Internic address allocation policy (fwd)

Thu Nov 21 02:34:38 UTC 1996

Hello,

I think that intentions of the original email is harmless and a good idea,
however, I also think that the suggested implementation below simply 'should'
not work.

I do not know of any organization that would allow internal network information
to be made available to an outside party.  I think this ranks pretty
high up on any security policy.  It would probably not even be possible on 
correctly secured network.  And on one that wasn't properly secured, you 
would probably hear lots of complaints about scanning or searching that
network.  

So, I think you are going to find in almost every instance, the other
company telling you to politely mind your own business.  Now, another
solution might be to have one organization (InterNIC or sorts) to be
responsible for obtaining and reviewing this information.  They 
already do this to smaller providers trying to obtain new IP addresses.
It might be possible to implement some sort of continued observations
of issued IP addresses to ensure proper allocation.  But this sounds
like alot more potential work for an already busy entity like the InterNIC.  

I don't know, I just thought to mention that I liked the idea, but
at the same time it just doesn't seem like a practical solution.  

Just my added thoughts...

Sean Rolinson
snowdog at charm.net

> 
> At 12:06 PM 11/20/96 -0600, Jim Fleming wrote:
> >I have suggested in the past a "neighbor net" approach.
> >It is a simple approach in which people on each side
> >of an allocation, be responsible for publishing a periodic
> >usage report. They would obtain this information from
> >their "neighboring" administrator.
> >
> >This approach can work for /24s, /16s and any size
> >allocations, as long as one is aware of who their binary
> >neighbor is in the IPv4 address space.
> >
> >To illustrate a /8 example, Hewlett Packard and Apple
> >Computer would be responsible for the report on
> >Digital Computer Corporation.
> >
> >	Hewlett Packard - 15.0.0.0
> >	Digital Computer - 16.0.0.0
> >	Apple Computer - 17.0.0.0
> >	MIT - 18.0.0.0
> Jim,
> 	This lynches it.  You are absolutely insane.  You whine and moan about
> having to tell the EvilInternic(tm) about your network, potential
> customers, etc etc, yet you believe that DEC would gladly give information
> to Apple about their internal network etc etc.  More effort would be sepnt
> in court with lawyers haggeling over what DEC had to give Apple and Apple
> had to give DEC in order to properly be audited than would have originally
> been spent with an audit by an external agency doing the audit.  Or wait,
> let me guess DISA wants to be audited by a foriegn company (30.0.0.0 for
> DISA and 32.0.0.0 for the foriegn company, 31 is IANA reserved, so I am
> assuming that it would be skipped).
> 
> Yeah, that.
> 
> Justin Newton
> Network Architect
> Erol's Internet Services
> 