--On Thursday, March 24, 2005 16:32 -0500 Edward Lewis <Ed.Lewis@neustar.biz> wrote:
At 12:53 -0800 3/24/05, Owen DeLong wrote:
NO. Operational specifications and routing are the domain of the IETF and _NOT_ ARIN. ARIN is responsible for the stewardship of assigned numbers within the ARIN region. This includes IP addresses, Autonomous System Numbers, and, DNS delegations for reverses on IP addresses. While ARIN should consider routing issues and the operational impact of ARIN stewardship policies, and, ARIN also has an educational role in helping the community to understand BCP including operational BCP as it relates to IP Addresses, ASNs, and DNS, ARIN has no role in dictating or driving operational practices.
My question is not related to specification development but operational requirements of ARIN itself providing a service based on specifications.
E.g., picking something a bit more concrete that secure routing, should ARIN deploy DNSSEC support, once it is published (again), in 6 months? 12 months? 10 years? This will tell the staff what level of staffing is needed to accomplish the work. The policy discussion will let membership know whether it is willing to pay for this. (Open to the public or not, the membership determines what it pays.)
When DNSSEC is released again (whenver that may be), if ARIN constituency wants ARIN to support it, at least one such person will make a policy proposal. In the policy proposal, there will be a proposed or intended timeframe for implementation. This is a requirement of the policy process. If ARIN staff does not feel it can meet that timeframe, that will be part of the discussion in the Staff Impact slide that is presented with each proposal at the ARIN meeting(s) where the proposal is discussed.
Discretionary funding for supporting research within the IETF should exist too, to cover participation in development of specifications at an appropriate level of effort.
ARIN has, so far, expressed a desire not to do this. Indeed, ARIN has specifically encouraged ARIN members to participate individually in IETF, but, feels that ARIN as a body has no role to play there.
Let's say DNSSEC is ready for deployment. Does the impetus come from the ARIN staff or from the membership? (Maybe it comes from outside, but does it need to be made into a policy before the staff implements it?)
Neither. It comes from the ARIN constituency, which is the entire community of IP consumers within the ARIN region. The imeptus would come from a policy proposal. Anyone who has an interest can submit a policy proposal to ARIN.
I'm not sure ARIN has a change or innovation role. It is not unlikely that responsible stewardship includes a minimum of change and a preservation of stability and consistency.
ARIN has two definite roles when it comes to innovation. 1) Don't get in the way of innovation by the community and 2) provide expert advice when it comes to the development of specifications related to RIR functions. And ARIN ought to be wary of trends in the improvement of its internal operations.
Agreed. However, this is different from the impression I received from the earlier comments that seemed to suggest that ARIN had a role as an innovator. Finally, as to 1, to a certain extent, ARIN does have a partial responsibility to stand in the way of some innovation if in ARIN's view said innovation might be harmful to existing services.
An example of role number 1 is providing DNS services over IPv6 transport. An example of role number 2 is contributing to the discussion of the IRIS definitions for address registries. In neither case is ARIN leading the charge, but is playing a part in innovation.
I don't believe ARIN had any delay between ARIN beginning to issue IPv6 allocations and ARIN providing DNS/v6 services. Until such time as ARIN had policy and responsibility for issuing IPv6 addresses, ARIN had no reason whatsoever to provide any DNS/v6 services.
To come back to secure routing, the reason ARIN would be involved is that ARIN would be asked to publish information on who is allocated number resources. Although this is done in WhoIs now, there is a need to do this via whatever format is required by "secure routing." I'm sure the specification of secure routing will describe how to operate the protocol, but not address the server capacity nor topology needed.
Again, if that feature is desired by anyone in ARIN constituency, then, a relevant policy proposal will be put forth, and, the issue will be debated and addressed according to community consensus. I do not see this as dysfunctional.
Perhaps policies aren't the vehicle, but then how does the operational community get ARIN to supply services?
Policies _ARE_ the vehicle, and, I guess I don't understand what it is you think is dysfunctional about the policy process, since from what I can see, it addresses exactly the issues you describe above. Owen