ARIN XXVIII Public Policy Meeting Draft Transcript - 12 October 2011
Note: This transcript may contain errors due to errors in transcription or in formatting it for posting. Therefore, the material is presented only to assist you, and is not an authoritative representation of discussion at the meeting.
Table of Contents
- Opening and Announcements
- AC On-Docket Proposals Report
- Regional PDP Report
- Internet Number Resource Status Report
- RIR Update - AFRINIC
- Draft Policy 2011-8: Combined M&A and Specified Transfers
- Draft Policy 2011-7: Compliance Requirement
- IANA Activities Report
- RIR Update - RIPE NCC
- ARIN Board and Advisory Council Election Procedures
- Open Microphone
- Closing Announcements and Adjournment
John Curran: Good afternoon, everyone. Welcome to our ARIN meeting. Welcome to Philadelphia. I'm John Curran, president and CEO of ARIN. I'd like to call the meeting to order and welcome you all to this wonderful city. I see a lot of familiar faces. I see we have some folks from NANOG as well who stayed on. That's always wonderful.
I'd like to introduce the Board of Trustees who is here attending the meeting. Some of them up here; some of them in the audience. So Paul Andersen, Scott Bradner in the back of the room a moment ago, myself, Vint Cerf, Chairman Tim Denton, Paul Vixie, and Bill Woodcock over there.
We have our ARIN Advisory Council here, most of our members. A few who could not make it.
So, in order, Cathy Aronson; Marc Crandall; Bill Darte; Owen DeLong; Dave Farmer; Chris Grundemann; Martin Hannigan; Stacy Hughes; Scott Leibrand — I know you're here, Scott — Chris Morrow; Bill Sandiford — I know he's here — R.S. isn't with us, he just got married; Heather Schiller — I know Heather's here somewhere — and our Chair, John Sweeting.
Okay. If you have questions about the policy process and the status of policies that are being discussed, the Advisory Council is the group that's chartered to provide advice to the ARIN Board on Public Policy Development.
So we asked them to run the PDP, consider the community input. They end up making the recommendations for what policy proposals based on your input — what policy proposals get recommended to the Board, which ones get revised, which ones get discarded. So they're the ones you really want to talk to. They're the ones who designate shepherds who individually supervise each policy proposal.
NRO Number Council. These are the representatives that we have who sit on the NRO Number Council. The NRO serves in ICANN as the Address Supporting Organization. The Number Council is the body within that group that, again, recommends on global policy matters. Ron da Silva, Louie Lee, and Jason Schiller are our representatives to the NRO Number Council.
RIR colleagues. We have quite a few. AFRINIC, Ernest, are you here somewhere? Yes. From LACNIC, Raúl, our CEO of LACNIC. Yes. Raúl, good to see you.
From the RIPE NCC, quite a few. Nigel, Dmitry, Axel. Andrea? Yes. It's hard to see people up here. Andrew? Yep. Athena? Yep. And Tom Vest. Yes? No? No. Okay.
And from APNIC, Guangliang. Geoff Huston. I see Geoff. Adam Gosling. Yep. And Craig. Craig? Yes. Thank you.
Okay. And the RIRs are here, of course, because the policies that we make affect — even though they're regional policies in general, some are global. And even the regional policies have impact; sometimes require coordination where we want to compare practices with what happens with another RIR.
The ARIN management team is here. Myself, obviously. Nate Davis, our chief operating officer. Where are you, Nate? Probably off running things. Okay. Cathy Handley is not here. She's our executive director of government affairs. Spends a lot of time working with ITU, United Nations, IGF. That means a lot of travel. She's currently prepping for an upcoming meeting that's going to be taking place at the ITU.
Bob Stratton, our CFO, an important man to know. And Susan Hamlin, who keeps the meeting running smooth, is here somewhere. Oh, right there. Mark Kosters, who heads up engineering. Hi, Mark. Mary K. is over there, Mary K. Lee, who heads up HR administration for ARIN. And Leslie Nobile, who runs the registration services desk.
So now you know everyone here. We're here to help you make policy. That's what we're all about.
We'd like to welcome the Fellowship recipients for this meeting. From Canada, Kerry Brown. Kerry, are you here? Thank you, Kerry. USA, Brigette Teets. Brigette? And Niel Harper from the Caribbean. Niel? Yes.
The Fellowship Program allows us to take people who might not otherwise be able to attend an ARIN meeting, and we try to bring in new people from each region, to help expand the scope of the organization, help share this message back to the communities that we wouldn't otherwise reach.
We have also our Postel Network Operation's scholar, Wilson Abigaba. The Jon Postel scholar is selected to attend jointly NANOG and ARIN. Again, same thing: for outreach, to help get the community message out to more people. And it's been very successful.
We welcome the first-timers. Most of the first-timers had lunch with us the other day. Got to again meet the staff, talk a little bit, learn about how the registry system is structured.
We're now going to have the prize drawing for all the first-timers. It is a $100 gift certificate to ThinkGeek. They have a lot of interesting things. I'm sure this will be put to good purpose.
I need someone to do a drawing. Bill, come on over here. Reach up in there and pull a name out. Okay. Thank you, Bill.
Okay. You don't need to get up. We're going to mail you your gift certificate. Okay. Roy Balleste of St. Thomas University. If you're here, congratulations. $100.
John Curran: Very good. Okay. And we have an exciting program. We'd like to welcome our remote participants. Remote participants get a copy of the webcast, which is coming streaming live over the network. There's a live transcript being done. All the meeting materials are online. They can participate in the chat room, including the virtual microphone where someone will read their sessions up.
And they get to count in the policy consensus. If we do a show of hands, the remote participants are also included in that count. So as much as we can get them here without teleportation, we've done so. Hopefully that makes the remote participants feel heavily involved.
Okay. All of you have one of these packets. It has the meeting program, including the survey on the meeting. It has the ARIN Policy Discussion Guide, and this is a very important document. This is your best friend. As we go through the next two days, we'll be discussing the policies published in this guide.
So you have it with you. You can flip to the right page of the every draft policy we're discussing. Makes great reading over lunch and dinner, when you're trying to get more ARIN hours in. So I recommend you spend a lot of time.
You also have the ARIN Number Resource Policy Manual. That's the current body of Internet policy for the ARIN region regarding number administration. And it describes the current policies. Those are what is being changed.
You have information on ARIN's election. We're in the middle of an election cycle. We do it every October where we elect the new members of the Board of Trustees and the new members of the ARIN Advisory Council. We always have two seats for the Board of Trustees open and we have five members of the Advisory Council, because each of them cycle one-third every year.
So you have information on how to go online. You can see their bios. You can read the statements of support. You can file statements of support for a Board member or an Advisory Council member. So it's very worthwhile. We'll actually hear from those folks later on in the meeting.
Attendance stats. Registration. We have 16 folks from Canada. 148 from the United States. We have one from the Caribbean region. Outside the ARIN region, 20 registrations and 25 remote participants preregistered when we did the slide.
Okay. I'd like to thank our sponsor, Comcast. Big round of applause.
John Curran: Because of their efforts and the efforts of the team earlier in the week, we have great connectivity. Running meeting connectivity is always exciting. And there's always some teething. But NANOG worked through some of that, and we get the benefit now of hopefully a very good meeting and very good hotel room connectivity.
ARIN question of the day: What keeps you actively participating in ARIN? So if you have a view on this, you have a perspective you want to share on why you participate in ARIN or why you continue to participate, at the break come on out. Okay? Look for an ARIN staffer carrying the "ARIN Question of the Day" sign.
You will have an opportunity to be videotaped. We produce videos that we use in our trade shows, that we use to educate people. You may have your moment of fame being inserted into that video answering this question.
So the question of the day is: What has got you or keeps you actively participating in ARIN? If you're interested in speaking about that and being part of the materials we use to educate people, find the staffer at the break.
Okay. Open Community Survey. There is a process that's going on in conjunction with ICANN to review the Address Supporting Organization. The Address Supporting Organization is a bylaw function of ICANN. It's a body that's responsible to assist in global coordination, on coordination of global policies within the ICANN organization. It's fulfilled by the NRO, which is the association of the — unincorporated association of the five registries.
There's an independent review cycle that occurs, and that independent review cycle has resulted in the NRO contracting for a third party to perform an assessment of the ASO and how well it's been performing within the system.
So you may get asked your views by the gentlemen from ITEMS who are here, but there's also an online survey. If you have views you'd like to share, if you're familiar with the ASO and its function and you want to give feedback, that link, www.items.fr/aso.php is where you can fill out the survey about how the ASO is being performed.
This is not just ARIN-specific. It's for all five RIRs, and we all fill out the same survey. While it's a lot of questions, it should be done in less than five minutes. We welcome everyone to complete the survey and provide feedback that will help us make a better ASO.
Rules and reminders. Okay. Please notice that the Chair moderates discussions of the draft policies in a manner that gives everyone an opportunity to speak. We give priorities to people who are speaking for the first time on policy proposals. Please state your name and affiliation each time you come to the microphone. Please comply with the rules and courtesies outlined in the program. If you look in your folder you'll see a little sheet of courtesies on how to conduct a proper meeting. Please pay attention to those.
Today's agenda. We will have the Advisory Council provide its On-Docket Proposals Report. That's what they're working on presently. We'll have a Regional Policy Development Report. We will have the Internet Number Status Report, which is the status of the number pool overall. And then we will actually have the ARIN Board and Advisory Council Election Procedures and the candidate speeches taking place later today.
We also have in the middle of all that a couple of policies we're discussing. So — oops. Not the policies yet.
We also have the RIR update from AFRINIC going on today, the Regional Policy Development Report, and the IANA Activities Report.
Policy discussions. We will discuss two policies today. We will prioritize the agenda to make sure that the policies start in the block at 2:15. That's for remote participants. So if for some reason we're running late or running early, we want to make sure remote participants who are prioritizing their time here can call in at the right time.
At 2:15 we'll start the discussion with Draft Policy 2011-8: Combined M&A and Specified Transfers, and the ARIN Policy 2011-7: Compliance Requirement.
Tonight is ARIN's big social. It's at the Franklin Institute. For more information go online. It's a fairly interesting facility and fairly impressive. We're going to load at 6:40 on The 12th Street exit off the lobby. Take the exit off the lower lobby to find the buses. The last bus will leave at 6:50. So we'll have a few buses. You gotta be down there 6:40 to catch the first one, 6:50 for the last. We'll end up with return service coming very quickly starting at 8:00 p.m. and running a little later through the night.
Please bring your name badge. You need your name badge. It's very important. Lets people in the social know who you are, lets you get in and other important things.
At the head table: Myself; Chairman Timothy Denton; Scott Bradner, Board member; Vint Cerf, Board member; Bill Darte, ARIN AC member; Owen DeLong, ARIN AC member; and David Farmer, AC member.
And, David, you're doing the remote moderation. Very good.
With that, I'm going to start right in. We're going to move to John Sweeting giving the AC On-Docket Proposals Report.
John Sweeting: Welcome to the ARIN meeting here in Philadelphia. I will give a quick update. The On-Docket Proposals Report is just a quick report on the proposals that we still have on the docket and are working and we have not moved them forward to draft policy status for discussion as a draft policy here at this meeting.
So the first proposal that's still on our docket is ARIN Proposal 151: Limiting Needs Requirement for IPv4 Transfers. This particular proposal would allow the 8.3 specified transfers without a needs-based evaluation.
When we sent out the AC action on this, the explanation was that the AC as a whole felt the text was not ready to move forward to draft policy, and so we're looking for input here at this meeting.
ARIN Proposal 153: Correct the Erroneous Syntax in the NRPM 8.3. Would require that 8.3 specified transfers can only be done as a single prefix. This proposal was in direct conflict with another proposal, 144, that we moved forward to draft policy status. That was 211-10, and that policy will be discussed here.
So I believe the AC felt that we didn't want to put a direct conflicting policies on the agenda, and the other one was the one that we felt we wanted to put forward to draft policy.
We have two proposals that we will review in our meeting Friday afternoon at the conclusion of this meeting. These proposals came in too late to be considered for draft policy status. Actually, they haven't even been considered to be put on our docket yet. This would be our first meeting since they've been submitted, and we'll take action on them at that time.
The first one is ARIN Proposal 157: Section 8.3 Simplification. Which would expand the 8.3 transfers from only IPv4 space to all number resources to include IPv6 and Autonomous System numbers.
The next one that we received over the last few days was ARIN Proposal 158: Clarify Multiple Discrete Networks Policy. There was a huge discussion on PPML, and, as a result, this proposal was submitted. And it seeks to clarify the meaning in line with current and intended application of the policy.
So for those four proposals, as well as two other subjects — "Legacy addresses: A global resource upon return?" and "What role should/will the RIRs play in the future?" — there will be lunch tables designated for discussion of these topics.
So that will be for tomorrow's lunch. So when you head into the lunchroom tomorrow, if you have input, you feel very strongly about any of these topics, please try to get yourself a seat at that table and join in the discussion and provide us with any input that you care to share with us.
And that's it. Thank you very much.
John Curran: Thank you, John. Next up we'll have Einar Bohlin do the Regional Policy Development Report.
Einar Bohlin: Good afternoon, everybody. My name is Einar Bohlin. I'm the Policy Analyst at ARIN. This report is to give you an idea of what's being discussed at all of the RIRs together.
So just about every six months prior to an ARIN meeting I look to see what was discussed at LACNIC, AFRINIC, RIPE, ARIN, and APNIC, and bundle it all together and organize them by topic.
During this particular period, since the last ARIN meeting there were about 52 proposals on various different topics with the bulk of them being still on IPv4. That is a topic that seems to not be over with yet.
There were also some proposals on v6, directory services. ASNs has dropped off the radar. And a little bit on resource review.
So we have eight draft policies to discuss at this meeting over the course of this afternoon and tomorrow. These particular draft policies don't really have anything comparable at any of the other RIRs. However, a couple of — three of the draft policies on our agenda do.
And I'll go through. The first one is Inter-RIR Transfer. It's been adopted and that's waiting for development in other regions. And it's my understanding that last week at LACNIC during their meeting there was a panel discussion on the topic of transfers that included some discussion about Inter-RIR Transfers.
The next item is a draft policy which is a global proposal which in order to be adopted and implemented has to be passed by all five RIRs with a similar or even exact text and go through the global proposal process.
