Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] [Community-Discuss] Update to Resources review policy proposal

Danny afahounko at gmail.com
Fri Nov 25 10:54:24 UTC 2016 

Lu,

What I get from this email is that if someone steals a valuable from you
and sells it for big money, you better keep quiet, otherwise, s/he will
take you to court with that same money stolen from you?

Section 3.4 of the policy reads: << AFRINIC shall attempt to contact the
organization and correct any discrepancy towards the RSA. If the situation
cannot be rectified, AFRINIC shall publish the resources to be recovered
for a period of three (3) months; during which the organization may at any
time, seek compliance. After this period, the resource shall be recovered
and therefore the records of the previous holder of the recovered resource
shall be removed from AFRINIC’s databases. >> You can see that even in case
of discrepancy there’s a process to encourage the Member to seek
compliance. The intent of the policy is to encourage compliance and not
proceed to resources revocation as first measure. Resources revocation
wouldn’t happen if it has to affect end users on African continent.

In the case of your hypothetical court case, this is a non-issue. This is a
legal issue where 3 stakeholders are involved : AfriNIC, the Member and the
Government . AfriNIC and his member are tied through RSA. The Member and
its government are tied through operational License. RSA and license define
the responsibility of each party.

Therefore RSA and License need to be treated with the same level of
commitment and any Members shall comply with each of them (RSA and
Operational license).

regards,
--Danny

2016-11-24 1:26 GMT+04:00 Lu Heng <h.lu at anytimechinese.com>:

