Summary
- IPv4 scarcity has made transfer records economically consequential. The IANA free pool depleted in 2011, regional transfer channels expanded, and market actors now rely on registry recognition when buying, leasing, financing or restructuring address holdings.
- A neutral registrar is not a weak registrar. It applies clear eligibility and documentary rules, verifies identity and authority, prevents duplicate or unauthorised changes, timestamps decisions, preserves history, secures credentials, explains refusals and offers review. It does not invent transaction-specific policy after the parties commit capital.
- Securities transfer agents, secured-transactions filing offices and land registries are not direct models for Internet numbers. They nevertheless reveal a common institutional division: the record keeper protects the integrity of the register while legislatures, courts, issuers, regulators and contracting parties determine broader substantive rights.
- The best comparator is "thin substance, thick operations." Narrow grounds for refusing a record should be paired with strong audit, fraud controls, continuity, privacy boundaries and accountability. Thinner governance does not mean automatic acceptance of false documents or abandonment of conservation rules that clearly govern a transaction.
- Current RIR policies already contain pieces of this architecture. RIPE policy defines eligible transfers and says completion updates the registration record; APNIC publishes transfer conditions; ARIN maintains policy, agreements, audit reports and a resource-request appeal process. The rules differ, so no single regional procedure should be presented as global law.
- Rising value should strengthen procedural rights because delay, inconsistency and unexplained refusal now destroy measurable options. Applicants need published criteria, a complete-file notice, bounded timelines, written reasons, correction opportunities, conflict controls and independent review.
- Number Resource Society's public call for accurate registration, holder control and reduced bureaucracy aligns with a neutral-recording agenda. Its charter and website remain advocacy, not proof that NRS is an authorised registrar, neutral adjudicator or independently validated alternative registry.
Scarcity made the database a settlement layer
On 3 February 2011, the Internet Assigned Numbers Authority's central IPv4 free pool reached depletion. The event did not make IPv4 disappear. It changed how additional capacity could be obtained. Instead of relying mainly on new allocations from expanding regional inventories, many operators increasingly had to conserve, share, lease, transfer or buy access to addresses already held by someone else.
That change elevated a quiet administrative fact: a private agreement is not enough if the recognised registration cannot move with it. A buyer can pay for a block, a lender can take security, a lessee can receive authority to use addresses and a corporate group can allocate resources internally. But counterparties still care whether the relevant Regional Internet Registry recognises the holder, whether RDAP data are accurate, whether reverse DNS and RPKI can be managed, and whether a later transfer can be processed.
The registry record therefore acts like part of settlement. It is not settlement in the legal sense used for every securities market, and an RIR is not a central securities depository. The analogy is functional: economic commitments made elsewhere depend on an authoritative administrative change being completed accurately and predictably.
As value rises, errors become more expensive. A misspelled organisation name can delay closing. A stale corporate record can obscure authority. Compromised credentials can support an unauthorised change. An unexplained refusal can strand financing. A policy amendment can alter the path to exit. Registry continuity becomes a credit and operating issue rather than clerical inconvenience.
One response is to give the registry more discretion. Staff might assess whether the buyer's business is desirable, whether the seller has used the space efficiently, whether the consideration is excessive, whether leasing should be favoured over sale, or whether an asserted public interest outweighs the published transfer rule. This can look prudent because the asset is scarce.
It is usually the wrong institutional response. The more value turns on recognition, the more dangerous unpublished or open-ended discretion becomes. A market cannot price a closing condition whose content changes with the reviewer. Conservation, sanctions, fraud prevention and technical integrity remain legitimate. They should appear as clear rules with defined evidence and remedies, not as an invitation to decide each transaction according to institutional instinct.
Thin does not mean weak
The word "thin" is easy to misunderstand. It does not mean that the registry accepts any submission, ignores false identity, publishes private documents, abandons security or loses the ability to correct records. It means the registrar's substantive judgment is confined to the mandate assigned to it.
A thin registrar can be operationally formidable. It can require authenticated accounts, corporate documents, officer approval and recipient acknowledgement. It can detect conflicting requests, apply waiting periods, validate payment and screen sanctions where law requires. It can maintain immutable event history, segregate duties, protect signing keys, audit staff access, publish service levels and recover from disaster. It can reject a transfer that fails an enumerated condition.
