On 09 Apr 2010 12:34, David Conrad wrote:
On Apr 9, 2010, at 7:07 AM, Owen DeLong wrote:
No, ARIN is not a regulator. Regulators have guns or access to people with guns to enforce the regulations that they enact. ARIN has no such power.
I'm a little confused on the distinction you're making. Today, ARIN can remove whois data/reverse delegations as a way of enforcing 'regulations'. In the future, assuming RPKI is deployed, ARIN could, in theory, revoke the certification of a resource. While not a gun, these are means of coercion. Are you being literal when you say "gun" or figurative?
As Mao famously said, power grows from the barrel of a gun. Regulators have (either directly or indirectly) lots of guns at their disposal to enforce their will on those they regulate, i.e. their regulations have the force of law. In contrast, ARIN's policies do not have the force of law. If operators choose not to look in ARIN's WHOIS database to verify addresses are registered to some org, or they choose to use another RDNS provider, or they choose to use a RPKI certificate scheme not rooted at ARIN/ICANN, that is their choice and ARIN couldn't do a damn thing to stop them. ARIN has no guns. S -- Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking