Mailing List Archive

Mark,

ARIN rules require every IP space holder to publish accurate — and effective — Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I pointed out, and as you can test for yourself. Your expectation that the DOD will “generally comply with all of the expected norms” is sorely naive, and already disproven.

As far as “why does anyone on the Internet need to publish to your arbitrary standards”, you seem to forget that in the U.S., the government is accountable to the People. Where a private company may not have to explain its purposes, the government most certainly does in the private sector. With these IP spaces being thrust into the civilian realm, yes, they owe the citizenry an explanation of their actions, just as they would if they had started mounting missile launchers on highway overpasses. It’s a direct militarization of a civilian utility.

Keep in mind that the U.S. Government — under all administrations — has shown that it will abuse every technical advantage it can, as long as it can do so in secret. Perhaps you’ve forgotten James Clapper, the former director of national intelligence, who falsely testified to Congress that the government does “not wittingly” collect the telephone records of millions of Americans. And he was just the tip of the iceberg. Before Clapper under Obama there was the Bush administration’s Stellar Wind" warrantless surveillance program. The list of government abuse of civilian resources is colossal .

Fighting against that isn’t political. It’s patriotic.

-mel

> On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak@blakjak.net> wrote:
>
> ?
>> On 25/04/2021 3:24 am, Mel Beckman wrote:
>> This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.
>>
>> -mel
>>
>
> Why does anyone on the Internet need to publish to your arbitrary standards, what they intend to do with their IP address ranges?
>
> Failure to advertise the IP address space to the Internet (until now, perhaps) doesn't make the address space any less legitimate, and though I'd expect the DoD to generally comply with all of the expected norms around BGP arrangements and published whois details, at the end of the day, they can nominate who should originate it from their AS and as long as we can see who owns it.... it's just not our business.
>
> Any organisation who's used DoD space in a way that's likely to conflict with, well, the DoD, gambled and lost.
>
> Mark.
>

> On Apr 25, 2021, at 9:40 AM, Mel Beckman <mel@beckman.org> wrote:
> It’s a direct militarization of a civilian utility.

I think I’d characterize it, rather, as a possible privatization of public property.

If someone builds a house in the middle of a public park, it’s not _what they’re doing in the house_ that concerns me.

-Bill

Is the DoD still the owner?

On Sun 25 Apr 2021 at 10:24, Bill Woodcock <woody@pch.net> wrote:


>> On Apr 25, 2021, at 9:40 AM, Mel Beckman <mel@beckman.org>
>> wrote:
>> It’s a direct militarization of a civilian utility.
>
> I think I’d characterize it, rather, as a possible privatization
> of public property.
>
> If someone builds a house in the middle of a public park, it’s
> not _what they’re doing in the house_ that concerns me.
>
> -Bill


--
Christian de Larrinaga
https://firsthand.net

Hi Mel,

I'd expect ARIN to hold them to account for complying with ARIN rules,
if they are subject.  In years gone by, I have been able to contact US
DoD organisations using published contact methods to address technical
issues. So even if there's technical non-compliance (which i'd agree
should be addressed), it could be a lot worse.

As for the DoD's accountability via your system of government, my view
would be that instead of bogon-filtering addresses legitimately
appearing in your BGP, with the justification being "they havn't
before!", you could consider asking them via channels. Like
https://open.defense.gov/transparency/foia.aspx for example.  But i'm
not a citizen of the United States, so will happily plead ignorance as
to whether this is likely to lead you to what you want to know or not.

In my country the government is also accountable to the people. But that
doesn't mean I would expect an Internet Service Provider to deliberately
sabotage the network access of their customers, either. Starts to feel
like a net neutrality argument again.

Mark.

PS: If DoD make use of IP address space that they legitimately hold, i'm
not sure you can call it a civilian resource, despite it interacting
with civilian counterparts.  Any consumable held by a military
organisation is a military resource and they'll make use of it based on
their operational requirements. The best comparison I could think of,
would be fuel (gasoline/petroleum/diesel/Jet-A1), all of which has both
military and civilian application.

On 25/04/2021 7:40 pm, Mel Beckman wrote:
> Mark,
>
> ARIN rules require every IP space holder to publish accurate — and effective — Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I pointed out, and as you can test for yourself. Your expectation that the DOD will “generally comply with all of the expected norms” is sorely naive, and already disproven.
>
> As far as “why does anyone on the Internet need to publish to your arbitrary standards”, you seem to forget that in the U.S., the government is accountable to the People. Where a private company may not have to explain its purposes, the government most certainly does in the private sector. With these IP spaces being thrust into the civilian realm, yes, they owe the citizenry an explanation of their actions, just as they would if they had started mounting missile launchers on highway overpasses. It’s a direct militarization of a civilian utility.
>
> Keep in mind that the U.S. Government — under all administrations — has shown that it will abuse every technical advantage it can, as long as it can do so in secret. Perhaps you’ve forgotten James Clapper, the former director of national intelligence, who falsely testified to Congress that the government does “not wittingly” collect the telephone records of millions of Americans. And he was just the tip of the iceberg. Before Clapper under Obama there was the Bush administration’s Stellar Wind" warrantless surveillance program. The list of government abuse of civilian resources is colossal .
>
> Fighting against that isn’t political. It’s patriotic.
>
> -mel
>
>> On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak@blakjak.net> wrote:
>>
>> ?
>>> On 25/04/2021 3:24 am, Mel Beckman wrote:
>>> This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.
>>>
>>> -mel
>>>
>> Why does anyone on the Internet need to publish to your arbitrary standards, what they intend to do with their IP address ranges?
>>
>> Failure to advertise the IP address space to the Internet (until now, perhaps) doesn't make the address space any less legitimate, and though I'd expect the DoD to generally comply with all of the expected norms around BGP arrangements and published whois details, at the end of the day, they can nominate who should originate it from their AS and as long as we can see who owns it.... it's just not our business.
>>
>> Any organisation who's used DoD space in a way that's likely to conflict with, well, the DoD, gambled and lost.
>>
>> Mark.
>>

Mr. Beckman -

As noted by Mark Foster below, the listed contact information for the DoD address blocks is indeed correct, and (as you yourself confirmed) may be used to successfully contact the organization. ARIN does not have the mandate to force any organization “to deal” with any other, but I can assure you that the contacts listed for the resources in the ARIN registry have been used to resolve actual technical problems without any difficultly.

