Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] AFPUB-2021-GEN-003-DRAFT01

JORDI PALET MARTINEZ jordi.palet at consulintel.es
Sun Nov 14 09:25:31 UTC 2021


Hi Taiwo, all,

What this policy is trying to make is to better protect both sides, as explained in the proposal text.

This proposal allows to make it more explicit, because as you know the RSA is not providing the details of the existing internal procedure, and specially, not setting any timing.

Setting a well-known timing, ensures transparency and fair treatment with all the members that may be (knowing it or not) in breach of RSA or policies.

I believe anything that increase transparency and fairness is always superior to not having it. Will you agree on that?

Regarding the costs, this is analyzed in the IA (see previous version), so I don't foresee any special impact.

Regarding your other points, please see my previous email on this proposal with responses to the chairs/IA.

 
Regards,
Jordi
@jordipalet
 
 

El 14/11/21 10:04, "Taiwo Oye" <taiwo.oyewande88 at gmail.com> escribió:


    Dear authors. 
    Going through the policy compliance dashboard proposal. I see a lot of work has been done by the authors. 
    I have a few observations 

    - Afrinic is in constant battle with its resource members with claim of non compliance with the RSA or existing policy. This means there is already a form of compliance review going on.

     How is your intended compliance review model superior to the existing one??

    What is the cost implication (time and money) in comparison to the existing review model. 


    - I noticed some aspects of this policy compliance review model (the dashboard) that can be played on by smart but mischievous players in the field. 

    In section 3 of the proposal, there is a clause that states that afrinic gets an alert after 3 months of non compliance and a persistent non compliant memeber is determined by 3 alerts to afrinic over a 12 month period. 

    Based on the fact that this is a total automation of the policy compliance process. I see a gap where members can intentionally not comply for 11 weeks and then comply for a few days to nolify the first notification to Afrinic. This can also come to play to avoid being a “persistent non compliant member”. 

    - This policy also states in section 4  that afrinic can only investigate or act after a member is deemed persistently non compliant. This statement means that laid down policies can be broken for one year without interference from afrinic.

    Conclusion: 
    This come to me as trying to reduce the work of afrinic staff but creating a loophole in the policy compliance process. 



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.






More information about the RPD mailing list