What it should not do is expand those conditions after the application arrives. It should not use a record update to regulate prices, select industrial winners, punish an unpopular but lawful network business, decide a tax dispute, adjudicate creditor priority or resolve ownership questions that belong to a court. It should not make the applicant prove a moral entitlement that the published rule does not require.
This is "thin substance, thick operations." The thinner part limits what the registrar may decide. The thicker part makes each permitted decision accurate, secure, consistent and reviewable.
The distinction also clarifies accountability. If the registration system fails because records can be altered without authority, stronger internal controls are needed. If a transfer is refused because a published eligibility condition is unmet, the applicant needs reasons and a correction or appeal route. If society wants to prohibit a class of transactions, that prohibition should emerge through the competent policy or legal institution, not through a hidden processing practice.
Neutrality is therefore not passivity. It is fidelity to declared rules across similarly situated applicants. The registrar can be strict precisely because the rules are knowable.
The Internet registry mandate is coordination first
RFC 7020 describes the Internet Numbers Registry System as a hierarchy involving IANA, RIRs, Local Internet Registries and users. Its goals include registration, uniqueness, conservation, aggregation, fairness and impartiality. It also recognises that the system evolves and that policies are developed in regional and global settings.
That framework does not reduce an RIR to a file server. Allocation and registration require judgment, particularly when scarce resources are first distributed or when policy places conditions on a transfer. The system protects global uniqueness and supports routing coordination. A registrar that records two incompatible holders for the same prefix would fail its core purpose.
But coordination goals do not create unlimited jurisdiction. Uniqueness asks whether the same resource has been delegated inconsistently. Registration asks whether records are accurate. Conservation can support defined eligibility and use rules. Aggregation concerns routing structure. Fairness and impartiality constrain how the institution applies them.
The original ICP-2 criteria for new RIRs make neutrality explicit. They require neutrality and impartiality in relation to interested parties, equal treatment of organisations receiving service, open membership and technical capability. They also require policies to be documented and publicly accessible.
The proposed successor governance work reinforces the direction but must be described accurately. The NRO says the August 2025 RIR Governance Document version 2 remains the current draft in the update process. It has not silently replaced the operative ICP-2 merely because consultation occurred. The draft's emphasis on neutral and consistent operation, transparency, reliable service and audit is useful evidence of current institutional expectations, not a final binding constitution.
The lesson for a capital market is direct. The RIR remains a network-coordination institution. Economic value does not convert it into a global property legislature. It makes faithful execution of its actual mandate more important.
Transfer policies already separate agreement from recognition
RIPE-807 provides a clear example. It says a legitimate resource holder may transfer qualifying resources, establishes restrictions, requires transfers to be reflected in the RIPE Database and states that the RIPE NCC will update registration records to complete the transfer. It publishes specified information about approved changes.
The private bargain and the registration event are related but distinct. The policy does not set the sale price. It does not promise that the transferred resource is property under every jurisdiction. It does not resolve the buyer's accounting treatment. It identifies when the registry will recognise a changed holder under the regional framework.
APNIC publishes transfer conditions covering recipient plans, membership, fees, certain holding periods and historical resources. Its operational page requires the source to initiate and the recipient to acknowledge a transfer in MyAPNIC. This is an authority chain: both sides participate, and the registry applies stated conditions.
ARIN's system has its own architecture. Its NRPM defines transfer paths and eligibility. Its agreements define the service relationship. The transfer process uses officer acknowledgement and due diligence. ARIN publishes Registration Services Department audit summaries that test sampled requests against policy and procedure, and its corporate documents include a resource-request appeal process.
These differences matter. A buyer cannot assume that a RIPE transfer can be copied into APNIC or ARIN without adjustment. Inter-RIR transfers require compatible policy on both sides. Legacy status, contractual relationships, waiting periods, needs tests and documentation vary.
The case for neutrality is not a case for one global form imposed by analogy. It is a case for each region to state its conditions precisely, apply them consistently, coordinate where necessary and avoid adding discretionary tests that the governing text does not contain.