Best wishes,
/John

John Curran
President and CEO
American Registry for Internet Numbers


> On 25 Apr 2021, at 6:11 AM, Mark Foster <blakjak@blakjak.net> wrote:
>
> Hi Mel,
>
> I'd expect ARIN to hold them to account for complying with ARIN rules, if they are subject. In years gone by, I have been able to contact US DoD organisations using published contact methods to address technical issues. So even if there's technical non-compliance (which i'd agree should be addressed), it could be a lot worse.
>
> As for the DoD's accountability via your system of government, my view would be that instead of bogon-filtering addresses legitimately appearing in your BGP, with the justification being "they havn't before!", you could consider asking them via channels. Like https://open.defense.gov/transparency/foia.aspx for example. But i'm not a citizen of the United States, so will happily plead ignorance as to whether this is likely to lead you to what you want to know or not.
>
> In my country the government is also accountable to the people. But that doesn't mean I would expect an Internet Service Provider to deliberately sabotage the network access of their customers, either. Starts to feel like a net neutrality argument again.
>
> Mark.
>
> PS: If DoD make use of IP address space that they legitimately hold, i'm not sure you can call it a civilian resource, despite it interacting with civilian counterparts. Any consumable held by a military organisation is a military resource and they'll make use of it based on their operational requirements. The best comparison I could think of, would be fuel (gasoline/petroleum/diesel/Jet-A1), all of which has both military and civilian application.
>
> On 25/04/2021 7:40 pm, Mel Beckman wrote:
>> Mark,
>>
>> ARIN rules require every IP space holder to publish accurate — and effective — Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I pointed out, and as you can test for yourself. Your expectation that the DOD will “generally comply with all of the expected norms” is sorely naive, and already disproven.
>>
>> As far as “why does anyone on the Internet need to publish to your arbitrary standards”, you seem to forget that in the U.S., the government is accountable to the People. Where a private company may not have to explain its purposes, the government most certainly does in the private sector. With these IP spaces being thrust into the civilian realm, yes, they owe the citizenry an explanation of their actions, just as they would if they had started mounting missile launchers on highway overpasses. It’s a direct militarization of a civilian utility.
>>
>> Keep in mind that the U.S. Government — under all administrations — has shown that it will abuse every technical advantage it can, as long as it can do so in secret. Perhaps you’ve forgotten James Clapper, the former director of national intelligence, who falsely testified to Congress that the government does “not wittingly” collect the telephone records of millions of Americans. And he was just the tip of the iceberg. Before Clapper under Obama there was the Bush administration’s Stellar Wind" warrantless surveillance program. The list of government abuse of civilian resources is colossal .
>>
>> Fighting against that isn’t political. It’s patriotic.
>>
>> -mel
>>
>>> On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak@blakjak.net> wrote:
>>>
>>> ?
>>>> On 25/04/2021 3:24 am, Mel Beckman wrote:
>>>> This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.
>>>>
>>>> -mel
>>>>
>>> Why does anyone on the Internet need to publish to your arbitrary standards, what they intend to do with their IP address ranges?
>>>
>>> Failure to advertise the IP address space to the Internet (until now, perhaps) doesn't make the address space any less legitimate, and though I'd expect the DoD to generally comply with all of the expected norms around BGP arrangements and published whois details, at the end of the day, they can nominate who should originate it from their AS and as long as we can see who owns it.... it's just not our business.
>>>
>>> Any organisation who's used DoD space in a way that's likely to conflict with, well, the DoD, gambled and lost.
>>>
>>> Mark.
>>>

This is true and very interesting, but the opposite is also true.

They are now reachable from probably nearly anywhere and therefore open for business. ????

Let's see what will slowly appear in shodan.io and shadowserver.org

Jean

-----Original Message-----
From: NANOG <nanog-bounces+jean=ddostest.me@nanog.org> On Behalf Of William Herrin
Sent: April 24, 2021 6:46 PM
To: Mel Beckman <mel@beckman.org>
Cc: nanog@nanog.org
Subject: Re: DoD IP Space

On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org> wrote:
> This doesn’t sound good, no matter how you slice it. The lack of
> transparency with a civilian resource is troubling at a minimum.

You do understand that the addresses in question are not and have never been "civilian." They came into DoD's possession when this was all still a military project funded by what's now DARPA.

Personally, I think we may have an all time record for the largest honeypot ever constructed. I'd love to be a fly on that wall.

Regards,
Bill Herrin



--
William Herrin
bill@herrin.us
https://bill.herrin.us/

Except these DoD blocks don’t fall under ARIM justification, as they predate ARIN. It is very likely that the DoD has never and will never sign any sort of ARIN agreement.

Sent from my iPhone

> On Apr 25, 2021, at 3:40 AM, Mel Beckman <mel@beckman.org> wrote:
>
> ?Mark,
>
> ARIN rules require every IP space holder to publish accurate — and effective — Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I pointed out, and as you can test for yourself. Your expectation that the DOD will “generally comply with all of the expected norms” is sorely naive, and already disproven.
>
> As far as “why does anyone on the Internet need to publish to your arbitrary standards”, you seem to forget that in the U.S., the government is accountable to the People. Where a private company may not have to explain its purposes, the government most certainly does in the private sector. With these IP spaces being thrust into the civilian realm, yes, they owe the citizenry an explanation of their actions, just as they would if they had started mounting missile launchers on highway overpasses. It’s a direct militarization of a civilian utility.
>
> Keep in mind that the U.S. Government — under all administrations — has shown that it will abuse every technical advantage it can, as long as it can do so in secret. Perhaps you’ve forgotten James Clapper, the former director of national intelligence, who falsely testified to Congress that the government does “not wittingly” collect the telephone records of millions of Americans. And he was just the tip of the iceberg. Before Clapper under Obama there was the Bush administration’s Stellar Wind" warrantless surveillance program. The list of government abuse of civilian resources is colossal .
>
> Fighting against that isn’t political. It’s patriotic.
>
> -mel
>
>> On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak@blakjak.net> wrote:
>>
>> ?
>>>> On 25/04/2021 3:24 am, Mel Beckman wrote:
>>> This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.
>>>
>>> -mel
>>>
>>
>> Why does anyone on the Internet need to publish to your arbitrary standards, what they intend to do with their IP address ranges?
>>
>> Failure to advertise the IP address space to the Internet (until now, perhaps) doesn't make the address space any less legitimate, and though I'd expect the DoD to generally comply with all of the expected norms around BGP arrangements and published whois details, at the end of the day, they can nominate who should originate it from their AS and as long as we can see who owns it.... it's just not our business.
>>
>> Any organisation who's used DoD space in a way that's likely to conflict with, well, the DoD, gambled and lost.
>>
>> Mark.
>>

On 24 Apr 2021, at 6:45 PM, William Herrin <bill@herrin.us<mailto:bill@herrin.us>> wrote:

On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org<mailto:mel@beckman.org>> wrote:
This doesn’t sound good, no matter how you slice it. The lack of
transparency with a civilian resource is troubling at a minimum.

