[Nlnog] [alex at nac.net: Can a Customer take their IP's with them? (Court says yes!)]
Sabri Berisha
sabri at cluecentral.net
Tue Jun 29 07:04:03 UTC 2004
Quote van Patrick Gilmore:
>Who cares what the court thinks? Are you mentioned in the TRO? If
>not, do a quick look at all CIDRs in ^8001$ and find any sub-CIDRs
>without _8001_ in the path. Your routers, you decide what to do with
>the prefix.
>Of course, if you just happen to uphold INTERNET STANDARDS and only
>accept routes from where they should originate, I'll buy you a drink at
>the next NANOG for being a good netizien. :)
----- Forwarded message from Alex Rubenstein <alex at nac.net> -----
Date: Mon, 28 Jun 2004 23:24:27 -0400 (Eastern Standard Time)
From: Alex Rubenstein <alex at nac.net>
To: nanog at nanog.org
Subject: Can a Customer take their IP's with them? (Court says yes!)
Please read -- this is lengthy, and important to the industry as a whole.
We ask for, and solicit, comments, letters of support, etc., for our
position. We are looking for people to take a position on this, and come
forward, perhaps even to provide an affidavit or certification. Something
along the lines of a 'friend of the court' brief, or even comments as to
why we are wrong.
Read on.
There has been a Temporary Restraining Order (TRO) issued by state court
that customers may take non-portable IP space with them when they leave
their provider. Important to realize: THIS TEMPORARY RESTRAINING ORDER HAS
BEEN GRANTED, AND IS CURRENTLY IN EFFECT. THIS IS NOT SOMETHING THAT COULD
HAPPEN, THIS IS SOMETHING THAT HAS HAPPENED. THERE IS AN ABILITY TO
DISSOLVE IT, AND THAT IS WHAT WE ARE TRYING TO DO.
This is a matter is of great importance to the entire Internet community.
This type of precedent is very dangerous. If this ruling is upheld it has
the potential to disrupt routing throughout the Internet, and change
practices of business for any Internet Service Provider.
In the TRO, the specific language that is enforced is as follows:
"NAC shall permit CUSTOMER to continue utilization through any
carrier or carriers of CUSTOMER's choice of any IP addresses that were
utilized by, through or on behalf of CUSTOMER under the April 2003
Agreement during the term thereof (the "Prior CUSTOMER Addresses") and
shall not interfere in any way with the use of the Prior CUSTOMER
Addresses, including, but not limited to:
(i) by reassignment of IP address space to any customer;
aggregation and/or BGP announcement modifications,
(ii) by directly or indirectly causing the occurrence of
superseding or conflicting BGP Global Routing Table entries; filters
and/or access lists, and/or
(iii) by directly or indirectly causing reduced prioritization or
access to and/or from the Prior CUSTOMER Addresses, (c) provide CUSTOMER
with a Letter of Authorization (LOA) within seven (7) days of CUSTOMER's
written request for same to the email address/ticket system
(network at nac.net), and (d) permit announcement of the Prior CUSTOMER
Addresses to any carrier, IP transit or IP peering network."
We believe this order to be in direct violation of ARIN policy and the
standard contract that is signed by every entity that is given an
allocation of IP space. The ARIN contract strictly states that the IP
space is NOT property of the ISP and can not be sold or transferred. The
IP blocks in question in this case are very clearly defined as
non-portable space by ARIN.
Section 9 of ARIN's standard Service Agreement clearly states:
"9. NO PROPERTY RIGHTS. Applicant acknowledges and agrees that the
numbering resources are not property (real, personal or intellectual) and
that Applicant shall not acquire any property rights in or to any
numbering resources by virtue of this Agreement or otherwise. Applicant
further agrees that it will not attempt, directly or indirectly, to obtain
or assert any trademark, service mark, copyright or any other form of
property rights in any numbering resources in the United States or any
other country."
[ Full ARIN agreement http://www.arin.net/library/agreements/rsa.pdf ]
Further, it is important to realize that this CUSTOMER has already gotten
allocations from ARIN over 15 months ago, and has chosen not to renumber
out of NAC IP space. They have asserted that ARIN did not supply them with
IP space fast enough to allow them to renumber. Since they have gotten
allocations from ARIN, we are confident they have signed ARIN's RSA as
well, and are aware of the above point (9).
