Re: [sig-policy] Address Transfer Policy Proposal

To: Geoff Huston <gih at apnic dot net>
Subject: Re: [sig-policy] Address Transfer Policy Proposal
From: Terry Manderson <terry at terrym dot net>
Date: Wed, 3 Jun 2009 21:25:58 +1000
Cc: Philip Smith <pfs at cisco dot com>, Policy SIG <sig-policy at apnic dot net>
Delivered-to: sig-policy at mailman dot apnic dot net
In-reply-to: <A1084FFE-E7E8-49FC-B375-6346E8BFFF7B@apnic.net>
List-archive: <http://mailman.apnic.net/mailing-lists/sig-policy>
List-help: <mailto:sig-policy-request@lists.apnic.net?subject=help>
List-id: APNIC SIG on resource management policy <sig-policy.lists.apnic.net>
List-post: <mailto:sig-policy@lists.apnic.net>
List-subscribe: <http://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=subscribe>
List-unsubscribe: <http://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=unsubscribe>
References: <F72ACDCB-D54B-434C-B133-95A94C44C6A9@apnic.net> <4CF214C9-D0AB-400C-8FAC-62B2E9CB78F0@terrym.net> <A1084FFE-E7E8-49FC-B375-6346E8BFFF7B@apnic.net>
Sender: Terry Manderson <terry.mndrsn@gmail.com>

Hi Geoff,

On 03/06/2009, at 5:33 PM, Geoff Huston wrote:


[..]

A: addresses held by current financial members of APNIC,
B: addresses held by non-members of APNIC who pay APNIC a non-memberservice fee associated with the address holding, and
C: there are "historical" address resources which are listed in theAPNIC databases and the listed holder is not a financial member andthe address is not the subject of an annual maintenance fee
My intent was to say that addresses in categories A and B are"current" addresses and may be transferred, and category Caddresses are not eligible to be transferred. In the later case theentity concerned can become a member or reestablish a relationshipwith APNIC and pay an annual maintenance fee and then the addressesare eligible for transfer.

That sounds onerous (cost wise) on an organisation that 1) holds

historical addresses, 2) wishes to pass them to another entity for

valid use.

The reason why I felt that this was appropriate is that addresses incategory C may, or may not, have a clear and current record of thecurrent holder of the address resource and the process of making theaddresses current within APNIC's existing processes uses a set ofprocedures that

I think this represents a level of uncertainty if those "C" addresses

cannot be sensibly brought into the framework rapidly through a

suitable process or there is some doubt as to the current holder. Such

that category C resources left out there may exist and foster some

black market which is untraceable and leaves the registry with holes.

Something to try to avoid perhaps.

I would urge the secretariat to confirm that all those category C

allocations are demonstrably with those organisations and APNIC can

confirm that the registry is sane before committing to a larger

transfer policy. That may be costly to the secretariat, but of a

larger significant benefit to the community.

call on the holder to demonstrate their continuing association withthe addresses - it was hoped that this would improve, to someextent, the integrity of transfer transactions in so far as theintent was that transfer transactions would be registered when bothparties were "known" to APNIC, and APNIC would avoid becoming aparty to possibly fraudulent transfer transactions.
For NIRs,  similar considerations would apply, I assume.
If there are better ways to phrase this in terms of a policystatement I would appreciate assistance in terms of appropriateterminology. Perhaps some advice from the Policy folk in theSecretariat?


[..]

Given that there is no time constraint stated here then the intentwas to allow an NIR the choice of adopting this policy or not.

hrmmm.. while RIR governance is not a stick and national bodies may

follow the desires of the their members, that statement leaves me

cold. And while I would love the transfer policy to be in place for

"the greater good" throughout the region I can foresee that if any NIR

abstains from implementing the policy - they would be inadvertently

erecting barriers and creating borders on the non-geographical nature

of the internet.

I would assume that the NIR communities would be aware that that theshort term industry needs following the exhaustion of theunallocated IPv4 pools would imply that such a policy has greaterbenefit in terms of ensuring continuing accuracy and relevance ofthe registry system and in continuing some level of distribution ofaddresses if such a policy was adopted earlier rather than later,but I understand that the NIRs were desirous of having the abilityto adopt such a policy within timing parameters as determined bytheir national community.

I certainly hope it is only timing. The differences expressed between

JPNICs members and that of the JPNIC secretariat were sobering.

- when a member disposes of address space using this transferpolicy the
 member should not be entitled to any further IPv4 allocations or
 assigments from APNIC for an extended period (two years?)
or until the final /8 is reached.
My intent with this two year period constraint was to cover a numberof possible eventualities, including APNIC performing subsequentallocations from returned address space even after after the final /8 has been invoked.

For larger, more stable businesses that may be a suitable approach.

For developing businesses in developing countries I would err on the

side of flexibility.

Thank you for this suggestion.
Do others feel similarly? And, conversely, are there other who areof the opinion that this is perhaps a imposing too onerous aconstraint on the registration of a transfer transaction?
I'd like to point out that the reason why such a constraint, and whyother similar conditions or

I don't see it as a constraint.. you are not limiting the transfer by

_also_ providing IPv6 addresses at the same time. It is recognition

that an organisation clearly needs addresses, surely the preference

would be to encourage v6 use? Perhaps asking for a "plan" might be too

much.

"I see you have acquired more v4! we also notice that you currently

don't have any v6. Here a suitable v6 allocation as well to help you

along".


..Perhaps going that extra step is evolutionary..

constraints were not included into the original address transferpolicy proposal was that it is my personal view that the registrysystem has remarkably little enforcement mechanism when theassociated allocation function has concluded. The way I have phrasedthis in the past is that if the constraints on registration of anaddress transfer in APNIC's registry was too onerous, then the mostlikely outcome is that other forms of registration would appear andthat the risk of creating unwanted and dangerous chaos in addressuniqueness would be considerably greater. I felt that there neededto be a balance between ensuring that the registry was able tocontinue to operate in a manner that was accessible and free ofonerous constraints and imposing a number of somewhat extraneousconstraints and conditions that are superfluous to the basicregistry function.

Oh, you mean a constraint on APNIC "the secretariat"? Surely automated

tools would maintain the registry consistency and be a minimal

resource concern for adjudicating transfers?


Maybe I'm thinking beyond the secretariat's capabilities.

I wrote up some thoughts on this topic at http://www.potaroo.net/ispcol/2008-11/transfers.htmlthat you may find useful in thinking about the various issues thatmay be at play here.


I'll be sure to read those writings.

If there is a broad feeling from this community that such additionalconstraints and conditions relating to the disclosure to APNIC ofsome form of IPv6 deployment plan should accompany a registrationtransfer request, then that certainly can be added to the proposal.

At this juncture in the evolution of the internet I'm heading toward

the camp that v4_need == v6_need. If you transfer in v4 resources, you

probably should also have some v6.


Cheers
Terry