Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] Last Call for "AFPUB-2016-GEN-001-DRAFT-04 - Internet Number Resources Review by AFRINIC"

Sami s.aitalioulahcen at cnrst.ma
Wed Jun 28 12:30:58 UTC 2017 

Andrew,

Very much understandable.

The idea behind the policy is good, but it most certainly needs
polishing. Being last call doesn't mean final, and this is what the
mailing list is about: discussions to make it better.


Cheers


On 28/06/2017 12:20, Andrew Alston wrote:
> Sami,
>
> Sorry - but my problem here is - the type of information required by AfriNIC is not stated in the policy, and is ambiguous at best.
>
> Those requirements have changed from application to application - and I have very little doubt the same will happen in audit situations - there is simply no way to know exactly what will be asked and how long it will take.  
>
> I have had applications where I have seen requests for direct access to routers - to the point where I saw someone attempt to issue such access and it caused a major problem.
> I have been asked for information in application scenarios which was DEEPLY confidential - again - to the point where I was forced to ask for an NDA - and on refusal - walk out without supplying said information
> I have spent hours redacting information that was demanded that was out of scope of policy.
>
> To say that the information this required is simply this - you have no way to verify that - and no way to state that categorically.
>
> Andrew
>
>
> -----Original Message-----
> From: Sami [mailto:s.aitalioulahcen at cnrst.ma] 
> Sent: 28 June 2017 15:15
> To: rpd at afrinic.net
> Subject: Re: [rpd] Last Call for "AFPUB-2016-GEN-001-DRAFT-04 - Internet Number Resources Review by AFRINIC"
>
> Hi,
>
> I've been reading through the discussions of this policy for some time and frankly, I think it took some weird turns at times.
>
> To address some of the valid concerns. The audit some people are talking about here are full audits and they certainly take time and considerable resources. Although the kind of output that should be expected from AfriNIC are simply in the form of "we have about x million (verifiable
> approximations) of clients and x+1 million of IP resources. Meaning we use most of our resources, thus our allocations are justified". No sensitive information should be involved, since such information is usually available for the public.
>
> As for the second concern, people (or companies) shouldn't be worried about resource loss since this only happens if the resources are "not"
> used or are used outside the African continent, in which case it shouldn't  be AfriNIC that gets sued but the company itself.
>
> As a side not, I'd like to point out that "dick measuring" (please excuse the term) does not belong in this list, nor do personal attacks.
> We discuss policies not people.
>
>
> Eid mubarak to all
>
> Greetings from Rabat
>
>
> --
> Sami
> GPG Key ID: 0x36d57440
>
>

-- 
Sami
GPG Key ID: 0x36d57440


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4002 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20170628/c3e0eea3/attachment.p7s>

More information about the RPD mailing list