So it's pretty clear this is actually at all five RIRs. It's adopted at APNIC and LACNIC. And it's in last call currently at AFRINIC and RIPE. And it's on this week's agenda.
And finally the draft policy about use of number resources within region. The draft policy we have says essentially that ARIN issued spaces for use in the ARIN region, and there is a similar proposal in the AFRINIC region that's in last call. And there's a proposal that was discussed at LACNIC last week, and I think that's going back to the list for more discussion.
So these are just some highlights, things that some of the other regions are talking about. You'll get more of a detailed report from the actual RIR staff that are here that are going to report what's happened in their regions. This is just to give you a taste of what's going on.
There's a proposal in the AFRINIC region that is to reclaim unrouted space. There's a proposal in the APNIC region to remove the needs-based criteria from transfers.
And adopted in the LACNIC region is a policy that requires a plan for v6. And I think there were a couple of proposals last week that require requesting and obtaining v6 space where you go get v4 space either initially or for additional space. Those we expect — those proposals will be going to last call.
And then on topic of v6, there's a proposal in the RIPE region that would remove the criteria that end users be multi-homed in order to get v6 space.
So that's just a taste. The other RIR staff will give you more information about the things that are happening in their region. And these are the links to the policy pages where you can find exactly what's being discussed or in last call at the other RIRs.
And the last item here is the policy comparison overview. It's a single document that compares the different policies at the different RIRs grouped such as if you want to see what the end user v4 policy is, you can see what that policy is at all five of the RIRs on one page. It's a nice document.
And that's it for me. Thank you. Are there any questions on any of this? If you do have questions about the other RIRs' policies or what's going on there, they will come up, do their reports, and they'll be happy to talk to you.
John Curran: Thank you.
John Curran: Next up we have Leslie with the Internet Number Resource Status Report.
Leslie Nobile: I'm going to do the joint stats. This is the statistics of all five of the RIRs in a side-by-side format and the status of basically all the number resources. We update this quarterly. It was updated a couple of days ago. It's pretty recent data.
So we'll start with the distribution of the IPv4 address space. Probably the most interesting thing is right there in red. IANA reserved is now down to zero. If we move up, we look at — we can see that 35 of the /8s out of the 256 are in use by the technical community. If you go left, you can see central registry, 91 /8s were issued prior to the establishment of the RIRs. That's traditionally where the legacy space sits. That was issued under US government contract by IANA. The SRI-NIC and DoD NIC and InterNIC and much of it was issued in the ARIN region because the early growth of the Internet was all taking place here in the US. So late '80s, early '90s that was going on.
And then you see that the RIRs together have 130 of the /8s issued to them by the IANA, and it's further broken out at the bottom. You can see that APNIC has received 45 /8s from the IANA; RIPE NCC, 35; LACNIC, 9; AFRINIC, 5; and ARIN, 36.
So we look at how the IPv4 address space has been issued over the years. We went back as far as 1999. It basically shows the growth trends sort of up and down. Really the thing to note on this one is most of the growth in v4 over the past several years has been in the APNIC region, and that resulted in them now being basically out of IPv4 address space working out of their last /8. They were the first RIR to deplete most of their supply.
You'll also see that the ARIN bar in light blue is quite low. We've issued just over one /8 this year in the first nine months of the year, that's fairly low for us.
It could be that there was a policy in February once ARIN — once IANA depleted, a new policy went into effect in the ARIN region that said that ISPs would receive only a three-month supply. Once that policy went into effect, we saw a real drop-off in what we were issuing in v4 space.
So this looks at the cumulative total over the past four years. Same slide, but just a different format. It shows how much we've issued in total to our customers over the years. RIPE has issued a little over 31 /8s; ARIN, a little over 27; LACNIC, 6; AFRINIC, 2; and APNIC, a little over 44 /8s.
This looks at ASN assignments to our customers. In the early days ARIN was issuing more ASNs than any of the other RIRs, but that was taken over in recent years, probably the past five or six years, by RIPE who is now issuing more ASNs than any of the other RIRs. The rest of us are sort of trending the same as we have been over the years.
Again, cumulative total. This is how many total ASNs we've all issued. Probably don't need to read the numbers. I'll leave it up for a second. You can see RIPE has issued more ASNs than any of the other four RIRs.
We decided to break out the 4-byte ASNs because we've seen problems with them. We put a new slide in to show how many 4-byte ASNs each of us have been issuing. This is an interesting graph. When I looked at it, I said: Whoa. What happened here? I've got to figure this out. Because APNIC was traditionally much lower, but when you look at it, APNIC in the yellow bar has now issued this year more 4-byte ASNs than any of the RIRs.
So I went back to check on that, and apparently — well, there's a couple of factors. One factor is that they've issued recently blocks of 100 4-byte ASNs to four of their NIRs, so that accounted for 400 of them.
But the other change has been there was a policy passed last year, a global policy, that said — let's see, the global policy — there will be no distinction between 2-byte and 4-byte ASNs, so you're just going to issue out of one big pool.
So originally all the RIRs decided to issue lowest to highest, meaning we'd issue with 2 bytes first and move on to the 4 bytes later on because we knew people were having problems, particularly in the ARIN region.
So ARIN did that, APNIC did that, and AFRINIC did that, but LACNIC and RIPE decided to do the opposite and they decided to start issuing with their 4 bytes first, so they were really putting them out there, which explains why they've issued more.
Recently APNIC has started running out of 2-byte ASNs, so they've actually had to switch their format and they're now issuing 4 bytes by default. So they're pushing more and more 4 bytes out there. So that's why these trends have changed a bit.
This slide shows how many each of us have issued in total. And, yeah, the ARIN region, we've issued just 40; RIPE has issued over 1500; LACNIC, over 500; APNIC, 900; and AFRINIC, 26.
IPv6 address space. So we see the total pool of the /0, the /3 carved out for global unicast by — for the IANA to issue to the RIRs, and out of the 512 /12s, five of them were issued to the RIRs under a global policy, so we're each still working from our original /12s that we received in 2006.
And there's one miscellaneous /12 that was used for various things that I don't even remember, but there's a few of them shoved into that single /12. A couple of us are probably going to be ready to request additional /12s from the IANA in the near future.
So we look at IPv6 allocations from the RIRs to our customers, and what we've seen over the past several years is most of the growth in v6 allocations has been in the RIPE region.
But the good news is the growth trend is up in all of the regions over the past several years. So that's a good thing. LACNIC in particular we're seeing some real increase, and in AFRINIC. So that's all good.
This slide looks at the total number of allocations in the left pie. And then in terms of /32s, the total number of /32s, because of course we all issue larger than /32s, so on the left RIPE has made 36- — a little over 3600 v6 allocations; ARIN has made over 1600; APNIC, 1400; LACNIC, 700; and AFRINIC, 200.
But when you look on the right, those numbers are really, really drastically different because of the large allocations we're all making.
And this looks at IPv6 assignments to our end-user customers. And we're all making them. ARIN was doing it first. We had the policy early on. So you can see that we — in the blue bar we were sort of making lots of assignments early on, and we continue to. We still issue more assignments than any of the other RIRs do in v6.
And this is just the links to the RIR stats. They're kept on the NRO site and the RIR sites and the ICANN website. So if you're interested in getting any more data, that's where you can find the information.
Owen DeLong: Can you go back to the RIR /12s slide? I think it's one forward. No, that is it. So you list only 260 /12 for ARIN, but I know that I've got an assignment out of 262 /12, and I know Hurricane has an allocation out of 200 /12.
Leslie Nobile: Prior to the establishment of this global policy, we were all issued /23s from that miscellaneous /12, some from the miscellaneous /12 and some from our actual /12. It just depended. You have an old, old allocation from the /23 which isn't shown there. It's not broken out separately.
Owen DeLong: So it's early swamp.
Leslie Nobile: It is. It's our early swamp space, yes.
Owen DeLong: That explains the 200, but what about the 262?
Leslie Nobile: I don't know. Maybe Leo would tell us. He's with IANA. Do you have any idea? I can't remember really.
Leo Vegoda: I can't remember off the top of my head. I'll have to look in the registry.
Leslie Nobile: Yeah. We'll have to look. We'll let you know, though.
Leo Vegoda: I have a question, Leslie.
Leslie Nobile: Okay. Sure. Leo?
Leo Vegoda: Can you go back to the 4-byte AS numbers, the total allocations, the total assignments per — the one before that, I think. That one does. This is — is this everything that has gone out and may have come back, or is this stuff that's gone out and it's stuck?
Leslie Nobile: This is the stuff that stayed out there. We don't count the stuff that was returned, and there's a lot of it that's been returned and exchanged for 2 bytes. So this is just what's permanently out there right now that's stuck with —
Leo Vegoda: Okay. Thank you very much.
Leslie Nobile: Okay. You're welcome.
At the far.
Randy Carpenter: Randy Carpenter, First Network Group. I was going to answer Owen's question. I just looked it up, and it looks like all the RIRs have a /23 directly from ARIN or by IANA, in addition to the /12, and I think ARIN is using that 23 for the end-user assignments only.
Leslie Nobile: We are still using some of our old —
Randy Carpenter: But it was like 2620 /23.
Leslie Nobile: Uh-hmm. It was out of that miscellaneous bit. Yep.
Bill, did you have a question? Okay. Okay. That's it. Thanks for your time.
John Curran: We find ourselves slightly ahead of schedule. When that happens, I try to move things up. So I have to ask if, Ernest, you could do the AFRINIC Report, if you're — where are you? Is he — yes. We'll try to get the slides that match the AFRINIC report to come up. That's always as exciting.
Ernest Byaruhanga: Good afternoon. My name is Ernest Byaruhanga, the members services manager at AFRINIC. For those who don't know AFRINIC, AFRINIC, we are the RIR that serves Africa and part of the Indian Ocean region. And happy to be here.
Quickly take you through some of the stuff we've been doing. This is a four-year highlight of the numbers reflecting the resources that we've been issuing over the last four years. Starting with IPv4, you can see we're there from 2008. We had — we issued about 1.6 million IPv4 addresses. And growth over the last four years from '08 was about four-fold, to about 8 million IPv4 addresses.
So the demand for v4 address space over the last four years has sort of quadrupled from about what it was to close to half of the /8s that we've been issuing over the last two years.
We've also received three IANA allocations over the last four years, one of which was received this year when the final five /8s were distributed by IANA to the five RIRs.
IPv6, we've also grown quite tremendously from about 18 IPv6 allocations that were issued in '08 to more than ten times — not ten times, about six or seven times, 108 prefixes over the last four years, which I also think is tremendous growth.
And the number of countries that we've actually issued IPv6 address space has grown from about 27 to close to 40, and that represents more than 60 percent of the continent that has been issued with v6 address space.
The same growth over there for the number of AS numbers, and the growth of the membership is also quite steadily increasing from about 90 in '08 to about 105 right now in — actually, these are the numbers of members that have signed on every year. So the current number of members is about close to 800 as we'll be seeing in the slides ahead.
The total number of IPv4 addresses currently issued in the region is close to 45 million IPv4 addresses. That's not just a huge number in contrast to the other regions. But it actually represents quite a lot of growth, from less than a million or so over there from where the growth starts to close to 45 million in 2011. That's tremendous growth. And most of these addresses were actually issued by ourselves from about 2004.
So close to 70 percent to 80 percent of this address space was actually issued from 2005 up until now. So we've seen quite some growth over there.
And this slide in contrast shows the address space that is available in the region; that this is the inventory of IPv4 address space at AFRINIC. Details are in the table. But we have about 72.8 million IPv4 addresses that are available to issue or to allocate to network operators in our region.
This number is not very far off from what the other registries actually have, apart from APNIC. I believe that many of them — the other four registries are also having an inventory of about 4.-something /8. So I think ARIN is close to six.
The average consumption rates in the region, for those that are interested, we are issuing as of this year close to 900,000 IPv4 addresses every month. And at the current consumption rates, we of course assuming factors remain constant and no policies coming to affect the way addresses are distributed, we're looking at about six or seven years of supply of IPv4 addresses with the current inventory.
That's growth in membership. Also quite steady. Right now close to about 800 members strong. Not such a huge number again, but that also represents quite tremendous growth in the region.
IPv6, equally importantly, has also grown from about actually one allocation back in '04 to close to 100 right now. Same growth-wise numbers.
And this represents the distribution of the resources in our region by economy. You have IPv4 addresses. South Africa takes about half of the chunk of v4 space in the entire continent, so it's close to 23 million IPv4 addresses. And the other countries, as you can see from the pie chart, we actually have about half of the addresses in Southern Africa and more than the other quarter in Northern Africa.
So we have a huge part of the continent that actually still has not — the operators have not requested for enough v4 addresses like the other regions. And in that case there is still huge potential there, and as the infrastructure improves and Internet penetration improves in that part of the region, we definitely will be seeing much, much more demand for v4 addresses.
V6. Equally importantly, South Africa still has a broader chunk of the v6 issued in the region. The pie chart at the bottom, the membership, we still have close to half of our members coming from one country, South Africa, and all the others are sharing in small or equal percentages.
Einar talked briefly about the policies in our region. I'll quickly skim through these. This is a brief update of some of the policies that have been discussed in our region of recent.
We have the one policy that is pending implementation, and that's the abuse contact information in the AFRINIC Whois database. The author of this policy intended that AFRINIC includes explicit abuse email addresses and related contact information in all resource objects of the AFRINIC Whois database. So this policy proposal went through two iterations at Public Policy Meetings but finally got consensus and is waiting to be implemented.
Then there's the IPv4 soft-landing proposal. This one determines or directs how AFRINIC will be managing the last /8. It's also on the last call.
You have the global policy for post exhaustion of IPv4 allocation mechanisms by the IANA. Also last call.
Then the other three proposals, reclamation of allocated but unrouted v4 space, transfer of IPv4 addresses from any entity to any entity, and the addition of contact email to Whois bulk data.
These are kind of abundant. The authors did not come up to our Public Policy Meetings to present the — to present or defend the policies. And there has not been much discussion of the mailing list, so this will probably soon be very abundant.
Recent activities. We've signed a memorandum of understanding with the Commonwealth Training Organization, mainly to collaborate on actions that promote ICT4 development initiatives and also conduct joint training and capacity building initiatives in areas that fall within the mandate of both entities.
This is an exciting — an exciting one, and we're looking forward to working with the CTO on these initiatives.
