Internet2 Network Security SIG

["Dale W. Carder" <>]

Thus spake  () on Mon, Apr 15, 2019 at 12:47:26PM -0400:
> 
> This subject can be a bit complex.

you win the understatement of the day.  ;-)

> Let me first say that creating ROAs (the records created using ARIN's 
> online system to associate a network with its origin AS) only require that 
> the organization have signed the standard Registry Service Agreement (RSA). 
> So there SHOULD BE NO BARRIER to creating ROAs. The Relying Party Agreement 
> is ONLY required to download and use ARIN's database of ROAs.

Not quite.  It depends on the specific version of the RSA you have in
place.  For example, the RSA's we have signed both for v6 and the legacy
RSA are of a vintage that doesn't cover ROA use, so we have to go back 
and re-litigate the terms to get to a modern version.

As a first step, I asked ARIN to produce the specific language we had
already mutually agreed to.  After being referred to their council and 
about 8 weeks later, they are still unable to produce the specific 
language we have in place.  We had maintained copies, but appears they 
did not. 

Dale