You do understand that the addresses in question are not and have
never been "civilian." They came into DoD's possession when this was
all still a military project funded by what's now DARPA.

Personally, I think we may have an all time record for the largest
honeypot ever constructed. I'd love to be a fly on that wall.

Bill -

That’s actually a possibility - just join DDS… https://apnews.com/article/technology-business-government-and-politics-b26ab809d1e9fdb53314f56299399949

‘ "The big Pentagon internet mystery now partially solved”
….
After weeks of wonder by the networking community, the Pentagon has now provided a very terse explanation for what it’s doing. But it has not answered many basic questions, beginning with why it chose to entrust management of the address space to a company that seems not to have existed until September.

The military hopes to “assess, evaluate and prevent unauthorized use of DoD IP address space,” said a statement issued Friday by Brett Goldstein, chief of the Pentagon’s Defense Digital Service<https://www.defense.gov/Explore/News/Article/Article/1858615/defense-digital-service-delivers-mission-aligned-tech-for-dod/>, which is running the project. It also hopes to “identify potential vulnerabilities” as part of efforts to defend against cyber-intrusions by global adversaries, who are consistently infiltrating U.S. networks, sometimes operating from unused internet address blocks. '

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Sronan -

I’d suggest asking rather than making assertions when it comes to ARIN, as this will avoid propagating existing misinformation in the community.

Many US government agencies, including the US Department of Defense, have signed registration services agreements with ARIN.

From https://account.arin.net/public/member-list -

United States Department of Defense (DoD)

USDDD<https://search.arin.net/rdap?query=USDDD&searchFilter=entity>

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

On 25 Apr 2021, at 8:54 AM, sronan@ronan-online.com<mailto:sronan@ronan-online.com> wrote:

Except these DoD blocks don’t fall under ARIM justification, as they predate ARIN. It is very likely that the DoD has never and will never sign any sort of ARIN agreement.

Sent from my iPhone

On Apr 25, 2021, at 3:40 AM, Mel Beckman <mel@beckman.org<mailto:mel@beckman.org>> wrote:

?Mark,

ARIN rules require every IP space holder to publish accurate — and effective — Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I pointed out, and as you can test for yourself. Your expectation that the DOD will “generally comply with all of the expected norms” is sorely naive, and already disproven.

As far as “why does anyone on the Internet need to publish to your arbitrary standards”, you seem to forget that in the U.S., the government is accountable to the People. Where a private company may not have to explain its purposes, the government most certainly does in the private sector. With these IP spaces being thrust into the civilian realm, yes, they owe the citizenry an explanation of their actions, just as they would if they had started mounting missile launchers on highway overpasses. It’s a direct militarization of a civilian utility.

Keep in mind that the U.S. Government — under all administrations — has shown that it will abuse every technical advantage it can, as long as it can do so in secret. Perhaps you’ve forgotten James Clapper, the former director of national intelligence, who falsely testified to Congress that the government does “not wittingly” collect the telephone records of millions of Americans. And he was just the tip of the iceberg. Before Clapper under Obama there was the Bush administration’s Stellar Wind" warrantless surveillance program. The list of government abuse of civilian resources is colossal .

Fighting against that isn’t political. It’s patriotic.

-mel

On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak@blakjak.net<mailto:blakjak@blakjak.net>> wrote:

?
On 25/04/2021 3:24 am, Mel Beckman wrote:
This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.

-mel


Why does anyone on the Internet need to publish to your arbitrary standards, what they intend to do with their IP address ranges?

Failure to advertise the IP address space to the Internet (until now, perhaps) doesn't make the address space any less legitimate, and though I'd expect the DoD to generally comply with all of the expected norms around BGP arrangements and published whois details, at the end of the day, they can nominate who should originate it from their AS and as long as we can see who owns it.... it's just not our business.

Any organisation who's used DoD space in a way that's likely to conflict with, well, the DoD, gambled and lost.

Mark.

So you are claiming that ARIN has jurisdiction over DoD IP space?

Sent from my iPhone

> On Apr 25, 2021, at 9:13 AM, John Curran <jcurran@arin.net> wrote:
>
> ? Sronan -
>
> I’d suggest asking rather than making assertions when it comes to ARIN, as this will avoid propagating existing misinformation in the community.
>
> Many US government agencies, including the US Department of Defense, have signed registration services agreements with ARIN.
>
> From https://account.arin.net/public/member-list -
>
> United States Department of Defense (DoD) USDDD
>
> Thanks!
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
>>> On 25 Apr 2021, at 8:54 AM, sronan@ronan-online.com wrote:
>>>
>>> Except these DoD blocks don’t fall under ARIM justification, as they predate ARIN. It is very likely that the DoD has never and will never sign any sort of ARIN agreement.
>>>
>>> Sent from my iPhone
>>>
>>> On Apr 25, 2021, at 3:40 AM, Mel Beckman <mel@beckman.org> wrote:
>>>
>>> ?Mark,
>>>
>>> ARIN rules require every IP space holder to publish accurate — and effective — Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I pointed out, and as you can test for yourself. Your expectation that the DOD will “generally comply with all of the expected norms” is sorely naive, and already disproven.
>>>
>>> As far as “why does anyone on the Internet need to publish to your arbitrary standards”, you seem to forget that in the U.S., the government is accountable to the People. Where a private company may not have to explain its purposes, the government most certainly does in the private sector. With these IP spaces being thrust into the civilian realm, yes, they owe the citizenry an explanation of their actions, just as they would if they had started mounting missile launchers on highway overpasses. It’s a direct militarization of a civilian utility.
>>>
>>> Keep in mind that the U.S. Government — under all administrations — has shown that it will abuse every technical advantage it can, as long as it can do so in secret. Perhaps you’ve forgotten James Clapper, the former director of national intelligence, who falsely testified to Congress that the government does “not wittingly” collect the telephone records of millions of Americans. And he was just the tip of the iceberg. Before Clapper under Obama there was the Bush administration’s Stellar Wind" warrantless surveillance program. The list of government abuse of civilian resources is colossal .
>>>
>>> Fighting against that isn’t political. It’s patriotic.
>>>
>>> -mel
>>>
>>>> On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak@blakjak.net> wrote:
>>>>
>>>> ?
>>>>>> On 25/04/2021 3:24 am, Mel Beckman wrote:
>>>>> This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.
>>>>>
>>>>> -mel
>>>>>
>>>>
>>>> Why does anyone on the Internet need to publish to your arbitrary standards, what they intend to do with their IP address ranges?
>>>>
>>>> Failure to advertise the IP address space to the Internet (until now, perhaps) doesn't make the address space any less legitimate, and though I'd expect the DoD to generally comply with all of the expected norms around BGP arrangements and published whois details, at the end of the day, they can nominate who should originate it from their AS and as long as we can see who owns it.... it's just not our business.
>>>>
>>>> Any organisation who's used DoD space in a way that's likely to conflict with, well, the DoD, gambled and lost.
>>>>
>>>> Mark.
>>>>
>