We were also present at the IGF in Nairobi. Those that were there would have seen us. We were there mainly for outreach to our stakeholders and for marketing and networking purposes.
Now training activities. We've been busy in the region trying to promote IPv6 awareness. We do workshops. This engages us a lot and our training team. This year we so far covered eight economies, and we have three to go.
We actually planned for much more, but sometimes there are issues in the countries that we're planning to visit: political instability once in a while, riots that would stop us from going. Otherwise, the numbers would be much bigger than this. We covered ten training events last year, and as of now I would say that the huge chunk of the continent we've been there, we've done v6 workshops, there's huge demand for these workshops. They're free. So we hope that in two years or so we would have covered the entire continent.
And as a direct result of these workshops we've actually seen great demand for IPv6, because wherever we go, we definitely — we leave with a couple of ISPs requesting for v6 space and actually getting it announced and routed and deployed.
You're all welcome to our next Public Policy Meeting. It's going to be held in Yaoundé in Cameroon. That's in the central part of Africa. Those dates are either close or after the Thanksgiving week in the US. So, as such, I don't think we're expecting many Americans there. But, nevertheless, everybody's welcome. Should be quite an exciting meeting.
Thank you. I'll be happy to take any questions.
John Curran: We have a question. I see someone in the back.
Ralph Bischof: Ralph Bischof. I'm with SAIC/NICS for NASA. I'm just wondering, I saw last year also you had the IP explosion. Do you have any reasons as to why it's exploding so much in your region?
Ernest Byaruhanga: Well, first of all, there have been quite a few projects around the continent that have sort of stimulated Internet penetration. We have three — I think actually four fiber cables that land at various parts of the coast, both east and west, which I think, if I have my facts straight, actually brought down the Internet connectivity rates tremendously.
So this is one of the factors we're looking at that would have driven the demand for IPv4 addresses much higher in the last few years.
Michael Sinatra: Michael Sinatra, ESnet. The policy that was abandoned on transfers to any entity, do you have an existing transfer policy already and was that going to expand it and did that include Inter-RIR Transfers, or was it just a basic transfer policy?
Ernest Byaruhanga: That proposal was a bit broad. I can't get the text off my head from what was written, but actually it was covering Inter-RIR Transfers and transfers within Africa and everything.
So the policy, in short, it just required any organization located either in Africa or outside Africa to be able to transfer resources to another entity either within Africa or outside Africa.
Michael Sinatra: Just a brief follow-up, if I may. Do you have a policy already that allows transfers within the RIR, AFRINIC?
Ernest Byaruhanga: We do not have an explicit policy that defines transfers at the moment.
John Curran: Thank you.
John Curran: Okay. We're now going to start on our draft policy discussions. For those who are remote, no, you didn't miss it. We just moved up the AFRINIC update.
John Curran: So the first one we're going to talk about is 2011-8: Combined M&A and Specified Transfers Draft Policy.
The origin of this was ARIN Policy Proposal 141, submitted in May 2011. The AC shepherds from the Advisory Council, Marc Crandall, Scott Leibrand. The AC selected as a draft policy in July 2011. The current version is the text from July 26. The text and assessment are online and in your Discussion Guide, obviously.
Summary. The policy offers another option to 8.2 transfers — 8.2 is mergers and acquisitions — where the IP addresses being transferred are underutilized. The new text would allow unused portions to be transferred via 8.3, Transfers to Specified Recipients.
Status at other RIRs. Nothing similar at the other RIRs.
Staff assessment. The proposal would fill a gap in the existing policy and would likely benefit the community.
Implementation report. Minimal. Three months. Just need to update our guidelines and staff training.
Policy poses no significant legal issues.
At this point I'd like to — oh. PPML Discussion. Little discussion on the draft policy. One post in favor on the Public Policy Mailing List, a little discussion of it when it was a proposal.
So at this point I'd like to bring up Scott who will do the AC presentation of the policy proposal.
Scott Leibrand: This policy proposal addresses a fairly simple and straightforward problem, which is if a party initiates an 8.2 transfer and ARIN determines that they should not be getting all those addresses because they're underutilized, or for whatever reason.
The current text says those must be reclaimed and may not be transferred. And that is in contrast to the situation if they go the other way around, which is do an 8.3 transfer first, then go and do the 8.2 transfer, then it's all okay. And so that seems rather silly that it's all path dependent like that and it creates a problem when the organization trying to do the transfer doesn't know if ARIN is going to approve the whole thing or not. So it's kind of a bunch of unnecessary uncertainty.
So this policy text is very simple. It adds the word "transfer" to the last sentence of 8.2. And it's hard to see the italics here, but there's a little bit of that sentence that was reworded for clarity but doesn't change the intent much. So this would allow the resource holder to transfer the resources that are not justified.
So benefits of that. It allows the combined transfer of unused resources via 8.3 to an organization that actually needs them and the rest being transferred via 8.2 based on whatever merger and acquisition activity triggered that process.
This also would mean that, like I said, if you have someone who doesn't understand the process perfectly or doesn't have a crystal ball as to what ARIN is going to do, they're not going to be penalized.
And it gets addresses to where they need to go. This is all about doing the right thing, about getting those addresses into use. And we definitely don't want to be in a situation where we're discouraging people from recording their transfers properly; instead, we want to get those transfers recorded properly and get the addresses back into the system, get them used so they're not wasted.
I'm not sure there's any drawbacks to this. But the one I have heard is that maybe it's not necessary. Maybe people can just do their 8.3 transfers first, but that seems kind of like a "why bother" more than a drawback. But I don't think that's a big issue.
There are some notes worth mentioning. This does not apply to anything on v6 side. It's just v4 because 8.3 only allows v4 transfers. And it also removes some references to specific NRPM sections that were used as examples. It's a parenthetical example reference that's removed from the text. I don't think that changes anything; just clarifies it, perhaps.
We already heard about the staff assessment. They think it would fill a gap.
So discussion. Does anyone have any input on this?
John Curran: I'm going to have Chairman Tim Denton who will help moderate the discussion along with Scott and conduct any polls that might be necessary to show support.
So, Tim and Scott, take it away.
Louie Lee: Louie Lee, Equinix. I wanted to mention to those I think that you can do an 8.3 transfer instead of 8.2. There's a possibility for many M&A events where the original holder is no longer authorized to sign on behalf of their organization who's giving up their address space. So you really can't do an 8.3 in place of an 8.2 transfer.
Tim Denton: Anyone else have a view that they really care to express? That is maybe consent. In that case, I think that we can move to our habitual customary showing of hands.
John Curran: We will make sure the polling apparatus is ready, both online and in person. Looks ready.
Tim Denton: All right. So those in favor of the draft policy, would they be kind enough to raise their hands and so indicate and keep them up while you are being counted. Thank you.
Done. Do we take the online now?
John Curran: At the same time.
Tim Denton: Now people who oppose the proposed policy. Mary K., are you satisfied? Still writing the online.
2011-8: Combined M&A Specified Transfers. Total number of people in the meeting room and remote, 49 in favor, 0 against. So I think that's quite definitive.
John Curran: Total in the room and remote is 167, for those people tracking the total count.
Okay. Moving right along, we have our second policy. May it be as hopefully non-contentious as the last.
John Curran: ARIN 2011-7: Compliance Requirement. I will do the policy introduction and then have Chris Grundemann come out and do the AC review of it.
So 2011-7 history. Started as ARIN Proposal 126 in January 2011. AC shepherds are Chris Grundemann and Owen DeLong. AC selected as a draft policy in their May meeting, May 2011. The current version is 22 September 2011, and you can find it online and in your Discussion Guide.
Policy requires ARIN staff to identify customers who are out of compliance with policy and to withhold services for those who fail to come into compliance within a designated time. Staff is to contact customers who are out of compliance with policy. Customers have 30 days to respond or reverse DNS services may cease. Customers have 60 days to show progress in making corrections or reverse DNS services will cease. After 90 days, reclamation services may begin.
Status at other RIRs. Nothing similar at the other RIRs.
Staff assessment. The term "out of compliance" is not well defined anywhere within this policy. Without additional criteria, staff will continue to interpret this term somewhat liberally, and apply it with our discretion, whether using our best judgment and consideration of existing factors. Only those organizations that we deem to be significantly in violation of existing policy will be flagged for further review and audit.
Two, removing an organization's reverse DNS may negatively impact their business.
Implementation. Moderate. Six to nine months. New software tools to track deadlines. There will be likely a significant increase in time and workload for the RS team as the potential for a significant increase in resource audits due to non-compliance with IPv6 reassignment requirements is great. May even require additional personnel.
Policy has significant legal implications as it requires ARIN to withdraw services that impact innocent and bona fide third parties trying to utilize the resources.
Again, we're withdrawing resources, and while we're in contact with the party, there may be other relying parties who were not in contact and would be impacted potentially.
PPML discussion. 12 posts by 7 people; 0 in favor and 0 against. It's mostly editing the version.
Earlier discussion. 22 posts by 10 people; 2 in favor and 2 against.
"I like the sentiment behind the proposal, but ARIN should just have fairly broad leeway to determine when a registrant isn't acting in good faith to return to compliance. When ARIN determines that an organization isn't acting in good faith, registration revoked, boom."
"Not in favor of this. ARIN should never shut off reverse unless a network is revoked since the possible collateral damage is too high and will likely cause problems for many others depending on who gets crunked with this proposal."
So that completes the introduction. I'll now have the AC do their proposal review.
Chris Grundemann: So this policy is really about Whois. That was the idea behind it, anyway. Basically so the first change, it changes it and says — it specifically calls out updating reassignment information.
So today the audits are mostly about utilization specifically. And so if you can prove you're utilizing the addresses, then you get to keep them.
This says, okay, well, you have to also have your SWIPs or RWhois or something in place so we know who is using the addresses publicly and not just in the audit with ARIN.
The other thing it changes obviously is that right now today it's completely staff discretion as far as revoking addresses. This puts in a mandatory 90-day wait period. And, then again, it does the rDNS.
So it basically says — the idea behind this was if you're not doing your reassignments correctly, if you're not SWIP'ing or adding the information to RWhois, then ARIN pulls out your rDNS and you wake up and come back to ARIN and say, okay, wait a minute, I need my stuff to work, so here's the information that I'm supposed to have in the database anyway.
There's also some additional wording cleanup that's come out of this. When we started playing with this policy, we realized it was fairly poorly worded to start with. And so there's some changes that probably — regardless of the disposition of this draft, we probably need to do some mechanical changes one way or the other.
And that's that. I'll ask Chairman Denton to come up and moderate the discussion by the community on this policy proposal.
Kevin Blumberg: Kevin Blumberg, The Wire. I am generally not in support of this proposal. My greatest concern is that we're trying to make IPv6 adoption as easy as possible. If somebody is behind the times in IPv6, are they now going to run into a situation where there could be a v4 reclamation which could create a whole headache of problems? So I'm concerned about what some of the effects after could be on this — with this proposal.
Tim Denton: Thank you.
Cathy Aronson: Cathy Aronson. It just occurred to me I have a number of clients I work with that don't necessarily know that ARIN exists even though some geek at their company got address space for them. They're happily using their address space and they're doing what they needed and somebody somehow pays for the address space but they don't know how to change their records.
I'm a little afraid if we do this and the reverse goes away, you know, we could cause damage to them. I mean, is there some way that we could do some other kind of notification or — I don't know what the right answer is. But I'm afraid for those people because they're actually using the address space, and in all — you know, with good faith. They just don't know any different.
Stacy Hughes: Plus one.
Tim Denton: Is there a factual answer to that, or are you seeking to be in the speaking order?
Owen DeLong: I can answer that. I believe that the policy as written — Owen DeLong, ARIN AC and one of the shepherds. The policy as written actually does address that. It requires the DNS revocation not to be done until at least 90 days after they have first been notified. It requires them to be non-responsive for some period of time prior to even considering a reverse DNS revocation to that notification, and then if they do respond and start working in good faith, the DNS can be easily restored.
Cathy Aronson: How many ways are they going to be notified, because if my only contacts really don't exist — I guess maybe the person who pays the bill knows. I don't know. I'm a little — I'm just a little...
Tim Denton: Okay. The gentleman in the pink shirt, if I've got the right color here.
Ralph Bischof: Ralph Bischof with SAIC/NICS for NASA. I'm generally against this policy proposal, and I do agree that there needs to be some more wordsmithing done to this.
One point I do want to point out is in 12.6 where you say "An organization shall be given a minimum of 30 days to respond. If an organization fails to respond within 30 days, ARIN may cease providing reverse DNS services to that organization," so I just don't like the way some of this really worded.
Marla Azinger: Marla Azinger, Frontier Communications. Right now I'm against it, unfortunately. I used to be for it when it actually specifically was going after Whois records being correct, but now it's kind of turned into a more free-for-all and it's also taken out the clause that — and kind of given the opportunity for ARIN to, without any cause at all go investigate and — so specifically 2(d) was removed, 12.2(d).
So that's a little troublesome. It might have been an oversight. I don't think ARIN staff wants to do free-for-all "just because I feel like it today I'm going to go pick on this company," but it still appears to have been removed.
But overall I'm not in favor of it because the time frames are too short. POC issues do exist. And I'm right now getting a view of a lot of different companies that really do have essentially POC issues just because they really haven't been managing their address space, and now they're saying, oh, crap, and they're realizing that they're really kind of in need of more and they need to get POCs corrected. But I think there's a lot out there that we're not sure.
I would be curious if staff has the ability to report how many bills are not getting paid because the billing POC is invalid. I'm wondering if there's a good correlation to can we possibly make the billing POC a really good Point of Contact for all of this. But more work needs to be done before this gets passed, in my view.
John Curran: We will endeavor to get the answer to this question shortly regarding billing POC. I will note that our accounts receivable actually is very low and so almost all of our billing contacts are very useful for the purposes of getting bills paid. They're not necessarily useful for getting any other message to the organization. And so we just need to be a little cautious. We'll do some research and try to get data one way or the other. But we have very good billing contacts. I don't know whether or not messages to them go anywhere.
Tim Denton: Marla, I believe Chris —
Chris Grundemann: Just your comment about the 12.2(d) going away.
Marla Azinger: Yeah, it appeared to me like it removed it in a manner that would give a free-for-all factor.
Chris Grundemann: Well, my question is, this only updates 12.4 and 12.6. It does not do anything to 12.2 at all.
