Search RPD Archives
[rpd] New Version of Policy Proposal - Policy Compliance Dashboard (Draft-2) - AFPUB-2021-GEN-003-DRAFT02 (PDWG Chair)
JORDI PALET MARTINEZ
jordi.palet at consulintel.es
Tue Nov 16 10:38:18 UTC 2021
Exactly, no new data.
AFRINIC can automate checks for compliance with policies, but the members don’t need to provide new data.
If lack of compliance is detected, then the staff can request for clarifications of course, as it may be even something justified.
For example: You get an IPv6 assignment and you’re not announcing it even after several years – so the automation detects it – however it is perfectly valid that you use the IPv6 assignment only internally but the staff will not know it, unless you justify it.
Regards,
Jordi
@jordipalet
El 16/11/21 11:32, "Jaco Kroon" <jaco at uls.co.za> escribió:
Hi Jordi,
Please also just confirm: My understanding is that this is based on data that AFRINIC already has, and no additional data will be required by AFRINIC from members.
Kind Regards,
Jaco
On 2021/11/16 11:59, JORDI PALET MARTINEZ via RPD wrote:
Hi Paul,
Just to clarify something that I already said before.
This policy is not saying that the dashboard of each member is available to the other members. The dashboard is private to each member with its own data, so no disclosure of your status of compliance to others.
If you fail to address a compliance issue, following section 5, only then the resources subjected to incompliance will be published so everybody can see that. This is needed because before starting a reclamation, all possible means of resolving the situation must be tried, because it may happen that the resource holder has got a big trouble and can’t be contacted, customers or other colleagues may find a way to contact him, etc., etc. So sufficient chances to resolve the issue must be always tried.
Regarding your proposed text, I’m fine with that, but you shall notice that the previous version has been amended to ensure that we address the corrections suggested in the previous version IA. So going back to modify the text will depend on the new IA. If the staff can check your suggestion I’m fine, but at the same time, you should notice that what you’re asking is already done by the RSA.
Let me tell you one history which explains why we have this text in the proposal. About 3-4 years ago, it was discovered in RIPE that several members from an specific country (Russia), have used falsified documents (passports and corporate docs, if I recall correctly) and it was not just once, so it was clear that it was not a mistake. Do you think that in those cases further oportunities shall be given to the member? I will personally say not, clearly they tried to cheat the system and it is a non-trustable member. He always can restart the process to get the resources but from the beginning. Well, even in that case, the RSA already provides sufficient oportunities to the members to correct the situation.
Regards,
Jordi
@jordipalet
El 16/11/21 9:12, "Paul Hjul" <hjul.paul at gmail.com> escribió:
Regarding: https://afrinic.net/policy/proposals/2021-gen-003-d2
I've noted quite a bit of unease with the proposal stemming from information disclosures. I fear a lot of mess is created by conflating two different issues and circumstances. It is probably easiest to use an analogy of a bank. When I open a bank account my bank requires certain information from me and that information must be kept up to date. When I seek a loan I have to submit more information. Organizations divulge business plans and very sensitive commercial information all the time when seeking something from somebody. In order to apply for resources to be allocated information needs to be disclosed. Unfortunately there seems to be a culture of viewing all interactions with Afrinic as though they are seeking resources and this is misguided.
The policy proposal doesn't reinforce the question of what information ought to be maintained by Afrinic, only that a dashboard to empower members and to reduce uncertainty of when the organization will initiate an investigation.
I am of the view that consensus as to value in building such a dashboard for use by members AND as a necessary but not sufficient predicate for Afrinic to take certain steps can attain rough consensus if the participants in the working group act in good faith.
I propose the following slight alteration to sub-article 5:
Contractual non-compliance, such as unauthorized transfers, lack of payment or document fraud, once confirmed, will cause the revocation of the services and member closure, following the RSA.
to read:
Contractual non-compliance, such as unauthorized transfers, lack of payment or document fraud, once investigated and confirmed, may cause the revocation of the services and member closure in accordance with the RSA. In determining whether to revoke services the Board shall after afford a fair hearing and consider all relevant circumstances in good faith, including whether the revocation is in the best interests of the members of the organization.
Paul Hjul
_______________________________________________ RPD mailing list RPD at afrinic.net https://lists.afrinic.net/mailman/listinfo/rpd
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
_______________________________________________
RPD mailing list
RPD at afrinic.net
https://lists.afrinic.net/mailman/listinfo/rpd
_______________________________________________ RPD mailing list RPD at afrinic.net https://lists.afrinic.net/mailman/listinfo/rpd
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20211116/3a9c8180/attachment-0001.html>
More information about the RPD
mailing list