Re: [address-policy-wg] 2006-04 New Draft Document Published (Contact e-mail Address Requirements)
At 03:19 PM 30-10-06 +0000, Michael.Dillon@btradianz.com wrote:
But the policy has a larger problem. It attempts to place a stricter requirement on every organization which has received an assignment from a RIPE member. In this way it places a requirement on virtually every organization, commercial and non-commercial, which exists within our society. I do not believe that this is justified and I do not believe that most organizations have any real role to play in preventing spam or correcting network operational issues.
The real issue here is that current RIPE policies allow RIPE members to wash their hands of all network operational issues associated with the addresses which they have assigned to other organizations.
Allow me to disagree. As someone who regularly sends out emails to contact info as located in the various whois databases, I would rate the RIPE info at #1, followed by RADB, APNIC, ARIN and last being LACNIC (no feedback yet from AFRNIC). Some of you may have received these emails over the past 5 years about leaking private ASNs which is sent to all emails I find in whois. I find the RIPE data to be accurate and comprehensive and light years ahead of the data inside LACNIC. I also find the people contacted inside RIPE respond far quicker than those in ARIN (APNIC is even better than ARIN in that respect). So before complaining about RIPE data, best to bring the rest of the world up to the level that RIPE maintains. Regards, Hank Nussbacher http://www.interall.co.il
Hank, On 10/31/06, Hank Nussbacher <hank@efes.iucc.ac.il> wrote:
The real issue here is that current RIPE policies allow RIPE members to wash their hands of all network operational issues associated with the addresses which they have assigned to other organizations.
Allow me to disagree.
Allow me to agree with you ;-), and support the policy as written. -- Cheers, McTim $ whois -h whois.afrinic.net mctim
McTim wrote:
Hank,
On 10/31/06, Hank Nussbacher <hank@efes.iucc.ac.il> wrote:
The real issue here is that current RIPE policies allow RIPE members to wash their hands of all network operational issues associated with the addresses which they have assigned to other organizations.
Allow me to disagree.
Allow me to agree with you ;-), and support the policy as written.
IMHO it is easy to support the proposal (or not) as it is not going to change anything in real life ;-) Wilfried.
The real issue here is that current RIPE policies allow RIPE members to wash their hands of all network operational issues associated with the addresses which they have assigned to other organizations.
Allow me to disagree. As someone who regularly sends out emails to contact info as located in the various whois databases, I would rate the RIPE info at #1, followed by RADB, APNIC, ARIN and last being LACNIC
You have misinterpreted what I wrote. Perhaps you didn't notice that the proposal is about an email address where notifications of abuse can be sent. The current policy means that LIRs have no obligation to maintain active operational contact with the organizations to which they assign addresses. They merely need to record an email contact in the RIPE database and their job is done. That contact info may be incorrect or it may become stale over time. In order to deal efficiently with network operational issues including SPAM and DoS, we need to have contact points who are ready, willing and able to act upon problem reports. RIPE could impose this requirement on its LIRs with which it has a binding contractual relationship but RIPE cannot impose any obligation on 3rd parties who receive assignments from an LIR. If an LIR is made responsible for the totality of its allocation and is required, as part of the RIPE agreement, to maintain a contact point which is ready, willing and able to act upon problem reports, then we have covered 100% of the RIPE region address space. Of course, in many case, the LIR will need to contact a 3rd party in order to resolve the issue, but it is highly likely that the LIR has a binding contractual relationship with that 3rd party so that they know who to contact. In fact, some 3rd parties are not ABLE to deal with problem reports because there is noone on staff who is competent to deal with such issues. Other 3rd parties are not WILLING to deal with such problem reports because they think that they are buying a network service from the LIR and therefore the LIR should deal with such network issues. And yet other 3rd parties are not READY to deal with such problems because of extenuating issues. For instance the one capable staff member is sick or on holiday or has left and not yet been replaced. Or they are in the midst of a merger, or... The key thing here is that a workable response system requires that ALL contact points are READY, WILLING and ABLE to act upon problem reports. If RIPE policy required this then it would improve the process of dealing with network abuse. The policy as proposed does nothing whatsoever to deal with network abuse. Most 3rd parties do not follow RIPE activities so they are unlikely to comply with the change. There is no mechanism to police compliance and the policy proposed is so weak that a spammer can simply install a copy of the RIPE hostmaster auto-responder and leave the list of acceptable senders blank. --Michael Dillon
participants (4)
-
Hank Nussbacher
-
McTim
-
Michael.Dillonļ¼ btradianz.com
-
Wilfried Woeber, UniVie/ACOnet