Marla Azinger: So it looked like that was what this became. Okay. And then can you validate for me — because this says it's saying updating this 12.4 and 12.6, but then in the middle it says leave 12.5 as is, and then it doesn't say anything about the other ones. So are all the other ones left as is?
Chris Grundemann: Yes.
Marla Azinger: Okay. Thank you.
Tim Denton: Mr. Bill Woodcock.
Bill Woodcock: Bill Woodcock, ARIN Board. As such, I have no opinion on this proposal. The conversation was just edging in the direction that Marla and Cathy and I were just joking, which is that if your only contact is the billing contact and you can't get people's attention through that, then probably you're not speaking loud enough. So you could just send them a really, really huge bill, and then they would get back in contact with you.
But what I actually got in line to say was that this proposal says that it puts enforcement at the reasonable discretion of the staff, and historically we've tried to avoid making controversial things at the discretion of staff because then potentially staff can be criticized for having made a wrong decision in something that mattered but they didn't have concrete policy backup for.
So that's not so much a pro or con, just a calling to the attention since historically we've tried to avoid those.
Mike Joseph: Mike Joseph, Google. One of the key points of this proposals seems to be, though, not entirely the bulk of the policy language, but certainly ARIN's interpretation of this and a key point of the proposal is directing ARIN staff to proactively audit more organizations.
And fundamentally what I don't think the community needs is ARIN staff going after and proactively auditing more organizations which would otherwise be in compliance with policy. I think we've all been through and known those who have been through audits, and they're costly and time-consuming, and not just for the organization being audited, but also for ARIN staff to have to staff up and perform those audits.
I think proper stewardship of resources is useful and necessary. But I don't think we should be putting more policy on the books that compels ARIN to take proactive auditing action. ARIN already possesses the authority necessary to audit when necessary.
Matthew Kaufman: Matthew Kaufman not representing any organization other than myself. I am against this proposal. I agree with the staff comments about out of compliance not being well defined. I'm worried about the slippery slope of out of compliance becoming more defined in ways that have impacts to other organizations.
It's not particularly clear how legacy is exempted from this. And I think the only good thing about this policy is the 90 days. Everything else is bad.
Tim Denton: Thank you.
Kevin Blumberg: Kevin Blumberg, The Wire. I just actually did want a clarification. This is only for space that is under RSA and not under LRSA? Because it's not defined, to the best of my knowledge, in this policy.
John Curran: So this goes into Section 12, Resource Review. Section 12 has some language that says this policy does not create any additional authority for ARIN to invoke — for ARIN to revoke legacy address space. However, the utilization of legacy resources shall be considered during a review to assess overall compliance.
I will tell that if you sign a Legacy RSA, particularly the new Legacy RSA, LRSA 3.0, in fact, it specifically states that your utilization shall not be a factor for purposes of resource reclamation. If you are not under an LRSA, it is your opinion and it's an open topic as to whether or not those resources can be reclaimed.
Kevin Blumberg: It's not just reclamation, it's also the reverse address service being offered, so that potentially you could stop providing the reverse address for that legacy space as a whole, correct? The way it's defined right now.
John Curran: If this community directs ARIN to stop providing inverse DNS services to particular records, then we will stop providing inverse DNS service for particular records, obviously.
Tim Denton: Mr. Grundemann and then Bobby.
Chris Grundemann: So one thing that may be very helpful — I'm sorry if I wasn't clear enough in my short presentation of this policy — is to pull out the actual current NRPM and look at the existing text which is on the last page, page 19, because many of the comments have been against policy that's already in place.
These changes in this policy are actually fairly small, and they really do — are contained within the bullets on this slide.
For one thing, the out of compliance language is already in current ARIN policy. So we're already arguing over something that's already in the policy. This is not changing that. And actually this cleans it up.
Today it says "organizations found by ARIN to be materially out of compliance," which is actually, I believe, worse language. So I would really recommend everyone to look at the changed policy and the current policy when evaluating.
Tim Denton: Bobby.
Bobby Flaim: I'm Bobby Flaim from the FBI. I'm in support of the policy. I think there may be some enhancements or clarifications that might be needed. But I think there definitely has to be a compliance policy, especially with IPv4 and IPv6 assignment, to make sure that the Whois is accurate.
There's no sense in having policies if there's no compliance mechanism for them. So I think it looks at where there's inaccurate information, if there is. And if there is, there's a certain timeline to reach out to the appropriate parties and give them reasonable efforts. And I think the deadlines of 30, 60, 90 days can be extended, the way I understand it, based on the fact that if those actors who are found out of compliance are acting in good faith so it looks like ARIN could work with them.
The clarifying language, I totally understand that at ARIN's discretion that could be a little nebulous, worrisome for some. If we can clarify that and some of the other aspects, I think it's a good one.
Tim Denton: Thank you. Mr. Hannigan, then Mr. Kaufman.
Martin Hannigan: Martin Hannigan, Akamai Technologies. I am opposed. I'm not going to repeat all the reasons that I agree with that others have stated. I would like to ask as an AC member that if you have time, Mr. Chairman, you could make it clear whether the AC should — or the room could make it clear through the poll if the AC should continue to work on this or if we should kill it dead. Thank you.
Tim Denton: Noted.
Matthew Kaufman: Matthew Kaufman again. To clarify some of my previous remarks and expand on an earlier remark, I'm particularly concerned that any exemption that might be in a Legacy RSA or other agreement with ARIN that provides for non-revocation of resources does not protect you necessarily from having your reverse DNS shut off.
And I'm also concerned that this could be applied to organizations that have IP addresses and have not signed an RSA who are now currently protected de facto from reclamation but they are also potentially subject to having their reverse DNS disabled. So I continue to be opposed.
Tim Denton: Thank you. Scott first and then you.
Scott Leibrand: Scott Leibrand, ARIN AC. I think it's worth noting we've been talking about IPv4, but one of the main reasons for having this policy proposal on the docket is because of IPv6.
We have a situation where we have pretty good tools for managing IPv4 resources in terms of people having to come back for more. In the IPv6 world we have a situation where people are going to come get their 32. If they're small enough they're never going to come back.
And we have policies that require a bunch of Whois information to be in the database, et cetera. We have absolutely no enforcement of that as it is today.
I think part of the rationale for this policy proposal was to see if we wanted to put some enforcement around that. I'd like to hear opinions from the room as to whether we should be enforcing our own policies on IPv6. Because right now we have no way to do that.
This is the only suggestion I've seen about ways to do that. If other people have other suggestions, I'd like to hear them. If people think we should not bother, I'd like to hear that, too.
John Curran: I was going to respond to the point specifically with regards to LRSA language. There are parties that — and per our Draft LRSA 3.0 that's out there for comment — that provide protection from reclamation based on lack of utilization. That is, in the proposed LRSA 3.0, there's also particular rights outlined in the LRSA that take precedence over policies.
But to the extent that there's a policy that requires, for example, information to be registered, that does not — unless it directly interferes with a right, policies still have effect.
So to answer the direct question you asked, it is possible for this community to make a policy that might prevent ARIN from providing services to a legacy holder whether they're under LSRA or not. There's certain protections in the LSRA. If we make policies contrary to those, the LSRA governs.
Tim Denton: I saw Mr. Sinatra first. I hope I'm right.
Michael Sinatra: Michael Sinatra, ESnet. To respond directly to Scott's question, I think the problem we face in all of these policies, all of these compliance policies, is that ARIN does not have a very good stick to hit these non-compliant networks. We could stop offering Whois services to them, to those networks. Those networks are already — one of the problems already is they're not keeping Whois up to date.
If we turn off rDNS, what that really means is people who need to look up addresses and understand the documentation that's behind that network aren't going to be able to do that. That may not necessarily impact the network that's out of compliance and may impact everyone else trying to use those, trying to contact that network or use those resources.
So the biggest problem with reverse DNS is that some of these out of compliance networks may not even run their own reverse DNS and they may not care and it may not have any real effect on what they do.
So I think that's the problem we face right now, unfortunately.
And, just to clarify, I think I'm opposed to the policy as written. I'm also a little bit concerned about the original policy granting the out of compliance network six months to correct things and now we're going down to 30 days to at least respond.
And I'm just wondering what the policy or the rationale was for that, because I kind of agree with Marla; that the time frames seem a little short.
Tim Denton: Thank you. As a point of information, Mr. Curran.
John Curran: Just as a point of information, it was indicated we don't have any good mechanisms to require enforcement. Under IPv4, under the mechanisms we've been using for now a couple of decades, parties that need to get additional address space, which includes most ISPs, as it turns out, very quickly learn that they need to get the information about their last request populated in their RWhois server or via SWIP in our servers.
So there was some mechanism that encouraged IPv4 updates. I won't say it required accuracy and I will not say it required it in a timely manner, since if you weren't coming back for 18 months you didn't have to worry about it until month 17.
I will note with IPv6 the same mechanism exists. The time frames may be generational. Your great-grandkids may need to populate 30 years' worth of IPv6 allocations so you can get your second block, and the question is whether or not that's an effective mechanism.
I'm not speaking in favor or against the policy, but I do want to know: There is a change with IPv6 that I heard mentioned in the comments for the reason for this.
Tim Denton: Jason.
Jason Schiller: Jason Schiller, Google. I wonder if ARIN staff can help clarify something for me. There have been a number of concerns that people have come to the mic and said that they're concerned about how this will change how ARIN staff does do a search for customers that are out of compliance. Ask I think Chris Grundemann correctly pointed out this does not modify Section 12.2(a), (b), (c), and (d). That's unchanged.
However, the summary says this policy requires ARIN staff to not only identify customers who are out of compliance with the policy, dot, dot, dot.
I don't see anything in 12.2 that requires ARIN staff to identify customers who are out of compliance. So my question to ARIN staff is: If this policy passes, would this change the process by which ARIN staff uses to find customers that are out of compliance?
John Curran: As noted in the staff assessment for this particular policy proposal, ARIN would continue to be conservative in its use of this policy; meaning that we would need to be careful and judicious when we apply it to make sure we don't cause undue harm to parties that are innocent or otherwise don't deserve to be affected.
So the summary that says "would require ARIN staff to" I think is an overly ambitious summary of the policy. We would continue to apply a conservative approach to how we use the policy.
Tim Denton: Mr. Grundemann has a point.
Chris Grundemann: To respond to Mr. Sinatra, the six months for returning space stays. So today the policy doesn't have any time limit at all as far as when they can effect the revocation and then they have to give them six months to effect the revocation. This actually adds the 90 days, and then there's the six months on top of that. It actually kind of weakens it a little bit in that case.
Tim Denton: Mics are still open. Heather?
Heather Schiller: Heather Schiller, Verizon. One of the concerns was about someone having to backfill 30 years' worth of v6 assignments. There's also a bit that says as long as the organization is working in good faith with ARIN that — so I don't see that as big of an issue.
Marc Moreau: Marc Moreau with the Royal Canadian Mounted Police. I'd like to echo some of the words that my colleague here, Bobby Flaim, had mentioned. I think it's important to have certain aspects of compliance. I think it's very important. Mind you, there seems to be some suggestions of maybe some tweaking that has to be done, but on the surface I would say that it's a good thing and I would vote in favor of it.
Tim Denton: Thank you very much. There's an online comment. Mr. Farmer.
David Farmer: Scott — I'm going to butcher the name. Scott M. There we go. IRS. It strikes me that this is seeking a technical solution removing reverse DNS delegation to administrative compliance issue.
It seems to me that establishing an administrative fee for being out of compliance would be more effective means of achieving compliance.
Tim Denton: Thank you. Anyone else?
Ruediger Volk: Ruediger Volk, Deutsche Telekom. I'm making more of an advanced remark than something addressing the current thing on the table.
But the work that is ongoing on certification quite certainly, quite certainly, will raise the question when revocations actually happen. I'm quite sure revocations will — full revocations will be the prerequisite for withdrawing certificates, and kind of the reverse DNS is some pretty intermediate and much less effective means of signalling when something, as a resource, is not available to a party.
When we get to that stage, the question of proper handling and proper policy and proper processes will be utmost important.
Tim Denton: I'm casting my eyeballs about the room to see if anyone else cares to comment. I see immobile faces.
I think we would be ready to — I'm going to phrase this in two ways. First we're going to have a vote as to whether this policy should move forward, and then I'm going to accede to the request of Mr. Hannigan once we've had that and in case it's decided not to move forward we then have a further indication of hands as to whether we will abandon this policy.
So the first vote is whether we — the sense of the room is to advise the Advisory Council to move forward or not with this proposal. So those in favor of this policy proposal, would they please raise their hands in the usual affirmative way.
And those against the proposal.
In relation to Draft Policy No. 2011-7, Compliance Requirements, the total number of people meeting in the meeting room and remote was 167. Those in favor to move forward were 20; those against were 34.
The next question I'd like to canvass the room on is — the motion would be are you in favor of the Advisory Council doing further work on this, in which case you would be asked to vote in the affirmative. If you believe they should not be asked to do further work on this, you would vote in the negative.
So the first vote would be are you in favor of the Advisory Council undertaking further work in relation to this subject matter. Please raise your hands. Those who are in favor of the idea.
All right. Then those who would favor — sorry, be against the idea that the Advisory Council should be asked to do further work on this, those against the AC doing further work on it, please raise your hands.
Have you all been counted?
John Curran: The results are on their way to us shortly.
Tim Denton: I'm sorry.
In relation to the second motion, whether the AC should be asked to continue to work on it, the total number of people in the meeting room and by remote are 167. In favor of asking them to do further work on it were 57 and against them doing further work on it is 6.
And at this point Mr. Grundemann has a point to make.
Chris Grundemann: Anyone with comments, but especially those who were opposed to the current text but in favor of further work, I would really appreciate as the shepherd either coming to me or Owen on the AC and letting us know exactly what you would like to see changed. Thanks.
John Curran: Thank you.
Tim Denton: Thank you, all.
John Curran: Okay. We actually find ourselves ahead of schedule, which is a wonderful place to be. Since I know refreshments come out usually right at the right time and we're early, we're going to do that typical thing of moving something up. What we're going to move up is Leo giving the IANA Activities Report.
Leo Vegoda: Hello, everyone. I've actually tried to keep my slides really short. It's possible we'll have an extended break. Getting straight into it, the big news for IANA over the last few months have been the notice of inquiry and the further notice of inquiry which the US NTIA published.