Securities transfer agents show the value of role separation
The United States Securities and Exchange Commission describes transfer agents as organisations that record ownership changes, maintain issuer security-holder records, cancel and issue certificates and distribute payments. Because they stand between issuers and holders, prompt and accurate operations are critical to secondary trades. Rules address registration, recordkeeping, accurate files, safeguards and internal controls.
This is not a light regime. Transfer agents are regulated. They can be inspected. Many must submit annual reports, preserve records and obtain independent-accountant review of internal accounting controls. Accuracy, integrity and accessibility are treated as market infrastructure concerns.
Yet the transfer agent does not decide whether a company's shares are a good investment. It does not set the trade price. It does not rewrite corporate law for each transfer. It records ownership under the issuer's authority and applicable rules, while courts, regulators, exchanges, issuers and parties answer other questions.
The comparison supports thick operational accountability and narrow role definition. It does not prove that IPv4 is a security or that Exchange Act rules apply to an RIR. Internet numbers have different technical functions, governance history and legal character. RIRs also allocate new resources and coordinate routing-related services in ways a share registrar does not.
The useful institutional principle survives those differences: when a record is essential to market completion, the record keeper's accuracy and neutrality deserve stronger controls, not broader opinions about the merits of every transaction.
The SEC's recordkeeping rule offers another lesson. It focuses on records that are accurate, authentic and accessible, with controls capable of detecting alteration or removal. A neutral IPv4 registrar should meet an analogous objective for its own domain: preserve who requested what, under which authority, when staff acted, what changed and how the prior state can be reconstructed.
That event history is more valuable than a polished current row alone. Disputes often concern the path, not only the endpoint. A buyer, lender or court may need to know whether an update followed a merger, sale, temporary transfer, correction or restoration. The public display can remain concise while protected audit records retain the chain.
Notice registries show how limited refusal can work
Secured-transactions systems offer an even sharper analogy because many are designed around notice rather than substantive approval. Under Article 9 of the Uniform Commercial Code, a filing office accepts a financing statement that provides prescribed information and tender. Section 9-520 says the office may refuse only for reasons listed in Section 9-516, and it must communicate the fact and reason for refusal.
The filing office does not usually examine the underlying loan to decide whether the secured party truly has priority or whether the collateral description will prevail in litigation. Filing gives public notice; substantive validity depends on law and facts outside the filing office.
UNCITRAL's Guide on the Implementation of a Security Rights Registry develops the architecture for broader use. It recommends an efficient publicly accessible notice registry, limited grounds for rejection and prompt reasons. It explains that the registrar need not scrutinise the content of every notice or verify every underlying authorisation at registration, although the system should preserve the registrant's identity and provide remedies for unauthorised filings.
The World Bank's secured-transactions knowledge guide is unusually direct: registry duties should preserve record integrity without altering submitted information, refusal standards should be limited and objective, and the registrar should not receive authority to implement system features that change its operation beyond the legal framework.
Again, an IPv4 transfer is not a UCC financing statement. An RIR must prevent duplicate delegation and may need to validate a current holder before changing the authoritative record. Number resources can affect routing, reverse DNS and RPKI. A pure notice-only model would not be enough.
But the refusal principle is powerful. If the registrar rejects an IPv4 update, it should point to a published ground: missing identity evidence, lack of source authority, recipient ineligibility, transfer lock, unpaid required fee, incompatible inter-RIR policy, court order, sanction or another defined condition. "Not in the Internet's interest" is too open unless policy has translated that interest into a reviewable rule.
Limited refusal also reduces corruption risk. When staff can demand unspecified additional material or delay a high-value transaction without a deadline, access to the registrar gains private value. Objective checklists, complete-file notices, workload assignment and reviewable reasons make favouritism harder.
Land registration shows that a strong register can remain bounded
HM Land Registry says it registers ownership of land and property in England and Wales. It offers official copies that can be used as evidence and carries a government guarantee; people suffering loss because of certain register errors or omissions will normally be compensated. Applications concerning owners, mortgages, leases and rights are considered under law.
