Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[AFRINIC-rpd] RE: IPv4 Address Allocation and Assignment proposal

Andrew Alston aa at alstonnetworks.net
Tue Sep 10 19:38:58 UTC 2013 

McTim,

I object to giving AfriNIC any information can could be considered
commercially sensitive as such.  Graphs of allocated IP's is an
interesting question and I'd have to think that through, but there is a
reason why when asked for invoices for proof of infrastructure I strongly
believe that anyone supplying such should have the full right to redact
any financial figures for example.

Furthermore, graphs of DHCP leases for example would be meaningless, since
DHCP servers typically hold onto leases for hours after they have been
released, graphs of concurrent subscribers connected, well, again, it
depends on just how many NDA's AfriNIC is prepared to sign, I hold by the
fact that the MSA does not in any way shape or form have strong enough
non-disclosure clauses to cover information like this.

I realise that IANA may not have a process to cover a complaint like this,
that does not mean a complaint cannot be submitted in some or other form
or that such a process cannot be defined.  To be quite blunt, I doubt IANA
has ever *NEEDED* a process like that because I strongly suspect that no
RIR has ever attempted to demand access to members equipment, and worse
still, demand access to members client equipment....

As a matter of interest to people on this list, I would like to conduct an
impromptu survey which may form the grounds of further policy/actions.

How many of you have had requests from AfriNIC for access to
routers/servers/equipment.
How many of you granted such access
In the event of such a request coming from AfriNIC, would such a request
be permissible within the bounds of your organisations security policies
Even if it did some how pass the policies, how many of you would feel
comfortable/willing to grant that access.

Thanks

Andrew


On 2013/09/10 11:29 PM, "McTim" <dogwallah at gmail.com> wrote:

>On Tue, Sep 10, 2013 at 3:19 PM, Andrew Alston <aa at alstonnetworks.net>
>wrote:
>> Well,
>>
>> Anyone who has been asking for that should be told to get lostŠ
>>
>> What it looked like when you posted was a proposal for policy
>> modificationŠ  One that I believe should never, ever, ever, ever pass.
>>
>> If AfriNIC is demanding such access,
>
>What is very useful for an RIR to have is password controlled
>access to a LIRs MRTG or other monitoring system so that graphs of IPs
>in use can be seen by the RIR staff in order to evaluate additional
>allocation requests.
>
>Many European LIRs make this data available to RIPE staff as a
>convenient tool for the LIR (instead of spending LIR staf time
>aggregating this info).
>
>Do you object to this type of "access" Andrew?
>
>I agree that logins to routers, etc is not necessary.
>
>
> I formally table on this list that we
>> demand answers and propose that we immediately make policy that
>>prohibits
>> this behaviour, or alternatively I would suggest lodging a formal
>> complaint with IANA for overreach on behalf of the RIR.
>
>I'm not sure the IANA has a procedure for such a complaint.
>
>-- 
>Cheers,
>
>McTim
>"A name indicates what we seek. An address indicates where it is. A
>route indicates how we get there."  Jon Postel

More information about the RPD mailing list