ARIN's RPKI Relying agreement

John Curran jcurran at arin.net
Thu Dec 4 18:13:16 UTC 2014


On Dec 4, 2014, at 1:01 PM, Jared Mauch <jared at puck.nether.net> wrote:
>> I am happy to champion the change that you seek (i.e. will get it reviewed 
>> by legal and brought before the ARIN Board) but still need clarity on what 
>> change you wish to occur -
>> 
>>    A) Implicit binding to the indemnification/warrant disclaimer clauses
>>       (as done by the other RIRs)
>> 
>>    B) Removal of the indemnification & warranty disclaimer clause 
>> 
>> I asked this directly during your NANOG presentation, but you did not respond 
>> either way.  I also noted that your own business customer agreements have the 
>> same indemnification & non-warranty clauses (as they are common in nearly all
>> telecommunication and ISP service agreements) - are these now being dropped
>> by TWC in agreements?
> 
> I recall a lengthly discussion about this at the NANOG meeting that occurred after
> the session.  I think there is a very strong emotional thing here where we said to
> you (which you seem to have forgotten) that option B above would be helpful as
> it’s already covered by the general registration agreement (which was your assertion).

Several folks suggested making the RPKI indemnification tie back to
the language in the existing RSA (it is not presently but instead 
done via separate language). However, when I asked Wes about that 
approach he did not know at the time if that would address TWC's 
particular concern (hence my reason for following up now via email)

> Comparing what you do with Time Warner cable seems like pure hyperbole and an attempt
> as CEO to inflame community discussion at minimum.

Actually, it is to remind folks that such indemnification language is 
sought by most ISPs, despite their services being used in a mission
critical mode by many customers and despite the ISPs efforts to make 
their services be highly reliable.   

(One can easily argue that best practices require multiple connections
or service providers, but that is the same with best practices for RPKI
use requiring proper preferences to issues with certification data...)

/John

John Curran
President and CEO
ARIN





More information about the NANOG mailing list