Re: "Defensive" BGP hijacking?

[Christopher Morrow <morrowc.lists () gmail com>]

On Tue, Sep 20, 2016 at 8:05 AM, John Curran <jcurran () arin net> wrote:

> On Sep 19, 2016, at 11:58 PM, Christopher Morrow <morrowc.lists () gmail com>
> wrote:
> > (caution! I don't really think arin is evil!)
>
> Nor do I…  (but I will remind folks that organizations evolve based on
> participation,
> so ongoing diligence and involvement is definitely warranted.)
>
> > On Mon, Sep 19, 2016 at 1:16 PM, John Curran <jcurran () arin net> wrote:
> >
> > > To be clear, he would still end up bound to an agreement which provides
> > > that they
> > > indemnify the RIR regarding their RPKI usage (which was the complaint
> > > expressed
> > > in the NANOG community regarding ARIN’s RPKI terms and conditions) -
> > maybe, but his point was that the evil (evile?) arin would not be putting
> > their clutches on his ip-address-spaces... Sure he's trading ARIN for
> RIPE
> > here, but I diidn't think the RPA bit was his concern as much as the LRSA
> > and 'now that you agree these are ip blocks are subject to the legacy
> > registry services agreement, we (arin - with twisty mustasche) might
> decide
> > to wrest them away from you!!!<muahahahahaa!>’
>
> A distinct possibly, but much improved in the current LRSA (and RSA, which
> are the same document at this point.)   Unless he’s planning to not pay the
> annual maintenance fee and ignore the notices and letters that follow over
> the next 120 days, or if going to make a serious misrepresentation in the
> process of claiming the rights to the address block, he’s fairly safe...
> for
> example,  ARIN now specifically disclaims revocation for lack of
> utilization.
> (Furthermore, if ARIN breaches its obligations, the status of the address
> block reverts to the same prior to entry the LRSA – this is definitely less
> than RIPE provides, which is effectively exit at any time, but far better
> than
> the original LRSA.)
>
> If you want to just use your legacy address block (wth the same services
> that
> where in place at ARIN’s formation), then you don’t need to enter into an
> LRSA –
> but please do still update your registration in the ARIN registry to have
> current
> contact data, as this helps deter potential hijackers.   If you want to
> have those
> services that were developed since ARIN’s formation, then I’d suggest
> reviewing
> the actual current LRSA agreement, as it is significantly improved over
> earlier
> versions.
and probably: "If you think there are still improvements, show up at arin
meetings and lobby for change"

yes?


> Thanks!
> /John
>
> John Curran
> President and CEO
> [Evil?] ARIN