Re: [sig-policy] Article of possible interest to the community
On Aug 21, 2011, at 2:35 PM, David Conrad wrote:
> Jay,
>
> On Aug 21, 2011, at 12:25 AM, Jay Daley wrote:
>> I think the parallels you draw are entirely wrong. The RIRs are bottom-up policy organisations in their very nature.
>
> I suspect if you look back in history, you'll find that the folks who argued most strenuously against competitive telcos were the folks who argued that competitive services would/could not represent all sectors of society, and that the only way truly universal service could be provided was through monopolies. They would say "the network would suffer" or that "markets could not be trusted" and the only way to ensure "fair and equitable" service was to have a single provider that was forced to abide by bottom-up rulings of "public utility commissions" (or equivalent). As those monopolies were threatened, they lobbied for restrictions against potential new entrants and blocked access by those entrants to resources the entrants needed to do business.
>
> While no analogy is prefect, as I said, I see a number of parallels. YMMV.
>> Whatever faults they have in their policies come largely because that process inherently reflects the foibles of the participating stakeholders, not from the arrogance of those in charge.
>
> I don't actually care who is to blame for any faults (after all, some of the blame could probably be laid at my feet :-)). What matters is what happens in the future. APNIC's free pool is exhausted. The AP region is (I think) growing the fastest amongst all the regions. Pretend that you are an ISP wishing to respond to that growth. There are now multiple organizations that are offering IPv4 address space on (lets call it) the grey market. Would you refuse to consider making use of that option, assuming that the grey market companies provide documentation describing the chain of custody of addresses on that market? If you do, do you think your evil competitors would have the same qualms? Assuming not, which whois database are you going to query when a new prefix shows up at your door? Will you break your customers access to some subset of the Internet by refusing to query a particular database? Will your evil competitors?
>
> The core thesis in Paul's ACM Queue article (as I understand it), that alternative address registries are like alternative DNS root providers and hence bad, is a strawman. It is trivially obvious that multiple address "roots" would lead to madness. That's not what's happening.
Hi David,
Given your significant role in establishing the RIR system, coupled with your now quite jaundiced view of how the RIR system has turned out, I feel obliged to ask:
Was it "trivially obvious" to you back in the early 1990s that your successors in the RIR community would later go on to adopt "mad" policies, e.g., a reluctance to embrace an unguided, one-way trip to competitive devolution that is quite likely to affect every Internet user everywhere, forevermore -- albeit to what effect, with what benefits, and at what cost all remaining, at best, highly debatable? At what point did the inevitability of the current insanity become apparent to you, and what steps were taken to educate other stakeholders and/or to otherwise prevent the madness that we have now descended into?
My point is that focusing on what might seem "trivially obvious" today is, in fact, just another strawman.
And lest anyone think that the current "madness" must be a byproduct of centralization, command and control, heavy-handed regulation, etc., here's a few more "analogies" to disabuse you:
1. Back in the 18th-19th centuries, many of the now-wealthiest countries had substantially decentralized and only-loosely standardized monetary systems -- meaning no consistently enforced bank establishment criteria, no official reporting/disclosure or monitoring, banks printed their own banknotes, and no bank, merchant, or individual was compelled to accept anyone else's money (i.e., "money routing" was never guaranteed -- except in so-called "company towns"). These systems tended to be extremely volatile and collapse-prone until they accidentally developed a thin mechanism for rudimentary coordination and limited reputation information sharing, which piggy-backed on top of a more mundane, purely voluntary banknote "clearing house" service. However, by the beginning of the 20th century all of these quasi "free banking" systems had disappeared, and none has been established in the intervening century-plus. In some cases, the collapses were precipitated by the failure of the information sharing function, as individual member banks came to realize that the proximate impediment to their "freedom" to grow their customer portfolios (potentially without limit) was not insolvency per se, but rather the punitive (aka precautionary) actions that other banks would take if their excessively leveraged positions came to light. In other cases, the collapse followed the introduction of competition in clearing house services at the insistence of member banks that were envious of the profits and/or dissatisfied with the fees of incumbent clearing house service providers (which were themselves for-profit commercial banks).
