From info at mininghamster.com Wed Jan 10 22:36:52 2018 From: info at mininghamster.com (Patrick Schauer) Date: Wed, 10 Jan 2018 22:36:52 +0100 Subject: [address-policy-wg] permanently % denied Message-ID: Why your service blocked many of my customers? how can we delete your entries? Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum From gert at space.net Fri Jan 12 16:27:08 2018 From: gert at space.net (Gert Doering) Date: Fri, 12 Jan 2018 16:27:08 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: References: Message-ID: <20180112152707.GA3355@Space.Net> Dear AP WG, so, the extended discussion phase ended some two weeks ago, and this is our conclusion: - there were some voices that state "this is not going far enough, we should do a proper and more encompassing IPv6 policy review". We've had the question on "shall we go there?" on the list, and while there was some support, there was also some opposition to a more general reorganization, so we're not going to this *in the scope of this proposal*. We can (and I assume we will :) ) return to the wider topic with more consideration in a separate proposal. - there was one voice that said "we have no problem with the policy here, we do not need to do anything!" - which I considered addressed due to the NCC stating that they need better guidance - there were quite a number of supportive voices - some of them expressing (in their own words) that we should go for the basic fix *now*, and we can always come back and improve things later on Thus, I declare that we have consensus according to PDP. With that, we move 2016-04 to Last Call. Marco will send the formal announcement for that in the next days. For reference, a list of people that voiced support or opposition (or something else) in the previous review phase is appended below. This is what I have based my decision on. If you disagree with my interpretation of what has been said and the conclusion I have drawn from it, please let us know. Gert Doering, Address Policy WG Chair Review Phase for V2.0, starting October 19, 2017 (extended once, to December 27) During the last Review Phase X persons stated their support for this latest version of 2016-04: Ondrej Caletka (with a remark about the risk of operator-abuse) Nick Hilliard David Farmer (supporting the policy, but would prefer different language) Sebastian Wiesinger Erik Bais (supporting any less restrictive PI policy, as long as the "no documentation = /48" limit is kept) Richard Hartmann Sebastian Becker Matthias Kluth Leon Weber Arash Naderpour Peter Hessler The following persons offered remarks, or asked for clarification Leo Vegoda, on "how does the RIPE NCC allocation algorithm work" (answered by Gert Doering, Andrea Cima. Followup question by Maximilian Wilhelm about PI assignment and reservations did not get an anwer, but since that sub-thread was mostly curiosity, I do not see it as directly relevant for consensus) The following people opposed the proposal: Jordi Palet, on the ground that "we want a better solution than just an intermediate step, and this would be a complication" based on this, the WG chair started a sub-discussion "where does the WG want to go?" and there was no strong support to go to a stronger change (in particular for "removing the PI sub-assignment restrictions competely") - some support, but also very clear concern and opposition Comments on that sub-thread: Elvis Daniel Valea - asking for clarification Maximilian Wilhelm - "likes the idea, but thinks this will take longer, so go with 2016-04 v2.0 as it is *now*" Elvis Daniel Valea - "this is just a patch, we can do better" (supporting Jordi's extended proposal) Sebastian Wiesinger - "support 2016-04 as is, do not hold it up" Nick Hilliard - "this would be a substantial change and needs a good deal more attention" (I read: do not go there) (a bit more sub-sub-thread Jordi<->Nick, solidifying the "do not go there" stance) Erik Bais - "remove as much of the restriction as possible, but keep the /48 PI limit" - which I read as "general support" One of the opposing remark was that this would prevent "unique prefix per host" style allocations, but that was addressed by Marco at the APWG meeting already - the RS interpretation is "this would work". Kai Siering - "we do not need this, the NCC is interpreting the policy all wrong". As nobody else sees it that way, the chairs consider this objection addressed. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From jordi.palet at consulintel.es Mon Jan 15 11:21:10 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 11:21:10 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <20180112152707.GA3355@Space.Net> References: <20180112152707.GA3355@Space.Net> Message-ID: <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> Hi Gert, all, Obviously, I don?t agree, just because for me, ?consensus? is having no objections, not a ?democracy voting?. I also feel that the way this has been done, extending the discussion, so allowing the proposer to participate in a conference, and then asking the participants to ?speak up? to support his proposal, is not nice/fair. I recall that was mention in the list, or I heard it somewhere else ? This basically means that I can also do the same every month when I speak in about IPv6 in a conference, for any subsequent proposal that I submit, and get hundreds of ?support voices? even if there is objection (for example to remove PI), or even more, I could register tons of emails and speak up in favor of my own proposal, and of course, there is nothing in the PDP that disallows that (if anyone is able to demonstrate that is my own voice cloned). Note that I?m not saying I?m the kind of person that will do that, just to make clear why this is not fair and is not ?consensus? in my opinion. In fact, my concern on this, is not just related to this proposal, but the process in general. Furthermore, I will like a clarification from NCC about what I mention in the mike, I think is this comment: One of the opposing remark was that this would prevent "unique prefix per host" style allocations, but that was addressed by Marco at the APWG meeting already - the RS interpretation is "this would work". Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Gert Doering Fecha: viernes, 12 de enero de 2018, 16:27 Para: Marco Schmidt CC: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) Dear AP WG, so, the extended discussion phase ended some two weeks ago, and this is our conclusion: - there were some voices that state "this is not going far enough, we should do a proper and more encompassing IPv6 policy review". We've had the question on "shall we go there?" on the list, and while there was some support, there was also some opposition to a more general reorganization, so we're not going to this *in the scope of this proposal*. We can (and I assume we will :) ) return to the wider topic with more consideration in a separate proposal. - there was one voice that said "we have no problem with the policy here, we do not need to do anything!" - which I considered addressed due to the NCC stating that they need better guidance - there were quite a number of supportive voices - some of them expressing (in their own words) that we should go for the basic fix *now*, and we can always come back and improve things later on Thus, I declare that we have consensus according to PDP. With that, we move 2016-04 to Last Call. Marco will send the formal announcement for that in the next days. For reference, a list of people that voiced support or opposition (or something else) in the previous review phase is appended below. This is what I have based my decision on. If you disagree with my interpretation of what has been said and the conclusion I have drawn from it, please let us know. Gert Doering, Address Policy WG Chair Review Phase for V2.0, starting October 19, 2017 (extended once, to December 27) During the last Review Phase X persons stated their support for this latest version of 2016-04: Ondrej Caletka (with a remark about the risk of operator-abuse) Nick Hilliard David Farmer (supporting the policy, but would prefer different language) Sebastian Wiesinger Erik Bais (supporting any less restrictive PI policy, as long as the "no documentation = /48" limit is kept) Richard Hartmann Sebastian Becker Matthias Kluth Leon Weber Arash Naderpour Peter Hessler The following persons offered remarks, or asked for clarification Leo Vegoda, on "how does the RIPE NCC allocation algorithm work" (answered by Gert Doering, Andrea Cima. Followup question by Maximilian Wilhelm about PI assignment and reservations did not get an anwer, but since that sub-thread was mostly curiosity, I do not see it as directly relevant for consensus) The following people opposed the proposal: Jordi Palet, on the ground that "we want a better solution than just an intermediate step, and this would be a complication" based on this, the WG chair started a sub-discussion "where does the WG want to go?" and there was no strong support to go to a stronger change (in particular for "removing the PI sub-assignment restrictions competely") - some support, but also very clear concern and opposition Comments on that sub-thread: Elvis Daniel Valea - asking for clarification Maximilian Wilhelm - "likes the idea, but thinks this will take longer, so go with 2016-04 v2.0 as it is *now*" Elvis Daniel Valea - "this is just a patch, we can do better" (supporting Jordi's extended proposal) Sebastian Wiesinger - "support 2016-04 as is, do not hold it up" Nick Hilliard - "this would be a substantial change and needs a good deal more attention" (I read: do not go there) (a bit more sub-sub-thread Jordi<->Nick, solidifying the "do not go there" stance) Erik Bais - "remove as much of the restriction as possible, but keep the /48 PI limit" - which I read as "general support" One of the opposing remark was that this would prevent "unique prefix per host" style allocations, but that was addressed by Marco at the APWG meeting already - the RS interpretation is "this would work". Kai Siering - "we do not need this, the NCC is interpreting the policy all wrong". As nobody else sees it that way, the chairs consider this objection addressed. ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From mschmidt at ripe.net Mon Jan 15 11:59:19 2018 From: mschmidt at ripe.net (Marco Schmidt) Date: Mon, 15 Jan 2018 11:59:19 +0100 Subject: [address-policy-wg] 2016-04 Last Call for Comments (IPv6 Sub-assignment Clarification) Message-ID: Dear colleagues, Proposal 2016-04, "IPv6 Sub-assignment Clarification", is now in Concluding Phase. The goal of this proposal is to re-define the term "sub-assignment" for IPv6. The WG Chair has declared that rough consensus has been reached and the proposal will now move to Last Call. As per the RIPE Policy Development Process (PDP), the purpose of this four week Concluding Phase is to give an opportunity to present well-justified objections for those who missed the previous two phases and wish to oppose the proposal. Any objection must be made by 13 February 2018 and must be supported by an explanation. If no substantive objections are raised by the end of Last Call, the proposal will complete the PDP and will be evaluated by the WG Chairs for consensus. You can find the full proposal at: https://www.ripe.net/participate/policies/proposals/2016-04 Please e-mail any final comments about this proposal to before 13 February 2018. Regards, Marco Schmidt Policy Development Officer RIPE NCC Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum From jim at rfc1035.com Mon Jan 15 12:04:41 2018 From: jim at rfc1035.com (Jim Reid) Date: Mon, 15 Jan 2018 11:04:41 +0000 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> Message-ID: > On 15 Jan 2018, at 10:21, JORDI PALET MARTINEZ via address-policy-wg wrote: > > > Obviously, I don?t agree, just because for me, ?consensus? is having no objections Jordi, whatever definition of consensus someone chooses is up to them. That doesn't mean it's right or the one that everybody else has to adopt. [We decide the definition of consensus by consensus. :-)] Consensus does not mean there have to be no objections. That's unanimous consensus. There's a difference. An important difference. Maybe something is getting lost in translation? ie the Spanish for "consensus" means something similar to the definition you're using. There can be consensus in RIPE (and other fora such as IETF and ICANN) even when there are objections. RFC7282 goes into this in great detail. If we relied on unanimous consensus for decisions, nothing would ever get done because anyone would have a veto that could block progress. And in a very diverse community like RIPE, it'll be impossible for everyone to agree on everything. From nick at foobar.org Mon Jan 15 12:17:14 2018 From: nick at foobar.org (Nick Hilliard) Date: Mon, 15 Jan 2018 11:17:14 +0000 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> Message-ID: <5A5C8DBA.5000200@foobar.org> JORDI PALET MARTINEZ via address-policy-wg wrote: > Obviously, I don?t agree, just because for me, ?consensus? is having > no objections, not a ?democracy voting?. APWG aims to follow the IETF approach to consensus, as defined in rfc7282. This explicitly allows for consensus to be declared even if there are outstanding objections. Nick From joao at bondis.org Mon Jan 15 12:34:34 2018 From: joao at bondis.org (Joao Damas) Date: Mon, 15 Jan 2018 12:34:34 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> Message-ID: Jim, Jordi, > On 15 Jan 2018, at 12:04, Jim Reid wrote: > > Maybe something is getting lost in translation? ie the Spanish for "consensus" means something similar to the definition you're using. Could well be. In both English and Spanish (and other languages) consensus derives from Latin, consentire, for ?allow or agree to?. In the English language consensus has evolved to usually mean a ?general agreement? whereas in Spanish it implies consent, and therefore an objection implies no consent. Just clarifying the language and not taking a position on this at this time. > > If we relied on unanimous consensus for decisions, nothing would ever get done because anyone would have a veto that could block progress. And in a very diverse community like RIPE, it'll be impossible for everyone to agree on everything. Well, that feels like just a way of cutting a discussion short. One might want to read on the Dutch polder-model as an example of how to cooperate with recognised differences. Joao From mschmidt at ripe.net Mon Jan 15 12:53:22 2018 From: mschmidt at ripe.net (Marco Schmidt) Date: Mon, 15 Jan 2018 12:53:22 +0100 Subject: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) In-Reply-To: <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> Message-ID: Dear Jordi, Thank you for your question. On 2018-01-15 11:21:10 CET, Jordi Palet Martinez wrote: > Furthermore, I will like a clarification from NCC about what I mention in the mike, I think is this comment: > > One of the opposing remark was that this would prevent "unique prefix > per host" style allocations, but that was addressed by Marco at the > APWG meeting already - the RS interpretation is "this would work". > My comment during the Address Policy WG session at RIPE 75 was referring to configuration mechanisms where a /64 is needed per customer to provide a separate address, for instance by using dedicated (V)LANs to connect WiFi customers. Such mechanisms will be considered in line with the policy. Section A of the impact analysis provides more details on our understanding for these cases. https://www.ripe.net/participate/policies/proposals/2016-04 I hope this clarifies. Kind regards, Marco Schmidt Policy Development Officer RIPE NCC Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum From gert at space.net Mon Jan 15 12:59:32 2018 From: gert at space.net (Gert Doering) Date: Mon, 15 Jan 2018 12:59:32 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> Message-ID: <20180115115932.GP45648@Space.Net> Hi, On Mon, Jan 15, 2018 at 12:34:34PM +0100, Joao Damas wrote: > Well, that feels like just a way of cutting a discussion short. > One might want to read on the Dutch polder-model as an example of > how to cooperate with recognised differences. APWG works on "rough consensus" and "all objections have been *addressed*" - which does not require "the person raising the objection is convinced and withdraws his or her objection". We try to convince :-) - but since this does not always work, it's called "rough" consensus. Besides this, there is different types of objections - "I fully object to changing anything in this general direction, ever!" - "I think this is good, but I disagree with the wording, because..." - "I think this is good, and I see the need for a change, but the proposed policy change is not the right way to do it / is too limited, we should aim for a larger and more encompassing change" Type 1 objections can not be "postponed" - if you go somewhere against strong objection to the general direction, you need convincing, counter arguments, and occasionally you end up at "withdraw due to no consensus" (and sometimes the consensus is rougher than usual). Type 2 objections are usually dealt with by going through a few review cycles with new text, incorporating such input into new versions of the document. This is what we've had here: there was feedback to earlier policy text, and Max did quite a few rounds based on that feedback, together with RS, to come up with text that is clear to RS and to the WG. Type 3 objections can be handled by taking notice of them, and starting a new policy proposal with the larger change after this one is done. Jordi's is - as I explained in my summary mail without detailling these categories - "type 3". The WG has discussed his alternative idea, and there was not enough backing to change 2016-04 into something more general - instead there was support to finish 2016-04 *now*, instead of leaving those impacted by the current policy shortcomings waiting further, until we have consensus on how a larger policy change would look like. Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From joao at bondis.org Mon Jan 15 13:04:27 2018 From: joao at bondis.org (Joao Damas) Date: Mon, 15 Jan 2018 13:04:27 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <20180115115932.GP45648@Space.Net> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <20180115115932.GP45648@Space.Net> Message-ID: Excellent Thanks Joao > On 15 Jan 2018, at 12:59, Gert Doering wrote: > > Hi, > > On Mon, Jan 15, 2018 at 12:34:34PM +0100, Joao Damas wrote: >> Well, that feels like just a way of cutting a discussion short. >> One might want to read on the Dutch polder-model as an example of >> how to cooperate with recognised differences. > > APWG works on "rough consensus" and "all objections have been *addressed*" > - which does not require "the person raising the objection is convinced > and withdraws his or her objection". We try to convince :-) - but since > this does not always work, it's called "rough" consensus. > > Besides this, there is different types of objections > > - "I fully object to changing anything in this general direction, ever!" > - "I think this is good, but I disagree with the wording, because..." > - "I think this is good, and I see the need for a change, but the > proposed policy change is not the right way to do it / is too limited, > we should aim for a larger and more encompassing change" > > > Type 1 objections can not be "postponed" - if you go somewhere against > strong objection to the general direction, you need convincing, counter > arguments, and occasionally you end up at "withdraw due to no consensus" > (and sometimes the consensus is rougher than usual). > > Type 2 objections are usually dealt with by going through a few review > cycles with new text, incorporating such input into new versions of the > document. This is what we've had here: there was feedback to earlier > policy text, and Max did quite a few rounds based on that feedback, > together with RS, to come up with text that is clear to RS and to the WG. > > Type 3 objections can be handled by taking notice of them, and starting a > new policy proposal with the larger change after this one is done. > > > Jordi's is - as I explained in my summary mail without detailling these > categories - "type 3". The WG has discussed his alternative idea, and > there was not enough backing to change 2016-04 into something more general > - instead there was support to finish 2016-04 *now*, instead of leaving > those impacted by the current policy shortcomings waiting further, until > we have consensus on how a larger policy change would look like. > > Gert Doering > -- APWG chair > -- > have you enabled IPv6 on something today...? > > SpaceNet AG Vorstand: Sebastian v. Bomhard > Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann > D-80807 Muenchen HRB: 136055 (AG Muenchen) > Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 873 bytes Desc: Message signed with OpenPGP URL: From jordi.palet at consulintel.es Mon Jan 15 13:09:27 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 13:09:27 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> Message-ID: <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> Hi Jim, I agree that is not ?unanimity?, but I don?t think there is consensus on this proposal, and even less I think is fair to extend the review period ?because? a proposal has been brought in the last minute to another fora, when the chairs already declared ?that we don?t have consensus?. See this message: https://www.ripe.net/ripe/mail/archives/address-policy-wg/2017-November/012271.html Is something that we should do for every policy proposal that don?t reach consensus? Is this meaning that we will always ?extend? the PDP timeline *until* we reach consensus? Then, my reading is that EVERY policy proposal can always reach consensus, is just a matter of finding enough folks (or virtual voices) that register into the mailing list and support the proposal vs non-supporters. Not sure if you see my point? Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Jim Reid Fecha: lunes, 15 de enero de 2018, 12:05 Para: JORDI PALET MARTINEZ CC: Asunto: [address-policy-wg] what does consensus mean > On 15 Jan 2018, at 10:21, JORDI PALET MARTINEZ via address-policy-wg wrote: > > > Obviously, I don?t agree, just because for me, ?consensus? is having no objections Jordi, whatever definition of consensus someone chooses is up to them. That doesn't mean it's right or the one that everybody else has to adopt. [We decide the definition of consensus by consensus. :-)] Consensus does not mean there have to be no objections. That's unanimous consensus. There's a difference. An important difference. Maybe something is getting lost in translation? ie the Spanish for "consensus" means something similar to the definition you're using. There can be consensus in RIPE (and other fora such as IETF and ICANN) even when there are objections. RFC7282 goes into this in great detail. If we relied on unanimous consensus for decisions, nothing would ever get done because anyone would have a veto that could block progress. And in a very diverse community like RIPE, it'll be impossible for everyone to agree on everything. ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jordi.palet at consulintel.es Mon Jan 15 13:20:42 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 13:20:42 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <5A5C8DBA.5000200@foobar.org> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> Message-ID: <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> Hi Nick, I participate on IETF, and I know RFC7282, however I fail to see in our PDP that we are bound to that RFC? I also just read again the PDP, and my understanding is that we are doing something different than what the process say, following https://www.ripe.net/publications/docs/ripe-642 I don?t see how a policy proposal that at the end of the review phase (maximum 4 weeks), has not reached consensus, as the only alternative is a ?new? review phase, with a new version of the proposal: >From the PDP: ?The WG chair can also decide to have the draft RIPE Document edited and start a new Review Phase with a new version of the proposal.? Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Nick Hilliard Fecha: lunes, 15 de enero de 2018, 12:17 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) JORDI PALET MARTINEZ via address-policy-wg wrote: > Obviously, I don?t agree, just because for me, ?consensus? is having > no objections, not a ?democracy voting?. APWG aims to follow the IETF approach to consensus, as defined in rfc7282. This explicitly allows for consensus to be declared even if there are outstanding objections. Nick ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From sander at steffann.nl Mon Jan 15 13:24:11 2018 From: sander at steffann.nl (Sander Steffann) Date: Mon, 15 Jan 2018 13:24:11 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> Message-ID: Hi Jordi, > I agree that is not ?unanimity?, but I don?t think there is consensus on this proposal, and even less I think is fair to extend the review period ?because? a proposal has been brought in the last minute to another fora, when the chairs already declared ?that we don?t have consensus?. > > See this message: > > https://www.ripe.net/ripe/mail/archives/address-policy-wg/2017-November/012271.html > > Is something that we should do for every policy proposal that don?t reach consensus? Definitely not. As you can see from the history of APWG we have had plenty proposals that never reach consensus, and this is fine. > Is this meaning that we will always ?extend? the PDP timeline *until* we reach consensus? Nope. The extension was because you suggested a new approach (going further than what the current proposal was addressing) and we wanted to see if there was support in the community for your approach. It turned out that solving the current need with a good-enough solution was seen as more important than getting a perfect solution some time in the future. Short summary: - a problem was discovered in the IPv6 policy - we see consensus that this policy proposal solves that problem - we recognise that you would like an even better solution - and we'll happily work with you to achieve that! - but because this proposal solves the original problem we don't want to delay it > Then, my reading is that EVERY policy proposal can always reach consensus, is just a matter of finding enough folks (or virtual voices) that register into the mailing list and support the proposal vs non-supporters. > > Not sure if you see my point? I see what you are saying, and I disagree with it. Please see the mailing list archives to check the history of this working group. Cheers, Sander From sander at steffann.nl Mon Jan 15 13:28:31 2018 From: sander at steffann.nl (Sander Steffann) Date: Mon, 15 Jan 2018 13:28:31 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> Message-ID: <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> Hi Jordi, > I participate on IETF, and I know RFC7282, however I fail to see in our PDP that we are bound to that RFC? As Jim has said, the definition of consensus is determined by consensus :) And for this working group the chairs apply consensus roughly based on that RFC. > I also just read again the PDP, and my understanding is that we are doing something different than what the process say, following > > https://www.ripe.net/publications/docs/ripe-642 > > I don?t see how a policy proposal that at the end of the review phase (maximum 4 weeks), has not reached consensus, as the only alternative is a ?new? review phase, with a new version of the proposal: > > From the PDP: > ?The WG chair can also decide to have the draft RIPE Document edited and start a new Review Phase with a new version of the proposal.? In RIPE the chairs are allowed to use common sense and their own judgement when chairing a working group. Please don't try to make rules for everything, we're not lawyers, we're people trying to get work done in the best interests of this community. Cheers, Sander From richih.mailinglist at gmail.com Mon Jan 15 13:38:35 2018 From: richih.mailinglist at gmail.com (Richard Hartmann) Date: Mon, 15 Jan 2018 13:38:35 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> Message-ID: On Mon, Jan 15, 2018 at 11:21 AM, JORDI PALET MARTINEZ via address-policy-wg wrote: > This basically means that I can also do the same every month when I speak in about IPv6 in a conference, for any subsequent proposal that I submit, and get hundreds of ?support voices? even if there is objection (for example to remove PI), If mentioning your PDP in talks gathers hundreds of public support statements, your PDP is already the most popular one ever. Having seen the amount of "please speak up for this" vs the actual outcome, I would say that eleven support statements is already a lot. > or even more, I could register tons of emails and speak up in favor of my own proposal, and of course, there is nothing in the PDP that disallows that (if anyone is able to demonstrate that is my own voice cloned). That would be malicious; and potentially illegal in some jurisdictions. Richard From jordi.palet at consulintel.es Mon Jan 15 13:49:58 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 13:49:58 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> Message-ID: <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> Hi Sander, I know Gert and you very well, and I don?t have any doubt that it was not done in a ?malicious? way, but I think the PDP has not been followed correctly. Again, is not a matter of this concrete proposal, is a generic concern on the PDP application. Regards, Jordi -----Mensaje original----- De: Sander Steffann Fecha: lunes, 15 de enero de 2018, 13:28 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) Hi Jordi, > I participate on IETF, and I know RFC7282, however I fail to see in our PDP that we are bound to that RFC? As Jim has said, the definition of consensus is determined by consensus :) And for this working group the chairs apply consensus roughly based on that RFC. > I also just read again the PDP, and my understanding is that we are doing something different than what the process say, following > > https://www.ripe.net/publications/docs/ripe-642 > > I don?t see how a policy proposal that at the end of the review phase (maximum 4 weeks), has not reached consensus, as the only alternative is a ?new? review phase, with a new version of the proposal: > > From the PDP: > ?The WG chair can also decide to have the draft RIPE Document edited and start a new Review Phase with a new version of the proposal.? In RIPE the chairs are allowed to use common sense and their own judgement when chairing a working group. Please don't try to make rules for everything, we're not lawyers, we're people trying to get work done in the best interests of this community. Cheers, Sander ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jordi.palet at consulintel.es Mon Jan 15 14:21:39 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 14:21:39 +0100 Subject: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) In-Reply-To: References: <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> Message-ID: <554B2B78-F219-48F8-A407-CF4256CFCC85@consulintel.es> Hi Marco, I feel then contradictory this: 2.6 change Providing another entity with separate addresses (not prefixes) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. This includes for example letting visitors connect to the assignment holder's network, connecting a server or appliance to an assignment holder's network and setting up point-?to-point links with 3rd parties. Clearly say ?not prefixes?. While, in the impact analysis: ?If this proposal is accepted, it is the RIPE NCC?s understanding that for an IPv6 assignment, the provision of separate addresses to customers of the assignment holder will not be considered a sub-assignment. In IPv6 terms, a single address is a /128. There are cases where a /64 is needed per customer to provide a separate address, for instance by using dedicated (v)lans to connect Wifi customers or other configuration mechanisms discussed in the technical community. The RIPE NCC will consider such mechanisms as being in line with this policy and not a sub-assignment as long as the subnet size does not exceed a /64.? (by the way this mechanism is now RFC8273, so you could update the link to https://datatracker.ietf.org/doc/rfc8273/) I also don?t understand ?either by varying the prefix or interface identifier (IID) over time?. While I agree on the first part, if you change the IID, you may be using it for privacy, but it may be also that the link is being used by a different hosts, or even mutiple hosts. This may mean a broadband customer with a /64 from an ISP that has only PI ? I think this policy proposal is very harmful because it allows and even encourages, ISPs to just use PI and allocate customers with a single dynanic /128 or /64, which is terrible for IPv6 deployment. I believe this policy needs to: 1) Clearly allow /64 using RFC8273 2) Clearly disallow broadband services, unless is temporary ?hotspots? connections (and similar cases, for example, BYOD in corporate networks, guest WiFi, etc.) 3) Clearly disallow a service of more than ?few consecutive hours? (to avoid a company using PI to provide the service for employees or ?guest? continuously) 4) I?m concerned also because I?m not sure if we want to allow using this policy for datacenters. Should datacenters be PA or PI? I tend to believe that they should be PA, may be NCC stats on this can help to clarify it. So, with the current text of this proposal I opposse to it, as it clearly has very important contradictions that need to be resolved before implementing it. Clearly I?m sure everybody will agree on working in improving it and resolving those, instead of requiring going to an appeal process. This is a suggestion for an alternative text: ?Providing another entity with separate addresses (even /64 prefixes following RFC8273 or alternative technologies) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. This includes for example letting visitors and/or employees (BYOD) connect to the assignment holder's network, connecting a server or appliance to an assignment holder's network and setting up point-to-point links with 3rd parties. Provision of broadband services or connectivity to customers in a non-temporary way (?not a guest or employee for a few consecutive hours?) is considered a sub-assignment.? Thoughs? Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Marco Schmidt Fecha: lunes, 15 de enero de 2018, 12:53 Para: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) Dear Jordi, Thank you for your question. On 2018-01-15 11:21:10 CET, Jordi Palet Martinez wrote: > Furthermore, I will like a clarification from NCC about what I mention in the mike, I think is this comment: > > One of the opposing remark was that this would prevent "unique prefix > per host" style allocations, but that was addressed by Marco at the > APWG meeting already - the RS interpretation is "this would work". > My comment during the Address Policy WG session at RIPE 75 was referring to configuration mechanisms where a /64 is needed per customer to provide a separate address, for instance by using dedicated (V)LANs to connect WiFi customers. Such mechanisms will be considered in line with the policy. Section A of the impact analysis provides more details on our understanding for these cases. https://www.ripe.net/participate/policies/proposals/2016-04 I hope this clarifies. Kind regards, Marco Schmidt Policy Development Officer RIPE NCC Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jim at rfc1035.com Mon Jan 15 14:24:20 2018 From: jim at rfc1035.com (Jim Reid) Date: Mon, 15 Jan 2018 13:24:20 +0000 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> Message-ID: > On 15 Jan 2018, at 12:49, JORDI PALET MARTINEZ via address-policy-wg wrote: > > I think the PDP has not been followed correctly. In that case Jordi, you can use the PDP to raise those concerns. Though I think you're actually complaining about Gerd's consensus declaration on 2016-04 rather than whether the PDP has been followed or not. I quote from Section 3.2 of the PDP: Anyone who believes that the proposal has not been handled correctly or that the WG chair has made an incorrect determination of consensus should first raise the matter with the WG chair. If the dispute cannot be resolved with the WG chair, the Appeals Procedure can be invoked. And from Section 4: 4. Appeals Procedure If a grievance cannot be resolved with the chair of the WG the matter can be brought to the attention of the Working Group Chairs Collective (WGCC). Anyone may submit an appeal. This must be submitted to the relevant WG mailing list(s) and to the Policy Announce Mailing List (policy-announce at ripe.net). The appeal will also be published by the RIPE NCC at appropriate locations on the RIPE web site. Any appeal should include a detailed and specific description of the issues and clearly explain why the appeal was submitted. An appeal must be submitted no later than four weeks after the appealable action has occurred. AFAICT it's you who isn't following the PDP. :-) You don't seem to have discussed your objections to the consensus determination with the WG co-chairs or indicated that those discussions failed to resolve your complaint. No matter. If we've passed that point, you can still appeal to the WGCC. But that requires a detailed and specific description of the issues and an explanation of why the appeal was necessary. That hasn't happened. At least not yet. From jim at rfc1035.com Mon Jan 15 14:29:30 2018 From: jim at rfc1035.com (Jim Reid) Date: Mon, 15 Jan 2018 13:29:30 +0000 Subject: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) In-Reply-To: <554B2B78-F219-48F8-A407-CF4256CFCC85@consulintel.es> References: <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <554B2B78-F219-48F8-A407-CF4256CFCC85@consulintel.es> Message-ID: <253AB904-A791-4C41-937F-38C322D281ED@rfc1035.com> > On 15 Jan 2018, at 13:21, JORDI PALET MARTINEZ via address-policy-wg wrote: > > Hi Marco, > > I feel then contradictory this: ... detailed nit-picking of policy proposal deleted ... Jordi, we're past the point where substantive discussion of 2016-04 takes place. That's supposed to stop once a proposal reaches Last Call. I quote from Section 3.2 of the PDP again: At these stages of the process ? i.e. after the WG chair has declared initial consensus or the proposal is in Last Call ? complaints should not be about the policy proposal itself unless there are exceptional extenuating circumstances. From jordi.palet at consulintel.es Mon Jan 15 14:31:39 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 14:31:39 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> Message-ID: The point is not only the PDP, as I believe we are still on time to correct the policy proposal, which I think is broken and contradicting itself. See my last email on the details, and a proposed text to resolve it, which according to the PDP, we can still apply I think, without the need to wait for the concluding phase and then the appeal. Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Jim Reid Fecha: lunes, 15 de enero de 2018, 14:24 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) > On 15 Jan 2018, at 12:49, JORDI PALET MARTINEZ via address-policy-wg wrote: > > I think the PDP has not been followed correctly. In that case Jordi, you can use the PDP to raise those concerns. Though I think you're actually complaining about Gerd's consensus declaration on 2016-04 rather than whether the PDP has been followed or not. I quote from Section 3.2 of the PDP: Anyone who believes that the proposal has not been handled correctly or that the WG chair has made an incorrect determination of consensus should first raise the matter with the WG chair. If the dispute cannot be resolved with the WG chair, the Appeals Procedure can be invoked. And from Section 4: 4. Appeals Procedure If a grievance cannot be resolved with the chair of the WG the matter can be brought to the attention of the Working Group Chairs Collective (WGCC). Anyone may submit an appeal. This must be submitted to the relevant WG mailing list(s) and to the Policy Announce Mailing List (policy-announce at ripe.net). The appeal will also be published by the RIPE NCC at appropriate locations on the RIPE web site. Any appeal should include a detailed and specific description of the issues and clearly explain why the appeal was submitted. An appeal must be submitted no later than four weeks after the appealable action has occurred. AFAICT it's you who isn't following the PDP. :-) You don't seem to have discussed your objections to the consensus determination with the WG co-chairs or indicated that those discussions failed to resolve your complaint. No matter. If we've passed that point, you can still appeal to the WGCC. But that requires a detailed and specific description of the issues and an explanation of why the appeal was necessary. That hasn't happened. At least not yet. ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jim at rfc1035.com Mon Jan 15 14:34:36 2018 From: jim at rfc1035.com (Jim Reid) Date: Mon, 15 Jan 2018 13:34:36 +0000 Subject: [address-policy-wg] common sense and pragmatism In-Reply-To: <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> Message-ID: <06DD3F25-EBDB-4F75-BA4E-69C7556B8677@rfc1035.com> > On 15 Jan 2018, at 12:28, Sander Steffann wrote: > > In RIPE the chairs are allowed to use common sense and their own judgement when chairing a working group. Please don't try to make rules for everything, we're not lawyers, we're people trying to get work done in the best interests of this community. + zillions of bazillions Well said Sander! Your words should go to a far wider audience. In fact, I'd like to see them in a RIPE document that *everybody* is made to read. Regularly. Especially the people who want to build temples to process. From jordi.palet at consulintel.es Mon Jan 15 14:36:52 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 14:36:52 +0100 Subject: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) In-Reply-To: <253AB904-A791-4C41-937F-38C322D281ED@rfc1035.com> References: <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <554B2B78-F219-48F8-A407-CF4256CFCC85@consulintel.es> <253AB904-A791-4C41-937F-38C322D281ED@rfc1035.com> Message-ID: This is what I read in the PDP: It gives time to the community after the relevant WG chair declares rough consensus at the end of the Review Phase so that suggestions for any final changes or objections to the proposal can be sent to the WG mailing list. At this stage, objections need to be justified just as in the other phases for them to be taken into account. I think text in the policy contradicting the goal of the policy and the Impact analysis is a very objective reason to do something about it. Saludos, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Jim Reid Fecha: lunes, 15 de enero de 2018, 14:29 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) > On 15 Jan 2018, at 13:21, JORDI PALET MARTINEZ via address-policy-wg wrote: > > Hi Marco, > > I feel then contradictory this: ... detailed nit-picking of policy proposal deleted ... Jordi, we're past the point where substantive discussion of 2016-04 takes place. That's supposed to stop once a proposal reaches Last Call. I quote from Section 3.2 of the PDP again: At these stages of the process ? i.e. after the WG chair has declared initial consensus or the proposal is in Last Call ? complaints should not be about the policy proposal itself unless there are exceptional extenuating circumstances. ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From gert at space.net Mon Jan 15 14:50:43 2018 From: gert at space.net (Gert Doering) Date: Mon, 15 Jan 2018 14:50:43 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> Message-ID: <20180115135043.GR45648@Space.Net> Hi, On Mon, Jan 15, 2018 at 01:09:27PM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > I agree that is not ???unanimity???, but I don???t think there is consensus on this proposal, and even less I think is fair to extend the review period ???because??? a proposal has been brought in the last minute to another fora, when the chairs already declared ???that we don???t have consensus???. At the end of the original review period, we had three options - withdraw, because no clear support either way from the community - change text, and come up with a new review period - explain that we need more input, and extend the review period especially with the "we did not clear enough guidance", we regularily do this (extending discussion or review periods). Always with a clear explanation why this has been done. > Is this meaning that we will always ???extend??? the PDP timeline *until* we reach consensus? If extending the timeline leads to fruitful discussions that eventually leads to consensus, this is a desirable outcome. > Then, my reading is that EVERY policy proposal can always reach consensus, is just a matter of finding enough folks (or virtual voices) that register into the mailing list and support the proposal vs non-supporters. > > Not sure if you see my point? Well, yes. If an active proposer manages to get enough friends in here, and also finds ways to shut down opposing voices by blackmail, bribery, enough beer, or other ways, then you can get every proposal through. I do not think this accurately reflects the process for 2016-04, though. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From jordi.palet at consulintel.es Mon Jan 15 15:30:04 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 15:30:04 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <20180115135043.GR45648@Space.Net> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <20180115135043.GR45648@Space.Net> Message-ID: <490A9DA9-D7E4-4080-BC9F-682F9E4AFB56@consulintel.es> Hi Gert, Below, in-line. Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Gert Doering Fecha: lunes, 15 de enero de 2018, 14:51 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] what does consensus mean Hi, On Mon, Jan 15, 2018 at 01:09:27PM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > I agree that is not ???unanimity???, but I don???t think there is consensus on this proposal, and even less I think is fair to extend the review period ???because??? a proposal has been brought in the last minute to another fora, when the chairs already declared ???that we don???t have consensus???. At the end of the original review period, we had three options - withdraw, because no clear support either way from the community - change text, and come up with a new review period - explain that we need more input, and extend the review period especially with the "we did not clear enough guidance", we regularily do this (extending discussion or review periods). Always with a clear explanation why this has been done. [Jordi] This is what we have at the PDP, and thus the only way we can do option 3 that you mention above: ?The WG chair can also decide to have the draft RIPE Document edited and start a new Review Phase with a new version of the proposal.? It may be a matter of wording calling it ?extending? or ?new? review phase, but wording matters, and in any case, the document was not edited as the PDP text indicates, neither we had a new version. It seems to me ?mandatory? according to the PDP, as it not says ?optionally?, to edit it and have a new review phase with a ?new version of the proposal?. > Is this meaning that we will always ???extend??? the PDP timeline *until* we reach consensus? If extending the timeline leads to fruitful discussions that eventually leads to consensus, this is a desirable outcome. [Jordi] And totally agree here, but having the PDP followed, which means new version, etc. > Then, my reading is that EVERY policy proposal can always reach consensus, is just a matter of finding enough folks (or virtual voices) that register into the mailing list and support the proposal vs non-supporters. > > Not sure if you see my point? Well, yes. If an active proposer manages to get enough friends in here, and also finds ways to shut down opposing voices by blackmail, bribery, enough beer, or other ways, then you can get every proposal through. I do not think this accurately reflects the process for 2016-04, though. [Jordi] Again, wording matters in a PDP process: ?Max has brought up the topic at DENOG9 last week, to elicit more people into adding input into this discussion - which would be helpful in evaluating (rough) consensus. Thus, we've decided that we will extent the review period by four weeks.? My understanding of ?adding input? is precisely, being able to contribute to a new version as the PDP indicates, however it was just ?yes I support it?, etc. I think our job is to resolve objections whenever we can, so we have a broader consensus. Is not that the goal of ?consensus?? Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From sander at steffann.nl Mon Jan 15 15:57:52 2018 From: sander at steffann.nl (Sander Steffann) Date: Mon, 15 Jan 2018 15:57:52 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> Message-ID: <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> Hi Jordi, > The point is not only the PDP, as I believe we are still on time to correct the policy proposal, which I think is broken and contradicting itself. > > See my last email on the details, and a proposed text to resolve it, which according to the PDP, we can still apply I think We don't make any substantial changes in/after last call. Any "final changes" would be typo's. clearing up language etc. This is not the time to make changes to the core of the policy proposal. And besides: you're not coming up with new arguments. These are the same arguments that you have voiced before. You have been heard in previous phases of the PDP, we seriously considered their merit, extended the review phase (and please stop complaining about not making any textual changes for the extended review phase, as I explained that is the discretion of the working group chairs) to see if there was support for your approach, and reached the conclusion that there wasn't. Your ideas have been heard and seriously considered, but despite that we determined that there is rough consensus to continue with the current version and leave the changes you want for a future policy proposal. In the language of the RFC: we have addressed your objections, but not accommodated them. > , without the need to wait for the concluding phase and then the appeal. No need to wait. You can appeal the decision to declare consensus right now if you think our judgement was wrong. Feel free to do so. I'm confident we made the right decision, but we're human so if you think we made a mistake then let's ask the Working Group Chairs Collective what they decide. As far as I'm concerned reviewing the policy proposal is done. We have rough consensus on the content and have moved to last call. If new objections come up with supporting arguments and they can't be addressed then we will declare lack of consensus at the end of last call. Raising the same objections as before is not going to block consensus in this phase: we already consider those objections addressed. Cheers, Sander From jordi.palet at consulintel.es Mon Jan 15 16:42:49 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 16:42:49 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> Message-ID: <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> Hi Sander, My reading of PDP 2.4 is not that we can?t make changes (which I believe are in the same direction of the proposal, look for my questions below, so no substantial changes, only making sure that we have in the text what we want). My reason to re-raise those now, is because they become evident when you compare the proposed 2.6 change with the policy proposal arguments AND specially the impact analysis, contradictions which for some reason, I didn?t discover before (so disagree with you, those points aren?t the same I raised before, may be similar, but the reason now is the contradictory text), and this seems to be in the scope of PDP 2.4. The author of the proposal and the NCC could confirm their intent: 1) Is the proposal looking for disallowing a /64 ? If so, then the impact analysis is broken and NCC is looking to implement something different than what the proposal is asking for. 2) The proposal clearly is NOT intended for ?permanent? broadband services, but his is NOT stated in the proposed text change. I doubt that the NCC can enforce a policy that don?t have that stated in the policy text. Can the NCC confirm that? 3) I also believe that the policy isn?t pretending to be used in data centers. Can this be clarified? Regarding a possible appeal. The procedure talks about ?unless there are exceptional extenuating circumstances?. I think it is the case for an impact analysis contradicting the proposal. Is up the chairs to decide that, of course and I understand that you may need to wait until the end of the last call to decide on that (this is the reason why I understand that the appeal doesn?t make sense now, unless you have already taken a decision). If you believe is not the case, then, please let me know how to send the appeal to the ?Working Group Chairs Collective (WGCC)?, I guess there is a mailing list for that? Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Sander Steffann Fecha: lunes, 15 de enero de 2018, 15:58 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) Hi Jordi, > The point is not only the PDP, as I believe we are still on time to correct the policy proposal, which I think is broken and contradicting itself. > > See my last email on the details, and a proposed text to resolve it, which according to the PDP, we can still apply I think We don't make any substantial changes in/after last call. Any "final changes" would be typo's. clearing up language etc. This is not the time to make changes to the core of the policy proposal. And besides: you're not coming up with new arguments. These are the same arguments that you have voiced before. You have been heard in previous phases of the PDP, we seriously considered their merit, extended the review phase (and please stop complaining about not making any textual changes for the extended review phase, as I explained that is the discretion of the working group chairs) to see if there was support for your approach, and reached the conclusion that there wasn't. Your ideas have been heard and seriously considered, but despite that we determined that there is rough consensus to continue with the current version and leave the changes you want for a future policy proposal. In the language of the RFC: we have addressed your objections, but not accommodated them. > , without the need to wait for the concluding phase and then the appeal. No need to wait. You can appeal the decision to declare consensus right now if you think our judgement was wrong. Feel free to do so. I'm confident we made the right decision, but we're human so if you think we made a mistake then let's ask the Working Group Chairs Collective what they decide. As far as I'm concerned reviewing the policy proposal is done. We have rough consensus on the content and have moved to last call. If new objections come up with supporting arguments and they can't be addressed then we will declare lack of consensus at the end of last call. Raising the same objections as before is not going to block consensus in this phase: we already consider those objections addressed. Cheers, Sander ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From sander at steffann.nl Mon Jan 15 17:36:50 2018 From: sander at steffann.nl (Sander Steffann) Date: Mon, 15 Jan 2018 17:36:50 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> Message-ID: <51270AAE-1BC7-41B7-9B2B-9D4CDCCB7801@steffann.nl> Hi, > My reading of PDP 2.4 is [..] Please stop being a lawyer. I have told you how we do things in this working group. Please listen to what the chairs are telling you. > My reason to re-raise those now, is because they become evident when you compare the proposed 2.6 change with the policy proposal arguments AND specially the impact analysis, contradictions which for some reason, I didn?t discover before (so disagree with you, those points aren?t the same I raised before, may be similar, but the reason now is the contradictory text), and this seems to be in the scope of PDP 2.4. I think you are mis-interpreting the policy proposal. I see no such contradiction. > The author of the proposal and the NCC could confirm their intent: > 1) Is the proposal looking for disallowing a /64 ? If so, then the impact analysis is broken and NCC is looking to implement something different than what the proposal is asking for. The policy is explicitly not mentioning prefix lengths but clarifying intentions. Delegating a prefix is still not allowed. The NCC explains in the impact analysis that having only a single device/user/etc on a subnet (i.e. RFC8273) is treated the same as having multiple users on a subnet: both are not considered assignments and are therefore permitted. > 2) The proposal clearly is NOT intended for ?permanent? broadband services, but his is NOT stated in the proposed text change. I doubt that the NCC can enforce a policy that don?t have that stated in the policy text. Can the NCC confirm that? The proposal adds a one-paragraph extension to the existing policy to allow connecting devices to a network: "Providing another entity with separate addresses (not prefixes) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. [...and some examples...]". There are more use-cases than you and I can think of, and trying to enumerate which ones are allowed and which ones aren't is bad overengineering. This has been discussed before. And these days it's not viable to provision broadband customers without delegating (DHCPv6-PD) address space to them anyway. > 3) I also believe that