This is strong registration. It supports a large property and lending market because users can rely on the record and correction framework. The registrar is not neutral in the sense of ignoring law. It examines applications and can reject or alter them according to statutory rules.
It is neutral in a more relevant sense: the registration office does not ordinarily decide whether a buyer paid too much for a house, whether a lender should have financed it or whether one lawful land use is economically superior. Planning, tax, environmental regulation, contract disputes and fraud prosecution sit in other institutions.
IPv4 lacks the same statutory title system and state guarantee. An RIR agreement may expressly deny that registration constitutes property or ownership. There is no global indemnity fund for registry error. Land cannot be routed, subdivided by CIDR or authorised through RPKI. The analogy cannot establish property status.
It can still illuminate institutional design. A valuable market needs an authoritative record, documented priority, correction mechanisms and compensation or accountability for serious error. Those features do not require the registrar to become the regulator of every economic use.
The comparison also warns against slogans. Calling an RIR "only a bookkeeper" understates the technical and governance work needed to preserve a globally unique namespace. Calling it the ultimate owner overstates what a registration institution can decide across jurisdictions. A neutral registrar is neither a passive spreadsheet nor a universal sovereign.
What rising value should thicken
Identity controls should thicken first. High-value prefixes attract account takeover, forged officer letters, shell-company confusion and stale corporate identities. The registrar should verify legal existence, signing authority and control of relevant accounts through risk-based methods. Sensitive documents should be retained only as long as needed and protected with strict access controls.
Record accuracy should thicken next. RDAP organisation names, contacts, status, transfer dates and linked services should change in a coordinated sequence. The system should prevent an update from leaving the holder record, reverse DNS, RPKI authority and billing relationship in contradictory states.
Security should thicken. Administrative accounts need phishing-resistant authentication, role separation, approval thresholds, anomaly detection, credential recovery and tested disaster recovery. High-risk changes can require independent confirmation and a cooling period, with an emergency path for genuine incidents.
Audit should thicken. Every material change should have a unique request identifier, timestamps, actors, evidence classes, decisions and system effects. Sampling should test consistency across staff and applicant groups. Audit summaries can disclose methodology and findings without exposing private transaction documents.
Service accountability should thicken. Applicants should know when the clock starts, which stage an application has reached, what remains missing and when escalation is available. A market can absorb a published two-week review more easily than an unexplained wait of unknown length.
Continuity should thicken. Registry failure must not erase authoritative history or disable every holder's ability to maintain routing security. Backups, escrow where appropriate, failover systems, key ceremonies, incident communication and inter-RIR contingency planning are capital-market safeguards as well as network safeguards.
None of these improvements requires staff to decide whether the buyer's use is worthy. They strengthen the trustworthiness of the answer the registry is authorised to give.
What rising value should thin
Transaction-purpose review should thin unless policy clearly requires it. If a recipient satisfies the published eligibility test, the registrar should not reject because staff prefer a different business model.
Price review should remain outside the registration decision. A registry can publish fees and transfer statistics. It should not decide whether private consideration is fair, except where law requires reporting or an extreme fact supports a defined fraud inquiry.
Retrospective policy should thin. Parties should not discover after signing that a general principle has been converted into a new condition for their case. Prospective policy change remains legitimate through the applicable development mechanism, with transition rules for pending applications.
Moral character review should thin. Fraud, sanctions, crime and abuse obligations can be addressed under law and defined contract. Disagreement with an operator's lawful content, customer type or commercial strategy is not a substitute ground.
Economic planning should thin. A registrar can enforce a valid needs test without becoming the investment committee for the recipient. It verifies whether required evidence meets the rule; it should not run the business.
Jurisdictional overreach should thin. An RIR organised under one country's law should be careful not to present its policy as settling property, tax, insolvency or creditor priority worldwide. It can state what recognition it will provide and what contract governs its service.
The result is not deregulation. It is allocation of decisions to the institution competent to make them.
Procedural rights become economic infrastructure
When registry action affects a valuable transaction, procedure is not etiquette. It changes risk.
The applicant first needs a published checklist. Required documents, eligibility conditions, fees, locks, inter-RIR dependencies and ordinary timelines should be knowable before contract signing. Guidance can evolve, but material conditions should be anchored in policy or agreement.
