Search RPD Archives
[rpd] [Community-Discuss] Update to Resources review policy proposal
fransossen at yahoo.com
fransossen at yahoo.com
Tue Nov 22 14:52:44 UTC 2016
Hi,
It would be nice to have the various points addressed and answered on the list before next weeks policy session in Mauritius.
No policy should put the AFRINIC in danger ever.The AFRINIC community makes policies, AFRINIC applies the policies to the resource holders, members follow the policies and finance the AFRINIC through their memebrship fees.
The balance needs to be kept between all three.
I still fail to understand some of the points in this policy:
Reviewing unannounced resources?For Assignments > YES, assignments are issued for specific reasons and must remain valid at all time.For allocations > NO, allocation are pools from which to make assignments, they get used and freed depending on the needs of the LIR.If an LIR has unused allocations, they cannot request new ones, this is then a none issue.
What good would it be to review such resources, reclaim and redistribution, while exposing the AFRINIC to potential financial liabilities?
If or when transfers are allowed, unannounced resources become irrelevant anyways, as most transfers will be made from unused/freed up ranges.Or will it be a race between IPv4 brokers and AFRINIC on who can get their hands onto the resources first? << That would be interesting.
Why is it targeting certain "class" of resource holders?And in doing so, it makes the proposal far from neutral and impartial.Smaller resource holders can also break policies and can also be unaware of policies.It sets a precedent for tailor making policies to specific targets, while policies must remaining neutral and impartial.
Is the policy a Trojan horse for IP transfer?
IP transfers are specifically mentioned while there are no polciy for them. Will IPv4 transfers be allowed if this policy gets through?
Policy violation immunity?Any resource holder that has undergone an audit is not allowed to be audited again for 24 months!?
This policy would greatly benefit policy violators in general and be counter productive to the whole idea. They only need to "pass" the audit and can be exempted from any further responsibilities other than paying their bills to the AFRINIC for 24 months, this is pretty nice gift to any "bad" organisation.How is the AFRINIC supposed to be able to handle policy violation if this policy goes through?
Cheers,
David Hilario
On Tuesday, November 22, 2016 1:18 PM, Andrew Alston <Andrew.Alston at liquidtelecom.com> wrote:
#yiv8857975949 -- filtered {font-family:Helvetica;panose-1:2 11 6 4 2 2 2 2 2 4;}#yiv8857975949 filtered {panose-1:2 4 5 3 5 4 6 3 2 4;}#yiv8857975949 filtered {font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2 4;}#yiv8857975949 filtered {font-family:Consolas;panose-1:2 11 6 9 2 2 4 3 2 4;}#yiv8857975949 p.yiv8857975949MsoNormal, #yiv8857975949 li.yiv8857975949MsoNormal, #yiv8857975949 div.yiv8857975949MsoNormal {margin:0cm;margin-bottom:.0001pt;font-size:12.0pt;color:black;}#yiv8857975949 a:link, #yiv8857975949 span.yiv8857975949MsoHyperlink {color:blue;text-decoration:underline;}#yiv8857975949 a:visited, #yiv8857975949 span.yiv8857975949MsoHyperlinkFollowed {color:purple;text-decoration:underline;}#yiv8857975949 p {margin-right:0cm;margin-left:0cm;font-size:12.0pt;color:black;}#yiv8857975949 pre {margin:0cm;margin-bottom:.0001pt;font-size:10.0pt;color:black;}#yiv8857975949 p.yiv8857975949MsoListParagraph, #yiv8857975949 li.yiv8857975949MsoListParagraph, #yiv8857975949 div.yiv8857975949MsoListParagraph {margin-top:0cm;margin-right:0cm;margin-bottom:0cm;margin-left:36.0pt;margin-bottom:.0001pt;font-size:12.0pt;color:black;}#yiv8857975949 span.yiv8857975949HTMLPreformattedChar {font-family:Consolas;color:black;}#yiv8857975949 p.yiv8857975949msonormal0, #yiv8857975949 li.yiv8857975949msonormal0, #yiv8857975949 div.yiv8857975949msonormal0 {margin-right:0cm;margin-left:0cm;font-size:12.0pt;color:black;}#yiv8857975949 span.yiv8857975949EmailStyle22 {color:windowtext;}#yiv8857975949 span.yiv8857975949EmailStyle23 {color:#1F497D;}#yiv8857975949 span.yiv8857975949EmailStyle24 {color:windowtext;}#yiv8857975949 span.yiv8857975949EmailStyle25 {color:#1F497D;}#yiv8857975949 span.yiv8857975949EmailStyle26 {color:windowtext;}#yiv8857975949 .yiv8857975949MsoChpDefault {font-size:10.0pt;}#yiv8857975949 filtered {margin:72.0pt 72.0pt 72.0pt 72.0pt;}#yiv8857975949 div.yiv8857975949WordSection1 {}#yiv8857975949 filtered {}#yiv8857975949 filtered {}#yiv8857975949 filtered {}#yiv8857975949 filtered {}#yiv8857975949 filtered {}#yiv8857975949 filtered {}#yiv8857975949 filtered {}#yiv8857975949 filtered {}#yiv8857975949 filtered {}#yiv8857975949 filtered {}#yiv8857975949 ol {margin-bottom:0cm;}#yiv8857975949 ul {margin-bottom:0cm;}#yiv8857975949 Hi Saul, I 100% agree that this is a personal and emotional response, and I would love to respond from an objective and substantiated basis. However, since the authors have point blank refused to provide me anything that allows me to form a substantiated opinion, I can only go on my gut and based on what I derive both from the lack of empirical evidence/data and the refusal to provide such. As such, I choose to err on the side of caution and reject something for which no basis has been provided. Andrew From: Saul Stein [mailto:saul at enetworks.co.za]
Sent: 22 November 2016 14:10
To: Andrew Alston <Andrew.Alston at liquidtelecom.com>; Badru Ntege <badru.ntege at nftconsult.com>; Dewole Ajao <dewole at forum.org.ng>; sergekbk <sergekbk at gmail.com>; Arnaud AMELINA <amelnaud at gmail.com>; rpd >> AfriNIC Resource Policy <rpd at afrinic.net>
Subject: RE: [rpd] [Community-Discuss] Update to Resources review policy proposal Hi Andrew, That is a personal/emotional response. Personally I work on fact, not fiction or assumptions. We need to vote and come to a consensus based on fact and not fiction, so perhaps the authors could respond with what the real issue is that they are trying to resolve. (this proposal insinuates that the host masters aren’t evaluating application properly so really what is going on here?) Thanks Saul From: Andrew Alston [mailto:Andrew.Alston at liquidtelecom.com]
Sent: 22 November 2016 11:46 AM
To: Saul Stein <saul at enetworks.co.za>; Badru Ntege <badru.ntege at nftconsult.com>; Dewole Ajao <dewole at forum.org.ng>; sergekbk <sergekbk at gmail.com>; Arnaud AMELINA <amelnaud at gmail.com>; rpd >> AfriNIC Resource Policy <rpd at afrinic.net>
Subject: RE: [rpd] [Community-Discuss] Update to Resources review policy proposal Saul, As I have stated – due to all evidence presented to me – and while I cannot go beyond the evidence presented to me and this is merely an opinion, because I am not a mind reader, my opinion is that there are motivations behind this policy which are not being clearly stated. I personally believe that this policy is designed to give a platform to after specific individuals who there is a mistaken belief are misusing resources because people don’t like the fact that they got them in the first place in full compliance with the policies. I personally believe that there is a reason why the authors of this policy have refused to put the safe guards in place that have been requested, including the mandatory disclosure of the complainant to the person who is being complained about, and the reasons strike me as deeply nefarious. As I said – that is a personal opinion, I leave everyone else to review everything I have said in previous emails and come to their own conclusions as to the real motivations behind this. My objections to this policy stand based on its ease at which it can be used by operators to harass other operators with absolutely no recourse to the one being harassed. My objections to this policy also stand based on the fact that there is absolutely zero evidence provided that the abuse that the authors claim this policy is attempting to deal with exist at all, and based on that the policy is attempting to deal with a situation that is entirely hypothetical while having serious ramifications. My objections to this policy stand, based on the fact that as of yet, no one is prepared to state how these audits are meant to occur, or on what basis a complainant can trigger an audit and what evidence they have to provide to substantiate their complaint, other than lack of visibility in the routing table. And if we use visibility in the routing table – the total amount of space is so negligible in the context of allocations the policy has absolutely zero purpose other than to hurt AfriNIC revenues. Andrew From: Saul Stein [mailto:saul at enetworks.co.za]
Sent: 22 November 2016 12:07
To: Badru Ntege <badru.ntege at nftconsult.com>; Andrew Alston <Andrew.Alston at liquidtelecom.com>; Dewole Ajao <dewole at forum.org.ng>; sergekbk <sergekbk at gmail.com>; Arnaud AMELINA <amelnaud at gmail.com>; rpd >> AfriNIC Resource Policy <rpd at afrinic.net>
