Search RPD Archives
[rpd] Last Call for "AFPUB-2016-GEN-001-DRAFT-04 - Internet Number Resources Review by AFRINIC"
Noah
noah at neo.co.tz
Wed Jul 12 10:28:02 UTC 2017
Hi David,
Please make me understand both the ARIN and RIPE NCC references below which
are related to INR reviews in each of their respective regions.
*ARIN*
*https://www.arin.net/policy/nrpm.html#twelve
<https://www.arin.net/policy/nrpm.html#twelve> And below is the content of
ARIN NRP section 12.*
12. Resource Review
1. ARIN may review the current usage of any resources maintained in the
ARIN database. The organization shall cooperate with any request from ARIN
for reasonable related documentation.
2. ARIN may conduct such reviews:
1. when any new resource is requested,
2. whenever ARIN has reason to believe that the resources were
originally obtained fraudulently or in contravention of existing
policy, or
3. whenever ARIN has reason to believe that an organization is not
complying with reassignment policies, or
4. at any other time without having to establish cause unless a full
review has been completed in the preceding 24 months.
3. At the conclusion of a review in which ARIN has solicited information
from the resource holder, ARIN shall communicate to the resource holder
that the review has been concluded and what, if any, further actions are
required.
4. Organizations found by ARIN to be materially out of compliance with
current ARIN policy shall be requested or required to return resources as
needed to bring them into (or reasonably close to) compliance.
1. The degree to which an organization may remain out of compliance
shall be based on the reasonable judgment of the ARIN staff and shall
balance all facts known, including the organization's utilization rate,
available address pool, and other factors as appropriate so as to avoid
forcing returns which will result in near-term additional requests or
unnecessary route de-aggregation.
2. To the extent possible, entire blocks should be returned. Partial
address blocks shall be returned in such a way that the portion retained
will comprise a single aggregate block.
5. If the organization does not voluntarily return resources as
requested, ARIN may revoke any resources issued by ARIN as required to
bring the organization into overall compliance. ARIN shall follow the same
guidelines for revocation that are required for voluntary return in the
previous paragraph.
6. Except in cases of fraud, or violations of policy, an organization
shall be given a minimum of six months to effect a return. ARIN shall
negotiate a longer term with the organization if ARIN believes the
organization is working in good faith to substantially restore compliance
and has a valid need for additional time to renumber out of the affected
blocks.
7. In case of a return under paragraphs 12.4 through 12.6, ARIN shall
continue to provide services for the resource(s) while their return or
revocation is pending, except any maintenance fees assessed during that
period shall be calculated as if the return or revocation was complete.
8. This policy does not create any additional authority for ARIN to
revoke legacy address space. However, the utilization of legacy resources
shall be considered during a review to assess overall compliance.
9. In considering compliance with policies which allow a timeframe (such
as a requirement to assign some number of prefixes within 5 years), failure
to comply cannot be measured until after the timeframe specified in the
applicable policy has elapsed. Blocks subject to such a policy shall be
assumed in compliance with that policy until such time as the specified
time since issuance has elapsed.
*RIPE NCC*
*please also make me understand the RIPE NCC version as per the link below.*
*https://www.ripe.net/publications/docs/ripe-423
<https://www.ripe.net/publications/docs/ripe-423>*
1. Introduction
At the 1996 Contributors Committee Meeting the RIPE NCC was asked to
significantly increase its efforts to ensure the validity of registry data.
Audit has been a specific activity of the RIPE NCC since that time.
2. Goals
Audit activity is done to ensure fair and neutral application of policies
set by the RIPE community, to the general benefit of the Internet.
Auditing can also provide the RIPE community with information about
specific policy areas where problems are occurring, helping to ensure the
efficient investment of resources in appropriate areas. This can include
policy areas that need revision by the RIPE community, or areas where the
RIPE NCC can improve compliance through better education and communication
with the membership.
3. Principles
Audit evaluation is based on compliance with the RIPE community policies
current at the time of the audit. Audits are conducted with the intent to
educate RIPE NCC members on how to achieve compliance.
Members that are already working in compliance with the RIPE community
policies will have as little disturbance to their operations as possible.
Impartiality and confidentiality are given the highest priority throughout
the audit process.
4. Types
* Random:*
The member to be audited is chosen by the RIPE NCC at random.
* Selected:*
A member is selected because of an internal report or due to a lack of
contact between the RIPE NCC and the member.
* Reported:*
The member has requested the audit themselves or there has been a community
complaint made against them that requires investigation.
5. Process
The RIPE NCC informs the member that they are in audit and then provides
individual assistance in checking LIR data, resource records and validity
of RIPE Database records.
6. Compliance Measures
All measures used to ensure compliance with RIPE community policies are
based on current policies and on the service agreements signed with RIPE
NCC members.
