On 21 Jul 2019, at 7:32 AM, William Herrin <bill@herrin.us> wrote:
Having read their explanation, I think the folks involved had good reasons and the best intentions but this stinks like fraud to me. Worse, it looks like ARIN was complicit in the fraud -- encouraging and then supporting the folks involved as they established a fiefdom of their own rather than integrating with the organizations that existed.
Bill - ARIN routinely deals situations where the point of contact for a number resource did not have a formal organization at the time of issuance of the IP address block, and we are quite careful to make sure that the appropriate pedigree is maintained. It is important to realize that ARIN doesn’t automatically consider the responsible contact to be authoritative for an early assignment for any change requested (i.e. an early administrative contact cannot simply usurp an address block for any purpose they desire) but we do indeed recognize organization changes (such as incorporation) that are consistent with the original listed registrant and supported by the current administrative contact for the resource. As you are aware, there are individuals and businesses who operate as a “Doing Business As/DBA" or on behalf on an unincorporated organization at the time of issuance; it is a more common occurrence than one might imagine, and we have to deal with the early registrations appropriately based on the particular circumstance. ARIN promptly put processes in place so that such registrations, having been made on behalf of a particular purpose or organization, do not get misappropriated to become rights solely of the point of contact held for personal gain – indeed, there are cases where organizations are created with similar names for the purposes of hijacking number resources, but such cases don’t generally involve principles who were involved in the administration of the resources since issuance nor do they involve formalization of the registrant into a public benefit not-for-profit organization. Despite your assertions, it is not for ARIN to judge whether a given early number resource was issued to the “best” responsible contact/organization for the job; it is our job to simply maintain the registry according the policies set by the IETF and this community – to do anything else would result in haphazard administration and undermine the stability of the entire registry.
The "appearance of impropriety" is then magnified by ARIN deeming the matter a private transaction between it and the alleged registrants to which the pubic is not entitled to a detailed accounting.
As you are aware, Bill, number resource requests to ARIN are private, but the results end up quite visible in the public registry and there is a reporting process if you believe that any change has been made based on fraudulent information. If the folks would like number resource requests (such as transfer requests) to be public when submitted to ARIN, that is also possible, but would require very specific policy directing us accordingly. I do not know if the community would support such a change, but if you are interested in proposing such then you should review <https://www.arin.net/participate/policy/pdp/appendix_b/> for instructions on submission of a policy proposal. Thanks, /John John Curran President and CEO American Registry for Internet Numbers