Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] Last Call for "AFPUB-2016-GEN-001-DRAFT-04 - Internet Number Resources Review by AFRINIC"

Noah noah at
Wed Jul 12 10:28:02 UTC 2017

Hi David,

Please make me understand both the ARIN and RIPE NCC references below which
are related to INR reviews in each of their respective regions.


<>  And below is the content of
ARIN NRP section 12.*
12. Resource Review

   1. ARIN may review the current usage of any resources maintained in the
   ARIN database. The organization shall cooperate with any request from ARIN
   for reasonable related documentation.
   2. ARIN may conduct such reviews:
      1. when any new resource is requested,
      2. whenever ARIN has reason to believe that the resources were
      originally obtained fraudulently or in contravention of existing
policy, or
      3. whenever ARIN has reason to believe that an organization is not
      complying with reassignment policies, or
      4. at any other time without having to establish cause unless a full
      review has been completed in the preceding 24 months.
   3. At the conclusion of a review in which ARIN has solicited information
   from the resource holder, ARIN shall communicate to the resource holder
   that the review has been concluded and what, if any, further actions are
   4. Organizations found by ARIN to be materially out of compliance with
   current ARIN policy shall be requested or required to return resources as
   needed to bring them into (or reasonably close to) compliance.
      1. The degree to which an organization may remain out of compliance
      shall be based on the reasonable judgment of the ARIN staff and shall
      balance all facts known, including the organization's utilization rate,
      available address pool, and other factors as appropriate so as to avoid
      forcing returns which will result in near-term additional requests or
      unnecessary route de-aggregation.
      2. To the extent possible, entire blocks should be returned. Partial
      address blocks shall be returned in such a way that the portion retained
      will comprise a single aggregate block.
   5. If the organization does not voluntarily return resources as
   requested, ARIN may revoke any resources issued by ARIN as required to
   bring the organization into overall compliance. ARIN shall follow the same
   guidelines for revocation that are required for voluntary return in the
   previous paragraph.
   6. Except in cases of fraud, or violations of policy, an organization
   shall be given a minimum of six months to effect a return. ARIN shall
   negotiate a longer term with the organization if ARIN believes the
   organization is working in good faith to substantially restore compliance
   and has a valid need for additional time to renumber out of the affected
   7. In case of a return under paragraphs 12.4 through 12.6, ARIN shall
   continue to provide services for the resource(s) while their return or
   revocation is pending, except any maintenance fees assessed during that
   period shall be calculated as if the return or revocation was complete.
   8. This policy does not create any additional authority for ARIN to
   revoke legacy address space. However, the utilization of legacy resources
   shall be considered during a review to assess overall compliance.
   9. In considering compliance with policies which allow a timeframe (such
   as a requirement to assign some number of prefixes within 5 years), failure
   to comply cannot be measured until after the timeframe specified in the
   applicable policy has elapsed. Blocks subject to such a policy shall be
   assumed in compliance with that policy until such time as the specified
   time since issuance has elapsed.


*please also make me understand the RIPE NCC version as per the link below.*


1. Introduction

At the 1996 Contributors Committee Meeting the RIPE NCC was asked to
significantly increase its efforts to ensure the validity of registry data.
Audit has been a specific activity of the RIPE NCC since that time.

2. Goals

Audit activity is done to ensure fair and neutral application of policies
set by the RIPE community, to the general benefit of the Internet.

Auditing can also provide the RIPE community with information about
specific policy areas where problems are occurring, helping to ensure the
efficient investment of resources in appropriate areas. This can include
policy areas that need revision by the RIPE community, or areas where the
RIPE NCC can improve compliance through better education and communication
with the membership.

3. Principles

Audit evaluation is based on compliance with the RIPE community policies
current at the time of the audit. Audits are conducted with the intent to
educate RIPE NCC members on how to achieve compliance.

Members that are already working in compliance with the RIPE community
policies will have as little disturbance to their operations as possible.

Impartiality and confidentiality are given the highest priority throughout
the audit process.

4. Types

* Random:*

The member to be audited is chosen by the RIPE NCC at random.

* Selected:*

A member is selected because of an internal report or due to a lack of
contact between the RIPE NCC and the member.

* Reported:*

The member has requested the audit themselves or there has been a community
complaint made against them that requires investigation.

