On 26 Sep 2018, at 2:09 AM, Christopher Morrow <morrowc.lists@gmail.com<mailto:morrowc.lists@gmail.com>> wrote: (I'm going to regret posting this later, but...) On Tue, Sep 25, 2018 at 10:57 PM John Curran <jcurran@arin.net<mailto:jcurran@arin.net>> wrote: The significant difference for ARIN is that we operate under a different legal regime, and as a matter of US law, it appears that we cannot rely only upon terms and conditions published in our website as evidence of informed agreement; i.e. within the US legal framework, we need a specific act of acceptance in order to have a binding agreement. how is arin's problem here different from that which 'lets encrypt' is facing with their Cert things? Chris - The “Let’s encrypt” subscriber agreement (current version 1.2, 15 Nov 2018) includes "indemnify and hold harmless” clause, and parties affirmatively agree to those terms by requesting that ISRG issue a "Let’s Encrypt” Certificate to you. (I don’t know whether that process is particularly more or less onerous technically than the effort to download the ARIN TAL.) FYI, /John John Curran President and CEO ARIN