Subject: RE: [rpd] [Community-Discuss] Update to Resources review policy proposal Have I perhaps missed the point here, but what is the purpose of this policy? 1) Is the purpose that there is no current way to reclaim resources fraudulently applied for? 2) Preserve v4 space (but this policy would have to be for v6 too – I’d hate to have to audit all that space) 3) To remove space that people are no longer using? 4) Preserve v4 space? It is one thing saying that there is a need to audit, but for what purpose? And by purpose I am including the ultimate goal and objectives, since there is no point in saying lets audit and then there is no ramifications expect to AFRINIC earning less revenue from the resources it charges for. From: Badru Ntege [mailto:badru.ntege at nftconsult.com]
Sent: 17 November 2016 07:09 AM
To: Andrew Alston <Andrew.Alston at liquidtelecom.com>; Dewole Ajao <dewole at forum.org.ng>; sergekbk <sergekbk at gmail.com>; Arnaud AMELINA <amelnaud at gmail.com>; rpd >> AfriNIC Resource Policy <rpd at afrinic.net>
Subject: Re: [rpd] [Community-Discuss] Update to Resources review policy proposal On 11/16/16, 1:43 PM, "Andrew Alston" <Andrew.Alston at liquidtelecom.com> wrote:
So, I have a hypothetical question – and it will become a lot less hypothetical once I’ve run the numbers which I’m currently doing. Let’s say we implement this audit policy – and then – because we have to act consistently – we act against every member who is not announcing space because they cannot justify not announcing it – and we terminate their membership. Are the authors of this policy and those supporting it prepared to bear the cost of the fee increases that would be necessary to back fill the loss in revenue that would effectively bankrupt AfriNIC? Running through the preliminary statistics – firstly the auditing process would be immensely expensive in HR cost – secondly – termination of members that aren’t “legitimately” announcing space by rough calculations could cost AfriNIC in excess of 15% of its revenue by the latest numbers available in the financial reports and correlating the unannounced space that is allocated with the billing file.
I hardly believe that a drop in 15% of revenue would bankrupt AfriNIC ??. If that’s the case then our problems are bigger than an Audit. Which I definitely doubt. Lets not add scary variables to support opposition to a policy.
Now, some would argue that is all the more reason to implement the audit policy – but here is a wake up call – the space you would recover in that call on those calculations – amounts to less than 10% of space that AfriNIC has allocated legitimately since May – so effectively, for the gain of looking tough and being rigid, we may end up bankrupting the organisation while recovering potentially a /15 worth of space. Alternatively, from any logical business perspective – that money would have to be recovered from the members who are legitimately announcing space – because it certainly can’t just disappear. So, has anyone ACTUALLY thought through the implications of this policy? I remain firmly opposed. Andrew From: Dewole Ajao [mailto:dewole at forum.org.ng]
Sent: 16 November 2016 12:52
To: sergekbk <sergekbk at gmail.com>; Arnaud AMELINA <amelnaud at gmail.com>; rpd >> AfriNIC Resource Policy <rpd at afrinic.net>; General Discussions of AFRINIC <community-discuss at afrinic.net>
Subject: Re: [Community-Discuss] Update to Resources review policy proposal I think all policies (if we really intend to implement them) must be clear and leave no room for variable interpretation as ambiguity will put additional burdens of interpretation on staff. If the community's preference is for the 24-month window to become invalid on allocation/assignment of new resources, then the policy (proposal) should state it clearly; If on the other hand, the intention is for the 24-month window to stay in place come-what-may, it's better for the policy (proposal) to be explicit about it. Please see below, additional questions for the community to consider. Hopefully, they can be discussed and the authors can (if they so choose,) take the inputs from the community into their modified proposal. 3.3.2 Selected:
A member is selected because of an internal report or due to a lack of contact between the AFRINIC and the member. Q1. Do we presently have an existing (effective) structure (apart from billing) that measures degree of contact with members?