If this ruling stands and a new precedent is set, any customer of any
carrier would be allowed to take their IP space with them when they leave
just because it is not convenient for them to renumber. That could be a
single static IP address for a dial-up customer or many thousands of
addresses for a web hosting company. This could mean that if you want to
revoke the address space of a spammer customer, that the court could allow
the customer to simply take the space with them and deny you as the
carrier (and ARIN) their rights to control the space as you (and ARIN) see
fit.
REMEMBER, THE INTERNET USED TO BE BASED UPON PORTABLE IP SPACE, AND IS NO
LONGER FOR SEVERAL TECHNICAL REASONS.
It is important to understand that this is not a situation where a
customer is being forced to leave on short notice. NAC has not revoked the
IP space of the customer. This is a situation where a customer is
exercising their option not to renew their services and is leaving
voluntarily. In addition the customer in question was granted their own IP
space OVER A YEAR AGO and simply chose not to renumber their entire
network. The key issue is that they want to take the space with them AFTER
they leave NAC and are NO LONGER A CUSTOMER.
Why this TRO is bad for the Internet:
1. It undermines ARIN's entire contract and authority to assign IP space.
2. It means that once IP addresses have been assigned / SWIP'ed to a
Customer that the Customer may now have the right to continued use of
those addresses even if the customer leaves the service of the Provider.
In other words the right of the Provider to maintain control and use of
the address space assigned to his network, is to now be subject to the
Customer going to a State Court and getting an Order to take such space
with them. Instead of the Addresses being allocated by delegated
authority of the Department of Commerce and ARIN they become useable by
anyone who convinces a Judge that they have a need for the addresses.
It appears the Customer can keep the addresses for as long as it pleases
the State Court and as long as the Customer can judicially hijack the
space.
The tragic part of this is that the Court which issues the Order does not
even have to hear expert testimony. So the Court can issue such Order
without fully understanding the Internet Technology that is affected or
the havoc it could cause in National and International Communications.
3. Significant potential for routing havoc as pieces of non-portable
blocks of space are no longer controlled by the entity that has the
assignment from ARIN, but by the end user customer for as long as that
customer wants to use them. If the customer was causing a routing problem
by improper routing confirmation the carrier would lose their authority to
revoke or limit the use of the IP space to protect the stability of the
carrier's network. In other words, court-compelled LOAs are a 'bad thing.'
4. Because the IP space is still assigned to the carrier, the carrier
would potentially be responsible to continue to respond to all SPAM and
hacking complaints, DMCA violations, and all other forms of abuse. All of
this abuse responsibility and liability would continue with no recourse to
revoke or limit IP space of that customer and no ability to receive
financial compensation for that task. This is not a theoretical problem,
in the case of this customer we have received numerous abuse complaints
throughout their history as a customer. While they have generally resolved
these issues, it still is a real cost for us to handle. This is something
that has the potential to create a massive burden for the carrier.
5. It would fundamentally change the long standing policy that the carrier
that has the IP space assigned to them has the right to assign and revoke
the IP space as it sees fit, and that the customer has no rights to the IP
space other then the rights that the carrier gives them (through a
delegation from ARIN).
6. If the customer is being DDOSed, or attacked (perhaps they may
even instigate it purposely), and then stops announcing the more
specific routes, the attack when then flow to us, the innocent
bystander. Essentially, the customer could cause a DDOS for which I will
then be billed for. This type of thing has been known to happen in the
past (but not with this CUSTOMER).
As you can see, this TRO has widespread effects, and is something that
everyone in the industry could be affected by. If this precedent is set,
you will soon have everyone acting as if IP's are property, and something
that they are entitled to. I ask for input from everyone in the community
on this. We don't think we're crazy, but want to make sure.
----- End forwarded message -----
--
Sabri, "I route, therefore you are"
Bescherm de digitale burgerrechten: http://www.bof.nl/donateur.html
More information about the NLNOG
mailing list