Second, the registrar should issue a complete-file notice. Until that point, the clock may reasonably pause for missing evidence. After that point, the applicant knows the substantive review has begun. Repeated requests for new categories of documents should be explained.
Third, decisions need reasons. A refusal should identify the exact condition, the fact found and the route to correct or challenge it. Generic language prevents learning and hides inconsistent application.
Fourth, applicants need an opportunity to cure ordinary defects. A wrong corporate suffix, expired certificate or incomplete officer letter should not always destroy the transaction. Fraud or deliberate misrepresentation can receive different treatment under clear rules.
Fifth, consequential decisions need independent review. The reviewer should not be the same person who made the original decision, and conflicts should be disclosed. Review may occur through an internal panel, elected body, arbitration, ombudsman or court depending on the institution. The important properties are independence, competence, record access and reasoned outcome.
Sixth, urgent protective measures should be bounded. A registrar may need to freeze an account during suspected compromise or comply with a court order. The holder should receive notice when lawful, a stated basis, review and a path to restore ordinary service.
These rights reduce the risk premium around registry recognition. They also protect the registrar by making difficult decisions defensible.
The record should show events, not pretend to settle every right
A modern IPv4 record can be authoritative without claiming more than it knows. It should identify the currently recognised holder and relevant status. It should preserve prior states and the type and date of recognised change. It should expose public contacts and technical delegations at an appropriate privacy level.
It should not label the holder "absolute owner" unless a competent legal system supplies that conclusion. Nor should it erase economic reality by pretending transfer consideration, leases or security interests can never matter. The registry can maintain a bounded record while other systems hold additional claims.
One useful architecture separates three ledgers. The first is the authoritative number-resource registration: prefix, recognised holder, status and technical authority. The second is a voluntary claims or notices layer for leases, security interests or disputes, where law and privacy permit. The third is a protected evidence trail containing documents and decisions.
Separation prevents every private contract from cluttering RDAP while making hidden interests easier to discover when parties choose or are required to disclose them. It also prevents the RIR from being forced to adjudicate creditor priority merely because it received a notice.
Any claims layer would need careful design. False liens or leases could be used to harass holders. Notices should identify the filer, carry expiry and correction mechanisms, and state that registration is not validation. Courts and applicable law would determine effect.
The authoritative record should link to events through stable identifiers without publishing confidential terms. A transfer entry can say that holdership changed under the relevant policy on a date. It need not reveal the purchase price. A temporary transfer can record the return condition where policy recognises one. A merger update can preserve the corporate-chain basis.
This event model improves due diligence. It also makes correction less destructive because the system can amend a state while preserving what happened and why.
Conservation survives, but as a rule rather than a mood
The thin-registrar argument does not abolish conservation. IPv4 remains finite. Fraudulent need claims and address hoarding can harm later entrants. The question is where and how conservation operates.
For remaining allocation pools, a needs-based rule can require a documented plan. For waiting-list space, a holding period can prevent immediate resale. For a transfer between regions, compatibility rules can require a recipient plan. For a request for additional resources, prior holdings can be examined. These are specific policy choices.
What should disappear is conservation as an unbounded after-the-fact discretion. If a contract says a resource cannot be revoked for lack of utilisation, staff should not recreate that power through an informal processing category. If a transfer policy permits a legitimate holder to transfer, the registrar should not add a price or ideology test.
Policy makers can amend rules prospectively if evidence shows harm. They should define the affected resource class, transition, measurement method, review and remedy. An operator must be able to distinguish a binding condition from an institutional aspiration.
This discipline improves conservation itself. Clear rules invite accurate plans and voluntary compliance. Vague power encourages defensive paperwork, lobbying and litigation. A market releases capacity more readily when holders trust that registration will follow a lawful transfer and that admitting idle inventory will not trigger arbitrary loss.
Fraud control is compatible with neutrality
High-value records attract fraud, and a neutral registrar must be able to stop it. Neutrality does not require automatic acceptance.