There were 48 responses, I think, to the further notices of inquiry. We now think that the likely thing to happen is there's going to be an RFP sometime later this month and potentially a decision on what's going to happen with the IANA contract either towards the end of this year or early next year.
I obviously don't have any real insight into NTIA. So that's our best guess.
Business excellence. This is a long-term activity that we've been working on for a couple of years. The basic idea is that we go and evaluate what we're doing, how we're doing it, where we need to make improvements, all that kind of good stuff.
And out of the last self-assessment we did at the beginning of this year, we have been continuing our work on process documentation, converting processes from various different formats into a single consistent process model, reviewing them, working through what KPIs we need to have, making sure we've got the appropriate measurements, the metrics.
I'm sure that for you it's sort of a little bit boring to have me report on this. But it's the sort of work that we try to do to make sure that IANA doesn't surprise anyone, because I think that to an extent really you want our work to be quite boring.
You don't want us to surprise you. And that's what we're trying to do, to not surprise you.
Root zone automation. If you know anything about top-level domain management, you'll probably know that we've been working in cooperation with VeriSign and NTIA for quite some time on developing a new workflow mechanism for top-level domain registries so that they can send in their requests for changes and we can process them.
It's all web based and it's the same sort of thing that the RIRs do for LIRs and that sort of thing. But it's a cooperation between three different organizations.
And we went live with it. And all seems to be going okay. Everyone who runs the top-level domain now has credentials to use the system.
We're getting lots of stuff coming in through the system. Basically it means that in the same way that ARIN has done its workflow so that you can send stuff in through the web, you don't have to write text-based templates.
The same sort of thing. And people seem to like it. We've obviously been working with the RIRs. This week and also over the last few months we've been working on clarifying the process for IPv6 allocation requests.
Basically the RIR communities want to agree on a global policy. And the policy says that reserved space is considered used and the RIRs get to manage their reservation strategies, which is all good.
Of course, the RIRs have implemented sparse allocation for the way they manage their address space, which is also a good thing. It does mean that what exactly a reservation is is a little bit "ooh," so we've been talking about it. And from our perspective as ICANN providing the IANA functions, we would like to make it really automated so it's a bit mechanical, so there isn't any skill and judgment. We'd also like to make it quite transparent.
So these are things we're working on. Don't really have anything as an outcome to report right now. But I hope that we'll have something to report saying we're going to make it very, very boring so that we can bore you with another update in six months.
Other good stuff: We achieved SysTrust accreditation for DNSSEC. This is in relation to the DNSSEC key management for the root zone. SysTrust is sort of an audit standard and it meant we spent a lot of time with auditors, which is a little bit boring but they're nice people.
And you can go and look at the SysTrust website and you'll see our accreditation. It's an annual process. We've got to keep on going back to the auditors, otherwise they'll take away the accreditation.
We provide services to the RIRs and top-level domain registries. Also we provide services to the IETF. We have an SLA with the IASA, and we have a target for what proportion of the stuff that comes to us through those channels will be done within certain times, and it's set at 90 percent. We've been exceeding that, going sort of between 95 and 98 percent. So we're quite happy with that.
And sort of moving finally back to addresses, MCAST.NET has been redelegated to some new nameservers. And it's all very nicely managed and yummy.
And I think that's it. I hope the refreshments are ready.
David Farmer: It's not remote. It's me personally. David Farmer, University of Minnesota, ARIN AC.
Leo, in your slides it sounded like you might be asking for input on the whole reserve for v6 question. Is that true? Or would policy in that matter be helpful to you?
Leo Vegoda: I don't think we're asking for input right now. I think what we're doing right now is we're working out if we need it. And there will be some sort of report in the future.
John Curran: Okay. Back microphone.
Heather Schiller: Heather Schiller, Verizon. Since you all are sitting so closely together and the other RIRs are in the room, can we also get an update about RPKI and that odd letter that went — I know you're IANA, but kind of close enough to ICANN.
Leo Vegoda: Yeah, you do that, because we — as ICANN we haven't really done anything with RPKI yet. John's going to answer that.
John Curran: Stand here in case there's more questions for you.
So the question is RPKI. And I think that everyone has sort of seen some of this but maybe not all of it. The five RIRs are working towards rolling out their own individual RPKI services. I'll talk a little bit about ours on Friday when we give the update for all the various departments.
But effectively we're looking at having our hosted service available January 1. We're looking at having our up-down protocol-based service available a little later than that because we need to finish code and some other things.
But all of these individual RPKIs have individual trust anchors. So the other question is the global trust anchor.
The RIRs got together through the NRO and they asked that we work with — decided we would work with the IETF and ICANN to see if there was a possibility of having a ICANN-provided global trust anchor.
So we did that a few months ago with a formal letter from our esteemed Chair, Raúl, sent a letter to ICANN saying: We want to work with you.
And about a month ago we sent a follow-up letter saying: We want to work with you, but we want to really work together and we want to coordinate better on our activities.
We want to make sure that the RIRs working on technical standards describing to like the IETF site a working group how exactly a global trust anchor works, and we want to do that working with ICANN as part of the team, all of us working on one set of documents, not separate ad hoc proposals that need to be reconciled.
So actually the executive committee of the NRO is getting together with the IANA leadership and we're going to figure out how to make that happen.
But we hope to work very tightly, closely together to figure out what it takes to make a global trust anchor.
You can still use RPKI from each RIR in the meantime. We all have trust anchors. Our pilot has a trust anchor. But people are thinking it might be nice to have one trust anchor that would make it easier to configure that points to all of us.
So we're still working ahead. The message last month that Heather refers to is that we don't want to have ad hoc proposals from ICANN and ad hoc proposals from the RIR. We'd like to coordinate those before we send them out to the community.
And we're going to do some meetings in some lovely city, I think Dakar, to talk more about that in the next couple of weeks. Thank you.
Leo Vegoda: Can I say one thing about that. I'm not going to talk anything about details, but the participation the ICANN is doing in this with the RIRs is done as ICANN and not as the IANA functions operator. It's not anything to do with the IANA functions or the IANA functions contract; it's specifically ICANN as a corporate entity. And that's the only clarification I'd like to add to that.
Dmitry Burkov: One small question. There's things we really need, global trust anchor, because I know how it happened, but I don't feel we really need it. I see a lot of problems we will get in the result. What do you think?
John, maybe it's a question to you.
John Curran: Based on what we've heard here at the ARIN meeting is we've heard people say it would be nice to have a RPKI single trust anchor for purposes of configuration and using of RPKI. This is a question for the community. If that's not something you want, I would love to see people from the ARIN region get up and say we don't need a single one.
It's really up to you whether we work with the other RIRs and IANA that also is responsible for some address space to have a single global trust anchor. It's up to the community whether we do that or not.
Owen DeLong: Owen DeLong, ARIN AC, Hurricane Electric. I was confused by your previous statement, John. Are the RIRs trying to work specifically with ICANN on the trust anchor and do this through the IETF and ICANN, or are you working with IETF and IANA, which happens to currently be a function of ICANN given that IANA is apparently going up for bid in the near future and may or may not stay with ICANN, depending on what NTIA does?
John Curran: As we've talked about this, I've seen that Raúl has successfully made it to the microphone. So Raúl can answer that, or I can.
Raúl Echeberría: I can wait. There are other people waiting.
John Curran: Let me directly answer it. The RIRs have collectively through the NRO asked ICANN to provide an RPKI single trust anchor. Okay. That is not a function that we're asking them to do under the IANA function contract.
In a similar way, about a year and a half ago we asked ICANN to provide zone generation for the IN-ADDR.ARPA zone. ICANN currently provides that, and they do that for the RIRs in cooperation with the IETF. That used to be an ARIN function. We moved it to ICANN and it has nothing to do with the IANA's function contract.
Sandra Murphy: Sandra Murphy, SPARTA. I caught a very interesting mention in your remarks about working with the IETF SIDR Working Group about the global trust anchor format. As IETF SIDR Working Group co-chair, and the other co-chair might actually be in the room, I'd be very interested in hearing what that work about the global trust anchor format might be.
There is a trust anchor format document in the RFC Editor queue. And I might also suggest in answer to the gentleman's question about whether a global trust anchor was needed, if you would permit that, it helps prevent inconsistencies between a set of trust anchors if there is a global trust anchor. It also considerably facilitates anything that might come up about transfer between RIRs.
Tim Denton: Okay. We have —
Sandra Murphy: And the RFP for the IANA function does not mention anything having to do with the RPKI. So it's the — the contract for that particular function would have no impact on RPKI stuff.
Tim Denton: To the extent you have a question — John, do you want to answer her question?
Raúl Echeberría: I will take only four minutes for answering all the questions. If you want to go for a coffee and come back, I will continue speaking here.
Okay. There's many questions, but I think that I can clarify everything just telling the story about the development of this issue.
We started to develop RPKI, but we didn't move forward to an implementation of a global trust anchor at the moment because there was a level of uncertainty about the future of IANA functions.
Couple of years ago, I think that's a year and a half maybe ago, the IAB issued a recommendation about RPKI in a statement, and they recommend, strongly recommended, the implementation of a global trust anchor to which we answered that we didn't have any problem regarding the implementation of a global trust anchor, but this was something that we wanted to postpone and then having a more clear landscape about the IANA functions.
In fact, the IAB recommended that the global trust anchor functions should replace it. The structure — the architecture of the RPKI could be the same that architecture of the — the hierarchy of the IP addresses allocation system.
In other words, it would mean that the global trust anchor should be placed in the same place that is placed the administration of the IANA locatable pool of addresses.
There was clearly — and I can speak very clearly with my hat off LACNIC that there was not agreement or there was not enough support in the RIR community to consider this function as one of natural IANA functions. In fact, LACNIC would not accept that in any way.
I think that other RIRs have a similar position, but I don't want to speak on behalf of any other registry.
So we had a very interesting meeting this year in February with all the Internet leadership, that was the glamorous name of the meeting. In the meeting participated people from the IAB, IETF, RIRs, ICANN. So at some point it seemed to be a conflicting point between ICANN and the other RIRs because the people on the ICANN side interpreted that as the RIRs are ignoring the importance or the role of ICANN in this point.
I think this meeting in February was very good, very positive. And we stated, each of us stated, our positions very clearly. So we found this framework was to invite ICANN to talk, not IANA, because we wanted — clearly we wanted, specifically we wanted to put this issue out of the IANA function basket.
And so we invited ICANN to hold talks in order to explore the possibility of implementing a global trust anchor. As we are in that phase now, we just continue exploring that.
We have had many meetings at the engineering level with the participation of the engineers, of the CTOs, of all the RIRs, and people from IETF and IAB at high level. It is Ross Hosslate [phonetic] himself who is participating in the meetings and Olaf Kolkman from the IAB, Sandy and Elise Gerich, and I think there's other staff from IANA too.
And the meetings have been very productive and there are some ideas floating around as we have a meeting — the first meeting after February in Dakar, as John said, in a couple of weeks just to evaluate what the engineers have been working about.
And so there's not any official progress on that. Just after we meet in Dakar, we have some elements to have more discussion, and of course each of the RIRs have to make consultations in some cases with the community and at the Board level.
And so after that we will have a more clear landscape about what is the future. But there is a consensus that it is not one of the IANA functions and so this is the reason because we are talking with ICANN.
Of course, while we continue talking with ICANN and working at the engineer level with IETF and IAB, there will also be more news about the future about IANA, but we hope to know as soon as possible. I'm sorry it only took nine minutes.
Tim Denton: Mr. Burkov and then over there.
Dmitry Burkov: Dmitry Burkov, RIPE Board. So I'll be more short, but I'm worried about the situation with RPKI. First of all, I prefer the correct wording because it's not RIR asked ICANN but CEOs of RIR ask ICANN.
The second point, because it's still not finally decided in the RIPE community and it will be discussed on the next meeting, we will deploy RPKI or not.
Third point, I worry that such as a — deployment as a day job without the discussion of the policy issues and political consequences, we can get some balkanization of Internet because now it's enough easy to build separate certification in conscious, in sad conscious.
And as a result we will get not — or this new worldwide hierarchical approach deployed can provocate on a national level to build the whole systems. It's not so hard. You can easily imagine. Even by ITU, for example.
We should be very careful with deployment of this system. And I'm still worried that it was — as it was done without any discussions during the last ICANN meeting just spend budget and to implement at the end of this year. Thank you.
Tim Denton: You, then you, then you.
Richard Barnes: Richard Barnes, BBN. I may just be out of date in this discussion, and this is perhaps a little bit out of order given the discussions going on here, I was just wondering whether there is any sort of plan afoot by anybody to have any sort of consolidated trust anchor for the legacy space or whether the legacy address holders are just sort of on their own to certify their space.
John Curran: Legacy address space exists in all the regions. It is certified by the region it exists in. The majority of it is in the ARIN region, and we will issue certs for it. It's all based on where it's registered.
Tim Denton: Raúl.
Raúl Echeberría: The letter as it can be seen in the NRO website, the letter is — that the two letters that we sent to ICANN regarding RPKI are official NRO letterhead papers and I signed those communications as the Chair of the Executive Council of the Number Resource Organization. So it is not a personal communication; it's an official communication between the NRO and ICANN.
Of course, the NRO has — we have our own mechanism for consulting each of the members of the Executive Council, consult our boards and community as we understand is necessary. It is up to each of us.
It is important to mention that those communications doesn't commit anything from the NRO side because it is just an invitation. The first one is an invitation to ICANN to explore this issue; the second letter is because the ICANN moved too fast in some ways. So we have a teleconference with ICANN leadership to explain that our understanding of that invitation that we made in the first letter it is very clearly understood now.
I had a very good meeting with Elise Gerich last week in Buenos Aires during the LACNIC meeting. The relationship is very good. It is very well understood, everything. The second letter was just for saying that don't go very fast, just wait for us.
Thank you very much.
Tim Denton: The gentleman over there.
Sam Weiler: Sam Weiler, SPARTA. Recognizing this is a bit off topic from IANA, John, I picked up a word in your answer about the RPKI that I didn't hear the other day when you answered a question at NANOG, and that word was "pilot."
And I don't want to hang too much on labels of pilot versus production, recognizing that they're largely labels, but my impression is that ARIN hasn't issued very many RPKI certificates yet. And without giving much credence to the labels, I'm wondering when you expect ARIN to be ready to issue a more significant number of RPKI certificates.