2. In the years after the 20th c. Depression, the nationally-segregated monetary systems that replaced the old "free banking" regimes converged on a set of (still relative thin) reputation information sharing practices involving consistent bank establishment criteria, minimum reserve cash-to-lending activity ratios, and mandatory periodic reporting/disclosure requirements, all coordinated by central banks that funded their operations by monopolizing activities like interbank check clearing and banknote production. Once again banks gradually came to recognize that the proximate check on their unrestricted "freedom of expansion" was information leakage to competitors. Over time they started shifting more and more of their commercial activities to areas that were not subject to mandatory reporting requirements, until today the overwhelming majority of bank-like financial business is either conducted by registered banks as off-the-books transactions, or by completely off-the-books "shadow banks." Banks have not had any idea of which among them was truly solvent/insolvent for a long time now; they just didn't realize that until 2008 or so.
If you're administering a banking/monetary system, or contemplating someone else's bank, it's trivially obvious that operating beyond some leverage ratio (x) would lead to madness. However, if the structure of the industry makes it possible for every banker to exercise very broad discretion over how they define and disclose their own leverage ratios, then all you can do is trust in the discretion of (all of the) other bankers.
If you're operating a bank, you too know all of the above -- but you probably find it very hard to believe that your own leverage ratio is really at or below (x). Meanwhile, you know 101 ways to assure that your publicly observable leverage ratio never deviates from some mandatory and/or generally respectable range. Under normal conditions, and assuming every other bank is being more forthright than you, you should be perfectly safe...
There are an awful lot of independent banks, but it doesn't seem to take all that many to bring the whole system down (or alternately, there doesn't seem to be all that many that are interested enough in keeping the system up).
Bottom line: It seems to be that matters that are "trivially obvious" tend to be pretty unreliable predictors of how distributed systems evolve over time.
Of course, as you say, ymmv.
Regards,
TV
> What is springing up (driven by market demand) are:
>
> - market places where allocated-but-unused address space can be sold to those who are willing to pay for it (e.g., Addrex, tradeipv4.com)
> - "address registrars" who sell the service of updating registration data associated with existing allocations (e.g., depository.net).
>
> The issue I see is that the existing system is (or has been) structurally unable to evolve to meet the changing environment driven by the exhaustion of the free pool(s). Look at the fiascos associated with attempts to create global policies recently. Do you think this is going to get better as other regions' free pools exhaust?
>
> What we have now is a single addressing root partitioned into 5 arbitrary mutually-agreed geographical monopolies (can you say "cabal"?), each of which have their own policies and processes that are attempting to perform those two services (along with the service of allocating the rapidly dwindling free pool). We've already past the point where the folks involved in "bottom-up" policy making are arguing "region X's policy is wrong, so we're going to actively block it in region Y". Do you think that is going to get better over time? Do you think businesses just trying to provide Internet services have any interest in putting up with that sort of BS if they have an alternative where they just pay their money and get the resources they need?
I
>> What the RIRs suffer from is a lack of diversity among participating stakeholders.
>
> While true, this is largely irrelevant since it isn't going to change. Like the telephony world, the vast majority of people are neither interested nor do they care about the machinations involved in establishing the underlying technology's resource management policies. They only care when things break and they need someone to blame.
>
>> Prescribing commercial competition as a medicine to tackle the RIR faults is missing this point and likely to harm the numbering space by eliminating the bottom-up policy determination.
>
> The point is that no one is prescribing commercial competition, it is happening on its own. Now. Driven by economic reality. Sticking one's head in the sand or saying "we can't do anything until there is global consensus" or worse, attempting to block it is simply encouraging a negative outcome.
>
>> We should instead be looking at what faults the current narrow engagement leads to and showing some leadership in addressing them through the bottom-up policy process, while simultaneously working to broaden engagement so that the RIRs become truly multi-stakeholder.
>
> How long should we wait?
>
> Regards,
> -drc
>
> * sig-policy: APNIC SIG on resource management policy *
> _______________________________________________
> sig-policy mailing list
> sig-policy at lists dot apnic dot net
> http://mailman.apnic.net/mailman/listinfo/sig-policy