Sronan -

For avoidance of doubt (and to save folks some digging), I will observe that the number resources associated with the U.S. DoD handle I referenced do not include DoD’s legacy IPv4 number resource holdings. However, there are indeed are registration agreements with the US DoD that pertain to the DoD’s legacy IPv4 number resource holdings, and this may be readily confirmed by reviewing the CBO assessment report for the “NATIONAL DEFENSE AUTHORIZATION ACT FOR FISCAL YEAR 2020” (which in its early form envisioned potential monetization of select DoD IPv4 number resources) -

From the CBO assessment <https://www.govinfo.gov/content/pkg/CRPT-116hrpt120/html/CRPT-116hrpt120-pt2.htm>

To estimate the potential receipts from the sale of IP
addresses, CBO examined the security risks and market factors
that would affect the number of addresses and the price for
those addresses that could be sold within the ten-year budget
window. CBO expects that DoD would not be prepared to sell any
addresses before 2022 for several reasons. First, over the next
two years DoD plans to study the cybersecurity requirements and
procedures that will support the department's transition of
IPv4 addresses to the next generation of IPv6 addresses.
Second, the agency would then have to update its internal
network operations in order to mitigate the security risks of
transferring DoD IP addresses to nonfederal entities.\5\ Third,
DoD would have to amend its existing agreement with the
American Registry for Internet Numbers (ARIN), which requires
DoD to release unneeded IP addresses to ARIN for
redistribution.

ARIN has no particular view on the merits/issues of US DoD disposition of its rights to IPv4 blocks (and this provision was omitted from the NDAA in its final form), but we did indicate to the DoD that ARIN polices for IPv4 address blocks have indeed changed, and that their agreement with ARIN does not preclude disposition of rights to IPv4 address blocks now that the ARIN community has established transfer policies allowing same.

(ARIN applies the community-developed policies to all number resources in the ARIN registry, and this includes blocks issued by predecessor operators of the registry.)

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers


On 25 Apr 2021, at 9:13 AM, John Curran <jcurran@arin.net<mailto:jcurran@arin.net>> wrote:

Sronan -

I’d suggest asking rather than making assertions when it comes to ARIN, as this will avoid propagating existing misinformation in the community.

Many US government agencies, including the US Department of Defense, have signed registration services agreements with ARIN.

From https://account.arin.net/public/member-list -

United States Department of Defense (DoD)

USDDD<https://search.arin.net/rdap?query=USDDD&searchFilter=entity>

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

On 25 Apr 2021, at 8:54 AM, sronan@ronan-online.com<mailto:sronan@ronan-online.com> wrote:

Except these DoD blocks don’t fall under ARIM justification, as they predate ARIN. It is very likely that the DoD has never and will never sign any sort of ARIN agreement.

Sent from my iPhone

On Apr 25, 2021, at 3:40 AM, Mel Beckman <mel@beckman.org<mailto:mel@beckman.org>> wrote:

?Mark,

ARIN rules require every IP space holder to publish accurate — and effective — Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I pointed out, and as you can test for yourself. Your expectation that the DOD will “generally comply with all of the expected norms” is sorely naive, and already disproven.

As far as “why does anyone on the Internet need to publish to your arbitrary standards”, you seem to forget that in the U.S., the government is accountable to the People. Where a private company may not have to explain its purposes, the government most certainly does in the private sector. With these IP spaces being thrust into the civilian realm, yes, they owe the citizenry an explanation of their actions, just as they would if they had started mounting missile launchers on highway overpasses. It’s a direct militarization of a civilian utility.

Keep in mind that the U.S. Government — under all administrations — has shown that it will abuse every technical advantage it can, as long as it can do so in secret. Perhaps you’ve forgotten James Clapper, the former director of national intelligence, who falsely testified to Congress that the government does “not wittingly” collect the telephone records of millions of Americans. And he was just the tip of the iceberg. Before Clapper under Obama there was the Bush administration’s Stellar Wind" warrantless surveillance program. The list of government abuse of civilian resources is colossal .

Fighting against that isn’t political. It’s patriotic.

-mel

On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak@blakjak.net<mailto:blakjak@blakjak.net>> wrote:

?
On 25/04/2021 3:24 am, Mel Beckman wrote:
This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.

-mel


Why does anyone on the Internet need to publish to your arbitrary standards, what they intend to do with their IP address ranges?

Failure to advertise the IP address space to the Internet (until now, perhaps) doesn't make the address space any less legitimate, and though I'd expect the DoD to generally comply with all of the expected norms around BGP arrangements and published whois details, at the end of the day, they can nominate who should originate it from their AS and as long as we can see who owns it.... it's just not our business.

Any organisation who's used DoD space in a way that's likely to conflict with, well, the DoD, gambled and lost.

Mark.

On Sat, Apr 24, 2021 at 11:27 AM Mel Beckman <mel@beckman.org> wrote:

> This doesn’t sound good, no matter how you slice it. The lack of
> transparency with a civilian resource is troubling at a minimum. I’m going
> to bogon this space as a defensive measure, until its real — and detailed —
> purpose can be known. The secret places of our government have proven
> themselves untrustworthy in the protection of citizens’ data and networks.
> They tend to think they know “what’s good for” us.
>
> -mel
>
>

If you apply that ideology to 0/0 you're not going to have much of an
Internet beyond cat pics.