The source holder's authority should be authenticated through multiple signals: account control, officer approval, corporate records, notarisation or trusted digital signature where proportionate. The recipient should acknowledge the transaction. Conflicting claims should pause completion and trigger a defined dispute protocol.
Risk scoring can prioritise review, but it should not become a secret eligibility regime. The registrar can examine unusual account recovery, recent contact changes, high-value fragmentation, mismatched jurisdiction, compromised credentials and repeated failed attempts. Adverse action should rest on facts and a published legal or policy basis.
Staff conflicts require controls. Employees and decision-makers should disclose financial or relational interests in brokers, buyers, sellers and service providers. Cases should be reassigned. Gifts and side communications should be restricted and auditable.
Sanctions and court orders require jurisdictional precision. The registrar should identify the legal authority, scope, affected service and duration. It should avoid presenting one jurisdiction's measure as a universal judgment about ownership. Where lawful, the holder should receive notice and a review path.
Fraud prevention also needs error recovery. A freeze imposed after a false positive can itself interrupt business. The system should support emergency escalation, restoration of RPKI and DNS authority, and correction of public records. Neutrality includes willingness to admit and correct institutional error.
Fees should purchase service, not policy influence
Markets can support registry funding. Transfer review, identity validation, secure systems and audit cost money. Fees are not inherently inconsistent with neutrality.
The schedule should be public, predictable and connected to service. Similar transactions should face similar charges. Waivers or reduced fees can be defined for hardship or public-interest infrastructure without private bargaining.
Fee design should avoid giving the registry a speculative interest in transaction price. A percentage-of-value fee can turn the registrar into a entity in valuation and encourage arguments over consideration. A cost-based or clearly tiered fee may be easier to administer neutrally, though each region must assess its own funding model.
Revenue should not buy faster substantive treatment through informal channels. If expedited service exists, its scope, safeguards and price should be published, and ordinary applicants should retain a reasonable service level.
Financial transparency matters because high-value transfers can make registry bottlenecks lucrative. Budgets, reserves, procurement and related-party controls should be visible enough for members and the public to assess whether fees support resilient registration rather than institutional expansion.
No public dataset allows a global comparison of full transfer-processing cost, delay or informal expense across all RIRs. Fee tables do not reveal applicant legal costs, broker charges, failed transactions or delay losses. A claim that one model is universally cheapest would therefore exceed the evidence.
RPKI makes the registrar powerful in a second dimension
The transfer record is not the only control surface. RPKI links number resources to route-origin authorisations through a certificate hierarchy. A holder may depend on registry-hosted or delegated RPKI services to show which ASN may originate a prefix.
This increases the need for coordinated, neutral execution. A transfer that updates RDAP but leaves the old holder's authorisations active can create confusion. A freeze that disables a legitimate holder's certificate access can affect routing acceptance. A rushed update can create invalid announcements.
The registrar should publish the sequence for RPKI effects around transfer, merger, suspension and restoration. Parties need a cutover plan and evidence of completed changes. Emergency security action should be logged and reviewable.
RPKI does not convert the RIR into an arbiter of every route. A valid ROA states an authorisation within the system; it does not prove that the route is commercially desirable, free of abuse or legally owned. Route origin validation helps networks make routing decisions, while operators retain policy choices.
This is another example of thick operations and thin substantive claims. The system should be secure and precise about what it validates. It should not market a limited cryptographic statement as a universal certificate of good conduct or title.
A constitutional checklist for a neutral registrar
The registrar's mandate should enumerate its functions: maintain unique records, process defined changes, support technical delegation and security, preserve history, publish bounded data and coordinate with peer registries.
Its refusal grounds should be closed or tightly constrained. New grounds should require prospective policy or legal authority, not case-by-case invention.
Its evidence rules should distinguish mandatory documents from optional corroboration. Applicants should know what satisfies each condition and how confidential material is handled.
Its service clock should define receipt, completeness, review, coordination, decision and escalation. Pauses should have reasons.
Its decisions should be written and reviewable. Precedent can be anonymised where privacy requires, allowing the community to see whether similar cases receive similar treatment.
Its technical controls should include strong authentication, separation of duties, event logs, key management, backups, incident response and independent testing.
