
<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Aug 13, 2019 at 5:44 PM John Curran <<a href="mailto:jcurran@arin.net" target="_blank">jcurran@arin.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">


<div>

On 13 Aug 2019, at 9:28 PM, Ronald F. Guilmette <<a href="mailto:rfg@tristatelogic.com" target="_blank">rfg@tristatelogic.com</a>> wrote:<br>

<div>

<blockquote type="cite">...<br class="m_1900206208679832603gmail-m_9144904167648982493Apple-interchange-newline">

<div><span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">The

 last time I looked, RPKI adoption was sitting at around a grand total</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">of

 15% worldwide.  Ah yes, here it is...</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">  </span><a href="https://rpki-monitor.antd.nist.gov/" style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" target="_blank">https://rpki-monitor.antd.nist.gov/</a><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">I've

 asked many people and many companies why adoption remains so low, and</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">why

 their own companies aren't doing RPKI.  I've gotten the usual assortment</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">of

 utterly lame excuses, but the one that I have had the hardest time</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">trying

 to counter is the one where a network engineer says to me "Well,</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">ya

 know, we were GOING to do that, but then ARIN... unlike the other four</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">regional

 authorities... demanded that we sign some silly thing indemnifying</span><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">

<span style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">them

 in case of.... something.</span></div>

</blockquote>

<br>

</div>

<div>Interestingly enough, those same indemnification clauses are in the registration services agreement that they already signed but apparently they were not an issue at all when requesting IP address space or receiving a transfer.   </div>

<div>You might want want to ask them why they are now a problem when they weren’t before (Also worth noting that many of these ISP's own contracts with their customers have rather similar indemnification clauses.)</div></div></blockquote><div><br></div><div>Hi John,</div><div><br></div><div>There are things companies will sign</div><div>when their backs are up against the wall</div><div>that they will balk at signing when it is </div><div>for an optional geek-ish extra.</div><div><br></div><div>IP addresses are the lifeblood of the</div><div>tech industry.  If you don't have an</div><div>IP address, you don't exist on the</div><div>Internet.  (Apologies to those of us </div><div>who still have modems configured</div><div>to call and retrieve mail addressed</div><div>with UUCP bang paths).</div><div><br></div><div>So, companies will grudgingly and with </div><div>much hand-wringing sign the RSA </div><div>necessary to get IP space.  Without, </div><div>they die.  Rather like oxygen; if we</div><div>had to sign a license agreement in </div><div>order to receive air to breathe, you'd</div><div>find most people would sign pretty</div><div>horrific terms of service agreements.</div><div><br></div><div>Slip those same terms in front of someone</div><div>as a requirement for them to buy beer, </div><div>and you'll likely discover a whole lot of </div><div>people are just fine drinking something</div><div>else instead.</div><div><br></div><div>So too with the RSA terms versus the </div><div>RPKI terms.</div><div><br></div><div>As companies, we can't survive without</div><div>IP addresses.  We'll sign just about anything</div><div>to stay alive.</div><div><br></div><div>RPKI is a geek toy.  It's not at all required </div><div>for a business to stay alive on the Internet,</div><div>so companies feel much safer in saying</div><div>"no way will we sign that!".</div><div><br></div><div>Now, at the risk of bringing down the ire </div><div>of the community on my head...ARIN could</div><div>consider tying the elements together, at </div><div>least for ARIN members.  Add the RPKI terms </div><div>into the RSA document.  You need IP number</div><div>resources, congratulations, once you sign the</div><div>RSA, you're covered for RPKI purposes as well.</div><div><br></div><div>That doesn't solve the issue for out-of-region </div><div>folks who don't have an RSA with ARIN; but</div><div>that's no worse than you are today; and by</div><div>bundling the RPKI terms in with the rest of the</div><div>RSA, you at  least get everyone in the ARIN </div><div>region that wants^Wneeds to maintain their</div><div>IP number resources in order to stay in business</div><div>on the Internet covered in terms of being able to</div><div>use the RPKI data.</div><div><br></div><div>If you've got them by the short and curlies</div><div>already, might as well bundle everything in</div><div>while they've got the pen in their hand.  ^_^;</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>

<div>Even so, we at ARIN are in the midst of a Board-directed review of the RPKI legal framework to see if any improvements can be made <<a href="https://www.arin.net/vault/participate/meetings/reports/ARIN_43/PDF/PPM/curran_rpki.pdf" target="_blank">https://www.arin.net/vault/participate/meetings/reports/ARIN_43/PDF/PPM/curran_rpki.pdf</a>>

  – I will provide further updates once it is completed. </div></div></blockquote><div><br></div><div>Best of luck!  I know we'll all be watching carefully to</div><div>see how it goes.    :)</div><div> </div><div>Matt</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>

<div><br>

</div>

<div>Thanks!</div>

<div>/John</div>

<div><br>

</div>

<div>

<div>John Curran</div>

<div>President and CEO</div>

<div>American Registry for Internet Numbers</div>

</div>

<div><br>

</div>

</div>


</blockquote></div></div>