<html><body><div style="color:#000; background-color:#fff; font-family:Helvetica Neue-Light, Helvetica Neue Light, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif;font-size:16px"><font style="" class="" size="+1"><tt style="" class="">Hi Shane</tt></font><br style="" class="">
<br style="" class="">
In a neat and perfect world where everyone had all documentation for all
contracts, deals, agreements that have ever been made regarding address
space, then I agree there is no problem giving out these permissions as
everything can be put right if mistakes are made.<br style="" class="">
<br style="" class="">
However, we don't all live in that perfect world. There have been
examples where a block of addresses was given to an organisation many
years ago to be divided up and distributed to other organisations. But
sometimes that parent block still exists in the RIPE Database and is
registered with an organisation. If we give this organisation the
reclaim permissions 'by default' they can delete anything they want.<br style="" class="">
<br style="" class="">
Suppose you and I each have a part of this address space. This
organisation deletes my INETNUM, ROUTE and DOMAIN objects using the
reclaim functionality. But I never throw anything away so I still have
the agreement to show it is my address space. I prove it to the RIPE
NCC, they reinstate all my data and divide up the top level block to
make mine also a top level block. Everything is fine.<br style="" class="">
<br style="" class="">
Now this organisation deletes your objects. But you no longer have the
original agreement showing it is your address space. What are you going
to do? You can't put anything back in the RIPE Database yourself. This
organisation may choose not to put anything back as they now have
control of your address space. The RIPE NCC will do nothing as you can't
prove it was ever your address space. So even though everything was
fine yesterday, no one was contesting your authority over these
addresses you have been using for the last 10+ years, your routing and
delegation is working fine....suddenly you are in a mess that no one can
get you out of.<br style="" class="">
<br style="" class="">
That is what Andrea meant when he said "It is often not clear if the
legitimate holder of these resources is the organisation that received
the resources from InterNIC for redistribution, or the subsequent
organisation that received the resources."<br style="" class="">
<br style="" class="">
To give reclaim functionality by default to the holders of all top level
legacy blocks means 'disregard all early redistribution arrangements
unless proven'. This is the opposite of the current situation which is
'the status quo remains unless all parties involved come to an
agreement'. So you take your pick of which position you want to take.<br style="" class="">
<br style="" class="">
cheers<br style="" class=""><div id="yui_3_16_0_1_1430668032630_51522" dir="ltr">
denis</div><div id="yui_3_16_0_1_1430668032630_51411"><span></span></div><br> <div id="yui_3_16_0_1_1430668032630_51515" style="font-family: Helvetica Neue-Light, Helvetica Neue Light, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;"> <div id="yui_3_16_0_1_1430668032630_51514" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;"> <div id="yui_3_16_0_1_1430668032630_51519" dir="ltr"> <hr size="1"> <font id="yui_3_16_0_1_1430668032630_51518" face="Arial" size="2"> <b id="yui_3_16_0_1_1430668032630_51521"><span id="yui_3_16_0_1_1430668032630_51520" style="font-weight:bold;">From:</span></b> Shane Kerr <shane@time-travellers.org><br> <b><span style="font-weight: bold;">To:</span></b> Andrea Cima <andrea@ripe.net> <br><b><span style="font-weight: bold;">Cc:</span></b> "db-wg@ripe.net" <db-wg@ripe.net> <br> <b id="yui_3_16_0_1_1430668032630_51517"><span id="yui_3_16_0_1_1430668032630_51516" style="font-weight: bold;">Sent:</span></b> Monday, 4 May 2015, 21:03<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: [db-wg] Proposal regarding Orphaned Objects<br> </font> </div> <div id="yui_3_16_0_1_1430668032630_51513" class="y_msg_container"><br>Andrea,<br clear="none"><br clear="none">On Monday, 2015-05-04 17:09:54 +0200,<br clear="none">Andrea Cima <<a shape="rect" ymailto="mailto:andrea@ripe.net" href="mailto:andrea@ripe.net">andrea@ripe.net</a>> wrote:<br clear="none">> In cases where legacy resources are not covered by a contractual<br clear="none">> relationship, the RIPE-NCC-LEGACY-MNT is not added, and so this<br clear="none">> functionality is not available.<br clear="none"><br clear="none">Right.<br clear="none"><br clear="none">> With regards to legacy resources, we mentioned the following in our<br clear="none">> impact analysis of the policy proposal:<br clear="none">> <br clear="none">> >> It is often not clear if the legitimate holder of these resources<br clear="none">> >> is the organisation that received the resources from InterNIC for<br clear="none">> >> redistribution, or the subsequent organisation that received the<br clear="none">> >> resources. It is therefore not clear which of the organisations<br clear="none">> >> involved has the right to enter into a contractual agreement.<br clear="none">> >> <br clear="none">> >> When the situation presents itself where there are multiple layers<br clear="none">> >> of legacy resources distribution, it is the responsibility of the<br clear="none">> >> parties involved to find an agreement on which party is the<br clear="none">> >> legitimate holder of the legacy resource. Only when the parties<br clear="none">> >> involved have agreed on a decision, the RIPE NCC will evaluate a<br clear="none">> >> contractual relation request.<br clear="none">> <br clear="none">> <br clear="none">> In cases where holdership is unclear, the RIPE NCC needs to remain<br clear="none">> neutral and impartial for all organisations involved. Allowing the<br clear="none">> organisation maintaining the parent inetnum object to remove<br clear="none">> everything more specific would essentially mean taking a strong<br clear="none">> position regarding who the legitimate holder of the address space was.<br clear="none">> <br clear="none">> However, in cases where a contractual agreement is in place, the<br clear="none">> holder of the resources has already provided documentation supporting<br clear="none">> their claim to holdership of the resources, and have confirmed that<br clear="none">> they will follow RIPE Policies and RIPE NCC procedures.<br clear="none">> <br clear="none">> Of course, if the community believes that the holders of parent<br clear="none">> objects should automatically gain authority over everything more<br clear="none">> specific, we can implement this.<br clear="none"><br clear="none">So basically the answer is, "just sign a contract and you can clean up<br clear="none">your address space".<br clear="none"><br clear="none">While I sympathize with the RIPE NCC's position, the end result is that<br clear="none">this makes it more difficult to get correct information into the<br clear="none">database. I can easily imagine a well-intentioned network administrator<br clear="none">would be unwilling or unable to deal with the hassle of updating<br clear="none">contracts, so just gives up.<br clear="none"><br clear="none">Ultimately we are talking about changes to the database. The cost for<br clear="none">error is having to reverse these changes later. If someone has a<br clear="none">well-maintained inetnum object and it is deleted inappropriately then<br clear="none">they will get notified and can immediately start getting it fixed.<br clear="none"><br clear="none">Personally I am happy for the parent objects to gain authority over<br clear="none">everything more specific.<br clear="none"><br clear="none">Cheers,<div class="qtdSeparateBR"><br><br></div><div class="yqt3499399864" id="yqtfd41081"><br clear="none"><br clear="none">--<br clear="none">Shane<br clear="none"><br clear="none"></div><br><br></div> </div> </div> </div></body></html>