> Hi
>
> I'd like to contribute my own 2 cents.
>
> Let's assume, this policy really putting into action and found a policy
> breach, stay with me with the example(so let's say the policy in fact works
> on its purpose of finding policy breach):
>
> National telecom A from country B has a lot of its practice that not
> following the policy,Afrinic therefore by RSA trying to reclaim the address
> from the national telecom A from the requested audit.
>
> Because of the reclamation, a lot of people lost their connection in
> country B.
>
> National telecom taking Afrinic to court and country B government talking
> to UN and ITU to dismiss Afrinic.
>
> Does Afrinic, being an 30 people organization with only 4 million dollar
> in budget, even stay a chance to fight them at all?
>
> So this reclamation will risk the very existence of Afrinic, for a maybe a
> /15 misused address, seriously is it worth it for the community as a whole?
>
> Maybe some would claim that not every company has 4 million in budget, not
> every member that Afrinic are not able to fight in court, the simple truth
> is, the one are smaller than Afrinic in size and budget, their space will
> be small enough that will not make difference for the community(audit an
> /22 and get it back will really worth nothing to the community, and you can
> hardly call /22 stock piling as well).
>
> And any company go though RIR process and justified their need in which is
> greater than, let's say, /16, will surely have multiple times size of
> Afrinic with much stronger financial power, Afrinic can not afford fighting
> them in court under today's condition. Let's face it, Afrinic has no real
> enforcement power like some might think it does, Afrinic is an registration
> service, it already does everything it can during the process issuing the
> IP address to make sure fair distribution according to the policy, and keep
> the whois database accurate, that is all what community ask them to do, and
> that is all what Afrinic capable of doing.
>
> There is no single RIR, RIPE NCC being 5 times bigger budget than Afrinic
> included, are able to reclaim address from member who do not need them
> anymore, and that is the exact reason why we have a transfer policy in most
> of the region now. People transferring are clearly not needing address
> anymore, why none of RIR today reclaim them from the holder? There might be
> quite few argument to that, but the one I understand is, none of them able
> to, most large block holder, if not all, are multiple size of the RIR both
> in number of staff and financial power, sometime even in political
> influence, and it is really not worth to risk all the member fees to fight
> an single member(or multiple members, consider the amount of transfer
> happening every month). *Market works better than central planning*,
> communist country learned this in hard way.
>
> *What is the normal practice in every region until now, is that,
> assignment can be cancelled by RIR, however, allocation are untouchable
> once it is issued, no RIR has ever in history claimed back an allocation
> from member due to insufficient usage. *Not to mention Afrinic being the
> smallest, least funded RIR among them all.
>
> Let's distribute the rest v4 at fair pace, and stop asking Afrinic acting
> as communist country's central government, *all Afrinic has is an
> database, with 30 people maintain it under 4 million USD budget,* the
> only reason all those government and large telecom leave Afrinic alone, is
> because Afrinic does not claim any power but only maintain the database,
> once Afrinic claim its power to manage whole continent's
> infrastructure(like one of the hostmaster mistakenly claimed in one of
> Afrinic meeting), it will simply be the day Afrinic ends as we know it. *For
> that power, we will need a much bigger Afrinic with each country's gov
> setting on the board to decided things(and enforce it with real power),
> just like you see in most international governing organizations.*
>
> So please keep Afrinic doing registration service alone, like Rob, the
> first RIPE chair and much respected globe community member once said, *RIR
> are bookkeepers, nothing more.* The wise man help establish the RIR
> system as we know it today, and I believe its bookkeeper analogy are what
> protect the RIR's very existence for past 3 decates.
>
> Otherwise, you will need not just a policy to make the intend of this
> policy work, *you will need high level enforcement power from the each
> countries' government, and you will need a much bigger Afrinic, or rather,
> "Africa internet government".*
>
>
>
>
>
>
> On 22 November 2016 at 17:46, Andrew Alston <Andrew.Alston at liquidtelecom.c
> om> wrote:
>
> Saul,
>
>
>
> As I have stated – due to all evidence presented to me – and while I
> cannot go beyond the evidence presented to me and this is merely an
> opinion, because I am not a mind reader, my opinion is that there are
> motivations behind this policy which are not being clearly stated.  I
> personally believe that this policy is designed to give a platform to after
> specific individuals who there is a mistaken belief are misusing resources
> because people don’t like the fact that they got them in the first place in
> full compliance with the policies.
>
>
>
> I personally believe that there is a reason why the authors of this policy
> have refused to put the safe guards in place that have been requested,
> including the mandatory disclosure of the complainant to the person who is
> being complained about, and the reasons strike me as deeply nefarious.
>
>
>
> As I said – that is a personal opinion, I leave everyone else to review
> everything I have said in previous emails and come to their own conclusions