Wish i was in the room when they turned it on. I hope they make a tiktok of
the expressions of everyone looking at the first data. [ joke ]

Warm regards,

-M<


> On Apr 24, 2021, at 8:05 AM, John Curran <jcurran@arin.net> wrote:
>
> ?
> As noted -
> https://www.washingtonpost.com/technology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G
>
> FYI,
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
> On Jan 20, 2021, at 8:35 AM, John Curran <jcurran@istaff.org> wrote:
>
> ?
> Tom –
>
> Most definitely: lack of routing history is not at all a reliable
> indicator of the potential for valid routing of a given IPv4 block in the
> future, so best practice suggest that allocated address space should not be
> blocked by others without specific cause.
>
> Doing otherwise opens one up to unexpected surprises when issued space
> suddenly becomes more active in routing and is yet is inexplicably
> unreachable for some destinations.
>
> /John
>
> On Nov 5, 2019, at 10:38 AM, Tom Beecher <beecher@beecher.cc> wrote:
>
>
> Using the generally accepted definition of a bogon ( RFC 1918 / 5735 /
> 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and
> shouldn't be treated as one.
>
> The DoD does not announce it to the DFZ, as is their choice, but nothing
> says they may not change that position tomorrow. There are plenty of
> subnets out there that are properly allocated by an RiR, but the assignees
> do not send them to the DFZ because of $reasons.
>
> In my opinion, creating bogon lists that include allocated but not
> advertised prefixes is poor practice that is likely to end up biting an
> operator at one point or another.
>
> On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov <ximaera@gmail.com>
> wrote:
>
>> Peace,
>>
>> On Tue, Nov 5, 2019, 4:55 PM David Conrad <drc@virtualized.org> wrote:
>> > On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG <nanog@nanog.org>
>> wrote:
>> >> This thread got me to wondering, is there any
>> >> legitimate reason to see 22/8 on the public
>> >> Internet? Or would it be okay to treat 22/8
>> >> like a Bogon and drop it at the network edge?
>> >
>> > Given the transfer market for IPv4 addresses,
>> > the spot price for IPv4 addresses, and the need
>> > of even governments to find “free” (as in
>> > unconstrained) money, I’d think treating any
>> > legacy /8 as a bogon would not be prudent.
>>
>> It has been said before in this thread that the DoD actively uses this
>> network internally. I believe if the DoD were to cut costs, they
>> would be able to do it much more effectively in many other areas, and
>> their IPv4 networks would be about the last thing they would think of
>> (along with switching off ACs Bernard Ebbers-style). With that in
>> mind, treating the DoD networks as bogons now makes total sense to me.
>>
>> --
>> Töma
>>
>

john,

my altzheimer's device tells me that some years back there was a
documented written agreement between arin and the dod along the lines of
dod getting a large swath of ipv6 space[0] in exchange for agreeing to
return[1] or otherwise put into public use a half dozen ipv4 /8s.

could you refresh my memory, e.g. with the document, please? thanks.

randy

--

[0] which they are still trying to figure out how to use; bit isn't half
the internet in a similar pinch. :)

[1] since the dod probably did not get the space from arin, 'return' is
probably not a good term.


---
randy@psg.com
`gpg --locate-external-keys --auto-key-locate wkd randy@psg.com`
signatures are back, thanks to dmarc header butchery

On 4/25/21 12:32 PM, Randy Bush wrote:
> john,
>
> my altzheimer's device tells me that some years back there was a
> documented written agreement between arin and the dod along the lines of
> dod getting a large swath of ipv6 space[0] in exchange for agreeing to
> return[1] or otherwise put into public use a half dozen ipv4 /8s.
>
> could you refresh my memory, e.g. with the document, please? thanks.
>
> randy
>
> --
>
> [0] which they are still trying to figure out how to use; bit isn't half
> the internet in a similar pinch. :)
>
> [1] since the dod probably did not get the space from arin, 'return' is
> probably not a good term.

The footnote (11) on page 7 of https://www.gao.gov/assets/gao-20-402.pdf
seems to be most relevant ..

"We are not aware of any statutory requirements that directly address
the ability of a government agency to transfer or sell IP addresses to a
third party, but DOD would face legal and policy constraints to any
potential sale or transfer of the addresses to a third party outside of
the government. Among other things, this is because DOD entered into an
agreement with the American Registry for Internet Numbers. Specifically,
this agreement states the department must return unused addresses to the
registry."

imb

Randy -

We don’t generally speak about specific customers – but I do acknowledge this is a bit of an unusual case...

There was no exchange at all, but rather the US DoD wanted to make sure that (if at some
point in the future) they had excess IPv4 resources that the DoD retained the ability to reutilize such elsewhere within the US Government rather than returning them to ARIN.

(You have to remember this was a point in time when many organizations were retuned unused IPv4 blocks in order to help with IPv4 longevity...)

ARIN provided them clarity in that regard (as requiring return when other departments had need for IPv4 number resources was never the intent), and that has since been completely preempted by the adoption of transfer policies by the ARIN community.

Thanks,
/John

John Curran
President and CEO
American Registry for Internet Numbers

> On Apr 25, 2021, at 12:32 PM, Randy Bush <randy@psg.com> wrote:
>
> ?john,
>
> my altzheimer's device tells me that some years back there was a
> documented written agreement between arin and the dod along the lines of
> dod getting a large swath of ipv6 space[0] in exchange for agreeing to
> return[1] or otherwise put into public use a half dozen ipv4 /8s.
>
> could you refresh my memory, e.g. with the document, please? thanks.
>
> randy
>
> --
>
> [0] which they are still trying to figure out how to use; bit isn't half
> the internet in a similar pinch. :)
>
> [1] since the dod probably did not get the space from arin, 'return' is
> probably not a good term.
>
>
> ---
> randy@psg.com
> `gpg --locate-external-keys --auto-key-locate wkd randy@psg.com`
> signatures are back, thanks to dmarc header butchery
>

----- On Apr 25, 2021, at 2:24 AM, Bill Woodcock woody@pch.net wrote:

Hi,

> I think I’d characterize it, rather, as a possible privatization of public
> property.

This comment sparked my curiosity. Does ARIN consider IP space to be property?

One could argue both ways:

1. Whomever "owns" a netblock simply owns the right to use and advertise it as long
as it's being used for the purposes under which it was assigned by a number registry.
This would be similar to "apartment rights" in a condominium complex.

OR;

2. IP space comes with property rights such as selling and leasing as one wishes. But,
that would also imply that IP space can be stolen.

I'd be curious to hear what ARIN's position is on this.

Thanks,

Sabri

Sronan -

I made no claims other than pointing out that IP address blocks in the ARIN registry are subject to ARIN policies.

ARIN was formed specifically so that the Internet community could engage in self-regulation for IP number resources; to wit: "Creation of ARIN will give the users of IP numbers (mostly Internet service providers, corporations and other large institutions) a voice in the policies by which they are managed and allocated within the North American region” [1] – thus ARIN's policies for management of the registry apply to all resources in the registry because that was inherent to the purpose to which ARIN was formed.