If there is no agreed means of measuring the degree contact, we need to define degrees of contact so that "lack of contact" (as referred to in the proposal) can be measured objectively.
Perhaps as a first step for ensuring regular contact without using up too many resources, this proposal might want to borrow a leaf from RIPE's Assisted Registry Check (ARC). Seehttps://www.ripe.net/manage-ips-and-asns/resource-management/assisted-registry-check Basically, the RIR does a consistency check on members' Registry, Resource, and Route/rDNS information and then sends emails to the contacts on file showing their view. They then schedule a telephone call to work with the member and fix any identified issues. My understanding from RIPE is that these non-invasive checks sometimes reveal issues that may warrant more detailed investigation. The primary model is by random checks but done in a manner that checks every member at least once in 3 years (given the size of RIPE). They also have ARCs that are initiated as a result of information received from the member or third parties. Q2. Can reachability/cooperation of a member for such a consistency check-and-fix activity as described above be used to measure the degree of contact?
Q3. Given the fact that time taken for consistency checks are more predictable, can these be implemented as a preliminary step in addressing the "lack of investigation" problem as well as the concern about taking up much of members' and/or AFRINIC hostmasters' time?
Regards,
Dewole.
(with apologies for continuing the cross-posting between RPD and Community-discuss) On 15/11/2016 20:18, sergekbk wrote:
Hello Dewole,
Thanks for this comment.
The limit of 24 months applies to a member based on ressources portfolio. If the portfolio changes with new allocation, member can be audited anytime on the new ressources if required. Is this clear enough or shall we make it explicit ?
Kind Regards. Serge Ilunga Cell: +243814443160 Skype: sergekbk R.D.Congo -------- Original message -------- From: Dewole Ajao <dewole at tinitop.com> Date: 11/15/2016 11:38 (GMT+01:00) To: Arnaud AMELINA <amelnaud at gmail.com>, "rpd >> AfriNIC Resource Policy"<rpd at afrinic.net>, General Discussions of AFRINIC<community-discuss at afrinic.net> Subject: Re: [Community-Discuss] Update to Resources review policy proposal Thanks for working to apply the community's input to your proposal, Arnaud. To test the proposed re-wording, consider the following sequence of events: Member XYZ initiates self-requested review;
Review is completed by AFRINIC in X weeks;
After review, Member XYZ applies for "large chunk" of number resources;
Member XYZ receives "large chunk" of number resources in say 60 days;
Member XYZ happens to make some unacceptable use of (previous or new) number resources and it somehow becomes known to the community;
Regardless of convincing evidence, Member XYZ cannot be subjected to a review until 24 months have elapsed since the last review. Is this a design feature or a bug? Regards, Dewole. On 15/11/2016 10:48, Arnaud AMELINA wrote:
Hi community !
Following, recent discussions and in accordance with text proposal from Owen and others contributors, authors propose this as replacement to the section 3.3.3 -'---old version---'' 3.3.3 Reported: Here, members are reviewed either because: a. They have requested the review themselves or
b. There has been a community complaint made against them that warrants investigation. ----new version----- 3.3.3 Reported: Here, members are reviewed either because: a..They have requested the review themselves or
b. There has been a community complaint made against them that warrants investigation. Complaints shall be backed by evidence and AFRINIC staff shall evaluate the facts as appropriate to conduct the review. However this review is not applicable to a member on which a full review has been completed in the preceding 24 months. Regards. Arnaud. _______________________________________________ Community-Discuss mailing list Community-Discuss at afrinic.net https://lists.afrinic.net/mailman/listinfo/community-discuss
_______________________________________________ RPD mailing listRPD at afrinic.net https://lists.afrinic.net/mailman/listinfo/rpd
_______________________________________________
RPD mailing list
RPD at afrinic.net
https://lists.afrinic.net/mailman/listinfo/rpd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20161122/bc591a14/attachment-0001.html>
More information about the RPD
mailing list