> as to the real motivations behind this.  My objections to this policy stand
> based on its ease at which it can be used by operators to harass other
> operators with absolutely no recourse to the one being harassed.  My
> objections to this policy also stand based on the fact that there is
> absolutely zero evidence provided that the abuse that the authors claim
> this policy is attempting to deal with exist at all, and based on that the
> policy is attempting to deal with a situation that is entirely hypothetical
> while having serious ramifications.  My objections to this policy stand,
> based on the fact that as of yet, no one is prepared to state how these
> audits are meant to occur, or on what basis a complainant can trigger an
> audit and what evidence they have to provide to substantiate their
> complaint, other than lack of visibility in the routing table.  And if we
> use visibility in the routing table – the total amount of space is so
> negligible in the context of allocations the policy has absolutely zero
> purpose other than to hurt AfriNIC revenues.
>
>
>
>
>
> Andrew
>
>
>
>
>
> *From:* Saul Stein [mailto:saul at enetworks.co.za]
> *Sent:* 22 November 2016 12:07
> *To:* Badru Ntege <badru.ntege at nftconsult.com>; Andrew Alston <
> Andrew.Alston at liquidtelecom.com>; Dewole Ajao <dewole at forum.org.ng>;
> sergekbk <sergekbk at gmail.com>; Arnaud AMELINA <amelnaud at gmail.com>; rpd
> >> AfriNIC Resource Policy <rpd at afrinic.net>
> *Subject:* RE: [rpd] [Community-Discuss] Update to Resources review
> policy proposal
>
>
>
> Have I perhaps missed the point here, but what is the purpose of this
> policy?
>
> 1)      Is the purpose that there is no current way to reclaim resources
> fraudulently applied for?
>
> 2)      Preserve v4 space (but this policy would have to be for v6 too –
> I’d hate to have to audit all that space)
>
> 3)      To remove space that people are no longer using?
>
> 4)      Preserve v4 space?
>
>
>
> It is one thing saying that there is a need to audit, but for what
> purpose? And by purpose I am including the ultimate goal and objectives,
> since there is no point in saying lets audit and then there is no
> ramifications expect to AFRINIC earning less revenue from the resources it
> charges for.
>
>
>
> *From:* Badru Ntege [mailto:badru.ntege at nftconsult.com
> <badru.ntege at nftconsult.com>]
> *Sent:* 17 November 2016 07:09 AM
> *To:* Andrew Alston <Andrew.Alston at liquidtelecom.com>; Dewole Ajao <
> dewole at forum.org.ng>; sergekbk <sergekbk at gmail.com>; Arnaud AMELINA <
> amelnaud at gmail.com>; rpd >> AfriNIC Resource Policy <rpd at afrinic.net>
> *Subject:* Re: [rpd] [Community-Discuss] Update to Resources review
> policy proposal
>
>
>
>
>
>
>
>
>
> On 11/16/16, 1:43 PM, "Andrew Alston" <Andrew.Alston at liquidtelecom.com>
> wrote:
>
>
>
> So,
>
>
>
> I have a hypothetical question – and it will become a lot less
> hypothetical once I’ve run the numbers which I’m currently doing.
>
>
>
> Let’s say we implement this audit policy – and then – because we have to
> act consistently – we act against every member who is not announcing space
> because they cannot justify not announcing it – and we terminate their
> membership.
>
>
>
> Are the authors of this policy and those supporting it prepared to bear
> the cost of the fee increases that would be necessary to back fill the loss
> in revenue that would effectively bankrupt AfriNIC?  Running through the
> preliminary statistics – firstly the auditing process would be immensely
> expensive in HR cost – secondly – termination of members that aren’t
> “legitimately” announcing space by rough calculations could cost AfriNIC in
> excess of 15% of its revenue by the latest numbers available in the
> financial reports and correlating the unannounced space that is allocated
> with the billing file.
>
>
>
> I hardly believe that a drop in 15% of revenue would bankrupt AfriNIC ??.
>    If that’s the case then our problems are bigger than an Audit.  Which I
> definitely doubt.
>
>
>
> Lets not add scary variables to support opposition to a policy.
>
>
>
>
>
>
>
> Now, some would argue that is all the more reason to implement the audit
> policy – but here is a wake up call – the space you would recover in that
> call on those calculations – amounts to less than 10% of space that AfriNIC
> has allocated legitimately since May – so effectively, for the gain of
> looking tough and being rigid, we may end up bankrupting the organisation
> while recovering potentially a /15 worth of space.  Alternatively, from any
> logical business perspective – that money would have to be recovered from
> the members who are legitimately announcing space – because it certainly
> can’t just disappear.
>
>
>
> So, has anyone ACTUALLY thought through the implications of this policy?
> I remain firmly opposed.
>
>
>
> Andrew
>
>
>
>
>
> *From:* Dewole Ajao [mailto:dewole at forum.org.ng <dewole at forum.org.ng>]
> *Sent:* 16 November 2016 12:52
> *To:* sergekbk <sergekbk at gmail.com>; Arnaud AMELINA <amelnaud at gmail.com>;
> rpd >> AfriNIC Resource Policy <rpd at afrinic.net>; General Discussions of
> AFRINIC <community-discuss at afrinic.net>
> *Subject:* Re: [Community-Discuss] Update to Resources review policy
> proposal
>
>
>
> I think all policies (if we really intend to implement them) must be clear
> and leave no room for variable interpretation as ambiguity will put
> additional burdens of interpretation on staff.
>
> If the community's preference is for the 24-month window to become invalid
> on allocation/assignment of new resources, then the policy (proposal)
> should state it clearly; If on the other hand, the intention is for the
> 24-month window to stay in place come-what-may, it's better for the policy
