Search RPD Archives
[rpd] RPD : Policy proposal "Internet Number Resources review by AFRINIC" informations update
pascosoft at gmail.com
Sun Apr 29 16:26:27 UTC 2018
I agree with Andrew on this. The procedure for the audit is not clearly
defined and could affect the organisations with long term positive goals.
What are the full guidelines regarding the public exposure of
confidentiality agreements and also service level agreements if end users
are used as part of the audit? Does it mean that during the audit period a
member can not go on with providing addresses to end users?
On Sunday, April 29, 2018, Andrew Alston <Andrew.Alston at liquidtelecom.com>
> With regards to this policy,
> My objections to it again remain – and here are a few more to think about.
> 1. If AFRINIC wishes to audit usage – they first have to have a
> process in place to sign water tight NDA’s with strict financial penalties
> should information about how an ISP is utilizing its space go public – the
> confidentiality agreement in the current MSA is nowhere near tight enough
> for any corporate to expose the type of information that may be requested
> in a detailed review
> 2. The processes involved in the review are inadequately defined and
> open to interpretation and hence – open to abuse that could be used to
> victimise organisations – this must be closed and addressed
> 3. Dependent on the processes defined for (b) – there could be
> significant costs for a full IP audit – and I propose that if an audit is
> conducted and the ISP is found to be compliant – then AFRINIC should be
> responsible for those costs once a detailed accounting is given – if the
> ISP is NOT found to be compliant – they can then bear the costs involved
> 4. Should AFRINIC choose to revoke space on the basis of an IP audit
> process that is not adequately defined – what is the appeal process to
> appeal any decision they come to as a result of the review – because
> failing an external untained and unbiased appeal process by a neutral third
> party – such a revocation could lead to swift and extremely expensive
> 5. I question the NEED for this policy – the ability to do basic
> reviews is already codified in the MSA despite the issues raised above
> (which I believe would create similar problems where AFRINIC to ever
> attempt a full audit) – and hence – I simply see no reason for this policy
> to even exist
> My objections to this policy hence remain on the basis of the above.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the RPD