the policy isn?t pretending to be used in data centers. Can this be clarified? Where did you get that idea? "connecting a server or appliance to an assignment holder's network" is one of the explicit examples of what is allowed. > Regarding a possible appeal. The procedure talks about ?unless there are exceptional extenuating circumstances?. > > I think it is the case for an impact analysis contradicting the proposal. I think you are reading more into this proposal that what is actually there, and based on that have misinterpreted it. > Is up the chairs to decide that, of course and I understand that you may need to wait until the end of the last call to decide on that (this is the reason why I understand that the appeal doesn?t make sense now, unless you have already taken a decision). You're misunderstanding what we are suggesting you appeal to. We're suggesting you appeal the decision that there was consensus at the end of the review phase and that the proposal was ready to go to last-call. If you don't agree with that decision then you can appeal it. At the end of last-call there will be another decision about whether we have consensus or not, based on the feedback received during last-call. That decision has (of course) not been made yet, but as I said in my previous email I so far haven't seen any reasons that block that consensus *yet*. We'll have to wait for the end of last-call to make a final judgement :) > If you believe is not the case, then, please let me know how to send the appeal to the ?Working Group Chairs Collective (WGCC)?, I guess there is a mailing list for that? Sure: RIPE WG Chairs Cheers, Sander From gert at space.net Mon Jan 15 17:43:08 2018 From: gert at space.net (Gert Doering) Date: Mon, 15 Jan 2018 17:43:08 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> Message-ID: <20180115164308.GT45648@Space.Net> Hi, On Mon, Jan 15, 2018 at 01:49:58PM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > I know Gert and you very well, and I don???t have any doubt that it was not done in a ???malicious??? way, but I think the PDP has not been followed correctly. > > Again, is not a matter of this concrete proposal, is a generic concern on the PDP application. We've been doing this numerous times, and nobody from the community has ever objected to "extending one of the periods to get more discussion going, or more input", or filed a formal appeal based on such procedure. So, please make up your mind what is bothering you - us not following the PDP properly - a policy proposal not to your liking - the PDP as excercised here leading to an outcome not to your liking - your own policy proposal not yet submitted to the machinery, so a somewhat competing (if inferior in your opinion) proposal advancing - the WG chairs beeing bloody idiots (this will change soon anyway) none of this will change our decision, but it would make it more easy to the rest of the readers to understand why you're so angry *right now*, while neither the announcement of the extention nor the voices of support in the four weeks following said announcement seem to have bothered you in the least. Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From gert at space.net Mon Jan 15 17:56:03 2018 From: gert at space.net (Gert Doering) Date: Mon, 15 Jan 2018 17:56:03 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> Message-ID: <20180115165603.GU45648@Space.Net> Hi, On Mon, Jan 15, 2018 at 04:42:49PM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > 2) The proposal clearly is NOT intended for ???permanent??? broadband services, but his is NOT stated in the proposed text change. I doubt that the NCC can enforce a policy that don???t have that stated in the policy text. Can the NCC confirm that? This has been brought up a few times over the lifetime of this policy proposal (by me and by Max at least) and it has also been answered a few times. As far as I can see, all other comments relating to this issue said "this point was relevant 10 years ago when the IPv6 PI policy was made, but it is no longer relevant today, with people opening new LIRs every day, to get IPv4 address space, so they can get IPv6 allocations (/29!) without extra costs(*) - and since there are enough ISPs today that do the right thing, customers have a choice if one of them tries to play a single-address-from-PI trick" We might be wrong. But enough people "back then" have also said we should have never done IPv6 PI, and we still deviced that the possible benefit outweighs the possible drawbacks ("the routing table will explode"). Without the occasional risk or mistake, there is standstill, which has its own set of risks and might be a mistake... (*) let me emphasize that: in the RIPE region, you pay a single membership fee, if you are a LIR. So whether you request a /29 IPv6 or not will not make a financial difference - so the monetary incentive to "get a /48 PI and run your ISP with that" is just not there if you already are a RIPE member for the IPv4... - I know ARIN is different, with paying for every chunk you receive, and paying more for larger sizes. No idea how LACNIC fees are structured. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From jordi.palet at consulintel.es Mon Jan 15 17:59:22 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 17:59:22 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <51270AAE-1BC7-41B7-9B2B-9D4CDCCB7801@steffann.nl> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> <51270AAE-1BC7-41B7-9B2B-9D4CDCCB7801@steffann.nl> Message-ID: <25FD8AA8-E166-4D1F-9ACD-EB1F9C60679F@consulintel.es> Below, in-line. Saludos, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Sander Steffann Fecha: lunes, 15 de enero de 2018, 17:37 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) Hi, > My reading of PDP 2.4 is [..] Please stop being a lawyer. I have told you how we do things in this working group. Please listen to what the chairs are telling you. > My reason to re-raise those now, is because they become evident when you compare the proposed 2.6 change with the policy proposal arguments AND specially the impact analysis, contradictions which for some reason, I didn?t discover before (so disagree with you, those points aren?t the same I raised before, may be similar, but the reason now is the contradictory text), and this seems to be in the scope of PDP 2.4. I think you are mis-interpreting the policy proposal. I see no such contradiction. > The author of the proposal and the NCC could confirm their intent: > 1) Is the proposal looking for disallowing a /64 ? If so, then the impact analysis is broken and NCC is looking to implement something different than what the proposal is asking for. The policy is explicitly not mentioning prefix lengths but clarifying intentions. Delegating a prefix is still not allowed. The NCC explains in the impact analysis that having only a single device/user/etc on a subnet (i.e. RFC8273) is treated the same as having multiple users on a subnet: both are not considered assignments and are therefore permitted. [Jordi] I think we are in-sync, but your response clearly demonstrates that there is a need for clarifying the text. -> Policy proposal ?Providing another entity with separate addresses (not prefixes)? -> a /64 is a prefix > 2) The proposal clearly is NOT intended for ?permanent? broadband services, but his is NOT stated in the proposed text change. I doubt that the NCC can enforce a policy that don?t have that stated in the policy text. Can the NCC confirm that? The proposal adds a one-paragraph extension to the existing policy to allow connecting devices to a network: "Providing another entity with separate addresses (not prefixes) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. [...and some examples...]". There are more use-cases than you and I can think of, and trying to enumerate which ones are allowed and which ones aren't is bad overengineering. This has been discussed before. And these days it's not viable to provision broadband customers without delegating (DHCPv6-PD) address space to them anyway. [Jordi] Again, we are in-sync, but I don?t agree that DHCPv6-PD is the only way, and the actual proposal text doesn?t state it, even if the argument of the proposal explain it. Can the NCC confirm if they apply the policy text or the ?arguments? of the policy proposal? I think it is the policy text, so we are missing something. > 3) I also believe that the policy isn?t pretending to be used in data centers. Can this be clarified? Where did you get that idea? "connecting a server or appliance to an assignment holder's network" is one of the explicit examples of what is allowed. [Jordi] I fully understand that text, but still think that is not the same if I run a host/server in a hotspot, with many VMs, using RFC8273 or DHCPv6-PD or a manual or proprietary mechanisms, which I fully understand within the intent of the policy (and I agree), vs running a complete data center (which typically is using non-temporary addresses/prefixes). Again, I think it may be clear in the argument of the proposal, but not in the policy text. Which one is used by NCC to evaluate a request? > Regarding a possible appeal. The procedure talks about ?unless there are exceptional extenuating circumstances?. > > I think it is the case for an impact analysis contradicting the proposal. I think you are reading more into this proposal that what is actually there, and based on that have misinterpreted it. > Is up the chairs to decide that, of course and I understand that you may need to wait until the end of the last call to decide on that (this is the reason why I understand that the appeal doesn?t make sense now, unless you have already taken a decision). You're misunderstanding what we are suggesting you appeal to. We're suggesting you appeal the decision that there was consensus at the end of the review phase and that the proposal was ready to go to last-call. If you don't agree with that decision then you can appeal it. At the end of last-call there will be another decision about whether we have consensus or not, based on the feedback received during last-call. That decision has (of course) not been made yet, but as I said in my previous email I so far haven't seen any reasons that block that consensus *yet*. We'll have to wait for the end of last-call to make a final judgement :) [Jordi] Believe me, I?m not interested in appealing, I?m interested in reaching consensus on a text that is coherent. My reading of the actual situation is that even if it may look that we have consensus, when you re-read everything and put it together towards implementing the policy, it doesn?t work. The text is not concrete enough so to be enforced in the evaluation (again, unless the NCC read the arguments and not the policy text). > If you believe is not the case, then, please let me know how to send the appeal to the ?Working Group Chairs Collective (WGCC)?, I guess there is a mailing list for that? Sure: RIPE WG Chairs Cheers, Sander ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jordi.palet at consulintel.es Mon Jan 15 18:06:11 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 18:06:11 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <20180115164308.GT45648@Space.Net> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <20180115164308.GT45648@Space.Net> Message-ID: <3ECCF1DF-8E8C-42DB-B71C-33F7C32B03A2@consulintel.es> Below, in-line. Saludos, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Gert Doering Fecha: lunes, 15 de enero de 2018, 17:43 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) Hi, On Mon, Jan 15, 2018 at 01:49:58PM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > I know Gert and you very well, and I don???t have any doubt that it was not done in a ???malicious??? way, but I think the PDP has not been followed correctly. > > Again, is not a matter of this concrete proposal, is a generic concern on the PDP application. We've been doing this numerous times, and nobody from the community has ever objected to "extending one of the periods to get more discussion going, or more input", or filed a formal appeal based on such procedure. [Jordi] For more than you do the things millions of times, if they are broken one once you realize it, that doesn?t excuse following the procedure one the mistake has been discovered or alternatively, clarifying the procedure. So, please make up your mind what is bothering you - us not following the PDP properly - a policy proposal not to your liking - the PDP as excercised here leading to an outcome not to your liking - your own policy proposal not yet submitted to the machinery, so a somewhat competing (if inferior in your opinion) proposal advancing - the WG chairs beeing bloody idiots (this will change soon anyway) none of this will change our decision, but it would make it more easy to the rest of the readers to understand why you're so angry *right now*, while neither the announcement of the extention nor the voices of support in the four weeks following said announcement seem to have bothered you in the least. [Jordi] I?m not angry at all, I just realized now that the text is not consistent. I think it has been clear in my previous email to Sander. I think now is clear that we all have the same view, but the text don?t look correct to me, unless the NCC don?t care and in the evaluation they will read the arguments of the policy proposal, which I believe are confirming what I?m saying (trying to summarize: up to /64, temporary, not for broadband, not for ?permanent? datacenter services). Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From max at rfc2324.org Mon Jan 15 18:23:42 2018 From: max at rfc2324.org (Maximilian Wilhelm) Date: Mon, 15 Jan 2018 18:23:42 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <3ECCF1DF-8E8C-42DB-B71C-33F7C32B03A2@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <20180115164308.GT45648@Space.Net> <3ECCF1DF-8E8C-42DB-B71C-33F7C32B03A2@consulintel.es> Message-ID: <20180115172342.GB2743@principal.rfc2324.org> Anno domini 2018 JORDI PALET MARTINEZ via address-policy-wg scripsit: Hi Jordi, > none of this will change our decision, but it would make it more easy > to the rest of the readers to understand why you're so angry *right now*, > while neither the announcement of the extention nor the voices of support > in the four weeks following said announcement seem to have bothered you > in the least. > > [Jordi] I?m not angry at all, I just realized now that the text is not consistent. I think it has been clear in my previous email to Sander. I think now is clear that we all have the same view, but the text don?t look correct to me, unless the NCC don?t care and in the evaluation they will read the arguments of the policy proposal, which I believe are confirming what I?m saying (trying to summarize: up to /64, temporary, not for broadband, not for ?permanent? datacenter services). As said before somewhere (I'm not sure wether on a RIPE meeting or here on the list), the RS folks said, that they use the proposal text as well as the summary/rationale as guidance what is allowed and what isn't. Maybe Ingrid, Andrea, Marco, * from the NCC can comment on that? So to quote the proposal summary (last paragraph): --snip-- Intended use cases for IPv6 PI space in the spirit of this policy proposal are the use in (public) WIFI networks (like the WIFI at RIPE meetings), as transfer networks on PNIs or other PTP-links/VPNs to users or customers, or for housing/hosting for servers in data centres. The use of IPv6 PI space for DSL/cable/FFTH/etc. subscribers is explicitly not an intended use case for this policy proposal. --snip-- That's quite clear IMHO (and does not fully match with your summary). The obvious and long discussed goal of this whole thing still is to make PI space useable again for "the little guy", community projects, etc. As you well know the motivation to do so has risen with public WIFI networks + SLAAC in mind, but any other means of address assignment to clients (as you mentioned and the IA states) are OK as well. This is the RIPE AP, it should not mention technical details which are subject to change anyway. Best Max -- "Does is bother me, that people hurt others, because they are to weak to face the truth? Yeah. Sorry 'bout that." -- Thirteen, House M.D. From jordi.palet at consulintel.es Mon Jan 15 18:39:42 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 18:39:42 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <20180115172342.GB2743@principal.rfc2324.org> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <20180115164308.GT45648@Space.Net> <3ECCF1DF-8E8C-42DB-B71C-33F7C32B03A2@consulintel.es> <20180115172342.GB2743@principal.rfc2324.org> Message-ID: <07901466-7B21-49DB-AF4C-0764E2BBF281@consulintel.es> Hi Max, Thanks a lot for responding. To make it short. I think we fully agree on the goals of the policy proposal and your inputs below, however, unless I?m plain wrong, the NCC mandate is to follow the policy text, especially if there is some contradiction with the arguments, impact analysis, etc. And this is what I saw here (and unfortunately, I discovered only today, because before I missed comparing the 3 pieces). My reading has been always only in the policy text. If that?s what it is to be enforced, I think is insufficient to comply with the arguments and impact analysis. If is otherwise, then I agree. Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Maximilian Wilhelm Fecha: lunes, 15 de enero de 2018, 18:24 Para: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) Anno domini 2018 JORDI PALET MARTINEZ via address-policy-wg scripsit: Hi Jordi, > none of this will change our decision, but it would make it more easy > to the rest of the readers to understand why you're so angry *right now*, > while neither the announcement of the extention nor the voices of support > in the four weeks following said announcement seem to have bothered you > in the least. > > [Jordi] I?m not angry at all, I just realized now that the text is not consistent. I think it has been clear in my previous email to Sander. I think now is clear that we all have the same view, but the text don?t look correct to me, unless the NCC don?t care and in the evaluation they will read the arguments of the policy proposal, which I believe are confirming what I?m saying (trying to summarize: up to /64, temporary, not for broadband, not for ?permanent? datacenter services). As said before somewhere (I'm not sure wether on a RIPE meeting or here on the list), the RS folks said, that they use the proposal text as well as the summary/rationale as guidance what is allowed and what isn't. Maybe Ingrid, Andrea, Marco, * from the NCC can comment on that? So to quote the proposal summary (last paragraph): --snip-- Intended use cases for IPv6 PI space in the spirit of this policy proposal are the use in (public) WIFI networks (like the WIFI at RIPE meetings), as transfer networks on PNIs or other PTP-links/VPNs to users or customers, or for housing/hosting for servers in data centres. The use of IPv6 PI space for DSL/cable/FFTH/etc. subscribers is explicitly not an intended use case for this policy proposal. --snip-- That's quite clear IMHO (and does not fully match with your summary). The obvious and long discussed goal of this whole thing still is to make PI space useable again for "the little guy", community projects, etc. As you well know the motivation to do so has risen with public WIFI networks + SLAAC in mind, but any other means of address assignment to clients (as you mentioned and the IA states) are OK as well. This is the RIPE AP, it should not mention technical details which are subject to change anyway. Best Max -- "Does is bother me, that people hurt others, because they are to weak to face the truth? Yeah. Sorry 'bout that." -- Thirteen, House M.D. ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From sander at steffann.nl Mon Jan 15 18:46:04 2018 From: sander at steffann.nl (Sander Steffann) Date: Mon, 15 Jan 2018 18:46:04 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <25FD8AA8-E166-4D1F-9ACD-EB1F9C60679F@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> <51270AAE-1BC7-41B7-9B2B-9D4CDCCB7801@steffann.nl> <25FD8AA8-E166-4D1F-9ACD-EB1F9C60679F@consulintel.es> Message-ID: <47093BCE-904E-403A-A10E-BF9E496D2352@steffann.nl> Hi Jordi, > [Jordi] I think we are in-sync, but your response clearly demonstrates that there is a need for clarifying the text. > -> Policy proposal ?Providing another entity with separate addresses (not prefixes)? > -> a /64 is a prefix Technically, because the router is the PI holder's, you're not delegating a /64. You're allowing a customer to do i.e. SLAAC on a /64 of the PI holder. And Max is correct: when in doubt the RIPE NCC will check the rationale behind a policy proposal to make decisions, and they have clearly and explicitly stated that this is how they will interpret and implement it. Therefore there is no discrepancy between the text and the impact. > The text is not concrete enough so to be enforced in the evaluation (again, unless the NCC read the arguments and not the policy text). The NCC reads both. This has explicitly been discussed before, and both the NCC and the working group confirmed that we don't want policy text that is too specific because reality is more complex than policy, and if we would try to make the policy complexity match that of reality then we would end up with horrible policy. The community has agreed not to micro-manage the NCC, and the NCC has promised to apply common sense when implementing policy. We also have a dedicated slot in the working group session where the NCC gives feedback on how things are going, where they have encountered any issues and where reality has changed so much that maybe the working group might want to look into changing policy. There have been many cycles of micromanaging the NCC to writing vague policy and letting the NCC sort out the details. In both cases the NCC was blamed for everything. After many years of hard work we have reached a balance where the working group and the NCC work together to make policy that is one the one hand giving guidance to the NCC about what the community wants, but also leaves some room for the NCC (along with the accompanying responsibility) to adapt to changes and to apply some common sense. Other organisations in the internet constellation have moved to a more legalese mindset, but I think as the RIPE community we are proud that we have evolved enough that we don't need that anymore and can actually work together pleasantly without setting everything in stone. Cheers, Sander From jordi.palet at consulintel.es Mon Jan 15 18:58:37 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 18:58:37 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <47093BCE-904E-403A-A10E-BF9E496D2352@steffann.nl> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> <51270AAE-1BC7-41B7-9B2B-9D4CDCCB7801@steffann.nl> <25FD8AA8-E166-4D1F-9ACD-EB1F9C60679F@consulintel.es> <47093BCE-904E-403A-A10E-BF9E496D2352@steffann.nl> Message-ID: <12763A05-ED0B-4D72-94F7-C9A71B6BEA2A@consulintel.es> Understood, even do, I will love to heard that from the NCC, because the disadvantage is that then to interpret the policy text, you need to read ?all? the policy proposals, which I don?t think is very nice or useful. Despite that, I still believe that my proposed text (or something a bit lighter, in the middle) is not changing the proposal goal, so not changing the consensus ?status?, neither doing the ?micro-management? that you mention, so it is acceptable as last call changes, of course if Max agree. The benefit is that then it is very clear what we are looking for and a newcomer don?t need to look for the policy proposal, just read the policy text. Here is again the text already lighter: ?Providing another entity with separate addresses (up to /64) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. This includes for example, letting visitors and/or employees (BYOD) connect to the assignment holder's network, connecting a server or appliance to an assignment holder's network and setting up point-to-point links with 3rd parties.? To make it easy to compare, this is the existing proposal text: ?Providing another entity with separate addresses (not prefixes) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. This includes for example letting visitors connect to the assignment holder's network, connecting a server or appliance to an assignment holder's network and setting up point-?to-point links with 3rd parties.? Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Sander Steffann Fecha: lunes, 15 de enero de 2018, 18:46 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) Hi Jordi, > [Jordi] I think we are in-sync, but your response clearly demonstrates that there is a need for clarifying the text. > -> Policy proposal ?Providing another entity with separate addresses (not prefixes)? > -> a /64 is a prefix Technically, because the router is the PI holder's, you're not delegating a /64. You're allowing a customer to do i.e. SLAAC on a /64 of the PI holder. And Max is correct: when in doubt the RIPE NCC will check the rationale behind a policy proposal to make decisions, and they have clearly and explicitly stated that this is how they will interpret and implement it. Therefore there is no discrepancy between the text and the impact. > The text is not concrete enough so to be enforced in the evaluation (again, unless the NCC read the arguments and not the policy text). The NCC reads both. This has explicitly been discussed before, and both the NCC and the working group confirmed that we don't want policy text that is too specific because reality is more complex than policy, and if we would try to make the policy complexity match that of reality then we would end up with horrible policy. The community has agreed not to micro-manage the NCC, and the NCC has promised to apply common sense when implementing policy. We also have a dedicated slot in the working group session where the NCC gives feedback on how things are going, where they have encountered any issues and where reality has changed so much that maybe the working group might want to look into changing policy. There have been many cycles of micromanaging the NCC to writing vague policy and letting the NCC sort out the details. In both cases the NCC was blamed for everything. After many years of hard work we have reached a balance where the working group and the NCC work together to make policy that is one the one hand giving guidance to the NCC about what the community wants, but also leaves some room for the NCC (along with the accompanying responsibility) to adapt to changes and to apply some common sense. Other organisations in the internet constellation have moved to a more legalese mindset, but I think as the RIPE community we are proud that we have evolved enough that we don't need that anymore and can actually work together pleasantly without setting everything in stone. Cheers, Sander ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From sander at steffann.nl Mon Jan 15 22:10:55 2018 From: sander at steffann.nl (Sander Steffann) Date: Mon, 15 Jan 2018 22:10:55 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <12763A05-ED0B-4D72-94F7-C9A71B6BEA2A@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> <51270AAE-1BC7-41B7-9B2B-9D4CDCCB7801@steffann.nl> <25FD8AA8-E166-4D1F-9ACD-EB1F9C60679F@consulintel.es> <47093BCE-904E-403A-A10E-BF9E496D2352@steffann.nl> <12763A05-ED0B-4D72-94F7-C9A71B6BEA2A@consulintel.es> Message-ID: <54EB4C50-96ED-4944-89A9-3903463A1C63@steffann.nl> Hi Jordi, > ?Providing another entity with separate addresses (up to /64) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. This includes for example, letting visitors and/or employees (BYOD) connect to the assignment holder's network, connecting a server or appliance to an assignment holder's network and setting up point-to-point links with 3rd parties.? An explicit choice was made in this version that specifying fixed boundaries (like a /64) should be avoided to avoid dependencies on specific technology. Please compare version 1 and version 2 of this proposal. Your suggested change would therefore be a partial reversion to a version that didn't have consensus, which would not be appropriate at this point in the process. Cheers, Sander From jordi.palet at consulintel.es Mon Jan 15 23:31:31 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Mon, 15 Jan 2018 23:31:31 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <54EB4C50-96ED-4944-89A9-3903463A1C63@steffann.nl> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> <51270AAE-1BC7-41B7-9B2B-9D4CDCCB7801@steffann.nl> <25FD8AA8-E166-4D1F-9ACD-EB1F9C60679F@consulintel.es> <47093BCE-904E-403A-A10E-BF9E496D2352@steffann.nl> <12763A05-ED0B-4D72-94F7-C9A71B6BEA2A@consulintel.es> <54EB4C50-96ED-4944-89A9-3903463A1C63@steffann.nl> Message-ID: <0006E426-93CC-4C27-BCDB-9E3B2378CC56@consulintel.es> What I?m trying to avoid is what I read as a contradiction among the policy text, the argumentation and the impact analysis, so I don?t really care about a fix number and I agree to let ?it free? to avoid technology issues. According to that, I guess this may work: ?Providing another entity with separate addresses (or a complete single prefix) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. This includes for example, letting visitors and/or employees (BYOD) connect to the assignment holder's network, connecting a server or appliance to an assignment holder's network and setting up point-to-point links with 3rd parties.? The point is to avoid ?(not prefixes)?, because I think not prefixes also excludes a single prefix. Another alternative (I think is easier to understand the previous one, but just in case): ?Providing another entity with separate addresses (not multiple prefixes) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. This includes for example, letting visitors and/or employees (BYOD) connect to the assignment holder's network, connecting a server or appliance to an assignment holder's network and setting up point-to-point links with 3rd parties.? Saludos, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Sander Steffann Fecha: lunes, 15 de enero de 2018, 22:11 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) Hi Jordi, > ?Providing another entity with separate addresses (up to /64) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment. This includes for example, letting visitors and/or employees (BYOD) connect to the assignment holder's network, connecting a server or appliance to an assignment holder's network and setting up point-to-point links with 3rd parties.? An explicit choice was made in this version that specifying fixed boundaries (like a /64) should be avoided to avoid dependencies on specific technology. Please compare version 1 and version 2 of this proposal. Your suggested change would therefore be a partial reversion to a version that didn't have consensus, which would not be appropriate at this point in the process. Cheers, Sander ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From wusel+ml at uu.org Tue Jan 16 03:52:43 2018 From: wusel+ml at uu.org (Kai 'wusel' Siering) Date: Tue, 16 Jan 2018 03:52:43 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <47093BCE-904E-403A-A10E-BF9E496D2352@steffann.nl> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <5A5C8DBA.5000200@foobar.org> <0D73ED73-84D2-4FCA-80CE-7CCC1DDC194D@consulintel.es> <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> <51270AAE-1BC7-41B7-9B2B-9D4CDCCB7801@steffann.nl> <25FD8AA8-E166-4D1F-9ACD-EB1F9C60679F@consulintel.es> <47093BCE-904E-403A-A10E-BF9E496D2352@steffann.nl> Message-ID: <5d47d209-e747-1b9a-cc1e-fb0af40248cc@uu.org> tl;dr: 2016-04 adds ambiguity and uncertainty to the policy text, is micro-managing the NCC against common intent and paves the way to use cases, according to RIPE NCC's Impact Analysis, the initial wording was trying to keep out. Hi Sander, >> [Jordi] I think we are in-sync, but your response clearly demonstrates that there is a need for clarifying the text. >> -> Policy proposal ?Providing another entity with separate addresses (not prefixes)? >> -> a /64 is a prefix > > Technically, because the router is the PI holder's, you're not delegating a /64. You're allowing a customer to do i.e. SLAAC on a /64 of the PI holder. and there we are again (besides, it's about (sub-) assigning, not delegating, v6 addresses). 2016-04 started because of the RIPE NCC started to take the view that ?/a single DHCP lease//on wifi is a "subassignment" to another entity/? [1], or, more precisely [2]: ?/As an example, some Freifunk Communities in Germany have been had their PI request declined because some 1-digit-number of subnets would have been used as IPv6 prefixes on public WIFIs. This usage of the IP space in the End User?s infrastructure has been interpreted as a sub-assignment of a /128 prefix. This would have been "assigned" to a user device of the public WIFI network as the device would get an IP address via SLAAC (or any other means for that matter).//This interpretation seems rather extreme and history shows that it's not even shared by every member of the RIPE NCC./? I've learned that ? > when in doubt the RIPE NCC will check the rationale behind a policy proposal to make decisions ? but if the RIPE NCC does read the rationale behind a policy proposal, why is there a need adding more ambiguos text to an already rather clear policy? Adding more text to the policy on what is _not_ supposed to be a sub-assignment than there is already for the definition of what an assignment _is_ is not really helping things. The more specific the text, the more problems you'll end up with, as can be seen in Monday's exchange already. On the grounds of ? > The NCC reads both. This has explicitly been discussed before, and both the NCC and the working group confirmed that we don't want policy text that is too specific because reality is more complex than policy, and if we would try to make the policy complexity match that of reality then we would end up with horrible policy. ? 2016-04 heads in this (?horrible policy?) direction: ?Providing another entity with separate addresses (not prefixes) from a subnet used on a link operated by the assignment holder is not considered a sub-assignment.? By definition [3], any /128 is a prefix, thus ?addresses (not prefixes)? contradicts itself. Therefore, by trying to clarify things, 2016-04 with the current wording just creates more ambiguity and uncertainty. (Next stop would be the question if a leased line is a "link operated by" oneself or the company one ordered it from.) "Please stop being a lawyer." Sorry, I didn't start this nit-picking. To me, common sense ? and the /current/ policy's definition of "assign" ? clearly shows that having a visitor's device pick an IPv6 address off my guest WiFi is *not* a (sub-) assignment by words nor spirit of the current policy. > The community has agreed not to micro-manage the NCC, and the NCC has promised to apply common sense when implementing policy. If so, why did we end up here? There is the RIPE NCC happily violating their own rules continuously (most/all(?) RIPE Meetings since roughly a decade), in ? by their definition ? sub-assigning their PIv6 space ? and at the same time denying this to others when requesting new PIv6 space, ?because of policy?. I think Gert D?ring was a too lazy on summarizing my concerns as "we do not need this, the NCC is interpreting the policy all wrong"; there's something seriously wrong when a policy is implemented randomly. Any policy, anywhere. Especially when the administrator imposes random (that is: not covered by the policy) restrictions on adress space request applications, which the administrator itself is not adhering to for itself. So, while this sounds like RIPE NCC bashing, that's not my intend; but if the RIPE NCC just needs a statement that "WiFi is permitted use for PIv6", why can't we agreed /on this, here/, and tell the RIPE NCC? > There have been many cycles of micromanaging the NCC to writing vague policy and letting the NCC sort out the details. In both cases the NCC was blamed for everything. But this is not the case here. Current policy, https://www.ripe.net/publications/docs/ripe-684, /is/ cristal clear already: > 2.6. Assign > > To ?assign? means to delegate address space to an ISP or End User for specific use within the Internet infrastructure they operate. Assignments must only be made for specific purposes documented by specific organisations and are not to be sub-assigned to other parties. > > [?] > > 7. IPv6 Provider Independent (PI) Assignments > > To qualify for IPv6 PI address space, an organisation must meet the requirements of the policies described in the RIPE NCC document entitled ?Contractual Requirements for Provider Independent Resources Holders in the RIPE NCC Service Region?. > > [?] > > The PI assignment cannot be further assigned to other organisations. The Wifi case (and that's all I care about, as that's the driver for 2016-04) is simply solved, since nothing is assigned or delegated here anyway: RA announces a prefix, the devices pick some rather random IPs. And this access point is part of the resource holder's infrastructure, there are no "other parties" involved. An iOS or Android device is no "Internet infrastructure [the End User] operate[s]"; it's a client device, not infrastructure. Case over. To me at least, that's "common sense". "A single DHCP lease on wifi is a 'subassignment' to another entity" is not. > After many years of hard work we have reached a balance where the working group and the NCC work together to make policy that is one the one hand giving guidance to the NCC about what the community wants, but also leaves some room for the NCC (along with the accompanying responsibility) to adapt to changes and to apply some common sense. So, what went wrong there in the first place ([1], [2])? Why is the RIPE NCC "suddenly" applying odd interpretations to new PIv6 applications, while at the same time not adhering to those interpretations for their own use of their PIv6 space? > Other organisations in the internet constellation have moved to a more legalese mindset, but I think as the RIPE community we are proud that we have evolved enough that we don't need that anymore and can actually work together pleasantly without setting everything in stone. I totally agree. So, why do we even consider 2016-04, which is adding more legalese to a policy that, with common sense applied, does not need any fixing? (On the impact analysis, this might be more a PDP-related issue, but anyway: why is there a ?RIPE NCC's Understanding of the Proposed Policy? but no ?RIPE NCC's Understanding of the Current Policy?? And on ?it is the RIPE NCCs understanding that assignments as described above are dynamic in nature, either by varying the prefix or interface identifier (IID) over time?: Is 3 years still ?dynamic?? ?Any permanent and static assignments of a prefix would still be considered a sub-assignment as per clause 2.6, ?Assign? of the IPv6 address allocation and assignment policy. Consequently the RIPE NCC will not provide IPv6 PI assignments for such deployment plans.? Well, the proposed clause 2.6 already forbids ?providing another entity with [?] prefixes [?]