> (proposal) to be explicit about it.
>
> Please see below, additional questions for the community to consider.
> Hopefully, they can be discussed and the authors can (if they so choose,)
> take the inputs from the community into their modified proposal.
>
> 3.3.2 Selected:
>
>
> A member is selected because of an internal report or due to a lack of
> contact between the AFRINIC and the member.
>
> Q1. Do we presently have an existing (effective) structure (apart from
> billing) that measures degree of contact with members?
> If there is no agreed means of measuring the degree contact, we need to
> define degrees of contact so that "lack of contact" (as referred to in the
> proposal) can be measured objectively.
>
> *Perhaps as a first step for ensuring regular contact without using up too
> many resources, this proposal might want to borrow a leaf from RIPE's
> Assisted Registry Check (ARC). See
> https://www.ripe.net/manage-ips-and-asns/resource-management/assisted-registry-check
> <https://www.ripe.net/manage-ips-and-asns/resource-management/assisted-registry-check>*
>
> *Basically, the RIR does a consistency check on members' Registry,
> Resource, and Route/rDNS information and then sends emails to the contacts
> on file showing their view. They then schedule a telephone call to work
> with the member and fix any identified issues. *
>
> *My understanding from RIPE is that these non-invasive checks sometimes
> reveal issues that may warrant more detailed investigation. The primary
> model is by random checks but done in a manner that checks every member at
> least once in 3 years (given the size of RIPE). They also have ARCs that
> are initiated as a result of information received from the member or third
> parties. *
>
> Q2. Can reachability/cooperation of a member for such a consistency
> check-and-fix activity as described above be used to measure the degree of
> contact?
>
> Q3. Given the fact that time taken for consistency checks are more
> predictable, can these be implemented as a preliminary step in addressing
> the "lack of investigation" problem as well as the concern about taking up
> much of members' and/or AFRINIC hostmasters' time?
>
> Regards,
> Dewole.
> (with apologies for continuing the cross-posting between RPD and
> Community-discuss)
>
> On 15/11/2016 20:18, sergekbk wrote:
>
> Hello Dewole,
>
>
> Thanks for this comment.
> The limit of 24 months applies to a member based on ressources
> portfolio.  If  the portfolio  changes with new allocation,   member can be
> audited  anytime on the new ressources if required.
>
> Is this clear enough or shall we make  it explicit  ?
>
> Kind Regards.
>
>
>
> *Serge Ilunga*
>
> *Cell: +243814443160 <%2B243814443160>*
>
> *Skype: sergekbk*
>
> *R.D.Congo*
>
> -------- Original message --------
>
> From: Dewole Ajao <dewole at tinitop.com> <dewole at tinitop.com>
>
> Date: 11/15/2016 11:38 (GMT+01:00)
>
> To: Arnaud AMELINA <amelnaud at gmail.com> <amelnaud at gmail.com>, "rpd >>
> AfriNIC Resource Policy" <rpd at afrinic.net> <rpd at afrinic.net>, General
> Discussions of AFRINIC <community-discuss at afrinic.net>
> <community-discuss at afrinic.net>
>
> Subject: Re: [Community-Discuss] Update to Resources review policy
> proposal
>
>
>
> Thanks for working to apply the community's input to your proposal,
> Arnaud.
>
> To test the proposed re-wording, consider the following sequence of events:
>
> Member XYZ initiates self-requested review;
> Review is completed by AFRINIC in X weeks;
> After review, Member XYZ applies for "large chunk" of number resources;
> Member XYZ receives "large chunk" of number resources in say 60 days;
> Member XYZ happens to make some unacceptable use of (previous or new)
> number resources and it somehow becomes known to the community;
> Regardless of convincing evidence, Member XYZ cannot be subjected to a
> review until 24 months have elapsed since the last review.
>
> Is this a design feature or a bug?
>
> Regards,
>
> Dewole.
>
>
>
> On 15/11/2016 10:48, Arnaud AMELINA wrote:
>
> Hi community !
> Following, recent discussions and in accordance with text proposal from
> Owen and others contributors, authors propose this as replacement to the
> section 3.3.3
>
> -'---old version---''
>
> 3.3.3 Reported: Here, members are reviewed either because:
>
> a. They have requested the review themselves or
> b. There has been a community complaint made against them that warrants
> investigation.
>
> ----new version-----
>
> 3.3.3 Reported: Here, members are reviewed either because:
>
> a..They have requested the review themselves or
> b. There has been a community complaint made against them that warrants
> investigation. Complaints shall be backed by evidence and AFRINIC  staff
> shall evaluate the facts as appropriate to conduct the review. However this
> review is not applicable to a member  on which a full review has been
> completed in the preceding 24 months.
>
> Regards.
>
> Arnaud.
>
>
>
>
> _______________________________________________
>
> Community-Discuss mailing list
>
> Community-Discuss at afrinic.net
>
> https://lists.afrinic.net/mailman/listinfo/community-discuss
>
>
>
>
>
> _______________________________________________ RPD mailing list
> RPD at afrinic.net https://lists.afrinic.net/mailman/listinfo/rpd
>
>
> _______________________________________________
> RPD mailing list
> RPD at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/rpd
>
>
>
>
> --
> --
> Kind regards.
> Lu
>
>
> _______________________________________________
> RPD mailing list
> RPD at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/rpd
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20161125/5763e63d/attachment-0001.html>

More information about the RPD mailing list