[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

> I personally support the petition. I think the out of scope reasoning is flawed. By enforcing minimum assignment sizes, ARIN has long acted as a gatekeeper to the routing system, controlling who can and can not participate. For better or worse, that puts the proposal in scope.

Speaking only for myself and not as a representative of the ARIN ACâ?¦

I believe this is a distortion of the realities of the situation and of the history.

ARIN actually led the charge to lengthen the maximum IPv6 prefix accepted by ISPs (from /32 all the way to /48).

ARIN prefix size limits have almost always been equal to or longer than those accepted by a majority of providers on the internet and in almost all cases where those limits changed, ARIN changed first, with providers changing as a result of the pressure that created.

As to how those were decided within the ARIN process, please note that it was community consensus that drove those changes (and resisted them in the earlier days). Nonetheless, the reason for having those limits had to do with how ARIN was managing the resources on behalf of the community. Any impact or lack thereof on the routing table was a secondary effect. The policy was in scope because it affected how ARIN managed the registry.

The current proposal doesnâ??t actually affect any action ARIN takes in managing the registry. It attempts to expand the scope of ARINâ??s mission to include some vague form of policing routing. It doesnâ??t provide any real information about how this new mission should be accomplished, nor does it take into account the fact that since ARIN controls only a small handful of routers, it has little to no ability to make any decisive or useful action in this regard. It seems to assume that those hijacking resources are ARIN members (or at least ARIN resource holders who signed an RSA subjecting them to ARIN policy).

It is utterly untested waters as to whether ARIN has any ability to take any action against a party that hasnâ??t got a contract with ARIN for violating the rights of a party that does have a contract with ARIN. To be useful, this policy would, IMHO, need to somehow empower ARIN to do that. I am not a lawyer, but I doubt such empowerment can come from anything short of regulation, thus certainly out of scope of ARIN policy.

I agree with Bill that such empowerment would not be a good thing anyway, so itâ??s not like I want to see that regulation come about, but until it does, I donâ??t see an in-scope effect from this proposal.