The RIPE NCC will provide audit subjects with individual assistance and
education, and will make every effort to help members comply with the
policies. If the member is found to be unable to comply with the RIPE
community policies, further measures may be necessary. This may include,
but is not restricted to, a review of the audited organisation's membership
status.
7. Appeals
Audits are carried out in a completely neutral and transparent manner.
However, if at any time a RIPE NCC member feels it is appropriate, they may
appeal any decision of the auditing team. An appeal is made by applying for
arbitration, as described in the RIPE NCC arbitration process:
Cheers,
Noah
On Wed, Jul 12, 2017 at 1:04 PM, David Hilario <
d.hilario at laruscloudservice.net> wrote:
> Hi Noah,
>
> Just to make it clear in regards to the repeated comments trying to
> justify this proposal by saying that RIPE NCC or ARIN are having a
> similar policy and practice.
>
> The video and the section where both ARIN and RIPE NCC are speaking:
>
> https://youtu.be/XBv44KAgFVQ?list=PLLJRUWAm1GCZAGzqiCzX2CRU7oqLDC9e5
>
> At around 08:27:50 Andrea Cima from RIPE NCC
> He goes on to explain that their reviews are called "ARC", and it is
> to keep in touch and keep data up to data, registry data, that is the
> contact details and so on.
> Investigation, that is part of the "fraud".
>
> 08:29:50 Leslie from ARIN.
> Explains the scope of their policy, they only Audit in Fraud cases
> only deregister in case of fraud.
>
> Neither the RIPE NCC or ARIN does a re-evaluation of the resources and
> questioning how the LIRs are currently using their resources.
> So, this was debunked at an AFRINIC meeting, I don't understand how it
> is still being spread like this.
>
> It is being ignored or forgotten by the people here on this list, but
> already stated publicly by RIRs registration services managers
> directly that it isn't within the scope of what they do.
>
>
> If you want to say AFRINIC can do it like RIPE NCC, simply copy the
> ARC procedure:
> https://www.ripe.net/manage-ips-and-asns/resource-
> management/assisted-registry-check
>
> Non-intrusive review of LIRs information and contacts, no
> re-evaluation of their ressources, no discrimination and categories,
> ALL LIRs.
>
> No one can really have any objections to that review system, other
> than the staff costs for it, but if done as a side project it should
> not be a problem to review 1500+ LIRs within a 2 to 3 years time.
>
> David Hilario
>
> IP Manager
>
> Larus Cloud Service Limited
>
> p: +852 29888918 m: +359 89 764 1784
> f: +852 29888068
> a: Flat B5, 11/F, TML Tower, No.3 Hoi Shing Road, Tsuen Wan, HKSAR
> w: laruscloudservice.net
> e: d.hilario at laruscloudservice.net
>
>
> On 12 July 2017 at 11:30, Noah <noah at neo.co.tz> wrote:
> >
> >
> > On 12 Jul 2017 9:47 a.m., "Bill Woodcock" <woody at pch.net> wrote:
> >
> >
> > 18 Against:
> > "chenghn at chinaccsi.com" <chenghn at chinaccsi.com>
> > Andrew Alston <Andrew.Alston at liquidtelecom.com>
> > Bastein Li <bastienlee at qq.com>
> > Christopher Mwangi <christopher.mwangi at liquidtelecom.com>
> > David Hilario <d.hilario at laruscloudservice.net>
> > Derrick Harrison <derrick.harrison at sonictelecoms.co.za>
> > Douglas Onyango <ondouglas at gmail.com>
> > Kris Seeburn <seeburn.k at gmail.com>
> > Lu Heng <h.lu at anytimechinese.com>
> > Mark Elkins <mje at posix.co.za>
> > Mark Tinka <mark.tinka at seacom.mu>
> > McTim <dogwallah at gmail.com>
> > Mike Silber <silber.mike at gmail.com>
> > Nishal Goburdhan <nishal at controlfreak.co.za>
> > Noah <noah at neo.co.tz>
> > S Moonesamy <sm+afrinic at elandsys.com>
> > Saul Stein <saul at enetworks.co.za>
> >
> >
> > Hi Bill
> >
> > on the contrary, I actually support the policy just like other folks
> which
> > is why it reached the last call. This policy would enable AFRINIC just
> like
> > ARIN, RIPE NCC and other RIR to effect compliance.
> >
> >
> >
> > So, the next question might be whether this is a winner-take-all vote,
> or an
> > assessment of whether a clear consensus exists.
> >
> >
> > We continue to trust the co-chairs who have guided us to this stage.
> >
> > Cheers
> > Noah
> >
> > _______________________________________________
> > RPD mailing list
> > RPD at afrinic.net
> > https://lists.afrinic.net/mailman/listinfo/rpd
> >
>
--
*./noah*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20170712/90788e68/attachment-0001.html>
More information about the RPD
mailing list