"Defensive" BGP hijacking?

• Previous message (by thread): "Defensive" BGP hijacking?
• Next message (by thread): "Defensive" BGP hijacking?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sep 19, 2016, at 11:58 PM, Christopher Morrow <morrowc.lists at gmail.com> wrote:
> 
> (caution! I don't really think arin is evil!)

Nor do I…  (but I will remind folks that organizations evolve based on participation, 
so ongoing diligence and involvement is definitely warranted.) 

> On Mon, Sep 19, 2016 at 1:16 PM, John Curran <jcurran at arin.net> wrote:
> 
>> To be clear, he would still end up bound to an agreement which provides
>> that they
>> indemnify the RIR regarding their RPKI usage (which was the complaint
>> expressed
>> in the NANOG community regarding ARIN’s RPKI terms and conditions) -
>> 
>> 
> maybe, but his point was that the evil (evile?) arin would not be putting
> their clutches on his ip-address-spaces... Sure he's trading ARIN for RIPE
> here, but I diidn't think the RPA bit was his concern as much as the LRSA
> and 'now that you agree these are ip blocks are subject to the legacy
> registry services agreement, we (arin - with twisty mustasche) might decide
> to wrest them away from you!!!<muahahahahaa!>’

A distinct possibly, but much improved in the current LRSA (and RSA, which
are the same document at this point.)   Unless he’s planning to not pay the 
annual maintenance fee and ignore the notices and letters that follow over
the next 120 days, or if going to make a serious misrepresentation in the 
process of claiming the rights to the address block, he’s fairly safe... for 
example,  ARIN now specifically disclaims revocation for lack of utilization.
(Furthermore, if ARIN breaches its obligations, the status of the address 
block reverts to the same prior to entry the LRSA – this is definitely less 
than RIPE provides, which is effectively exit at any time, but far better than 
the original LRSA.)

If you want to just use your legacy address block (wth the same services that
where in place at ARIN’s formation), then you don’t need to enter into an LRSA –
but please do still update your registration in the ARIN registry to have current 
contact data, as this helps deter potential hijackers.   If you want to have those
services that were developed since ARIN’s formation, then I’d suggest reviewing 
the actual current LRSA agreement, as it is significantly improved over earlier
versions.

Thanks!
/John

John Curran
President and CEO
[Evil?] ARIN

• Previous message (by thread): "Defensive" BGP hijacking?
• Next message (by thread): "Defensive" BGP hijacking?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]