This includes having ARIN "assume full responsibility for Internet Protocol (IP) number assignments and related administrative tasks previously handled by NSI.”, whereby ARIN formally became the successor registry operator for organizational assignments in a long chain that includes USC/ISI, SRI, GSI, and NSI.

The community wanted self-governance, and that’s exactly what it got… the result is a fairly important reason to participate in ARIN policy development and/or governance if you feel strongly about these matters.

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

[1] https://www.nsf.gov/news/news_summ.jsp?cntn_id=102819 - "Internet Moves Toward Privatization / IP numbers handled by non-profit”


On Apr 25, 2021, at 11:38 AM, sronan@ronan-online.com<mailto:sronan@ronan-online.com> wrote:

? So you are claiming that ARIN has jurisdiction over DoD IP space?

Sent from my iPhone

On Apr 25, 2021, at 9:13 AM, John Curran <jcurran@arin.net<mailto:jcurran@arin.net>> wrote:

? Sronan -

I’d suggest asking rather than making assertions when it comes to ARIN, as this will avoid propagating existing misinformation in the community.

Many US government agencies, including the US Department of Defense, have signed registration services agreements with ARIN.

From https://account.arin.net/public/member-list -

United States Department of Defense (DoD)

USDDD<https://search.arin.net/rdap?query=USDDD&searchFilter=entity>

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

On 25 Apr 2021, at 8:54 AM, sronan@ronan-online.com<mailto:sronan@ronan-online.com> wrote:

Except these DoD blocks don’t fall under ARIM justification, as they predate ARIN. It is very likely that the DoD has never and will never sign any sort of ARIN agreement.

Sent from my iPhone

On Apr 25, 2021, at 3:40 AM, Mel Beckman <mel@beckman.org<mailto:mel@beckman.org>> wrote:

?Mark,

ARIN rules require every IP space holder to publish accurate — and effective — Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I pointed out, and as you can test for yourself. Your expectation that the DOD will “generally comply with all of the expected norms” is sorely naive, and already disproven.

As far as “why does anyone on the Internet need to publish to your arbitrary standards”, you seem to forget that in the U.S., the government is accountable to the People. Where a private company may not have to explain its purposes, the government most certainly does in the private sector. With these IP spaces being thrust into the civilian realm, yes, they owe the citizenry an explanation of their actions, just as they would if they had started mounting missile launchers on highway overpasses. It’s a direct militarization of a civilian utility.

Keep in mind that the U.S. Government — under all administrations — has shown that it will abuse every technical advantage it can, as long as it can do so in secret. Perhaps you’ve forgotten James Clapper, the former director of national intelligence, who falsely testified to Congress that the government does “not wittingly” collect the telephone records of millions of Americans. And he was just the tip of the iceberg. Before Clapper under Obama there was the Bush administration’s Stellar Wind" warrantless surveillance program. The list of government abuse of civilian resources is colossal .

Fighting against that isn’t political. It’s patriotic.

-mel

On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak@blakjak.net<mailto:blakjak@blakjak.net>> wrote:

?
On 25/04/2021 3:24 am, Mel Beckman wrote:
This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.

-mel


Why does anyone on the Internet need to publish to your arbitrary standards, what they intend to do with their IP address ranges?

Failure to advertise the IP address space to the Internet (until now, perhaps) doesn't make the address space any less legitimate, and though I'd expect the DoD to generally comply with all of the expected norms around BGP arrangements and published whois details, at the end of the day, they can nominate who should originate it from their AS and as long as we can see who owns it.... it's just not our business.

Any organisation who's used DoD space in a way that's likely to conflict with, well, the DoD, gambled and lost.

Mark.

In the positive side of things, guess we will see IPv6 usage.

Joe Klein

On Sun, Apr 25, 2021, 6:11 PM John Curran <jcurran@arin.net> wrote:

> Sronan -
>
> I made no claims other than pointing out that IP address blocks in the
> ARIN registry are subject to ARIN policies.
>
> ARIN was formed specifically so that the Internet community could engage
> in self-regulation for IP number resources; to wit: "Creation of ARIN will
> give the users of IP numbers (mostly Internet service providers,
> corporations and other large institutions) a voice in the policies by which
> they are managed and allocated within the North American region” [1] – thus
> ARIN's policies for management of the registry apply to all resources in
> the registry because that was inherent to the purpose to which ARIN was
> formed.
>
> This includes having ARIN "assume full responsibility for Internet
> Protocol (IP) number assignments and related administrative tasks
> previously handled by NSI.”, whereby ARIN formally became the successor
> registry operator for organizational assignments in a long chain that
> includes USC/ISI, SRI, GSI, and NSI.
>
> The community wanted self-governance, and that’s exactly what it got… the
> result is a fairly important reason to participate in ARIN policy
> development and/or governance if you feel strongly about these matters.
>
> Thanks!
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
> [1] https://www.nsf.gov/news/news_summ.jsp?cntn_id=102819 - "Internet
> Moves Toward Privatization / IP numbers handled by non-profit”
>
>
> On Apr 25, 2021, at 11:38 AM, sronan@ronan-online.com wrote:
>
> ? So you are claiming that ARIN has jurisdiction over DoD IP space?
>
> Sent from my iPhone
>
> On Apr 25, 2021, at 9:13 AM, John Curran <jcurran@arin.net> wrote:
>
> ? Sronan -
>
> I’d suggest asking rather than making assertions when it comes to ARIN, as
> this will avoid propagating existing misinformation in the community.
>
> Many US government agencies, including the US Department of Defense, have
> signed registration services agreements with ARIN.
>
> From https://account.arin.net/public/member-list -
>
> United States Department of Defense (DoD)
>
> USDDD <https://search.arin.net/rdap?query=USDDD&searchFilter=entity>
>
>
> Thanks!
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
> On 25 Apr 2021, at 8:54 AM, sronan@ronan-online.com wrote:
>
> Except these DoD blocks don’t fall under ARIM justification, as they
> predate ARIN. It is very likely that the DoD has never and will never sign
> any sort of ARIN agreement.
>
> Sent from my iPhone
>
> On Apr 25, 2021, at 3:40 AM, Mel Beckman <mel@beckman.org> wrote:
>
> ?Mark,
>
> ARIN rules require every IP space holder to publish accurate — and
> effective — Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I
> pointed out, and as you can test for yourself. Your expectation that the
> DOD will “generally comply with all of the expected norms” is sorely naive,
> and already disproven.
>
> As far as “why does anyone on the Internet need to publish to your
> arbitrary standards”, you seem to forget that in the U.S., the government
> is accountable to the People. Where a private company may not have to
> explain its purposes, the government most certainly does in the private
> sector. With these IP spaces being thrust into the civilian realm, yes,
> they owe the citizenry an explanation of their actions, just as they would
> if they had started mounting missile launchers on highway overpasses. It’s
> a direct militarization of a civilian utility.
>
> Keep in mind that the U.S. Government — under all administrations — has
> shown that it will abuse every technical advantage it can, as long as it
> can do so in secret. Perhaps you’ve forgotten James Clapper, the former
> director of national intelligence, who falsely testified to Congress that
> the government does “not wittingly” collect the telephone records of
> millions of Americans. And he was just the tip of the iceberg. Before
> Clapper under Obama there was the Bush administration’s Stellar Wind"
> warrantless surveillance program. The list of government abuse of civilian
> resources is colossal .
>
> Fighting against that isn’t political. It’s patriotic.
>
> -mel
>
> On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak@blakjak.net> wrote:
>
> ?
>
> On 25/04/2021 3:24 am, Mel Beckman wrote:
>
> This doesn’t sound good, no matter how you slice it. The lack of
> transparency with a civilian resource is troubling at a minimum. I’m going
> to bogon this space as a defensive measure, until its real — and detailed —
> purpose can be known. The secret places of our government have proven
> themselves untrustworthy in the protection of citizens’ data and networks.
> They tend to think they know “what’s good for” us.
>
> -mel
>
>
> Why does anyone on the Internet need to publish to your arbitrary
> standards, what they intend to do with their IP address ranges?
>
> Failure to advertise the IP address space to the Internet (until now,
> perhaps) doesn't make the address space any less legitimate, and though I'd
> expect the DoD to generally comply with all of the expected norms around
> BGP arrangements and published whois details, at the end of the day, they
> can nominate who should originate it from their AS and as long as we can
> see who owns it.... it's just not our business.
>
> Any organisation who's used DoD space in a way that's likely to conflict
> with, well, the DoD, gambled and lost.
>
> Mark.
>
>
>

