Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] RPD : Prolicy proposal "Internet Number Resources review by AFRINIC" informations update

Owen DeLong owen at delong.com
Sun Apr 28 12:28:08 UTC 2019



> On Apr 27, 2019, at 01:38 , Benjamin Eshun <benjamin.eshun at gmail.com> wrote:
> 
> Owen,
> 
> On Mon, Apr 22, 2019 at 4:05 AM Owen DeLong <owen at delong.com> wrote:
>> 
>> Let’s recognize that the policy is unnecessary and the RSA is currently sufficient as it is.
>> 
> At least we agree partial here that the current RSA is currently
> sufficient as it is.  Because stated in Section 6 (d) (i) (d)
> “Acknowledges: (i) that this agreement shall at all times be subjected
> to adopted policies;” .
> There are no polices to guide staff  on how to investigate (review)
> the applicant’s utilisation of the number resources already assigned.
> Hence I fail to see how this policy is unnecessary.

There’s no policy that tells the staff how to run the whois software either, yet
we have a working whois system.

Proscription of how the staff goes about accomplishing their oversight functions
is not a policy matter. It’s a matter for the board and management of AfriNIC.
It’s procedure, not policy.

> 
>> 
>> The truth that this policy is unnecessary, duplicative, and potentially harmful?
> 
> I have proved that this policy is very necessary and rather seeks to
> provide a framework in which staff can use to ensure transparency,
> objectivity and fairness in the review of  assigned resources.

No, you have not. The policy remains unnecessary, duplicative, and potentially harmful.

This policy is a giant step away from fairness as it offers a disproportionate denial of service
attack vector against large resource holders.


>> The truth that the community has repeatedly rejected this policy and it is unlikely to come to consensus?
>> The truth that the authors changes to between the previous version and the current version are minimal and fail to address the majority of objections?
>> The truth that many of the objections to this proposed policy have existed almost as long as the policy and still remain unaddressed by the authors?
>> 
> I fail to see the objection that was  raised and not addressed by the
> authors, except the objections that this policy is costly and time
> consuming for staff, if not, unnecessary,  duplicative  and harmful
> The proposal has a long life and I see efforts of the authors to
> address  real objections. What I have not seen is propositions to
> improve and make things harmless.

I provided a substantial list a few weeks ago… Perhaps you should read it.

You want to make it harmless, then do the following at a minimum:

	1.	Remove the provisions requiring staff to investigate a signed complaint even
		if they feel the complaint is specious at best.

	2.	Take out the random complete audits.

	3.	Quantify and place strong limits on what staff can and can’t demand or do
		during such a review.

	4.	Prohibit the possibility of multiple simultaneous reviews of the same organization.

	5.	Ideally, specify that no additional reviews can be started against an organization
		from the time a review begins until the end of the 24th month after the review
		has concluded. (The current language about after a full review is completed
		is vague and leaves open the possibility of declaring an earlier review not
		to have been “full” whatever that’s supposed to mean.

The proposal would still be unnecessary and duplicative, but at least if those changes were
made, it would be less harmful.

Owen




More information about the RPD mailing list