?. Yes, wording /is/ important on policy documents; commentary isn't read by the applicant.) And with legalese added comes new uses (see Impact Analysis): ?If this proposal is accepted, it is the RIPE NCC?s understanding that for an IPv6 assignment, the provision of separate addresses to customers of the assignment holder will not be considered a sub-assignment. [?] The RIPE NCC will consider [?] in line with this policy and not a sub-assignment as long as the subnet size does not exceed a /64. [?] Further it is possible that, despite the intention of the proposer, broadband providers will request and receive IPv6 PI assignments as long they comply with the requirement to only provide separate addresses to customers.? Therefore, in order to fix an odd RIPE NCC interpretation regarding WiFi-on-PIv6, much broader use cases for PIv6 will be opened by 2016-04. ?To use an extreme example, even a broadband provider with millions of customers would qualify for an IPv6 PI assignment as long as he would follow the policy requirements.? Thus, in a nutshell, I'm still against 2016-04, as it addresses a non-issue (with common-sense applied at least) and opens the box of pandora without any need at all (see Impact Analysis on 2016-04). Regards, -kai [1] https://www.ripe.net/ripe/mail/archives/address-policy-wg/2016-October/011838.html [2] https://www.ripe.net/participate/policies/proposals/2016-04/?version=1 [3] https://tools.ietf.org/html/rfc4291#section-2.3 -------------- next part -------------- An HTML attachment was scrubbed... URL: From jim at rfc1035.com Tue Jan 16 11:02:10 2018 From: jim at rfc1035.com (Jim Reid) Date: Tue, 16 Jan 2018 10:02:10 +0000 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> Message-ID: <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> > On 15 Jan 2018, at 12:09, JORDI PALET MARTINEZ via address-policy-wg wrote: > > Then, my reading is that EVERY policy proposal can always reach consensus, is just a matter of finding enough folks (or virtual voices) that register into the mailing list and support the proposal vs non-supporters. > > Not sure if you see my point? That's very true. I don't even understand what point you're trying to make. :-) Your reading/understanding of the PDP is flawed Jordi. RIPE642 explicitly says a proposal may not reach consensus. Or even get to a point where a consensus decision needs to be taken. So it's simply wrong to say every proposal can always reach consensus. Common sense should tell you that too. You should also be aware that we've had policy proposals which have died one way or another. They didn't reach consensus. QED. And yes, in theory it's possible for a charlatan to "stack the deck" by having their (ficticious) friends express support for a proposal. [That's an unwelcome side effect of having an open community with no membership/eligibility criteria.] This is where the sound judgement of the WG's chair comes in. They should be able to detect these kinds of manipulations and take appropriate action. There are further checks and balances too. The appeals procedure mean a dodgy consensus determination can be scrutinised by the WGCC and the RIPE chairman. From jordi.palet at consulintel.es Tue Jan 16 11:40:28 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Tue, 16 Jan 2018 11:40:28 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> Message-ID: Hi Jim, I think the flaw is in the PDP or the way we are using it. Maybe we have done a ?lazy? interpretation at some point, and then we get used to it (so, it is not a chairs issue, is a community one). Please, forget for a minute about this policy proposal and seriously consider two questions: 1) When you believe you agree with a policy proposal and declare it to the list (so chairs can measure consensus), do you ?agree? only with the ?policy text? or with the arguments written down in the policy proposal, or with the NCC interpretation (impact analysis), or all of them? 2) What if the text in those 3 pieces are presenting contradictions or can be easily be interpreted in different ways? Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Jim Reid Fecha: martes, 16 de enero de 2018, 11:02 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] what does consensus mean > On 15 Jan 2018, at 12:09, JORDI PALET MARTINEZ via address-policy-wg wrote: > > Then, my reading is that EVERY policy proposal can always reach consensus, is just a matter of finding enough folks (or virtual voices) that register into the mailing list and support the proposal vs non-supporters. > > Not sure if you see my point? That's very true. I don't even understand what point you're trying to make. :-) Your reading/understanding of the PDP is flawed Jordi. RIPE642 explicitly says a proposal may not reach consensus. Or even get to a point where a consensus decision needs to be taken. So it's simply wrong to say every proposal can always reach consensus. Common sense should tell you that too. You should also be aware that we've had policy proposals which have died one way or another. They didn't reach consensus. QED. And yes, in theory it's possible for a charlatan to "stack the deck" by having their (ficticious) friends express support for a proposal. [That's an unwelcome side effect of having an open community with no membership/eligibility criteria.] This is where the sound judgement of the WG's chair comes in. They should be able to detect these kinds of manipulations and take appropriate action. There are further checks and balances too. The appeals procedure mean a dodgy consensus determination can be scrutinised by the WGCC and the RIPE chairman. ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From frettled at gmail.com Tue Jan 16 11:54:23 2018 From: frettled at gmail.com (Jan Ingvoldstad) Date: Tue, 16 Jan 2018 11:54:23 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> Message-ID: On Tue, Jan 16, 2018 at 11:40 AM, JORDI PALET MARTINEZ via address-policy-wg wrote: > 1) When you believe you agree with a policy proposal and declare it to the list (so chairs can measure consensus), do you ?agree? only with the ?policy text? or with the arguments written down in the policy proposal, or with the NCC interpretation (impact analysis), or all of them? Obviously, if I state only that I agree, I agree that the policy proposal as written is acceptable, and should be implemented, in light of whatever arguments and analysis have been made. > 2) What if the text in those 3 pieces are presenting contradictions or can be easily be interpreted in different ways? In that case, I have probably not seen the contradictions, or don't think that they are contradictions. -- Jan From malcolm at linx.net Tue Jan 16 12:11:21 2018 From: malcolm at linx.net (Malcolm Hutty) Date: Tue, 16 Jan 2018 11:11:21 +0000 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> Message-ID: <1aa4bad8-595c-de24-6f3b-688b0bb7e824@linx.net> On 16/01/2018 10:02, Jim Reid wrote: > And yes, in theory it's possible for a charlatan to "stack the deck" by having their (ficticious) friends express support for a proposal. Actually, if "rough consensus" is applied properly (and you could criticise what I'm about to say by saying is overly theoretical), I don't think stacking the audience with supporters does achieve rough consensus. Rough consensus should never be about counting noses. That's because I don't think that "rough consensus" is primarily about how many supporters a proposal has, I think it's about primarily about the nature and quality of the objection. If there are no objections, that's unanimous approval, which is a subset of rough consensus. If there are objections, the number of objections isn't a first order concern (although that can be a signal of something else). If the objections are recognised as being serious, valid concerns that haven't been properly addressed, then the Chairs should find that "rough consensus" has not yet been achieved. And it shouldn't really matter how few people object, except insofar as a signal (if nobody has been persuaded, why is that? Perhaps this signals an underlying flaw in the objection, that allows it to be legitimately discarded). If the only objections are invalid (e.g. out of scope) or have been properly addressed, then it is possible to find a rough consensus notwithstanding that some (or even many) people still have (invalid) objections or aren't willing to accept that their point has been dealt with. In the present case, Sander wrote: > Short summary: > - a problem was discovered in the IPv6 policy > - we see consensus that this policy proposal solves that problem > - we recognise that you would like an even better solution > - and we'll happily work with you to achieve that! > - but because this proposal solves the original problem we don't want to delay it To me, that reads as an admirably clear and succinct explanation in the category "we've dealt with your objection, now we're moving on". Of course, what constitutes an "invalid" objection is hard to describe and extremely difficult to define completely, perhaps not even possible. But I'm sure we can all think of examples. Here's one: "I don't think this policy should be approved because RIPE has no legitimate authority to make policy; that is the purview of governments" would, IMO, be an invalid objection, on the grounds that the central question it poses (does RIPE has legitimate policy-making authority?) is out of scope for a discussion about whether X should be approved (possibly on other, more complicated grounds too). If someone packed the floor / mailing list, with hundreds of people who agreed with that proposition, I think the proper course of action for a APWG Chair would be to ignore all of them. There's a time and a place for that kind of discussion. During a PDP is not it. This does invest an awful lot of responsibility in the WG Chairs (or, for matters considered by the community as a whole, the RIPE Chair), to discern and discriminate between a valid of objection and an invalid one. It is requires a lot of rather subjective judgement, not on the matter at hand, but on the nature of the discussion and our community and its purpose and values and what we consider a legitimate frame of discussion. While I happen to think that having a conversation that attempts to broaden a common understanding of the kinds of things that Chairs ought to consider invalid objections would be beneficial, not least for the WG Chairs and especially future Chairs, this can only be a discussion of principles and norms, it can never be turned into a rigid set of rules. This model will always rest heavily on the judgment of the Chairs. I'm OK with that. Malcolm. -- Malcolm Hutty | tel: +44 20 7645 3523 Head of Public Affairs | Read the LINX Public Affairs blog London Internet Exchange | http://publicaffairs.linx.net/ London Internet Exchange Ltd Monument Place, 24 Monument Street London EC3R 8AJ Company Registered in England No. 3137929 Trinity Court, Trinity Street, Peterborough PE1 1DA From jim at rfc1035.com Tue Jan 16 12:12:42 2018 From: jim at rfc1035.com (Jim Reid) Date: Tue, 16 Jan 2018 11:12:42 +0000 Subject: [address-policy-wg] what does consensus mean In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> Message-ID: <1EF45A46-5AF7-48A8-B30C-C923E233E90E@rfc1035.com> > On 16 Jan 2018, at 10:40, JORDI PALET MARTINEZ via address-policy-wg wrote: > > 1) When you believe you agree with a policy proposal and declare it to the list (so chairs can measure consensus), do you ?agree? only with the ?policy text? or with the arguments written down in the policy proposal, or with the NCC interpretation (impact analysis), or all of them? Depends. IIRC in the past I think I've just supported the proposal and not cared about the arguments behind it or the impact analysis. > 2) What if the text in those 3 pieces are presenting contradictions or can be easily be interpreted in different ways? I would raise those issues and be crystal-clear about where the confusions or ambiguities were. And most likely talk to the WG chairs before taking those concerns to the list. Jordi, I think it's not helpful to continue this discussion. If you remain unhappy with the consensus declaration on 2016-04, please use the appeals machinery provided in the PDP instead of wasting everyone's time exploring rat-holes. From jordi.palet at consulintel.es Tue Jan 16 12:19:50 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Tue, 16 Jan 2018 12:19:50 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> Message-ID: <978AEFE2-EB0A-4AAC-8ECC-619D61F33845@consulintel.es> Thanks Jan, Would you agree that if the contradictions are discovered, they should be resolved, and meanwhile, what it is valid is *only* the policy text? My view is, in addition to that, if the contradictions are discovered during the PDP process, consensus can?t be declared until we can address them. Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Jan Ingvoldstad Fecha: martes, 16 de enero de 2018, 11:54 Para: RIPE Address Policy WG Asunto: Re: [address-policy-wg] what does consensus mean On Tue, Jan 16, 2018 at 11:40 AM, JORDI PALET MARTINEZ via address-policy-wg wrote: > 1) When you believe you agree with a policy proposal and declare it to the list (so chairs can measure consensus), do you ?agree? only with the ?policy text? or with the arguments written down in the policy proposal, or with the NCC interpretation (impact analysis), or all of them? Obviously, if I state only that I agree, I agree that the policy proposal as written is acceptable, and should be implemented, in light of whatever arguments and analysis have been made. > 2) What if the text in those 3 pieces are presenting contradictions or can be easily be interpreted in different ways? In that case, I have probably not seen the contradictions, or don't think that they are contradictions. -- Jan ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jim at rfc1035.com Tue Jan 16 12:22:05 2018 From: jim at rfc1035.com (Jim Reid) Date: Tue, 16 Jan 2018 11:22:05 +0000 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <1aa4bad8-595c-de24-6f3b-688b0bb7e824@linx.net> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> <1aa4bad8-595c-de24-6f3b-688b0bb7e824@linx.net> Message-ID: <3CBBD268-2D96-4891-97C7-17102306A07A@rfc1035.com> > On 16 Jan 2018, at 11:11, Malcolm Hutty wrote: > > That's because I don't think that "rough consensus" is primarily about > how many supporters a proposal has, I think it's about primarily about > the nature and quality of the objection. Indeed. And how those objections were considered/addressed/resolved. > this can only be a discussion of principles and norms, it can never be turned into a rigid > set of rules. This model will always rest heavily on the judgment of the Chairs. I'm OK with that. Me too. From jordi.palet at consulintel.es Tue Jan 16 12:23:05 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Tue, 16 Jan 2018 12:23:05 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <1EF45A46-5AF7-48A8-B30C-C923E233E90E@rfc1035.com> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> <1EF45A46-5AF7-48A8-B30C-C923E233E90E@rfc1035.com> Message-ID: <91732BAC-8768-42BE-8AE6-3816EBCBD034@consulintel.es> Hi Jim, See below. Regards, Jordi -----Mensaje original----- De: address-policy-wg en nombre de Jim Reid Fecha: martes, 16 de enero de 2018, 12:12 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] what does consensus mean > On 16 Jan 2018, at 10:40, JORDI PALET MARTINEZ via address-policy-wg wrote: > > 1) When you believe you agree with a policy proposal and declare it to the list (so chairs can measure consensus), do you ?agree? only with the ?policy text? or with the arguments written down in the policy proposal, or with the NCC interpretation (impact analysis), or all of them? Depends. IIRC in the past I think I've just supported the proposal and not cared about the arguments behind it or the impact analysis. [Jordi] This has been my main way to evaluate a proposal always, read the policy text and decide upon that, because at the end, is the only one that can be enforced. > 2) What if the text in those 3 pieces are presenting contradictions or can be easily be interpreted in different ways? I would raise those issues and be crystal-clear about where the confusions or ambiguities were. And most likely talk to the WG chairs before taking those concerns to the list. [Jordi] I?m talking with the chairs about that since yesterday, even if I also think is a debate for the list, not just the chairs. Jordi, I think it's not helpful to continue this discussion. If you remain unhappy with the consensus declaration on 2016-04, please use the appeals machinery provided in the PDP instead of wasting everyone's time exploring rat-holes. [Jordi] I think it makes sense to avoid an appeal if we can clarify the situation before that. ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jim at rfc1035.com Tue Jan 16 12:31:19 2018 From: jim at rfc1035.com (Jim Reid) Date: Tue, 16 Jan 2018 11:31:19 +0000 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <978AEFE2-EB0A-4AAC-8ECC-619D61F33845@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> <978AEFE2-EB0A-4AAC-8ECC-619D61F33845@consulintel.es> Message-ID: > On 16 Jan 2018, at 11:19, JORDI PALET MARTINEZ via address-policy-wg wrote: > > My view is, in addition to that, if the contradictions are discovered during the PDP process, consensus can?t be declared until we can address them. Nope. If the WG decides that it's OK for a proposal to have a contradiction or be confusing then there's a consensus for that PoV. It would of course be bad if a WG reached that conclusion. But if that's what they decide, it shouldn't prevent a consensus declaration. If a WG makes stupid choices, that's initially the WG's problem. And maybe that state of affairs would encourage someone to present a new proposal which will correct those bad decisions. Policy proposals (and policies) don't have to be perfect. The just have to be good enough. From mschmidt at ripe.net Tue Jan 16 16:04:49 2018 From: mschmidt at ripe.net (Marco Schmidt) Date: Tue, 16 Jan 2018 16:04:49 +0100 Subject: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) In-Reply-To: <20180115172342.GB2743@principal.rfc2324.org> Message-ID: Dear Max, On 2018-01-15 18:23:42 CET, Maximilian Wilhelm wrote: > As said before somewhere (I'm not sure wether on a RIPE meeting or > here on the list), the RS folks said, that they use the proposal text > as well as the summary/rationale as guidance what is allowed and what > isn't. > > Maybe Ingrid, Andrea, Marco, * from the NCC can comment on that? > Yes, this is correct. Whenever there is a question about the interpretation of RIPE Policies, we can refer to proposal summary as well to the impact analysis to ensure the correct understanding of the policy and its intent. Kind regards, Marco Schmidt Policy Development Officer RIPE NCC Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum From gert at space.net Wed Jan 17 18:09:02 2018 From: gert at space.net (Gert Doering) Date: Wed, 17 Jan 2018 18:09:02 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> Message-ID: <20180117170902.GI45648@Space.Net> Hi, On Tue, Jan 16, 2018 at 11:40:28AM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > 1) When you believe you agree with a policy proposal and declare it to the list (so chairs can measure consensus), do you ???agree??? only with the ???policy text??? or with the arguments written down in the policy proposal, or with the NCC interpretation (impact analysis), or all of them? People sometimes explicitely mention this ("I agree with the aims of the proposal and the way it is written"). Sometimes they don't agree with all of it ("I agree with the aims of the proposal but the text needs more work"). And sometimes they state "support", which I take as an indication that they agree both with the aim and the wording of the proposal. > 2) What if the text in those 3 pieces are presenting contradictions or can be easily be interpreted in different ways? We've had proposals where the IA brought up very much inintended consequences (contradicting the rationale, the IA cannot "contradict the policy text"), and this was addressed by a new round of policy text and new IA. Which is, basically, why we have the IA in the first place: ensure that the NCC shares our understanding of what we're asking the colleagues to do. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From gert at space.net Thu Jan 18 20:15:16 2018 From: gert at space.net (Gert Doering) Date: Thu, 18 Jan 2018 20:15:16 +0100 Subject: [address-policy-wg] 2016-04 To Last Call (IPv6 Sub-assignment Clarification) In-Reply-To: <12763A05-ED0B-4D72-94F7-C9A71B6BEA2A@consulintel.es> References: <849CE594-15BA-4EE0-9E6C-F3E7DD019058@steffann.nl> <2566E115-1BC4-4188-92A3-A55C68AE1B5C@consulintel.es> <0BCE1949-0BDA-46B3-BBFE-65F6D1CA3596@steffann.nl> <6207A910-53D5-4D34-A330-C114D1BFE8F1@consulintel.es> <51270AAE-1BC7-41B7-9B2B-9D4CDCCB7801@steffann.nl> <25FD8AA8-E166-4D1F-9ACD-EB1F9C60679F@consulintel.es> <47093BCE-904E-403A-A10E-BF9E496D2352@steffann.nl> <12763A05-ED0B-4D72-94F7-C9A71B6BEA2A@consulintel.es> Message-ID: <20180118191516.GA45648@Space.Net> Hi, On Mon, Jan 15, 2018 at 06:58:37PM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > Understood, even do, I will love to heard that from the NCC, because the disadvantage is that then to interpret the policy text, you need to read ???all??? the policy proposals, which I don???t think is very nice or useful. > > Despite that, I still believe that my proposed text (or something a bit lighter, in the middle) is not changing the proposal goal, so not changing the consensus ???status???, neither doing the ???micro-management??? that you mention, so it is acceptable as last call changes, of course if Max agree. No text changes (except fixing typos) happen in last call. If we change text, it goes back to a new IA and a new review phase. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From jordi.palet at consulintel.es Fri Jan 19 11:40:15 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Fri, 19 Jan 2018 11:40:15 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <20180117170902.GI45648@Space.Net> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> <20180117170902.GI45648@Space.Net> Message-ID: <37B67F79-A6D7-4F96-83CF-820F1557AA89@consulintel.es> Hi Gert, The problem in this case is that I don't think the IA is sharing our understanding ... at least from some of us, and thus contradicting the policy text, which you say is not possible. 1) Policy text say: "... separate addresses (not prefixes) ...". 2) Max proposal say: "... or anything alike where devices of non-members of the organisation would get assigned an IP out of the organisation?s prefix ..." 3) Max proposal say: "... Explicitly allowing another entity to be provided with addresses from a subnet ..." 4) Max proposal say: "... A subnet in the spirit of this policy is a prefix from the PI/PA assignment with a prefix length of /64 or longer ..." 5) Max proposal say: "... or for housing/hosting for servers in data centres ..." 6) IA say: "... There are cases where a /64 is needed per customer to provide a separate address ..." 7) IA say: "... It is the RIPE NCCs understanding that assignments as described above are dynamic in nature, either by varying the prefix or interface identifier (IID) over time. Any permanent and static assignments of a prefix would still be considered a sub-assignment ..." 8) IA say: "... by using single IPv6 addresses for End User devices and services ..." My point is that up to a /64 is a single prefix, so this contradicts 1 (not prefixes) above, vs 4 and 6. So, may be the right wording is "not multiple prefixes". Also, 1 say "addresses", but 2 say "an IP" and 3 say "addresses". 5 seem to indicate that this is acceptable in data centres, but 7 says permanent and static ... I don't see how a data centre can do temporary addresses? Further to that, email exchange with Marco/co-chairs, get me very confused ... as it is not clear to me if it is possible, if we pass this policy proposal, if from a single /64 prefix, a guest device can use a single /128 or, because the device needs multiple addresses (do we remember that devices in addition to the SLAAC or DHCP address make up automatically privacy addresses?), or if the device is running VMs, can use the same prefix with different addresses for those VMs ? Not to talk about a more complex case, such a device connecting to a hot stop and doing tethering to other devices from the same user ... If ONLY a single address can be used, technically is impossible to make this policy work, unless we have a mechanisms that MANDATE that the devices must use only SLAAC or only DHCPv6 and they MUST disable privacy addresses, and they MUST NOT run VMs. Is that realistic? Can we state in clear words (not referring to the complete policy proposal document), not a long page, just a few paragraphs, what do we have consensus on? My view, and Max could confirm if his view was this one, or if he will agree on that, up to a single /64 is ok, and you use one or multiple addresses of it, for one or multiple devices, but only in temporary "periods" of time (which match the usage in hot-spots, guest and employees BYOD in corporate networks, VPNs, temporary usage in data centers). I think the only case that is not temporary, and I agree, is the point-to-point link, which clearly should be allowed. I'm not sure if I'm missing any other possible cases, just trying to scope as much as possible all the possibilities thru a few examples. I don't know if this requires a new round with the policy returning it to the list or whatever is needed, or if it requires passing the policy even if it is clear (in my opinion) that is an "impossible to apply policy" (and thus consensus is irreal) and then I'm happy to make a new policy proposal, but my view is that it doesn't make any sense if we can clarify it now with a very simple modification of the policy text that Max proposed (even if it need 4 additional weeks for review period or whatever), that we could approve now something "imposible" and restart with a new policy. Regards, Jordi ?-----Mensaje original----- De: address-policy-wg en nombre de Gert Doering Fecha: mi?rcoles, 17 de enero de 2018, 18:09 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] what does consensus mean Hi, On Tue, Jan 16, 2018 at 11:40:28AM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > 1) When you believe you agree with a policy proposal and declare it to the list (so chairs can measure consensus), do you ???agree??? only with the ???policy text??? or with the arguments written down in the policy proposal, or with the NCC interpretation (impact analysis), or all of them? People sometimes explicitely mention this ("I agree with the aims of the proposal and the way it is written"). Sometimes they don't agree with all of it ("I agree with the aims of the proposal but the text needs more work"). And sometimes they state "support", which I take as an indication that they agree both with the aim and the wording of the proposal. > 2) What if the text in those 3 pieces are presenting contradictions or can be easily be interpreted in different ways? We've had proposals where the IA brought up very much inintended consequences (contradicting the rationale, the IA cannot "contradict the policy text"), and this was addressed by a new round of policy text and new IA. Which is, basically, why we have the IA in the first place: ensure that the NCC shares our understanding of what we're asking the colleagues to do. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jordi.palet at consulintel.es Fri Jan 19 11:56:19 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Fri, 19 Jan 2018 11:56:19 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <1aa4bad8-595c-de24-6f3b-688b0bb7e824@linx.net> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> <1aa4bad8-595c-de24-6f3b-688b0bb7e824@linx.net> Message-ID: Thanks Malcolm, I think this is a perfect definition of consensus and it shows that "more voices" not necessarily means "consensus". However, I really think, regardless if there are or not objections, consensus can't be achieved on "non-sense" or "unrealistic" proposals which can't be enforced. Part of the problem is because it looks like instead of giving priority to the "policy text", we also obey the policy proposal, the IA, and so, which are not in the "policy manual". I'm going to talk about this in a new thread to avoid mixing things with this concrete policy proposal. Regards, Jordi ?-----Mensaje original----- De: address-policy-wg en nombre de Malcolm Hutty Fecha: martes, 16 de enero de 2018, 12:11 Para: Jim Reid , JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] what does consensus mean On 16/01/2018 10:02, Jim Reid wrote: > And yes, in theory it's possible for a charlatan to "stack the deck" by having their (ficticious) friends express support for a proposal. Actually, if "rough consensus" is applied properly (and you could criticise what I'm about to say by saying is overly theoretical), I don't think stacking the audience with supporters does achieve rough consensus. Rough consensus should never be about counting noses. That's because I don't think that "rough consensus" is primarily about how many supporters a proposal has, I think it's about primarily about the nature and quality of the objection. If there are no objections, that's unanimous approval, which is a subset of rough consensus. If there are objections, the number of objections isn't a first order concern (although that can be a signal of something else). If the objections are recognised as being serious, valid concerns that haven't been properly addressed, then the Chairs should find that "rough consensus" has not yet been achieved. And it shouldn't really matter how few people object, except insofar as a signal (if nobody has been persuaded, why is that? Perhaps this signals an underlying flaw in the objection, that allows it to be legitimately discarded). If the only objections are invalid (e.g. out of scope) or have been properly addressed, then it is possible to find a rough consensus notwithstanding that some (or even many) people still have (invalid) objections or aren't willing to accept that their point has been dealt with. In the present case, Sander wrote: > Short summary: > - a problem was discovered in the IPv6 policy > - we see consensus that this policy proposal solves that problem > - we recognise that you would like an even better solution > - and we'll happily work with you to achieve that! > - but because this proposal solves the original problem we don't want to delay it To me, that reads as an admirably clear and succinct explanation in the category "we've dealt with your objection, now we're moving on". Of course, what constitutes an "invalid" objection is hard to describe and extremely difficult to define completely, perhaps not even possible. But I'm sure we can all think of examples. Here's one: "I don't think this policy should be approved because RIPE has no legitimate authority to make policy; that is the purview of governments" would, IMO, be an invalid objection, on the grounds that the central question it poses (does RIPE has legitimate policy-making authority?) is out of scope for a discussion about whether X should be approved (possibly on other, more complicated grounds too). If someone packed the floor / mailing list, with hundreds of people who agreed with that proposition, I think the proper course of action for a APWG Chair would be to ignore all of them. There's a time and a place for that kind of discussion. During a PDP is not it. This does invest an awful lot of responsibility in the WG Chairs (or, for matters considered by the community as a whole, the RIPE Chair), to discern and discriminate between a valid of objection and an invalid one. It is requires a lot of rather subjective judgement, not on the matter at hand, but on the nature of the discussion and our community and its purpose and values and what we consider a legitimate frame of discussion. While I happen to think that having a conversation that attempts to broaden a common understanding of the kinds of things that Chairs ought to consider invalid objections would be beneficial, not least for the WG Chairs and especially future Chairs, this can only be a discussion of principles and norms, it can never be turned into a rigid set of rules. This model will always rest heavily on the judgment of the Chairs. I'm OK with that. Malcolm. -- Malcolm Hutty | tel: +44 20 7645 3523 Head of Public Affairs | Read the LINX Public Affairs blog London Internet Exchange | http://publicaffairs.linx.net/ London Internet Exchange Ltd Monument Place, 24 Monument Street London EC3R 8AJ Company Registered in England No. 3137929 Trinity Court, Trinity Street, Peterborough PE1 1DA ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From sander at steffann.nl Fri Jan 19 11:57:38 2018 From: sander at steffann.nl (Sander Steffann) Date: Fri, 19 Jan 2018 11:57:38 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <37B67F79-A6D7-4F96-83CF-820F1557AA89@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> <20180117170902.GI45648@Space.Net> <37B67F79-A6D7-4F96-83CF-820F1557AA89@consulintel.es> Message-ID: Hi Jordi, > 1) Policy text say: "... separate addresses (not prefixes) ...". > 2) Max proposal say: "... or anything alike where devices of non-members of the organisation would get assigned an IP out of the organisation?s prefix ..." > 3) Max proposal say: "... Explicitly allowing another entity to be provided with addresses from a subnet ..." > 4) Max proposal say: "... A subnet in the spirit of this policy is a prefix from the PI/PA assignment with a prefix length of /64 or longer ..." > 5) Max proposal say: "... or for housing/hosting for servers in data centres ..." > 6) IA say: "... There are cases where a /64 is needed per customer to provide a separate address ..." > 7) IA say: "... It is the RIPE NCCs understanding that assignments as described above are dynamic in nature, either by varying the prefix or interface identifier (IID) over time. Any permanent and static assignments of a prefix would still be considered a sub-assignment ..." > 8) IA say: "... by using single IPv6 addresses for End User devices and services ..." > > [...] > > 5 seem to indicate that this is acceptable in data centres, but 7 says permanent and static ... I don't see how a data centre can do temporary addresses? Now that is indeed a contradiction that I agree with. Here the NCC's interpretation is more strict than what the policy says, and that should be corrected. Marco, can you look at this again from the NCC's perspective? Cheers, Sander From jordi.palet at consulintel.es Fri Jan 19 12:08:25 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Fri, 19 Jan 2018 12:08:25 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> <20180117170902.GI45648@Space.Net> <37B67F79-A6D7-4F96-83CF-820F1557AA89@consulintel.es> Message-ID: <135FEE2A-5EC7-42DE-902E-B3D46CAB5D0A@consulintel.es> In my opinion there are 3 points to clarify: 1) Temporary always ? clearly not for point-to-point links, no-sense for data centers? 2) Single address (/128) for a single device (so the device can't use privacy? Utopia!), or do we allow if the devices get a single-prefix, it uses multiple addresses out of that prefix (so we allow VMs in the device also) 3) Can the device use any technology (such as prefix sharing, eg. RFC7278), to also use addresses from a single prefix for other devices (same user) Regards, Jordi ?