Its governance should control conflicts, procurement, fees, staff conduct and board intervention in individual cases. Policy makers can set rules; they should not privately direct a transaction outcome.
Its correction system should restore accurate state without erasing history. Serious institutional error should trigger disclosure, remedy and, where an applicable framework supports it, compensation.
Its data policy should expose enough for coordination and due diligence while minimising unnecessary personal information. Historical access can be tiered and logged.
Its continuity plan should address institutional failure, not only server failure. Peer coordination, data escrow, emergency keys and recognition procedures should be tested before a crisis.
This checklist is demanding. It is also narrower than a mandate to regulate every economic use of IPv4.
What Number Resource Society gets right, and what remains unproved
NRS's charter argues that number-resource institutions should focus on correct registration and avoid bureaucratic interference with network operation. Its website advocates holder control, free enterprise, transparency and reduced overhead. Its FAQ frames the organisation as a membership body that educates and represents resource holders.
The core instinct fits a post-scarcity market: registration accuracy and holder voice deserve more weight as economic dependence grows. NRS is also right to connect registry instability with business continuity rather than treating every dispute as an abstract policy seminar.
But the strongest NRS formulation - that the registry is merely a bookkeeper - needs refinement. Accurate global registration requires identity controls, duplicate prevention, technical expertise, RPKI, reverse DNS, inter-RIR coordination, security, continuity and policy application. A bookkeeper with compromised credentials or no conflict rules can destroy value as easily as an overreaching regulator.
NRS materials are first-party advocacy. They do not independently establish legal ownership of IPv4, the neutrality of NRS, a production alternative registry accepted across the routing system, or measured improvement in transfer outcomes. Some public claims about unused address quantities lack a disclosed denominator and should not be repeated as fact.
A constructive NRS programme would publish the neutral-registrar checklist, compare regional procedures using primary documents, collect anonymised delay and error evidence, train holders on record hygiene and advocate reasoned appeal. It could operate a voluntary evidence and notice service while stating clearly that the service does not alter RIR records or adjudicate title.
That would make NRS positive without asking readers to accept its institutional claims on faith. The test is whether its methods are open, conflicts disclosed, corrections possible and outcomes independently reviewable.
Objections to a thinner registrar
The first objection is that markets create speculation, so the registry must control purpose. The answer is that anti-speculation rules can be explicit: holding periods, waiting-list restrictions, needs tests or transfer limits. A defined rule is different from unlimited staff discretion.
The second is that IPv4 is a public resource, not property. That language can support stewardship, but it does not answer the institutional question. Even a licensed or delegated resource needs accurate records and fair procedure. Neutral registration does not require a conclusion about property.
The third is that fraud is too complex for enumerated grounds. Fraud patterns evolve, and a registrar needs investigative flexibility. It can have a defined authority to request evidence where objective risk indicators exist, with logging, reasons and review. Flexibility need not mean unreviewable power.
The fourth is that community-developed policy legitimises broad discretion. Community participation legitimises rules when participation is genuine and the adopted text is clear. It does not automatically legitimise a decision unsupported by the rule.
The fifth is that courts are too slow, so the RIR must resolve ownership disputes. The registry needs an interim protocol to preserve stability, but difficult legal claims may still require arbitration or court. Administrative speed cannot create jurisdiction.
The sixth is that a thin registrar favours wealthy buyers. Predictable recognition can indeed make markets easier to use. Distributional goals should be addressed directly through reserved pools, support for new entrants, competition policy or transparent fees, not hidden transaction obstruction.
These objections improve the design. They do not justify turning the record keeper into an institution with no limit.
Measure neutrality with outcomes
Neutrality should be audited, not asserted. Useful measures include median and tail processing time by transaction type, frequency and category of document requests, refusal reasons, correction rate, appeal outcomes, security incidents, RPKI cutover defects and record-restoration time.
The data should be segmented carefully enough to expose inconsistent treatment but not reveal confidential transactions. Case complexity matters. A simple in-region transfer should not be compared directly with a contested cross-border merger without explanation.
The institution should publish the denominator. Saying that most transfers finish promptly is not useful without the number of completed, pending, withdrawn and refused applications and the measurement period. Applicants abandoned after long delay should not vanish from the statistics.