John Curran: So our pilot is open now. Mark is in the room if you want to talk to him. But our production services are targeted to be January 1st when we would have that in ARIN Online to issue certificates to those people who want them. And that's a part of — integrated with normal ARIN Online system.
Sam Weiler: So both up-down and full production?
John Curran: As I said, up-down is going to take a little while longer because we have to interface it to other people's CAs, and that's something that we've been working — we've been working with RIPE on the code base that they sent to us. It takes a while to integrate.
So we first will have integrated in ARIN Online for those people who want us to be the CA, and then some number of months later we will have up-down.
I will say that the work plan — we've done a very aggressive work plan for ARIN Online this year, and you can go online and look at the developments we've done. The work plan for 2011 is in flux right now. It is part of the budget for — 2012 is in flux. It's part of the budget for 2012, which I'm in the process of gathering Board guidance on. Guidance to the Board to help guidance — in guiding the organization is welcome.
Sam Weiler: Thank you, John.
Tim Denton: Mr. Kosters.
Mark Kosters: So just to add on to it, if you're okay with it, Sam, the ARIN pilot has actually seen quite a bit of activity. It is issuing certificates for resources, albeit that they are temporary and will go away at the end of the pilot. But it allows people to start playing with the system now.
And there's plenty of activity that's in — that's ongoing within the pilot. In fact, it sees about the second-most activity of all the regional registries, even though it's in the pilot stage.
Tim Denton: Thank you. Mr. Kaufman.
Matthew Kaufman: Matthew Kaufman. January 1 seems really soon, given that it feels to me like there's a whole bunch of policy that we haven't even proposed, much less passed, that might be needed to deal with having an RPKI.
An example would be the discussion we just had recently, for instance, about potentially getting rid of reverse DNS for people who are out of compliance, so on and so forth. Seems like there's a whole bunch of things where policy is directly impacted. And I know the answer's going to be propose some policy.
John Curran: Actually, no. The ARIN Whois and the CPS, Certificate Practice Statement, for it — you can get the drafts for part of the pilot — say that the ARIN Whois reflects — the ARIN RPKI reflects the status of ARIN Whois.
So the policy by with we currently have for how we administer records within the Whois database is what's reflected. RPKI is just a more secure publication method.
Matthew Kaufman: My previous statement stands; that I think that there's — there's already policy under debate having to do with what the Whois reflects and how the Whois is maintained and how ancillary records in the Whois are maintained. This seems like an ancillary record for which there's no policy.
John Curran: To the extent we have policies that affect how Whois is maintained, that will reflect what gets published via RPKI, obviously. If you think that there's something unique, then, yes, we need different policy, but I'd really like to know what that is, and you should not only suggest the policy, but hunt me down.
Sam Weiler: I'll do both of those.
Tim Denton: Now that Mr. Curran has suggested he be hunted down, sir, over there.
Nigel Titley: Just one last comment. Nigel Titley, Chairman of the RIPE NCC Board and author of the RPKI policy at — or, rather, certification policy in the RIPE region. Could I strongly suggest that you do not drag certification down the policy rathole.
Tim Denton: Any other views or comments before we move on to another piece of the agenda?
John Curran: Thank you.
Tim Denton: Thank you all very much.
John Curran: Okay. We now have that thing called break. It is indeed 3:35. We're going to have a break, and it will run until 4:10. So you have a five-minute-longer break. I'm giving you the five minutes back and another five minutes. At 4:10 we'll resume promptly here. We'll start out with the RIPE Update from the RIPE NCC, and then we will move on at 4:25 to the ARIN Board and Advisory Council Election Procedures and candidate presentations.
So, everyone, please be back here promptly at 4:10. Thank you. Thank you, Leo.
John Curran: I'll see you all at 4:10.
[Break taken at 3:37]
John Curran: If people would gather in, we'll get started. We're going to try to stay on our original schedule, and that means at 4:25 we're going to do the ARIN Board and Advisory Council Election Procedures.
Between now and then we have the honor of having Axel come up and do the RIR Update from the RIPE NCC.
Axel Pawlik: I'm Axel. Hi. I'm managing director of the RIPE NCC.
Let me see. Oh, yeah. We are doing the same as ARIN does. We give out Internet addresses and the like. And in these times we have decided to — on community input to implement the policy that we call runout fairly basically reducing the time for which we allocate so that the small members have a chance to get something before one big allocation from one big member has to be done and then there's nothing left for all the small ones. So basically that's the idea. That's what we do that works.
We have implemented a small change where we say, well, if you have further questions for your allocation request, that that probably means that you didn't supply us with enough information so your request goes to the end of the wait queue instead of you have some time to fill it in and then goes back to the person that has dealt with it before. That's a bit of a nuisance for many people, but, on the other hand, I think that is fair as well, so that's what we do.
All these things produce a fairly high ticket load, of course, because there's more interaction with our members, which is not a bad thing.
On the other hand, it does give us a little bit more work, significantly more work as well, but that's to be expected somehow.
What wasn't quite to be expected is the depth of the summer lull — well, it's not really summer anymore — the summer lull that we saw this year in terms of the number of requests. Usually we get a bit of a lull during summer; this time it was a pronounced lull.
The good thing is that membership numbers and also new members coming in, those are significantly above what we thought would be a reasonable estimate. So that's good.
We have also this year done quite a bit of work internally in terms of merging some departments and basically getting the whole company to work a little bit more efficiently in these areas, especially around information systems — information services, DNS, and the science people.
Now we have two new departments out of the three. One is called Global Information Infrastructure. Basically, as the name says, it deals with boxes that are spread around the globe; for instance, the root servers, for instance, the test traffic boxes and the like. And then we have research and development under Robert Kisteleki. And Wolfgang Nagele is now managing GII; the sad thing is that he's just announced he's leaving us. He's going to sunnier climates. I think Australia is the culprit, or some girl in Australia. So we're going to lose him in a couple of months. But, yeah, that's how life goes. Nothing we can do against that, or that we want to do against that really.
Certification. We just talked about this quite extensively. I'll just bring it up again. Basically what happened is that, of course, with the other RIRs together we decided that we should implement this on the request of the community.
That's what we did, and we were chugging happily along. And then in May of this year at the RIPE meeting finally the big discussion happened: Oh, what are you doing? Implementing a red button to switch off the Internet or parts thereof or my parts of the Internet? We don't want you to do this. This is dangerous.
And the police force will come and ask you to do this. So this is a good discussion. We have tried to get this going a little bit earlier, but, well, it wasn't picked up. Now it is. So I heard some comments about the number of certificates being done in the ARIN region.
This is actually not the really newest slide, but we have more than 600 members requesting certificates and quite a number of orders out as well. It's obviously an interesting project for many of our members.
Now, having seen the discussion, and Nigel mentioned the certification policy that was retracted, we need to take a breather. We need to find out what our membership wants us to do.
Now we're in a funny situation because we did this or we started this on behalf of the community. It's in our activity plan for a couple of years already. So we hear very strong opposition as well, and added some comments there.
What are we supposed to do? So we are going to find out at the next general meeting in three weeks' time at the RIPE meeting where we have a number of resolutions out there that basically lay out a number of options, and if you are really interested you can read them up. I'm sure some of you are RIPE NCC members, so please be sure you prepare a little bit for this and vote accordingly. That's the way forward.
Financial stability and overall stability of us producing good services for our members. We thought our old charging scheme was nice. It was, let's say, idiosyncratic. It had a time factor built in and that is seen occasionally as being very complicated.
Also, it's very, very strongly based on the allocation of Internet number resources, so we thought we need something new. Well, we're here for the benefit of all our members and the greater community, and so we'd like to charge according to that, measure the benefit you derive from RIPE NCC and charge you accordingly.
How do we do this benefit from our services? Well, that means probably that you — if you benefit from our services, you're some sort of an operator of Internet infrastructure, and to pretend that we know exactly how much you benefit we just count the addresses that you have from us, the number resources in all, and take that as a yardstick for the benefit that you derive.
And we have done that and proposed a charging scheme proposal there. Got a bit of feedback, quite a bit of feedback, from our members and modified our proposal, sent it out there again, and now we have even more discussion with our members, which is great.
What we have to do before a couple of weeks before the general meeting is put out the final proposal for a charging scheme for the general meeting, and then we'll see what happens there. There are again resolutions there to adopt that, and we'll see how it goes.
Good. Like I said, membership growth is still happening, which is a lovely thing. We have done again a membership survey as we do every couple of years. This one is a big one again, and the results should be coming out — oh, I think in September was the original date, so any day now really, before the RIPE meeting certainly.
We have had a couple of — actually, a couple of pages — many pages of raw data, and we've come through that already. Basically it's looking fairly okay. We want to have more services. Our members or our stakeholders want us to do more activities in the regions and generally do all sorts of things which more or less we try to do.
Speaking of membership and community development in the regions, as you know we are going out and go to talk to basically the Russian community, or Russian-Plus community, going to Moscow since I think 2003, also to the Middle East starting with Dubai and then touring the region basically. And we have added to that this year southeastern Europe. We went to Dubrovnik for the first time, and that was quite a success as well.
So we hear from our members in the regions: Do come more often, open local offices, bring the RIPE meetings and all that stuff. We would love to, but then, of course, all this costs a bit of money. But, yeah, we have heard that once more, and my board members have heard that as well, and they told me to do something. So I did something.
You notice that Paul Rendek isn't here, if you know him, and many of you do; he's sitting in Dubai looking after the local members there and their community and the governments. And that's basically his new job, to — you might call it membership development in the Middle East and in the Russian region there, and of course he continues to do external outreach, talking to governments, IGFs, and the like.
But that of course leaves the whole communications area at the RIPE NCC in limbo, or would leave it in limbo, but of course we have done something about that. We hired Serge Radovcic, which you probably know from his activities around EURO-IX and the exchange community. So he's with us now, and he's looking after the RIPE meetings and the general communications stuff that we do.
Regional meetings, I mentioned those. We are going to go to Moscow in November. Although, I don't know how we'll get to the hotel from the airport because looking at the traffic maps, it's apparently hell there. Also, it might be cold. So interesting. You're of course welcome if you want to come. Not quite as cold, I hope, will be Vienna in three weeks' time. That's the next RIPE meeting. Again, all of you of course are welcome.
After Vienna I think we go to Ljubljana and I think then we have plans for Kiev. But I do hear they might have local elections then, which might make things a little bit more interesting than we really wanted, but we'll see how it develops.
So Vienna really soon — get ready; buy your tickets — Ljubljana in spring, and then Kiev probably the second RIPE meeting next year.
If you have any questions, go ahead.
John Curran: Perfect. Okay. We're back on schedule. I'm going to invite Jud up right now to go through the ARIN Board and Advisory Council Election Procedures.
Jud Lewis: Hello, everybody. I'm Jud Lewis. I'm the membership coordinator at ARIN, and today I'm going to give you a quick rundown on the 2011 Advisory Council and Board of Trustees elections.
First I'll tell you about the general process of the elections. I'm going to talk about how to vote. But first, if you'll indulge me, I want to talk briefly about why it's important to vote. So get out your bongo drums. I'm going to get a little poetic at the moment.
Imagine that the Internet is like this ocean, and, ARIN, we're like this little boat and we need to know: Where are we going? And that's a question that I'm hoping that you're going to help decide by participating in the elections this year.
We went with this navigational and nautical theme. We did all sorts of good things. We sent all the voters this postcard with this handy-dandy magnet in it. This week in the mail all the voters are going to receive this letter by Mr. Curran here.
Also, if you want to follow along in your meeting packet, by the way, we've got the 2011 Advisory Council and Board handy-dandy election guide. Has the candidates' name listed on it. The back side has FAQs including how to vote.
I really like this quotation by William Arthur Ward. It says, "The pessimist complains about the wind; the optimist expects it to change; and the realist adjusts the sails."
So I'm speaking to the realists in this room, and I'm hoping to cultivate some of you. If you don't like the direction that ARIN's moving, I encourage you to help us adjust the sails and point us in that path that you'd like to go in.
I'm going to go ahead and thank you in advance for participating and voting in this election.
So this is October. You've heard it falls somewhere between September and November. It's this month. And this is today. The 12th. Right after I'm finished speaking, we have a very impressive slate of candidates who are going to come up — first the Advisory Council, then the Board of Trustees — and they're going to give short speeches.
Voting is going to open today at 5:00 p.m. Eastern Time. Tomorrow the speeches that you're about to hear are going to be posted online for your digestion, for the voters' digestion, so they can read them. Ten days later, on Saturday, the 22nd of October, at 5:00 p.m. Eastern Time, the election is going to close. So you'll have from today till 5:00 p.m. until ten days later to cast that vote.
By the 29th, at the end of the month, but likely earlier in the week — we try to do it as soon as we can — we'll announce the results of the elections. All right.
So who can vote? Every ARIN member organization has a designated member representative, or DMR. And DMRs that are eligible are able to vote for the Board and the AC elections.
What makes a DMR eligible? They have to meet these three requirements: They have to be a member on record as of the 1st of this year, 1 January 2011. The email that we have on file for them, it can't be a roll account; it has to be a personal email. It has to include their name or initials and the organization's domain name that we have on file at ARIN or the doing business as name, like my email, firstname.lastname@example.org.
And also they have to be in good standing as of the 27th of September, which means basically they have to not have any outstanding invoices with ARIN.
All right. So here is a screen shot of where you go to vote. ARIN Election Headquarters. Here you're able to read candidate bios, based off of a questionnaire, their answers to questionnaires that was put forth to them by the Nomination Committee.
Statements of support from the community. You can go there and read statements of support or submit them for these candidates. You can also — this is also where you go to vote. And that's the URL, www.arin.net/app/election.
So how do you vote? Again, you go to electionheadquarters.url and you click "voting" right there. After you click voting, you'll see this screen. You're going to fall into one or two categories, either you've voted before or it's your first time voting.
So if you've voted before, then you log in with your username and your password that you previously had done. It's important to note, by the way, people get confused with this. The election system is not integrated with ARIN Online. It's completely independent of your ARIN Online password. If you've forgotten your password or username, there's a way you can systematically remember it. You click the "trouble logging in" right there at the top, and you'll be able to get it.
Or, if you want, you can come to the election help desk right outside this room. I can help you remember it. Or you can email me if you're at home at email@example.com.
If it's your first time voting, you need to fill out this voter registration form here. After you do so it will send you an email, a confirmation email. You click on the link, and you'll be able to access the system to cast your vote.
