.4 Procedure for Verification: Describes the steps in the verification 
> process. This is clear.
> * 3.6.5 Non-Responsive Point of Contact Records: This section is unclear 
> regarding the scope of the impact to an organization having non-responsive 
> POCs, as the phrase "any organization lacking a validated Admin or Tech POC 
> will be unable to access the full suite of functionality” fails to specify 
> the allowed/prohibited functionality for organizations lacking a valid 
> contact.  Absent further clarification, ARIN staff will interpret this to 
> mean that an organization without at least one validated Admin or Tech POC 
> will only be able to access payment and contact update functionality within 
> ARIN Online, regardless of the contact used for access.  For organizations 
> that have at least one valid Admin or Tech contact, the organization will be 
> able to access full functionality of ARIN Online, even if access is via one 
> of its other non-responsive POCs.  If instead the desired policy outcome is 
> that only a validated Admin or Tech POC may access full ARIN Online 
> functionality, then the policy text should be clarified to that effect.  
> * The proposed policy does not impact ARIN’s ability to provide ongoing 
> registry services for number resources, only the ability of impacted 
> organizations to make changes to their number resources and related services.
> * This policy could be implemented as written.
>  
> B.  ARIN General Counsel – Legal Assessment
>  
> * There are no material legal issues regarding this proposal.
>  
>  
> ___
> 3.  Resource Impact
>  
> Implementation of this policy would have minimal resource impact. It is 
> estimated that implementation could occur within 3 months after ratification 
> by the ARIN Board of Trustees. The following would be needed in order to 
> implement:
>  
> * Updated guidelines and internal procedures
> * Staff training
> * Minimal engineering work 
>  
> ___
> 4. Proposal / Draft Policy Text Assessed
>  
> Draft Policy ARIN-2017-3: Update to NPRM 3.6: Annual Whois POC Validation
>  
> Version Date: 14 November 2017
>  
> Problem Statement:
>  
> Many of the Point of Contacts listed in ARIN's public Whois database contain 
> out-of-date and inaccurate contact information.
>  
> Policy Statement:
>  
> Current Text: 
>  
> 3.6 Annual Whois POC Validation
> 3.6.1 Method of Annual Verification
> During ARIN's annual Whois POC validation, an email will be sent to every POC 
> in the Whois database. Each POC will have a maximum of 60 days to respond 
> with an affirmative that their Whois contact information is correct and 
> complete. Unresponsive POC email addresses shall be marked as such in the 
> database. If ARIN staff deems a POC to be completely and permanently 
> abandoned or

[arin-ppml] Draft Policy 2017-03: Update to NPRM 3.6: Annual Whois POC Validation

2018-02-05 Thread Potter, Amy

In response to the staff & legal assessment for 2017-3, we are proposing the 
following new language for subsection  3.6.5:

3.6.5

An invalid POC is restricted to payment and contact update functionality within 
ARIN Online. As a result, an organization without any valid POCs will be unable 
to access further functionalities within ARIN Online until at least one Admin 
or Tech POC validates that their information is accurate or modifies a POC to 
contain accurate information.

ARIN STAFF & LEGAL ASSESSMENT
Draft Policy ARIN-2017-03
Update to NPRM 3.6: Annual Whois POC Validation
https://arin.net/policy/proposals/2017_3.html


Date of Assessment:  3 January 2018

___
1.  Summary (Staff Understanding)

Draft Policy 2017-03 establishes the specific Whois Points of Contact (POCs) 
that are required to be verified annually. It further identifies which 
organizations are covered by this policy according to the type of resources 
that it holds i.e. direct assignments, direct allocations, AS numbers from ARIN 
(or one of its predecessor registries) or a reallocation from an upstream ISP. 
It specifically excludes reassignments made to downstream end user customers. 
DP 2017-03 defines the procedure to be followed to ensure the above specified 
POCs are verified through an email notification on an annual basis. It 
instructs ARIN staff to marked POC records deemed completely and permanently 
abandoned or otherwise illegitimate as invalid in Whois. It also directs action 
to be taken if an ADMIN or TECH POC has been marked invalid.

___
2.  Comments

A.  ARIN Staff Comments

* 3.6.2 Specified Public Whois Points of Contact for Verification:  Lists the 4 
types of POCs that must be verified annually. This is very clear.
* 3.6.3 Organizations Covered by this Policy: Clearly states qualifications for 
an Organization's POCs to require annual verification as well as those that do 
not require it. This is clear.
* 3.6.4 Procedure for Verification: Describes the steps in the verification 
process. This is clear.
* 3.6.5 Non-Responsive Point of Contact Records: This section is unclear 
regarding the scope of the impact to an organization having non-responsive 
POCs, as the phrase "any organization lacking a validated Admin or Tech POC 
will be unable to access the full suite of functionality" fails to specify the 
allowed/prohibited functionality for organizations lacking a valid contact.  
Absent further clarification, ARIN staff will interpret this to mean that an 
organization without at least one validated Admin or Tech POC will only be able 
to access payment and contact update functionality within ARIN Online, 
regardless of the contact used for access.  For organizations that have at 
least one valid Admin or Tech contact, the organization will be able to access 
full functionality of ARIN Online, even if access is via one of its other 
non-responsive POCs.  If instead the desired policy outcome is that only a 
validated Admin or Tech POC may access full ARIN Online functionality, then the 
policy text should be clarified to that effect.
* The proposed policy does not impact ARIN's ability to provide ongoing 
registry services for number resources, only the ability of impacted 
organizations to make changes to their number resources and related services.
* This policy could be implemented as written.

B.  ARIN General Counsel - Legal Assessment

* There are no material legal issues regarding this proposal.


___
3.  Resource Impact

Implementation of this policy would have minimal resource impact. It is 
estimated that implementation could occur within 3 months after ratification by 
the ARIN Board of Trustees. The following would be needed in order to implement:

* Updated guidelines and internal procedures
* Staff training
* Minimal engineering work

___
4. Proposal / Draft Policy Text Assessed

Draft Policy ARIN-2017-3: Update to NPRM 3.6: Annual Whois POC Validation

Version Date: 14 November 2017

Problem Statement:

Many of the Point of Contacts listed in ARIN's public Whois database contain 
out-of-date and inaccurate contact information.

Policy Statement:

Current Text:

3.6 Annual Whois POC Validation
3.6.1 Method of Annual Verification
During ARIN's annual Whois POC validation, an email will be sent to every POC 
in the Whois database. Each POC will have a maximum of 60 days to respond with 
an affirmative that their Whois contact information is correct and complete. 
Unresponsive POC email addresses shall be marked as such in the database. If 
ARIN staff deems a POC to be completely and permanently abandoned or otherwise 
illegitimate, the POC record shall be marked invalid. ARIN will maintain, and 
make readily available to the community, a current list of number resources 
with no valid POC; this data will be subject to the current bulk Whois policy.

Proposed Revised Text:

3.6 Annual Validation of ARIN's Public Whois Point of Contact Data
3.6.1 Annual POC Verification
ARIN will perform an annual

Re: [arin-ppml] Draft Policy 2017-03: Update to NPRM 3.6: Annual Whois POC Validation

Re: [arin-ppml] Draft Policy 2017-03: Update to NPRM 3.6: Annual Whois POC Validation

[arin-ppml] Draft Policy 2017-03: Update to NPRM 3.6: Annual Whois POC Validation

3 matches

Site Navigation

Mail list logo

Footer information