Independent audit can sample case files against policy, as ARIN's published Registration Services Department audit programme already contemplates. The audit should test both false acceptance and unjustified refusal. Accuracy is not only keeping bad records out; it is recording valid changes on time.
Comparative research should avoid ranking RIRs from website claims alone. Policies, contracts, resource populations and case mix differ. The goal is to identify reproducible control features and procedural gaps.
No complete public dataset currently permits a global rate for erroneous IPv4 transfers, unjustified refusals, successful appeals, processing delays or registry-caused transaction loss. The absence of those denominators is a reason to improve reporting, not a licence to invent performance.
The thinner state is the stronger state
IPv4's capital market does not need an absent registry. It needs one that can be trusted at the moment trust matters most.
That institution verifies who is acting, whether they have authority, whether the recipient meets the rule, whether the same prefix is already committed, whether legal constraints apply and whether every technical record changes safely. It preserves history and explains its decisions. It can withstand fraud, disaster and institutional conflict.
It also knows what it cannot decide. It does not set the asset's price, choose the buyer's strategy, rewrite property law, determine tax ownership, resolve every lien or decide which lawful operator deserves to grow. Those questions belong to parties and institutions with the relevant mandate.
Scarcity makes this boundary more important. When addresses were obtained mainly from an administrative pool, discretionary allocation could be defended as distribution. Once holders exchange existing capacity for consideration, registry recognition functions more like market infrastructure. Every extra discretionary condition becomes a potential tax, veto or bargaining point.
The proper response to value is therefore paradoxical only at first glance: make the registrar operationally thicker and constitutionally thinner. Strengthen records, security, identity, reasons, timelines, audit, appeal and continuity. Narrow unpublished judgment, retrospective conditions, price supervision and economic preference.
A neutral registrar does not promise that every applicant wins. It promises that the same declared rule meets the same facts, that adverse decisions can be understood and challenged, and that the record will not become a private instrument of institutional preference. That is the governance a capital market can rely on.
Sources
- NRO: Free Pool of IPv4 Address Space Depleted - primary institutional record of IANA free-pool depletion on 3 February 2011; it does not measure the later transfer market or establish property rights.
- RFC 7020: The Internet Numbers Registry System - authoritative description of registry-system goals and structure; it is not a capital-markets statute or a complete limit on regional policy.
- ICANN: ICP-2 criteria and NRO: ICP-2 update page - primary evidence for neutrality, impartiality and the status of the 2025 draft successor; draft language is not represented as adopted law.
- RIPE Resource Transfer Policies, RIPE-807 - current regional transfer and registration-update rules; they do not determine private price, tax, accounting or creditor priority.
- APNIC transfer conditions and APNIC transfer procedure - first-party regional conditions and source-recipient sequence; they are not global rules.
- ARIN Number Resource Policy Manual, ARIN agreements and ARIN Registration Services audit reports - evidence of one region's policy, contractual and audit controls; public summaries do not reveal every case file or prove error-free operation.
- SEC: Transfer Agents, SEC transfer-agent recordkeeping rule and SEC internal-control reporting guidance - authoritative United States securities materials used for functional comparison only; IPv4 resources are not described as securities.
- UCC Section 9-516, UCC Section 9-519 and UCC Section 9-520 - model-law text illustrating notice filing, indexing and limited refusal; enacted state law and IPv4 recognition require separate analysis.
- UNCITRAL Guide on the Implementation of a Security Rights Registry - intergovernmental guidance on efficient public notice registries and bounded scrutiny; it does not govern RIRs or validate an IPv4 security interest.
- World Bank Knowledge Guide on secured transactions and collateral registries - comparative implementation guidance supporting limited, objective refusal and record integrity; it is not binding law.
- HM Land Registry: About and HM Land Registry services - official evidence of a legally grounded, guaranteed title register; the statutory land system is not a direct model for Internet numbers.
- NRS Charter, NRS FAQ and NRS About page - first-party statements advocating accurate registration, holder rights and reduced bureaucracy; they do not prove NRS neutrality, legal authority, production adoption or independent performance.