After you do log in successfully, you'll see this voting booth. What you're going to need to do is select one of these two elections, the AC election or the Board election. You click on that.
After you click on that, you're going to see one of these ballots, depending on either the Board or the AC election. For the Board election, you select up to two candidates. For the AC election you want to select up to five candidates.
By the way, all the names are listed alphabetically. After you're done, you click "submit." We got a failsafe here. After you click submit, you'll see this screen. When you're ready to cast your ballot, when you are, you click "confirm vote." When you do that, that's sort of the digital equivalent of putting it in the ballot box and it's been cast and it's official.
After you do that, you're going to see this screen, your vote has been submitted for this ORG ID. And then you're going to click "return to the voting booth" and you're going to do the same thing for the other election. So first you voted for the AC. You're going to go back, you're going to rinse and repeat, you're going to vote for the Board election. If you voted for the Board first, you go back, you vote for the AC election.
Okay. So after you voted for both of those elections, you're going to see this screen. If you see that, "Open Elections (Vote Cast)," that means you have successfully cast your votes in this election.
Also, I want to give a little warning about this, this red text. Please don't let it scare you away. If you see this, it means that you're unable to vote because either you've already voted in the elections, which in this case you have, or, if you see this, it's because you're not eligible to vote in the elections.
If you have any questions about that, please email me at firstname.lastname@example.org, and I promise I'll get back to you with an explanation as soon as possible.
All right. So, again, remember the voting deadline, ten days from today, Saturday, the 22nd of October, at 5:00 p.m. Eastern Time.
Any questions about the election process, now is the time.
Ralph Bischof: Ralph Bischof, SAIC/NICS for NASA. Just one clarification. You said don't worry about the red text. Is that going to be on all of them? Whenever anybody answers and actually does their voting, that red text will be on all of them?
Jud Lewis: That red text is a generic error message. The error here is that you can't vote because you've already voted.
Ralph Bischof: I guess my question is: I'm going through the process for the first time voting, everything's fine, I put in my vote; this screen is going to have red text or not?
Jud Lewis: Yes, it will. After you've cast your both ballots, for both the Board and the AC election, you're going to see this red text. Right at the top there it says you're unable to vote because you've successfully voted already in open elections. I know it's difficult to see, a little bit tiny.
Any more questions?
Owen DeLong: So some of us actually work as a consultant —
Unidentified Speaker: Your mic is not on.
John Curran: I know this one works.
Owen DeLong: Some of us work for — Owen DeLong, ARIN AC. Some of us work for multiple organizations as consultants and various other roles and are those organizations' DMRs. Having to have a gazillion different email addresses for a gazillion different organizations that all include the organization name is not particularly helpful.
Jud Lewis: Excellent comment. I can answer this, Owen. It can be difficult. And I believe in your case you have a few organizations with different emails. And you do have to do it every time. Some DMRs have — may be eligible to vote under multiple ARIN member ORG IDs with the same email.
And there is a way to click a box and they can vote, get all their voting done in one fell swoop. I guess unfortunately in your case you have to do it multiple times. And that's how it is right now. Sorry.
Any more voting-related questions? All right. I'm going to go ahead and turn things over to John who is going to introduce the Advisory Council and then the Board of Trustees candidates.
Thank you very much.
John Curran: For the election coming up for the ARIN Advisory Council, we have the following candidates: Daniel Alexander, Kevin Blumberg, Randy Carpenter, Marc Crandall, Bill Darte, Kate do Forno, Robert Duncan, David Farmer, John Sweeting, Randy Whitney.
We do have — I will be reading Dan Alexander's bio because he's unable to be here. And we do have — I don't see one here, but I know some of the candidates who couldn't be here had submitted video instead, so we'll handle that when we get to the Board.
So first Daniel Alexander. Let me read this.
Motivation to serve: Because my work is not done. The past six years have been preparing for the depletion of IPv4 resources and driving the deployment of IPv6. This work has included efforts in multiple forums, and one more term on the AC is desired to reach the tipping point in these efforts so the deployment of IPv6 can occur sooner rather than later.
Biography: Served two terms on the ARIN Advisory Council. Served on the US delegation to the ITU IPv6 working group. Attended and contributed to the ITU plenipot meeting last August. Manage IP resources and addressing architecture for largest US cable ISP. Involved in other Internet governance bodies: ICANN, IETF, ITU, RIRs. Served on the ARIN's PDP committee revising the process used to define ARIN policy.
So that's Dan's biography.
I'll now have Kevin Blumberg come up to speak two to three minutes regarding his candidacy.
Kevin Blumberg: Good afternoon. My name is Kevin Blumberg. I've been an active participant in the ARIN community for years; I've been in Internet — IP and Internet and related industries for the past 17. I'm the CTO of The Wire, which is a small to medium business ISP in Toronto as well as more recently on the board of the Toronto Internet Exchange and the board of the Canadian Network Operator's Consortium, which is one of the largest industry associations in Canada for that industry.
I've been actively involved during this time in governance and regulatory issues for an often diverse group where many members would be considered competitors and foes.
I believe that having opinions based on experience is crucial. I believe strongly in a balance of community input and my own experience. I will not let ego get in the way of making the right decision. I'm willing to be proven wrong.
I'm looking forward to your support and I ask that you trust me with your vote. If you have any questions regarding my views, please seek me out as I will be happy to discuss them with you. Thank you.
John Curran: Next up, I'll ask Randy Carpenter to come say a few words about his candidacy.
Randy Carpenter: Hi. I'm Randy Carpenter. I've been working with Internet providers for about 15 years now.
I work a lot with really small providers, rural telephone companies, et cetera. And I think I have kind of a unique outlook on things from that perspective.
I think it's important, because of the current IPv6 transition, that we pay attention to the little guys in addition to the bigger guys.
So if you have any questions about any of my views, please seek me out. You can see my bio on the website. And thank you very much.
John Curran: Next up for the ARIN Advisory Council, Marc Crandall.
Marc Crandall: I'll make it brief. I am with Google. I am not an engineer. I'm actually a lawyer and I'm involved with policy. I handle global compliance and privacy issues with Google now. And for a few years I served as product counsel, which is essentially serving as the legal point of contact for the engineering, product management teams.
I think one of the toughest projects I handled was serving as counsel for Gmail for a few years.
So in that respect I'm a little bit different than most other candidates. As I mentioned, since I'm not an engineer, I do have familiarity with the Internet governance and resource allocation environment.
Before I was at Google, I served as principal legal advisor to the cyber division of the FBI. And that's how I first became familiar with ARIN. I was dragged kicking and screaming into the PDP process along with my government colleagues but was fortunate enough to be asked to serve on the ARIN AC a few years ago.
I have a different perspective now that I've been at Google as well with the government. It's very important work. I'm not going to get into why it's so important. I think we all know that, which is why we're here. I can tell you, though, that there are a lot of great candidates and — I've said this before, a lot of great candidates and you really can't go wrong. Thanks for listening. Bye.
John Curran: Next up for the ARIN Advisory Council, Bill Darte.
Bill Darte: I'm wearing this hat because this was one of the first tokens given away by ARIN at meetings.
I've been — I'm humbled and honored to be up here for asking you for your vote to be re-elected a fifth time to the Advisory Council.
And I'm retiring from Washington University in St. Louis at the end of November, and it was my full intention not to run for the AC again, but while I believe that my work at Washington University is in fact done, I was convinced by colleagues that perhaps my work here isn't. And so I reconsidered.
And I will tell you that I come fully committed to serve this community again as I have in the past if you're willing to entrust me with your vote once again.
I bring objectivity. I bring a lot of experience. I believe right now there's a lot of moving parts in our industry with policy and the geopolitics of governance and all of that.
So I guess I'm on an incumbency platform. I think one of the things that shouldn't be a moving part at this point is the people that have experience with the policy development process, who have experience with you, the community members, and I'd like to think that I can represent you best because I have a lot of experience.
So I ask you to do that. Let me bring my passion, my experience back to represent you once again.
But I will say that if there's any anti-incumbency fervor out there, then take it out on me but not my colleagues from the AC that are running.
And particularly I'd like to say that Dan Alexander, who can't be here today for a number of reasons, has served a great role on the Advisory Council.
And I, through my experience, recognize that over time people who don't show up in person don't get re-elected. And I think that would be a big mistake in this case.
So I ask you for your vote. I thank you for your time, and if you want to retire me, well, now's the chance. Thank you.
John Curran: Next candidate is Kate do Forno.
Kate do Forno: Hello. Many of you don't know me, but my name is Kate do Forno, Director of Government and Public Affairs at Tech Savvy Solutions, which is one of Canada's largest independent ISPs.
I work best in collaborative environments and have been an active participant at the Canadian Network Operator's Consortium, where I sit on the board and am actively involved in the government relations committee working collaboratively to develop policy that will better sort of the Canadian framework that we're dealing with right now.
I spent many years working in the non-profit industry in similar roles and the Canadian political community as well. So I care quite passionately about policy development.
I believe it's really important that policy be succinct, clear, and to the point. And I think when you veer away from delivering policy that is succinct and clear for everybody involved, then you're challenged as a community.
So one of the things that I try to strive to do in my job each and every day is take detailed policy and be able to break it down for senior executives so they can better understand how this is going to impact them and why it's important for our industry to be involved.
So I like to consider myself a bit of a bridge. I don't come from a technical background. I come from a political background. And it's pretty important to me — and I'm pretty passionate about Internet policy. So it's important to me to be able to take that passion for Internet policy and translate it for those individuals who may not get the technical and dig into the technical so I can really understand that and deliver it to other individuals who may not be able to sort of wrap their head around how this impacts their business model.
So I hope that anybody who has any questions for me will seek me out tonight. I'd love to have a conversation, so feel free to find me at tonight's event.
You have my email address, and feel free to send me any emails and any questions you might have. And I sincerely hope that you consider me and put your trust in me, and I really hope you might consider voting for me.
Thank you and have a great day and enjoy your beers tonight. Bye, guys.
John Curran: Next candidate is Robert Duncan.
Robert Duncan: Thank you. My name is Robert Duncan. I'm a long-time worker in the network-related field going back about 35 years.
Currently I work at Merit Network, which is a long-time networking company. They fully support me in this bid for this role. I've been attending ARIN meetings for approximately four years now.
And I believe strongly in the ARIN method of consensus development. I think it is much better than trying to do something by majority rule, which does not really provide the right input from all parties.
So Merit is viewing this as an opportunity to give something back to the networking community. And the collective wisdom of Merit would be behind me in this role. So I would very much appreciate your vote. Thank you.
John Curran: Next candidate, Dave Farmer, also conveniently already up here.
David Farmer: Hello. I'm going to keep it short and sweet. David Farmer. I work at the University of Minnesota. I work on a number of higher education and research networking concerns. And I'd like to continue to help navigate that boat that Jud put up through the transition to IPv6.
So I'm requesting and thank you for your vote and your support in the election for the ARIN Advisory Council.
John Curran: Next candidate, John Sweeting.
John Sweeting: Good afternoon again. As John said, I'm John Sweeting, current AC member.
First of all, I'd like to take care of a few things. I would like to thank ARIN staff, all of ARIN staff. I don't want to single anyone out because they're all great. But I want to thank them for their support over the last three years.
I also would like to thank all the AC members that have served over the last three years for all their hard work and dedication. And I would like to thank you, the community members, for all the guidance, input, and emails that you've shared with us over the last three years. There's been quite a few.
You've given us some really good guidance, and it's helped us to develop good policies for the ARIN community, I believe.
Okay. So I'd just like to — I want to say I feel I have the experience and the knowledge to understand all the issues we're faced with, or most of them, and that I have the dedication and the devotion to work with all of you to realize the best solutions for those issues.
I value all of the input, and I'm asking for your support in this election. And I have a little quote from one of my heroes, General Colin Powell. I left you with one last year. This one this year seems to fit.
So he says, "But just as they did in Philadelphia, when they were writing the Constitution, sooner or later you've got to compromise. You've got to start making the compromises that arrive at a consensus and moves the country forward." Or, in this case, the Internet. Thank you.
John Curran: Randy Whitney is the next candidate.
Randy Whitney: I'm Randy Whitney. I work for Verizon. Some of you may know me from my role as peering coordinator for our global Internet. I've been involved with the community a number of years starting with NANOG in '98.
I believe in change. There's been a lot of policies that have just gone stale because of the similar points of view have been constantly presented.
I believe that change is important to bring good policies forward. I believe in cooperation, cooperation among the AC members and cooperation with other regions.
I bring a global perspective to this role. I hope that you can support me in this. I've had a lot of experience working with other RIRs, and I've done a lot of work in policies as well. So I hope that I have your support.
As others have mentioned, I encourage you to review all of our positions online and consider each one and vote accordingly. Thank you.
John Curran: And we have now the ARIN Board of Trustees. First candidate for the Board of Trustees is Rudolf Daniel, and he can't be here, but supplied a video, so they'll turn it over to him now.
Rudolf Daniel: Mr. Chairman, ARIN Board of Trustees, the AC Council, and the ARIN community at large, hello. My name is Rudolf Daniel.
And I'm an ICT for Development professional. I also incorporate Internet governmental issues, and I live and work out of the ARIN region in the Caribbean.
Now, the Internet has generated many new insights, much new activity, and many new forms of social relationships in both our private and working lives. And, of course, there's also a great deal of convergence going on.
So I would expect that ARIN and the rest of the RIRs, the four RIRs are going to have some challenging times ahead. However, I do believe I'm up to it on the issue of policy and also assisting the community in moving on through the multi-stakeholder consensus process of governance.
So I want to thank you very much for allowing me to address you, and I would ask for your support and I would ask for your vote for the ARIN Board of Trustees.
Thank you very much.
John Curran: Okay. Thank you.
John Curran: And his motivation to serve and biography is online for anyone who wants to read it or in your packet.
Next candidate, Timothy Denton.
Tim Denton: Good afternoon, everyone. I can't believe it's only three years ago I was standing before you on a platform out of Dune which said "The Spice Must Flow" and that has already occurred. In fact, spice has flown.
So here we are in an entirely new situation than we were dealing with three years ago. And we're going to keep on having to change.
ARIN, what a great idea. Community-based organization supported by you, driven by you. It is vitally important that it continue to be that way. ARIN, another thing to think about, an international organization.
