IPv4 Hijacking For Idiots

John Curran jcurran at istaff.org
Mon Jul 3 17:23:56 CST 2017

On 2 Jul 2017, at 2:22 PM, Bryan Fields <Bryan at bryanfields.net> wrote:
> On 7/2/17 1:28 PM, John Curran wrote:
>> Note that ARIN does provide RPKI services for legacy blocks, but it is true that we 
>> require more legalisms than other RIRs…  You can caulk this up to the abundance 
>> of legacy resources of questionable provenance in this region, to the colorful US 
>> legal environment, and/or to a desire not to endanger the services we’re already 
>> providing to thousands of customers. 
> Only if you sign the RSA and give up certain legal rights to your legacy
> blocks/property.  I can't speak for everyone, but those I do know are not
> willing to do this.

And they may choose to do so.   Others have no problem signing the LRSA/RSA 
(which are effectively the same T&C’s now aside from fee schedule), and like having 
a very clear statement of their rights to the number resources, such as right to transfer,
access to arbitration, etc.  (These rights weren’t well spelt out in the earlier versions 
of the LRSA or RSA, but we eventually got their in the current form.) 

Of course, the other little detail isn’t whether they’re willing to sign, it is whether they
are entitled to sign, since the only parties that can enter an LRSA is the recipient or
their legal successor to the rights.  (It can be amusing when recently created entities
attempt to explain why they are the legal rights holder to a legacy number block…) 

> I'd propose there must be a better way that doesn't require legacy holders
> sign the RSA.  RPKI is important enough that something should be possible.

RPKI is quite important, but it also requires a solid legal foundation –
Resource certification absent the proper legal details as to who has
the rights and what rights that they have) is likely worse than no RPKI 
at all.


John Curran
President and CEO


More information about the NANOG mailing list