RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389,

Valdis Kl=?utf-8?Q?=c4=93?=tnieks valdis.kletnieks at vt.edu
Wed Aug 14 15:15:40 UTC 2019

On Wed, 14 Aug 2019 02:42:09 -0000, John Curran said:

> You might want want to ask them why they are now a problem when they weren’t
> before (Also worth noting that many of these ISP's own contracts with their
> customers have rather similar indemnification clauses.)

Actually, it's probably ARIN that should be doing the asking, and seeing if
they can change the wording and/or rephrase the issue to allay concerns.

It sounds to me like ARIN's *intent* was "if you get sued by your customers because
you screw the pooch on deployment, it's your screw-up to clean up and not our
problem". Or at least I *hope* that was the intent (see next paragraph)

But I suspect a lot of companies are reading it as: "If a spammer sues you for using
a block list that prevents them from spamming your customers, you can't end up
owing money to the block list maintainers.  But if you rely on the ARIN TAL, and get
sued by an address hijacker, you could end up owing money to ARIN".

(Having said that, John, it takes a special sort of CEO to stand out and be seen
in situations like this, and the world could probably use more CEO's like that...)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190814/8c566b2e/attachment.sig>

More information about the NANOG mailing list