Search RPD Archives
[rpd] Last Call for "AFPUB-2016-GEN-001-DRAFT-04 - Internet Number Resources Review by AFRINIC"
Andrew.Alston at liquidtelecom.com
Wed Jun 28 13:07:50 UTC 2017
Sorry to say this - but again - that is incorrect.
Under the policy process - there is no room for serious modification in last call - if there are substantive changes that need to be made the policy fails consensus, fails last call and returns to the floor. If it passes and is ratified - the only way to modify it is via a new policy process with all the time frames that involved - and in the intervening time - the policy that has passed will be what we are all bound to.
As such - passing this through last call with the significant concerns would result in a situation where every member of this list was bound to its provisions until such time as a modification policy could be passed (should the board choose to ratify it)
From: Sami [mailto:s.aitalioulahcen at cnrst.ma]
Sent: 28 June 2017 15:31
To: Andrew Alston <Andrew.Alston at liquidtelecom.com>; rpd at afrinic.net
Subject: RE: [rpd] Last Call for "AFPUB-2016-GEN-001-DRAFT-04 - Internet Number Resources Review by AFRINIC"
Very much understandable.
The idea behind the policy is good, but it most certainly needs
polishing. Being last call doesn't mean final, and this is what the
mailing list is about: discussions to make it better.
On 28/06/2017 12:20, Andrew Alston wrote:
> Sorry - but my problem here is - the type of information required by AfriNIC is not stated in the policy, and is ambiguous at best.
> Those requirements have changed from application to application - and I have very little doubt the same will happen in audit situations - there is simply no way to know exactly what will be asked and how long it will take.
> I have had applications where I have seen requests for direct access to routers - to the point where I saw someone attempt to issue such access and it caused a major problem.
> I have been asked for information in application scenarios which was DEEPLY confidential - again - to the point where I was forced to ask for an NDA - and on refusal - walk out without supplying said information
> I have spent hours redacting information that was demanded that was out of scope of policy.
> To say that the information this required is simply this - you have no way to verify that - and no way to state that categorically.
> -----Original Message-----
> From: Sami [mailto:s.aitalioulahcen at cnrst.ma]
> Sent: 28 June 2017 15:15
> To: rpd at afrinic.net
> Subject: Re: [rpd] Last Call for "AFPUB-2016-GEN-001-DRAFT-04 - Internet Number Resources Review by AFRINIC"
> I've been reading through the discussions of this policy for some time and frankly, I think it took some weird turns at times.
> To address some of the valid concerns. The audit some people are talking about here are full audits and they certainly take time and considerable resources. Although the kind of output that should be expected from AfriNIC are simply in the form of "we have about x million (verifiable
> approximations) of clients and x+1 million of IP resources. Meaning we use most of our resources, thus our allocations are justified". No sensitive information should be involved, since such information is usually available for the public.
> As for the second concern, people (or companies) shouldn't be worried about resource loss since this only happens if the resources are "not"
> used or are used outside the African continent, in which case it shouldn't be AfriNIC that gets sued but the company itself.
> As a side not, I'd like to point out that "dick measuring" (please excuse the term) does not belong in this list, nor do personal attacks.
> We discuss policies not people.
> Eid mubarak to all
> Greetings from Rabat
> GPG Key ID: 0x36d57440
GPG Key ID: 0x36d57440
More information about the RPD