If I may say so, it has made the Canadian contingent on the Advisory Council and the Board of Trustees extremely welcome.
And I thank you for that understanding attitude on behalf — on the part of all the electors in that regard.
I think the principal thing that I do is my job as Chairman and Board member is to listen carefully, assess arguments, and try to vote sensibly. And it is an honor to be — to have been elected Chairman of the Board by my peers, and I hope to continue.
There's a great line from Tip O'Neill, the Speaker of the US House of ages past in the Reagan era. He had done favors for this woman across the street all his political career. And he found out that she hadn't voted for him. So Tip went over the street and asked her why not. And she said, Well, you didn't ask.
So I'm going to ask for your votes, and I hope you'll be able to read my platform, but essentially I want to thank you in advance for your support. It has been an absolute privilege to serve on a board of people composed of the talent that we have in ARIN, and I hope we'll be able to continue this as a community-driven bottom-up support organization.
John Curran: Okay. Next candidate for the board, Aaron Hughes.
Aaron Hughes: Good afternoon. I'm Aaron Hughes. I am the president and CTO of 6connect. Over the years my roles have varied in companies I've worked for from network, system and architecture, to implementation, operations, software development and business development among others.
In my current role at 6connect, I develop and sell IP address management solutions and DNS management solutions.
This means in a typical day I work with people just like you in this room. We work together on the challenges of IPv4 cleanup, inventory, auditing, reclamation, IPv6 implementation, plans, costs, impact and figure out the right solution for each company.
As many of you know, I have also had heavy participation in contribution to the policy and the operator communities in both the ARIN and the RIPE region.
I would be honored to serve on the ARIN Board of Trustees and continue to work in the policy and operator community. I have a unique blend of skills and industry experience which, when combined, are optimal for serving on the ARIN Board of Trustees.
And I ask you for your vote. Thank you.
John Curran: Next candidate, Jack Waters.
Jack Waters: Good afternoon. My name is Jack Waters. I'm the Chief Technology Officer of Level 3 Communications.
Level 3 is a global provider, telecom provider. And after 14 years I'm proud to say that my mom finally knows that Level 3 is not where I park my car at the airport. So I'm really good with that.
I thought I'd give you a quick moment about my background and a little bit of my experience. First, I've been married for 19 years. I have three kids: 16, 14, and seven. I'm an engineer by background, by education. I have a BS in electrical engineering and master's in electrical engineering.
And I've been fascinated actually today because I haven't been to one of these meetings in a long time, sad to say, but I've seen so many people that I have worked with for over 24 years.
And just to give you — I started at the National Cancer Institute, supercomputer center, in the mid-'80s and kind of worked upstream in providers, went to work for one of the National Science Foundation regional networks, SONET, in the early '90s.
I then went to work for Vint at MCI, and started Internet MCI with a handful of other folks. And in '97 I went with a very small group of people to a construction company in Omaha, Nebraska, to start Level 3 Communications.
Today Level 3 has about 11,000 employees as of last week, which has been a very interesting ride for us all. And we operate networks all around the world.
And although I still consider myself an engineer, I consider myself a businessperson trying to keep the momentum of what we've been building going for the next 100 years.
My passion has always been to build and operate IP networks. The work that ARIN has done for more than a decade has enabled operators like me to do my job. So thank you all very much.
I believe the work that ARIN has in front of it is central to the continued success and growth of the Internet. And I'd be honored to help with that work.
I think the challenges that surround the exhaustion of IPv4 space and the adoption of IPv6 have many implications that affect business around the world.
And, finally, to the Board of ARIN, a collection of folks that I've known and worked with over the years, I'd like to say I'd be very excited and honored to help you and the rest of ARIN work through all the challenges and, more importantly, all the opportunities in front of us.
Thank you very much. And I look forward to your vote.
John Curran: Final candidate for the Board of Trustees, Bill Woodcock.
Bill Woodcock: So I know many of you are amused to see me standing here in a suit and tie. There are two reasons for that. First of all, as a gesture of respect to all of you as I ask for your vote for a fourth term on the Board.
The second reason is that there's a side of me that you guys don't see coming to these meetings. Unlike most kinds of top-down governance, the Internet is governed by the people who show up, the people who show up and participate.
And for 25 years I've been showing up and participating, first at the regional techs and the ISOC meetings and the IETF meetings, and more recently at the five RIR meetings and 20 some-odd NOG meetings and the IGF.
So like Batman, I put on the suit and I fly off to where it is I need to go represent the interests of Internet operators.
So to give you a few examples. The ITU decided to have their first-ever policy meeting outside of Geneva, and they had it in Uganda. I flew off to Uganda and brought a dozen African ISPs with me to explain to the ITU why their help was not needed in setting addressing and routing policy.
When the FCC and the OECD each separately decided they needed to craft IPv6 transition strategies for governments to follow, I flew off to DC, Paris, respectively, and put on the suit and sat down with pen and paper and helped them write those policies.
When the ITU appointed the United Arab Emirates Chair of a working group to figure out how to take responsibility for IPv6 address allocation away from the RIRs and give it to themselves, I flew off to Dubai, put on the suit, called in a bunch of favors with the Communications Ministry there and explained to them how it was that the interests of the Internet coincided with their own interests.
So in nine years on the ARIN Board I've flown more than 5 million miles, putting on this suit and telling people why it is that the interests of Internet operators are paramount.
And 90 percent of that was at my own experience. But all of it was in the interests of ARIN and the interests of the Internet. So I'd like to ask for your vote, both for myself and for Tim Denton who has done a really wonderful job as Chair this last year.
And I hope that you'll vote for both of us, and thank you very much.
John Curran: Okay. The polls are now open. If you are a DMR, eligible DMR, you may vote. These will remain open for approximately 11 days from today. So please remember you have to vote for your AC and your Board candidates. This is very important to the future of ARIN.
John Curran: We have coming up the social. ARIN social tonight will be at the Franklin Institute. Buses will be leaving at 6:30 and the last bus will leave at 6:40. So you really want to get downstairs. There we go. And this is going to be a great event. There's entertainment. Full dinner, food. Should be wonderful. Good time for all. I highly recommend folks make it to the social if you can do it at all.
At this time we're a little early, and I want to make sure that everyone has a chance to get all of their questions addressed. We have a habit at ARIN of doing an open microphone session, which we do near the end of each day.
Since we are early, I will take no more than ten minutes, but I'd like to have an open microphone for those ten minutes. So to the extent there are any questions that people have not been able to ask, please do not ask questions about policies coming up on the agenda, because those we have special sessions for coming up.
But otherwise regarding policy matters, ARIN operations, or other topics that you'd like to address, now would be the time.
It is true we have a room full of people waiting to leave. I'm not sure you want to annoy them with spurious questions, but if anyone has anything to ask, now would be the time. That includes remote participants. Very good.
Martin Hannigan: I have a comment for the Chairman. Martin Hannigan, Akamai Technologies. During the policy discussion earlier in the afternoon, you had asked the room to provide feedback through polling with regards to the AC continuing to work on initiatives that clearly had a lack of consensus.
I thought that that was a fairly astute thing to do, and I would like to suggest perhaps in the future when we have that kind of clear lack of consensus in the room, that perhaps the Chairman and the Board or the proper people consider actually polling the room and finding out if the AC should continue to work on issues that are clearly lacking consensus.
John Curran: Okay. Do you want to respond, Chairman Denton? You have to hold it to talk.
Tim Denton: Martin, I took your suggestion, and I thought it was relevant and important. And I think that's a good idea.
John Curran: Microphones remain open. Center back, yes.
Catherine Petersen: My name is Catherine Petersen. I'm from Rogers Communications in Canada. And my question is regarding the election, I guess the policies. And because I thought this was a non-biased election, I'm just wondering why the candidates indicate who they work for and sort of in their biography who they would support.
Because as a large ISP, I could vote biasedly or non-biasedly, depending on who I thought would advance the position of my company. I guess that was one thing I was curious about.
John Curran: I'll directly address that. Candidates are encouraged to put information in their biography that they think are relevant that people might want to know. Sometimes it might expose a set of skills or a preference or an interest. So while people are listing that background in their biography, that may not reflect their positions.
I have certainly known very small ISPs advocating for policies in favor of large and vice versa. I recommend you talk to the candidates directly, because unless you've asked them their position on certain issues, I don't think you can derive that from their biography. I just don't think it's possible.
Catherine Petersen: Thank you for clarifying that.
John Curran: Microphones remain open. Yes, center front.
Chris Grundemann: Chris Grundemann. Wonder if you would give us a brief update on the status of ARIN 2011-5.
John Curran: Sure. 2011-5, IPv6 new rules — oh. Sorry. I don't know what I was thinking about. I was thinking about the partial implementation of the IPv6 policies. Right. That's -3.
2011-5 is a policy proposal that was recommended by the Advisory Council to the Board which called for setting aside a shared transition space, a /10. That policy, when it was in discussion, the staff review, we put a note in the staff review noting that there was a question of scope and whether or not it was possible for ARIN to act on this policy if it was indeed recommended for adoption and that it might require liaison with other Internet organizations.
In particular, the policy requires assignment of a /10 not to a particular organization, but for the purposes of shared transition space.
This could be considered by many to be a specialized technical allocation. The reason I use those words is because there's an agreement between ICANN and the IAB related to the roles with respect to number resource management. And the IAB indicated that ICANN, the ICANN system, including the registries, the RIRs were working in it, that our roles do not continue to extend to specialized technical assignments, but that that is something that is the domain of the IESG and IAB.
This is governed in the MoU RC-2860. When the policy was recommended to the Board, I formally engaged with the folks at the IAB and said we have a policy that has us doing something that looks like a technical assignment that would normally be in the IANA notes in the back of an RFC.
The IAB took this under consideration and came back and said: You're right, we'd much prefer if this would happen within the IETF community. And, in fact, that was the Board's recommendation as well when they saw the advice.
They asked that the staff hold the policy and take it under advisement while we await the IETF to look at this. There's been a draft proposal that was written. It was considered at the last IETF. I was told it was very favorably considered, and it's presently before the IETF which calls for the allocation of this shared technical space.
At the point in time when that policy has reached convergence and the IETF informs us of that, we will work with the IAB and the IANA to make sure that that allocation can be made based on whatever advice is in it.
So that policy, while recommended by the AC, organizationally has been held because it involves our interaction with other organizations. The IETF currently has the task, and I'm told it's making great progress. And we have identified resources to be set aside for that purpose. We will make sure we do not run out.
But it is forthcoming until we find the output from the IETF.
Mr. Bradner, where was I wrong in that? Because I probably was.
Scott Bradner: You weren't wrong. You're incomplete. I'm the Chair of the Ops Area Working Group, the co-chair of the Ops Area Working Group in which the draft — the two Internet drafts that John referred to were discussed. We discussed it at the last face-to-face IETF meeting.
It's a particular draft that requested the allocation was discussed there. There's a secondary draft which is talking about the justification for it. That wasn't discussed there.
We went to last call in the working group. Some spirited discussions. There were a few people against it. But very strong support. I passed it on to the IESG for their normal process of evaluation and adjudication. They did an IETF last call.
Some more spirited discussion. And then a lot of discussions from various IESG members. Some quite reasonable in pointing out areas where careful consideration had to be done. And some of the commentary both from some IESG members and some in the community indicated a significant lack of understanding what the question was about.
But at the moment it is in IETF last call. It's been going back — it's going back into IETF last call. If you have commentary on it join the IETF list, look at the IETF list and comment.
We need input. Because not everybody in the IESG and IETF understands operations. And if you believe that this is something that you need for your operations, say so. If there's not support then the IESG, doubters in the IESG will prevail and it will not be adopted.
John Curran: Thank you, Scott. Microphones remain open. I'll be closing the microphones shortly.
Mike Joseph: Mike Joseph, Google. Quick follow-up question. Were that to advance in IETF and become an RFC and the space for it to be allocated, you indicated that ARIN would work with the IANA to ensure that that space was allocated.
Should I interpret it to mean that ARIN would return a /10 to the IANA for the purpose of allocating space?
John Curran: Go ahead, Scott.
Scott Bradner: The specific request we worked with in the IETF, we worked with the IANA on this. And the specific request in the RFC is for the IANA to allocate the /10.
The IANA has indicated what they would do is ask ARIN to allocate it. It's not going to be returned or anything. It's going to be the IANA will ask ARIN to allocate it.
John Curran: I'm closing the microphones as we get close.
Scott Leibrand: Scott Leibrand, ARIN AC. There was very interesting remote comment in the policy discussion that I think touches on a non-policy issue of fees which was a suggestion that for purposes of enforcing policy, ARIN might consider a policy non-compliance administrative fee of some sort.
I would be very interested, and I'm sure the Board and staff would be interested, if anyone in the community, especially if you're a member, has opinions on that, even now or maybe it's more appropriate for the Members Meeting Open Mic session on Friday. But either way, I'm sure that input would be very welcome.
John Curran: I will concur. To the extent that people are interested in ARIN charging a non-compliance fee, that's definitely something we should talk about. I would recommend Friday.
That's something that we need to hear some demand from the community to go back and look at the organizational legal aspects of that.
But obviously this is your organization. If that's what you want and it can be done, we're happy to do it.
Martin Hannigan: Martin Hannigan from Akamai. Quick comment on the fees. I'm sure we're going to talk about it on Friday, but they're already too high.
John Curran: Thank you for that comment, Marty. We are going to talk about the fees and the cost structure of ARIN on Friday. I look forward to that discussion.
So with that, I see no one else at the mics. I am closing the microphones.
John Curran: I'd like to very quickly first thank our sponsor for the connectivity, the network connectivity provided by Comcast.
John Curran: Again, a reminder, 6:30, bus loads at 6:40. Last bus at 6:50 to get to the social. Bring your name badge so people know who you are and so you can get in.
Vote. If you can vote, now is the time. The elections are open. You're already sitting there. You have your laptop open and you don't need to go anywhere for 20 minutes. So take — actually for, yeah, quite some time.
So take a chance to — the buses load at 6:40 — plenty of time to get your voting in now.
Reminders: Breakfast will be tomorrow, 8:00 a.m. in the Regency Ballroom, Level 2-M. The meeting will start here at 9:00 a.m. The agenda for tomorrow's meeting is in your folder, or you can get it online. That's it.
Thank you. I look forward to seeing everyone.
[Meeting adjourned at 5:18]