-----Mensaje original----- De: address-policy-wg en nombre de Sander Steffann Fecha: viernes, 19 de enero de 2018, 11:58 Para: JORDI PALET MARTINEZ , Marco Schmidt CC: Asunto: Re: [address-policy-wg] what does consensus mean Hi Jordi, > 1) Policy text say: "... separate addresses (not prefixes) ...". > 2) Max proposal say: "... or anything alike where devices of non-members of the organisation would get assigned an IP out of the organisation?s prefix ..." > 3) Max proposal say: "... Explicitly allowing another entity to be provided with addresses from a subnet ..." > 4) Max proposal say: "... A subnet in the spirit of this policy is a prefix from the PI/PA assignment with a prefix length of /64 or longer ..." > 5) Max proposal say: "... or for housing/hosting for servers in data centres ..." > 6) IA say: "... There are cases where a /64 is needed per customer to provide a separate address ..." > 7) IA say: "... It is the RIPE NCCs understanding that assignments as described above are dynamic in nature, either by varying the prefix or interface identifier (IID) over time. Any permanent and static assignments of a prefix would still be considered a sub-assignment ..." > 8) IA say: "... by using single IPv6 addresses for End User devices and services ..." > > [...] > > 5 seem to indicate that this is acceptable in data centres, but 7 says permanent and static ... I don't see how a data centre can do temporary addresses? Now that is indeed a contradiction that I agree with. Here the NCC's interpretation is more strict than what the policy says, and that should be corrected. Marco, can you look at this again from the NCC's perspective? Cheers, Sander ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jim at rfc1035.com Fri Jan 19 12:12:05 2018 From: jim at rfc1035.com (Jim Reid) Date: Fri, 19 Jan 2018 11:12:05 +0000 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <135FEE2A-5EC7-42DE-902E-B3D46CAB5D0A@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> <20180117170902.GI45648@Space.Net> <37B67F79-A6D7-4F96-83CF-820F1557AA89@consulintel.es> <135FEE2A-5EC7-42DE-902E-B3D46CAB5D0A@consulintel.es> Message-ID: <3461DCB4-76D4-40BE-A3FB-AD0D39B6951C@rfc1035.com> > On 19 Jan 2018, at 11:08, JORDI PALET MARTINEZ via address-policy-wg wrote: > > In my opinion there are 3 points to clarify: ... irrelevant points snipped ... PLEASE put those comments in a different thread which makes it clear you're discussing detail about 2016-4 (or whatever). Thanks. This thread's supposed to be about an entirely different topic. From sander at steffann.nl Fri Jan 19 12:12:53 2018 From: sander at steffann.nl (Sander Steffann) Date: Fri, 19 Jan 2018 12:12:53 +0100 Subject: [address-policy-wg] what does consensus mean In-Reply-To: <135FEE2A-5EC7-42DE-902E-B3D46CAB5D0A@consulintel.es> References: <20180112152707.GA3355@Space.Net> <303D1D90-1244-4B5D-B282-F69A14414103@consulintel.es> <0A3B445E-A9B8-4E5E-B52E-245D27B86418@consulintel.es> <37D99D9D-3B84-4CB0-88AC-E534B22FA1DC@rfc1035.com> <20180117170902.GI45648@Space.Net> <37B67F79-A6D7-4F96-83CF-820F1557AA89@consulintel.es> <135FEE2A-5EC7-42DE-902E-B3D46CAB5D0A@consulintel.es> Message-ID: <96501A65-327E-42DC-9C74-5951DCE9776D@steffann.nl> Hi, > 1) Temporary always ? clearly not for point-to-point links, no-sense for data centers? Indeed, this is what I asked Marco. > 2) Single address (/128) for a single device (so the device can't use privacy? Utopia!), or do we allow if the devices get a single-prefix, it uses multiple addresses out of that prefix (so we allow VMs in the device also) The policy talks about single-address increments. It doesn't say "one address", it says "separate addresses" (plural), which allows for privacy extensions etc. > 3) Can the device use any technology (such as prefix sharing, eg. RFC7278), to also use addresses from a single prefix for other devices (same user) Technology used is out of scope here. Cheers, Sander From sander at steffann.nl Fri Jan 19 12:14:54 2018 From: sander at steffann.nl (Sander Steffann) Date: Fri, 19 Jan 2018 12:14:54 +0100 Subject: [address-policy-wg] inconsistency in 2016-04 (was: what does consensus mean) Message-ID: Hi Jim, > PLEASE put those comments in a different thread which makes it clear you're discussing detail about 2016-4 (or whatever). Thanks. > > This thread's supposed to be about an entirely different topic. Indeed, my apologies. There were so many things going on that I lost track as well :) Cheers, Sander From jordi.palet at consulintel.es Fri Jan 19 12:19:25 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Fri, 19 Jan 2018 12:19:25 +0100 Subject: [address-policy-wg] policy text or anything else? Message-ID: Hi all, I've changed the subject, because I want to talk here in general about our policy process, not any specific policy. I've tried to find where in our process, states that in addition to the policy text itself, other inputs during the PDP matter. If there is such confirmation, could the NCC tell me how to find it? I understand that this may have been our "practice", but maybe we did wrong. Let me explain why I think is wrong, and consequently we need to correct it. Let's suppose I'm an organization asking for the first time IPv6 space, I will find the actual policy at https://www.ripe.net/publications/docs/ripe-684 I read across it, and I obviously will decide, based on my needs what choices I've to apply for. I've not followed the PDP since the first time we discussed an IPv6 policy, so I'm missing all the policy proposals text, arguments, rationales, impact analysis, etc. Because that, I'm applying with a different view from someone that has been for ages in the addressing policy list and following it, and possible not taking advantages of perspectives that are "in between lines" in the policy text, which may make a huge difference on my request vs a "follower" of the PDP. I would agree with that (using not only the policy text, but also all the PDP documents) IF when I go to the ripe-684 document, I've direct links in every section of the policy text, pointing to the PDP documents that have been used to modify that section. I hope everybody understand what I mean, not sure if is so easy to explain. Now, is that realistic? It will make our policy text so difficult to read ... and a very very very long (and always increasing) document. So, my conclusion: what it matters is only policy text, other documents are relevant to explain it, but not to add "modifications" to the reading of that text so not conflicts should be there (unless undiscovered). I agree that we are humans and we can make mistakes, and we may need to go to new rounds of PDP to correct that, new proposals, or whatever, but even if it takes some extra work, policy text must be refined if discrepancies are perceived. Regards, Jordi ? -----Mensaje original----- De: address-policy-wg en nombre de Marco Schmidt Fecha: martes, 16 de enero de 2018, 16:05 Para: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) Dear Max, On 2018-01-15 18:23:42 CET, Maximilian Wilhelm wrote: > As said before somewhere (I'm not sure wether on a RIPE meeting or > here on the list), the RS folks said, that they use the proposal text > as well as the summary/rationale as guidance what is allowed and what > isn't. > > Maybe Ingrid, Andrea, Marco, * from the NCC can comment on that? > Yes, this is correct. Whenever there is a question about the interpretation of RIPE Policies, we can refer to proposal summary as well to the impact analysis to ensure the correct understanding of the policy and its intent. Kind regards, Marco Schmidt Policy Development Officer RIPE NCC Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From jordi.palet at consulintel.es Fri Jan 19 12:29:32 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Fri, 19 Jan 2018 12:29:32 +0100 Subject: [address-policy-wg] inconsistency in 2016-04 Message-ID: <81A0D11B-3C00-44CB-ADAE-E1866DE1AE58@consulintel.es> (sorry Jim ! subject replaced) Hi Sander, Below in-line. Regards, Jordi ?-----Mensaje original----- De: address-policy-wg en nombre de Sander Steffann Fecha: viernes, 19 de enero de 2018, 12:13 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] what does consensus mean Hi, > 1) Temporary always ? clearly not for point-to-point links, no-sense for data centers? Indeed, this is what I asked Marco. > 2) Single address (/128) for a single device (so the device can't use privacy? Utopia!), or do we allow if the devices get a single-prefix, it uses multiple addresses out of that prefix (so we allow VMs in the device also) The policy talks about single-address increments. It doesn't say "one address", it says "separate addresses" (plural), which allows for privacy extensions etc. Right, but 6) IA say: "... There are cases where a /64 is needed per customer to provide a separate address ..." and 8) IA say: "... by using single IPv6 addresses for End User devices and services ..." furthermore it say "... provided no prefixes will be provided to other entities ..." I think this can be sorted out replacing in the IA "provided no more than a single prefix will be provided to other entities." > 3) Can the device use any technology (such as prefix sharing, eg. RFC7278), to also use addresses from a single prefix for other devices (same user) Technology used is out of scope here. I used the technology as an example, what I'm referring is if the single prefix can be shared by other devices of the user of a hot-spot (example, the hotel gives me a single /64 in the WiFi, but I've several devices). The point here is, clarification 2 above will solve the problem for multiple addresses in a single prefix, 3) may solve the problem for multiple devices with the same prefix. For both of them we may need to clarify if Max "not prefixes" is meaning also a single prefix or "not multiple prefixes", which is I think the major contradiction with the IA or NCC interpretation according to mail exchange with Marco. Cheers, Sander ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From sander at steffann.nl Fri Jan 19 12:44:46 2018 From: sander at steffann.nl (Sander Steffann) Date: Fri, 19 Jan 2018 12:44:46 +0100 Subject: [address-policy-wg] inconsistency in 2016-04 In-Reply-To: <81A0D11B-3C00-44CB-ADAE-E1866DE1AE58@consulintel.es> References: <81A0D11B-3C00-44CB-ADAE-E1866DE1AE58@consulintel.es> Message-ID: <3DD136F8-39E0-4D10-8B8F-521ADCA333F9@steffann.nl> Hi, > Below in-line. Please use normal quoting, I have trouble reading your emails. > Right, but 6) IA say: "... There are cases where a /64 is needed per customer to provide a separate address ..." and 8) IA say: "... by using single IPv6 addresses for End User devices and services ..." furthermore it say "... provided no prefixes will be provided to other entities ..." I think this can be sorted out replacing in the IA "provided no more than a single prefix will be provided to other entities." No, that would drastically change the policy, and that has been looked at before. It was then decided that that is not the right approach. > I used the technology as an example, what I'm referring is if the single prefix can be shared by other devices of the user of a hot-spot (example, the hotel gives me a single /64 in the WiFi, but I've several devices). The point here is, clarification 2 above will solve the problem for multiple addresses in a single prefix, 3) may solve the problem for multiple devices with the same prefix. For both of them we may need to clarify if Max "not prefixes" is meaning also a single prefix or "not multiple prefixes", which is I think the major contradiction with the IA or NCC interpretation according to mail exchange with Marco. Sorry, what someone does with addresses is completely out of scope here. Cheers, Sander From jordi.palet at consulintel.es Fri Jan 19 14:19:54 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Fri, 19 Jan 2018 14:19:54 +0100 Subject: [address-policy-wg] inconsistency in 2016-04 In-Reply-To: <3DD136F8-39E0-4D10-8B8F-521ADCA333F9@steffann.nl> References: <81A0D11B-3C00-44CB-ADAE-E1866DE1AE58@consulintel.es> <3DD136F8-39E0-4D10-8B8F-521ADCA333F9@steffann.nl> Message-ID: What I'm saying is that, if we can't change the policy text, at least we make sure that those cases are crystal clear in the IA. Or is that also breaking the PDP? Regards, Jordi ?-----Mensaje original----- De: address-policy-wg en nombre de Sander Steffann Fecha: viernes, 19 de enero de 2018, 12:45 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] inconsistency in 2016-04 Hi, > Below in-line. Please use normal quoting, I have trouble reading your emails. > Right, but 6) IA say: "... There are cases where a /64 is needed per customer to provide a separate address ..." and 8) IA say: "... by using single IPv6 addresses for End User devices and services ..." furthermore it say "... provided no prefixes will be provided to other entities ..." I think this can be sorted out replacing in the IA "provided no more than a single prefix will be provided to other entities." No, that would drastically change the policy, and that has been looked at before. It was then decided that that is not the right approach. > I used the technology as an example, what I'm referring is if the single prefix can be shared by other devices of the user of a hot-spot (example, the hotel gives me a single /64 in the WiFi, but I've several devices). The point here is, clarification 2 above will solve the problem for multiple addresses in a single prefix, 3) may solve the problem for multiple devices with the same prefix. For both of them we may need to clarify if Max "not prefixes" is meaning also a single prefix or "not multiple prefixes", which is I think the major contradiction with the IA or NCC interpretation according to mail exchange with Marco. Sorry, what someone does with addresses is completely out of scope here. Cheers, Sander ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From gert at space.net Fri Jan 19 14:22:58 2018 From: gert at space.net (Gert Doering) Date: Fri, 19 Jan 2018 14:22:58 +0100 Subject: [address-policy-wg] inconsistency in 2016-04 In-Reply-To: References: <81A0D11B-3C00-44CB-ADAE-E1866DE1AE58@consulintel.es> <3DD136F8-39E0-4D10-8B8F-521ADCA333F9@steffann.nl> Message-ID: <20180119132258.GF45648@Space.Net> Hi, On Fri, Jan 19, 2018 at 02:19:54PM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > What I'm saying is that, if we can't change the policy text, at least we make sure that those cases are crystal clear in the IA. > > Or is that also breaking the PDP? The IA happens at a well-defined point in time: before the review period starts. Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From jordi.palet at consulintel.es Fri Jan 19 14:28:00 2018 From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ) Date: Fri, 19 Jan 2018 14:28:00 +0100 Subject: [address-policy-wg] inconsistency in 2016-04 In-Reply-To: <20180119132258.GF45648@Space.Net> References: <81A0D11B-3C00-44CB-ADAE-E1866DE1AE58@consulintel.es> <3DD136F8-39E0-4D10-8B8F-521ADCA333F9@steffann.nl> <20180119132258.GF45648@Space.Net> Message-ID: I know, but if unclear points or discrepancies are discovered in the actual stage, how we resolve them? I understand that the PDP may have imperfections and we never realized that, not sure if it is the case. Regards, Jordi ?-----Mensaje original----- De: address-policy-wg en nombre de Gert Doering Fecha: viernes, 19 de enero de 2018, 14:23 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] inconsistency in 2016-04 Hi, On Fri, Jan 19, 2018 at 02:19:54PM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > What I'm saying is that, if we can't change the policy text, at least we make sure that those cases are crystal clear in the IA. > > Or is that also breaking the PDP? The IA happens at a well-defined point in time: before the review period starts. Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. From gert at space.net Fri Jan 19 14:41:02 2018 From: gert at space.net (Gert Doering) Date: Fri, 19 Jan 2018 14:41:02 +0100 Subject: [address-policy-wg] inconsistency in 2016-04 In-Reply-To: References: <81A0D11B-3C00-44CB-ADAE-E1866DE1AE58@consulintel.es> <3DD136F8-39E0-4D10-8B8F-521ADCA333F9@steffann.nl> <20180119132258.GF45648@Space.Net> Message-ID: <20180119134102.GG45648@Space.Net> Hi, On Fri, Jan 19, 2018 at 02:28:00PM +0100, JORDI PALET MARTINEZ via address-policy-wg wrote: > I know, but if unclear points or discrepancies are discovered in the actual stage, how we resolve them? Technically, if *new* (and significant) counterarguments come up in Last Call, the proposal can be returned to Discussion or Review Phase at the end. In practice, I think this only happened once. "I read this differently from everyone else and I find it confusing" is not something I'd consider "new and significant", though, unless this reading is shared by a wider group. > I understand that the PDP may have imperfections and we never realized that, not sure if it is the case. Oh, the PDP is far from perfect. Most annoyingly, it takes a hell of a lot of work to get even the smallest change done, because there are so many stages where proposals can stall... Changing the PDP itself is not something we can do here in AP, though - that is something the plenary needs to agree, as the PDP governs all working groups. Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From jim at rfc1035.com Fri Jan 19 14:52:07 2018 From: jim at rfc1035.com (Jim Reid) Date: Fri, 19 Jan 2018 13:52:07 +0000 Subject: [address-policy-wg] inconsistency in 2016-04 In-Reply-To: <20180119134102.GG45648@Space.Net> References: <81A0D11B-3C00-44CB-ADAE-E1866DE1AE58@consulintel.es> <3DD136F8-39E0-4D10-8B8F-521ADCA333F9@steffann.nl> <20180119132258.GF45648@Space.Net> <20180119134102.GG45648@Space.Net> Message-ID: <56D7442A-79AA-496C-B6E3-247E529917FB@rfc1035.com> > On 19 Jan 2018, at 13:41, Gert Doering wrote: > > Changing the PDP itself is not something we can do here in AP, though - that > is something the plenary needs to agree, as the PDP governs all working > groups. Indeed. It will almost certainly be far quicker and much less painful to push a new policy proposal through the PDP than get the PDP changed. Jordi if you think the PDP is defective, by all means explain what the problem(s) is and suggest solution(s). However if you do down that path in the hope of resolving your unhappiness with the consensus decision on 2016-04 I think you may well become even more unhappy. Another troubling data point for everyone: This proposal started in 2016. It's now 2018. From mschmidt at ripe.net Mon Jan 22 11:49:20 2018 From: mschmidt at ripe.net (Marco Schmidt) Date: Mon, 22 Jan 2018 11:49:20 +0100 Subject: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) In-Reply-To: Message-ID: Dear Sander and Jordi, On 2018-01-19 11:57:38 CET, Sander Steffann wrote: > Hi Jordi, > > > 1) Policy text say: "... separate addresses (not prefixes) ...". > > 2) Max proposal say: "... or anything alike where devices of non-members of the organisation would get assigned an IP out of the organisation?s prefix ..." > > 3) Max proposal say: "... Explicitly allowing another entity to be provided with addresses from a subnet ..." > > 4) Max proposal say: "... A subnet in the spirit of this policy is a prefix from the PI/PA assignment with a prefix length of /64 or longer ..." > > 5) Max proposal say: "... or for housing/hosting for servers in data centres ..." > > 6) IA say: "... There are cases where a /64 is needed per customer to provide a separate address ..." > > 7) IA say: "... It is the RIPE NCCs understanding that assignments as described above are dynamic in nature, either by varying the prefix or interface identifier (IID) over time. Any permanent and static assignments of a prefix would still be considered a sub-assignment ..." > > 8) IA say: "... by using single IPv6 addresses for End User devices and services ..." > > > > [...] > > > > 5 seem to indicate that this is acceptable in data centres, but 7 says permanent and static ... I don't see how a data centre can do temporary addresses? > > Now that is indeed a contradiction that I agree with. Here the NCC's interpretation is more strict than what the policy says, and that should be corrected. Marco, can you look at this again from the NCC's perspective? > > Cheers, > Sander > I'm happy to provide some clarification here. If this policy change is accepted, it will be possible to connect a customer server to the IPv6 PI assignment holder's network, provided only a separate address is used. This is clearly specified in the proposed policy text. Our reference to the dynamic provision of a prefix was referring to configuration mechanisms that are mainly used to provide Internet access to customers. The RIPE NCC's approach aims to support the intent of the proposal to allow IPv6 PI assignments for use cases such as (public) Wi-Fi networks but to discourage the use of IPv6 PI for permanent broadband services. Kind regards, Marco Schmidt Policy Development Officer RIPE NCC Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum From mir at ripe.net Tue Jan 30 11:22:01 2018 From: mir at ripe.net (Mirjam Kuehne) Date: Tue, 30 Jan 2018 11:22:01 +0100 Subject: [address-policy-wg] New on RIPE Labs: A Shrinking Pie? The IPv4 Transfer Market in 2017 Message-ID: Dear colleagues, A record number of IPv4 addresses were transferred between LIRs in the RIPE NCC service region in 2017. However, 16 of the largest transfers, amounting to 78% of the total transferred address space, were really about the administrative management of resources between related business units. In terms of buyers and sellers, this part of the IPv4 transfer market decreased in size last year. Please find a more detailed analysis on RIPE Labs: https://labs.ripe.net/Members/wilhelm/a-shrinking-pie-the-ipv4-transfer-market-in-2017 Kind regards, Mirjam K?hne RIPE NCC