John,

In the interest of routing security, when you say ‘basic services’ would ARIN 
consider offering resource holders who did not sign an (L)RSA the ability to 
run their own RPKI CA, i.e. you offer them a resource certificate and nothing 
else, much like what NIC.br currently does in Brazil.

Regards,

-Alex

> On 16 Sep 2022, at 17:53, John Curran <jcur...@arin.net> wrote:
> 
> Tom - 
> 
> It’s an artifact of our formation that we are presently providing services to 
> any customers absent any agreement 
> and while ARIN continues to do so (by providing basic services to legacy 
> customers), the long-term direction is 
> to provide the same services to all customers under the same agreement and 
> fees – anything else wouldn’t be 
> equitable. 
> 
> (This is the direction that the ARIN Board of Trustees has set based on 
> community input; I will note that 
> the ARIN Board is itself elected by the community and that we have our annual 
> election upcoming – 
> https://www.arin.net/announcements/20220906-arinslate/ ) 
> 
> FYI,
> /John
> 
> John Curran
> President and CEO
> American Registry for Internet Numbers
> 
> 
>> On 16 Sep 2022, at 9:55 AM, Tom Krenn via NANOG <nanog@nanog.org> wrote:
>> 
>> Thanks John! I’ve been working on this with our attorneys for almost a year. 
>> I did send over the revisions and it will be good to see what they say. But 
>> I’m not sure it will be enough to reduce the perceived risk. Has ARIN 
>> considered separating the fee structure and service goals from the drive to 
>> get everyone under an RSA?   
>>  
>> Tom Krenn
>> Network Architect
>> Enterprise Architecture - Information Technology
>> 
>> From: John Curran <jcur...@arin.net> 
>> Sent: Thursday, September 15, 2022 8:42 PM
>> To: Tom Krenn <tom.kr...@hennepin.us>
>> Cc: Rubens Kuhl <rube...@gmail.com>; North American Network Operators' Group 
>> <nanog@nanog.org>
>> Subject: Re: [External] Normal ARIN registration service fees for LRSA 
>> entrants after 31 Dec 2023 (was: Fwd: [arin-announce] Availability of the 
>> Legacy Fee Cap for New LRSA Entrants Ending as of 31 December 2023)
>>  
>> 
>> 
>> On 15 Sep 2022, at 9:29 PM, Tom Krenn via NANOG <nanog@nanog.org> wrote:
>>  
>> An interesting idea, but like others have said I think the ship may have 
>> sailed for RPKI. Really I have no problem with the ARIN fees. They are a 
>> drop in the bucket for most network budgets. In fact as a legacy holder I 
>> would gladly pay the same as an RIR-allocated resource holder if it would 
>> allow the use of the more advanced services. It's the ownership question and 
>> RSA/LRSA language that throws the wrench in everything.
>> 
>> As John said " I will note that ARIN’s approach is the result of aiming for 
>> a different target – that more specifically being the lowest possible fees 
>> administered on an equitable basis for _all resource holders_ in the 
>> region.". If that's the goal, give us the option to pay the same without all 
>> the legal mess around signing the RSA/LRSA. I'm sure that's what has been 
>> holding some organizations back for the couple decades mentioned. It has 
>> been the major stumbling point for a few of the ones I've been part of over 
>> the years.
>>  
>> Tom -
>>  
>> Over the years, ARIN has made several revisions to the RSA/LRSA to make it 
>> both clearer and more customer friendly, 
>> and the most recent version (announced earlier this week - 
>> <https://www.arin.net/announcements/20220912/>) strikes 
>> much of the language in section 7 that some legal teams had objection to…   
>> It is likely not everything you want, but I 
>> would suggest taking a fresh look at it as it was substantially reduced 
>> specifically to address the most cited customer 
>> concern regarding the legal obligations in the prior version of the 
>> RSA/LRSA. 
>>  
>> FYI,
>> /John
>>  
>> John Curran
>> President and CEO
>> American Registry for Internet Numbers
>>  
>>  
>> 
>> 
>> Disclaimer: If you are not the intended recipient of this message, please 
>> immediately notify the sender of the transmission error and then promptly 
>> permanently delete this message from your computer system.
> 

Reply via email to