They have stopped talking to us now, which is a shame.

The problem is quite well summed up in the RIPE policy document on this. Basically, until recently, PI space was issued without any contract.

The problem is that, without a contract, there is no way to ensure the end user follows RIPE policies, as there is no way to ensure PI space is returned if the end user does not follow RIPE policies. This is indeed a problem.

The solution that the community has come up with is to, err, make a policy which requires end users to have a contract.

So the solution to not being able to enforce policies is make a new policy, and to pretend that this new policy is enforceable.

Once the new policy is followed (contract in place) then all policies are enforceable.

It is a paradox though. If the new policy is enforceable, then so are the rest, by whatever means the new policy is. That means a contract is not needed because RIPE do have a way to enforce RIPE policies, so the new policy is not needed! If RIPE don't have a way to enforce policies, then the policy to have a contract is not enforceable so pointless.

I am appalled at the way we as a community have tried to do this. I should have been more involved in the discussions on this as a RIPE member myself. I was not. I do agree that all new PI space should have a contract - that is fine.

The key thing here is the wording in the policy about the end users returning resources. If an end user does not follow this new policy but does not return the resources then they still have them. If RIPE could simply take back resources then there would be no need for a contract with existing PI holders, but the policy document clearly recognises that end users would have to actually return the resources.

If the end user still has them then RIPE NCC have an obligation to ensure the RIPE NCC database is correct for use by all its members. If the end user still has the PI space then RIPE NCC should correctly record that in the database - otherwise the database is useless.

So far we have a string of unanswered questions for RIPE NCC on this...

1. The contract is being forced by coercion or duress in that RIPE NCC are saying they will remove database records which will effectively break the Internet connectivity. Forcing someone in to a contract is against the principle of contracts and a contract formed under duress is not valid.

2. The contract does not offer the end user anything. It gives the PI space (which the end user already has) and applies restrictions and gives third party rights, but does not give the end user anything new. It does not guarantee a RIPE database record and explicitly does not guarantee Internet connectivity which is what the end user wants. A contract with no consideration is not a valid contract, which means that the third party rights to RIPE NCC are not valid either.

3. If the end user does not enter into this contract then they are in breach of RIPE policy. But there is no contract requiring them to adhere to RIPE policy so that does not matter. They do not have to return the PI space to RIPE. If the end user still has PI space then transit providers should honour it (even in the absence of RIPE database entry) and refusing to do it starts to raise issues that relate to the Communications Act and could involve OFCOM. Forcing people to accept IP announcements outside of the RIPE database is bad - the right thing to do is for RIPE NCC to ensure the database is correct and reflects that the end user has not returned the PI space.

Current plan is end user signs a contract, though has a cover note explaining that the contract is signed on the basis that the end user knows it is not valid or enforceable and that the end user has no intention of granting rights to RIPE NCC as a third party. If it can be shown the parties to the contract did not intend to grant rights to a third party then the contract cannot do so even if it is deemed otherwise to be valid.

I think, as a community, we should do better in future.

I think RIPE NCC should not be ignoring me now that we finally have a fairly good and well formed argument why what they are doing is wrong.

No comments:

Post a Comment

Comments are moderated purely to filter out obvious spam, but it means they may not show immediately.

TOTSCO changing the rules again

One of the big issues I had in initial coding was the use of correlationID on messages. The test cases showed it being used the same on a se...