5. Process

The RIPE NCC informs the member that they are in audit and then provides
individual assistance in checking LIR data, resource records and validity
of RIPE Database records.

6. Compliance Measures

All measures used to ensure compliance with RIPE community policies are
based on current policies and on the service agreements signed with RIPE
NCC members.

The RIPE NCC will provide audit subjects with individual assistance and
education, and will make every effort to help members comply with the
policies. If the member is found to be unable to comply with the RIPE
community policies, further measures may be necessary. This may include,
but is not restricted to, a review of the audited organisation's membership
7. Appeals

Audits are carried out in a completely neutral and transparent manner.
However, if at any time a RIPE NCC member feels it is appropriate, they may
appeal any decision of the auditing team. An appeal is made by applying for
arbitration, as described in the RIPE NCC arbitration process:


On Wed, Jul 12, 2017 at 1:04 PM, David Hilario <
d.hilario at> wrote:

> Hi Noah,
> Just to make it clear in regards to the repeated comments trying to
> justify this proposal by saying that RIPE NCC or ARIN are having a
> similar policy and practice.
> The video and the section where both ARIN and RIPE NCC are speaking:
> At around 08:27:50 Andrea Cima from RIPE NCC
> He goes on to explain that their reviews are called "ARC", and it is
> to keep in touch and keep data up to data, registry data, that is the
> contact details and so on.
> Investigation, that is part of the "fraud".
> 08:29:50 Leslie from ARIN.
> Explains the scope of their policy, they only Audit in Fraud cases
> only deregister in case of fraud.
> Neither the RIPE NCC or ARIN does a re-evaluation of the resources and
> questioning how the LIRs are currently using their resources.
> So, this was debunked at an AFRINIC meeting, I don't understand how it
> is still being spread like this.
> It is being ignored or forgotten by the people here on this list, but
> already stated publicly by RIRs registration services managers
> directly that it isn't within the scope of what they do.
> If you want to say AFRINIC can do it like RIPE NCC, simply copy the
> ARC procedure:
> management/assisted-registry-check
> Non-intrusive review of LIRs information and contacts, no
> re-evaluation of their ressources, no discrimination and categories,
> No one can really have any objections to that review system, other
> than the staff costs for it, but if done as a side project it should
> not be a problem to review 1500+ LIRs within a 2 to 3 years time.
> David Hilario
> IP Manager
> Larus Cloud Service Limited
> p: +852 29888918  m: +359 89 764 1784
> f: +852 29888068
> a: Flat B5, 11/F, TML Tower, No.3 Hoi Shing Road, Tsuen Wan, HKSAR
> w:
> e: d.hilario at
> On 12 July 2017 at 11:30, Noah <noah at> wrote:
> >
> >
> > On 12 Jul 2017 9:47 a.m., "Bill Woodcock" <woody at> wrote:
> >
> >
> > 18 Against:
> > "chenghn at" <chenghn at>
> > Andrew Alston <Andrew.Alston at>
> > Bastein Li <bastienlee at>
> > Christopher Mwangi <christopher.mwangi at>
> > David Hilario <d.hilario at>
> > Derrick Harrison <derrick.harrison at>
> > Douglas Onyango <ondouglas at>
> > Kris Seeburn <seeburn.k at>
> > Lu Heng < at>
> > Mark Elkins <mje at>
> > Mark Tinka <mark.tinka at>
> > McTim <dogwallah at>
> > Mike Silber <silber.mike at>
> > Nishal Goburdhan <nishal at>
> > Noah <noah at>
> > S Moonesamy <sm+afrinic at>
> > Saul Stein <saul at>
> >
> >
> > Hi Bill
> >
> > on the contrary, I actually support the policy just like other folks
> which
> > is why it reached the last call. This policy would enable AFRINIC just
> like
> > ARIN,  RIPE NCC and other RIR to effect compliance.
> >
> >
> >
> > So, the next question might be whether this is a winner-take-all vote,
> or an
> > assessment of whether a clear consensus exists.
> >
> >
> > We continue to trust the co-chairs who have guided us to this stage.
> >
> > Cheers
> > Noah
> >
> > _______________________________________________
> > RPD mailing list
> > RPD at
> >
> >

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the RPD mailing list