Re: A way that ARIN can help encourage RPKI adoption

[John Curran <jcurran () arin net>]

> On 12 Apr 2022, at 11:38 PM, Doug Barton <dougb () dougbarton us> wrote:
>
> On 4/6/22 10:55 AM, John Curran wrote:
> > Interesting philosophy - historically ARIN customers have asked for simplicity in the relationship; i.e. a single 
> > fee that encompasses all of the services - in this way, an organization can utilize something without having to “get 
> > new approval” and there’s no financial or service disincentive for deployment of IPv6, IRR, RPKI, etc.
> > Feel free to propose an alternative structure if you think it makes sense - the suggestion process would be a good 
> > step (but feel free to run for the ARIN Board of Trustees if you want to really advocate for a different approach.)
>
> John,
>
> I think you raise an interesting point here. From an outside perspective it seems to me that ARIN is using RPKI 
> participation as leverage to get legacy space holders to sign an LRSA. You have mentioned in past messages that this 
> is at least in part based on the desire to recover costs related to providing that service. So let's look creatively 
> at the cost issue.
>
> Taking that claim at face value, I wonder if it's possible for ARIN to compromise slightly here, in the interest of 
> encouraging the adoption of RPKI to the benefit of the Internet community. My suggestion is to open participation in 
> RPKI to anyone with legacy space who is paying ARIN a fee for service, regardless of LRSA status.
>
> Someone else mentioned creating a lightweight agreement for legacy space holders who want RPKI, which I think is a 
> good idea. I'm not up on the current contents of the LRSA, but I imagine that there is an indemnification clause. I 
> would be surprised if your lawyers didn't want that for the situation I'm proposing as well. Being lawyers, I imagine 
> that they can come up with other things too.  :)  But given that you're already contracting with these parties for 
> other services, a "rider" for RPKI should be easily accomplished.

Doug, we’re not contracting with these parties to provide any other services…i.e.  there’s nothing to "add a rider to”.
(Those who have any registration services agreement with ARIN already have access to all services incl. RPKI) 

Based on feedback received over the years, we’ve revised the terms of RSA and LRSA several times to provide for 
friendlier terms and conditions - at this point they’re actually the same agreement (See 
https://www.arin.net/vault/announcements/2015/20151007.html)  

We remain open to suggestions for improving the registration services agreement for all of ARIN’s customers – if the 
community comes up with further changes, we can incorporate (but that will need to be per a member vote since we also, 
per community request, locked down the agreement so it couldn’t be unilaterally changed by the ARIN.)   

ARIN’s RSA is structured appropriately for a not-for-profit membership organization in which members have open 
participation and governance mechanisms that help them shape the services, policies and fees that will be provided.  If 
one looks at the RSA expecting it to be a commercial services agreement (e.g., such as one would receive for domain 
name hosting) then indeed it is quite different, but that’s because the RiRs are structured as five cooperating 
not-for-profit membership organizations that instantiate the cooperation within the network operator community for a 
globally unique Internet number registry, with agreements that have everyone joining the registry system for that 
purpose. This works extremely well and meets the expectations of many of the registry customers globally – but such a 
model doesn’t align with the expectations voiced by some legacy resource holders.  

I also would like to see RPKI more widely deployed, and happy to work on making the RSA “more lightweight” for all ARIN 
customers to the extent possible, but that requires clearly articulated feedback on changes that need to be made, 
including the reasoning.  Those with legacy resources have been receiving free basic services for nearly 25 years, and 
even now have a very favorable cap on their annual ARIN fees if they do enter into an RSA – i.e., there are incentives 
in place, and the situation for a legacy resource holder who signed an RSA is actually more favorable than the 15000+ 
other ARIN customers who don’t receive the more favorable terms. 

The good news is that this is ultimately in the hands of the ARIN membership, so engagement with that community on 
further desired changes for legacy resource holders is the best path forward. 

Thanks,
/John

John Curran
President and CEO
American Registry for Internet Numbers