From a systems perspective the discussion below is exactly backwards.
A millions-user system dependent for correct operation (e.g. one not promoting abuse [the subject of this list]) must be [re]designed to place the onus on the user not the registrar. Rule: if your data are not correct, you are off the net. Same as if you don't pay your bills to your ISP. The ISP (or the electric company, or the phone company . . . .) don't chase after you and spend hours getting you to pay your bill. They just disconnect you after sufficient notice to the registered address. At present the internet is a cesspool of crime without effective mechanisms of accountability and traceability. An outsider viewing this thread (and the dozens of others I've been monitoring for more than a decade) would find remarkable the unspoken assumption of their discussions: how to make life trouble-free for the registration and contracting bodies, even though this makes inevitable the criminal nature of the mechanism they are charged with managing. With a proper goal in mind ("Develop our mechanisms so the internet is no longer a cesspool of crime") the kind of discussion below ("We can't consider that because it would be a lot of work and some people would become upset") would be out of bounds. The matter of the "defining discussion goal" will have to be taken up in order to make progress on this list's putative purpose of "anti-abuse." Jeffrey Race On Fri, 6 Nov 2015 13:49:01 +0000, Sascha Luck [ml] wrote:
On Fri, Nov 06, 2015 at 11:56:51AM +0100, denis wrote:
Add to that all the possible language issues and I am not sure how you will expect the RIPE NCC to validate all this personal contact data with people who they have no relationship with and who may have never heard of the RIPE NCC or RIPE. Anyone who receives an email from an organisation they have never heard of, possibly in a language they don't understand, asking to validate personal information...well you know how that will be treated these days.
I've occasionally done db cleanup death-marches for customers where I've created/updated/deleted 100 or so objects in a single day. (usually with contact data relating to the LIR which does have a contract with the NCC) Is the idea seriously that someone doing this will have to field 100 phone calls or reply to 100 emails over the day?
What about the numerous LIRs who do their resource management programatically, without human input?
IMO, such actions would actually discourage proper resource management and lower the quality of the db.
Also bear in mind a single data validation is quite pointless. What is valid today may not be tomorrow. So you cannot trust data that was validated yesterday. To have any benefit this data would have to be routinely re-validated. Given the quantity of personal data sets in the RIPE Database (we are talking millions), many of whom have never heard of the RIPE NCC, to ask them to undertake this exercise would result in the RIPE NCC being reported to many law enforcement authorities for phishing.
Not even considering the inevitable members' revolt.
rgds, Sascha Luck