On 25 Apr 2021, at 4:59 PM, Sabri Berisha <sabri@cluecentral.net<mailto:sabri@cluecentral.net>> wrote:

----- On Apr 25, 2021, at 2:24 AM, Bill Woodcock woody@pch.net<mailto:woody@pch.net> wrote:

Hi,

I think I’d characterize it, rather, as a possible privatization of public
property.

This comment sparked my curiosity. Does ARIN consider IP space to be property?

One could argue both ways:

1. Whomever "owns" a netblock simply owns the right to use and advertise it as long
as it's being used for the purposes under which it was assigned by a number registry.
This would be similar to "apartment rights" in a condominium complex.

OR;

2. IP space comes with property rights such as selling and leasing as one wishes. But,
that would also imply that IP space can be stolen.

I'd be curious to hear what ARIN's position is on this.

Sabri -

ARIN’s position can be clearly found in section 2 of the Registration Services Agreement <https://www.arin.net/about/corporate/agreements/rsa.pdf> -

– When parties are issued IP address blocks, they are given a limited bundle of contractual rights to an entry in the registry database.
– These rights include the exclusive right to be associated with a specific entry, the exclusive right to administer that entry in the ARIN registry database, and exclusive right of transfer this bundle of rights in accordance with adopted policy.

Two things: a) None of this pertains to a right to announce or route an IP address block – ISPs each control their own routing and often care about who holds rights to a block in the registry, but that does not equate to issuing a “right to route.” b) You’ll probably want to discuss with legal counsel for more specifics of the nuances between contractual rights versus property rights, particularly when if comes to intangible rights, enforceability against specific parties versus the world, etc.

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

On Sun, Apr 25, 2021 at 08:29:51AM -0400,
Jean St-Laurent via NANOG <nanog@nanog.org> wrote
a message of 38 lines which said:

> Let's see what will slowly appear in shodan.io and shadowserver.org

My favorite (but remember it can be a gigantic honeypot) is the
Ubiquiti router with the name
"HACKED-ROUTER-HELP-SOS-HAD-DUPE-PASSWORD" :-)

>
> As long as that IP space was isolated to the .mil network, it was private
> space, as far as the Internet was concerned.
>

The DoD allocation of 11/8 predates the concept of 'private network space'.

11/8 was first assigned to the DoD in RFC 943 in April of 1985. The concept
of IPv4 space for private networks was first defined in RFC 1597, March
1994. (Which eventually would become RFC1918. )

The fact that certain parties decided on their own that space not present
in the global routing table was 'fair game' or 'private' doesn't make them
correct, it simply makes them ill informed.

On Sat, Apr 24, 2021 at 7:18 PM Mel Beckman <mel@beckman.org> wrote:

> Bill,
>
> It’s the INTERNET that is civilian, not the IP space. As long as that IP
> space was isolated to the .mil network, it was private space, as far as the
> Internet was concerned. Now DoD has moved it into the civilian Internet,
> and I treat them as potentially malicious as I do any other organization
> that lies, cheats, and steals the public trust.
>
> -mel
>
> > On Apr 24, 2021, at 3:45 PM, William Herrin <bill@herrin.us> wrote:
> >
> > On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org> wrote:
> >> This doesn’t sound good, no matter how you slice it. The lack of
> >> transparency with a civilian resource is troubling at a minimum.
> >
> > You do understand that the addresses in question are not and have
> > never been "civilian." They came into DoD's possession when this was
> > all still a military project funded by what's now DARPA.
> >
> > Personally, I think we may have an all time record for the largest
> > honeypot ever constructed. I'd love to be a fly on that wall.
> >
> > Regards,
> > Bill Herrin
> >
> >
> >
> > --
> > William Herrin
> > bill@herrin.us
> > https://bill.herrin.us/
>
>

>
> Wish i was in the room when they turned it on. I hope they make a tiktok
> of the expressions of everyone looking at the first data. [ joke ]
>

That would have been fascinating to see. (The technical bits, maybe not so
much the Tik Tok.)

Some chat threads with industry friends over the years in the last few
months on this topic has been frustrating but enlightening. Many
conversations about 'someone hijacking space' which eventually leads to
finding out they were using this DoD space in ways that the presence of
these announcements in the DFZ breaks things. I'm running out of "just
because you can doesn't mean you should' memes to reply with.

On Sun, Apr 25, 2021 at 12:21 PM Martin Hannigan <hannigan@gmail.com> wrote:

>
> On Sat, Apr 24, 2021 at 11:27 AM Mel Beckman <mel@beckman.org> wrote:
>
>> This doesn’t sound good, no matter how you slice it. The lack of
>> transparency with a civilian resource is troubling at a minimum. I’m going
>> to bogon this space as a defensive measure, until its real — and detailed —
>> purpose can be known. The secret places of our government have proven
>> themselves untrustworthy in the protection of citizens’ data and networks.
>> They tend to think they know “what’s good for” us.
>>
>> -mel
>>
>>
>
> If you apply that ideology to 0/0 you're not going to have much of an
> Internet beyond cat pics.
>
> Wish i was in the room when they turned it on. I hope they make a tiktok
> of the expressions of everyone looking at the first data. [ joke ]
>
> Warm regards,
>
> -M<
>
>
>> On Apr 24, 2021, at 8:05 AM, John Curran <jcurran@arin.net> wrote:
>>
>> ?
>> As noted -
>> https://www.washingtonpost.com/technology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G
>>
>> FYI,
>> /John
>>
>> John Curran
>> President and CEO
>> American Registry for Internet Numbers
>>
>> On Jan 20, 2021, at 8:35 AM, John Curran <jcurran@istaff.org> wrote:
>>
>> ?
>> Tom –
>>
>> Most definitely: lack of routing history is not at all a reliable
>> indicator of the potential for valid routing of a given IPv4 block in the
>> future, so best practice suggest that allocated address space should not be
>> blocked by others without specific cause.
>>
>> Doing otherwise opens one up to unexpected surprises when issued space
>> suddenly becomes more active in routing and is yet is inexplicably
>> unreachable for some destinations.
>>
>> /John
>>
>> On Nov 5, 2019, at 10:38 AM, Tom Beecher <beecher@beecher.cc> wrote:
>>
>>
>> Using the generally accepted definition of a bogon ( RFC 1918 / 5735 /
>> 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and
>> shouldn't be treated as one.
>>
>> The DoD does not announce it to the DFZ, as is their choice, but nothing
>> says they may not change that position tomorrow. There are plenty of
>> subnets out there that are properly allocated by an RiR, but the assignees
>> do not send them to the DFZ because of $reasons.
>>
>> In my opinion, creating bogon lists that include allocated but not
>> advertised prefixes is poor practice that is likely to end up biting an
>> operator at one point or another.
>>
>> On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov <ximaera@gmail.com>
>> wrote:
>>
>>> Peace,
>>>
>>> On Tue, Nov 5, 2019, 4:55 PM David Conrad <drc@virtualized.org> wrote:
>>> > On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG <nanog@nanog.org>
>>> wrote:
>>> >> This thread got me to wondering, is there any
>>> >> legitimate reason to see 22/8 on the public
>>> >> Internet? Or would it be okay to treat 22/8
>>> >> like a Bogon and drop it at the network edge?
>>> >
>>> > Given the transfer market for IPv4 addresses,
>>> > the spot price for IPv4 addresses, and the need
>>> > of even governments to find “free” (as in
>>> > unconstrained) money, I’d think treating any
>>> > legacy /8 as a bogon would not be prudent.
>>>
>>> It has been said before in this thread that the DoD actively uses this
>>> network internally. I believe if the DoD were to cut costs, they
>>> would be able to do it much more effectively in many other areas, and
>>> their IPv4 networks would be about the last thing they would think of
>>> (along with switching off ACs Bernard Ebbers-style). With that in
>>> mind, treating the DoD networks as bogons now makes total sense to me.
>>>
>>> --
>>> Töma
>>>
>>

On Mon, Apr 26, 2021 at 6:36 AM Tom Beecher <beecher@beecher.cc> wrote:

> As long as that IP space was isolated to the .mil network, it was private
>> space, as far as the Internet was concerned.
>>
>
> The DoD allocation of 11/8 predates the concept of 'private network space'.
>
> 11/8 was first assigned to the DoD in RFC 943 in April of 1985. The
> concept of IPv4 space for private networks was first defined in RFC 1597,
> March 1994. (Which eventually would become RFC1918. )
>
> The fact that certain parties decided on their own that space not present
> in the global routing table was 'fair game' or 'private' doesn't make them
> correct, it simply makes them ill informed.
>

My reading of this thread is that the space is now permanently bogon’d for
some honeypot. so yeah, it is fair game. Enjoy the public goods all !


> On Sat, Apr 24, 2021 at 7:18 PM Mel Beckman <mel@beckman.org> wrote:
>
>> Bill,
>>
>> It’s the INTERNET that is civilian, not the IP space. As long as that IP
>> space was isolated to the .mil network, it was private space, as far as the
>> Internet was concerned. Now DoD has moved it into the civilian Internet,
>> and I treat them as potentially malicious as I do any other organization
>> that lies, cheats, and steals the public trust.
>>
>> -mel
>>
>> > On Apr 24, 2021, at 3:45 PM, William Herrin <bill@herrin.us> wrote:
>> >
>> > On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org> wrote:
>> >> This doesn’t sound good, no matter how you slice it. The lack of
>> >> transparency with a civilian resource is troubling at a minimum.
>> >
>> > You do understand that the addresses in question are not and have
>> > never been "civilian." They came into DoD's possession when this was
>> > all still a military project funded by what's now DARPA.
>> >
>> > Personally, I think we may have an all time record for the largest
>> > honeypot ever constructed. I'd love to be a fly on that wall.
>> >
>> > Regards,
>> > Bill Herrin
>> >
>> >
>> >
>> > --
>> > William Herrin
>> > bill@herrin.us
>> > https://bill.herrin.us/
>>
>>

On 26 Apr 2021, at 9:59 AM, Ca By <cb.list6@gmail.com> wrote:
>
> ...
> The fact that certain parties decided on their own that space not present in the global routing table was 'fair game' or 'private' doesn't make them correct, it simply makes them ill informed.
>
> My reading of this thread is that the space is now permanently bogon’d for some honeypot. so yeah, it is fair game. Enjoy the public goods all !

<chuckle>

While each network operator is free to make their own decisions on how they configure their routers, I’d personally suggest that folks think twice before considering another parties IP address blocks to be available for private use. Just as no one expected to ever see many of these networks be publicly announced, it would not surprise me in the least to see production applications on these blocks at some point in the near future…

/John

> On Apr 24, 2021, at 16:34 , Jason Biel <jason@biel-tech.com> wrote:
>
> The internet that is subsidized by that same Government….

Uh, s/is/was/

There’s really no subsidy any more.

Owen