Hi everyone, Thanks for your questions and comments. In light of those, Hervé and I will prepare a slightly amended version of the proposal to specify some languages, in particular when it comes to the role of RIPE NCC’s impact analysis in providing more details about the concrete implementation of this policy change proposal. Andre rightly asked what was the goal of the proposal. Ultimately, the goal of the proposal is to reduce the likelihood of getting no response when someone (anyone) need to urgently contact a LIR via the abuse-c contact. To achieve this goal we believe that RIPE NCC should be mandated to regularly validate the abuse-c contact point. We think that the main criteria to decide whether to move the proposal to the review phase or not, should be whether there is a majority of AAWG members who thinks that having a valid and functioning abuse-c contact points is a valid goal. Most questions raised were about the actual implementation of the proposal. As explained by Marco/RIPE NCC, the practical details of how the validation procedure will be implemented should not be laid down in the policy change proposal at this stage but rather by the impact analysis that RIPE NCC will conduct. RIPE NCC is the best placed to propose a working procedure (whether it should be done in the framework of ARC, what will be the criteria to consider a contact point invalid, how to address auto-answer, how often the validation process should be carried out etc.) because they are the ones who can best assess the financial and human resources to conduct these checks in the most efficient manner. Lastly, it seems that some members assume that this proposal is driven by law enforcement (LE) needs only. It is not. All network operators/LIRs have at some points been in the frustrating situation of not being able to find a valid contact point, this is why Hervé/Orange is co-authoring the proposal. There is not so many ways of ensuring that you get an answer: the community needs to agree that at least one contact point will be validated by RIPE NCC. In parallel, law enforcement is indeed working with NCC and some RIPE members to develop our knowledge and possibly a tool to visualize BGP routing tables. But improving the way LE can identify and investigate malicious IPs is not the goal of this policy change proposal. In conclusion, we think that so far, except for one or two members who explicitly opposed the goal of the proposal, a majority of members who expressed themselves on the AAWG mailing list during the discussion phase, agrees with the general objective of the proposal – that is to mandate RIPE NCC to regularly validate abuse-c contact in order to reduce the likelihood of not getting an answer when someone needs to urgently contact a LIR. Therefore, in agreement with the AAWG chair, we would like to move this proposal to the review phase. Thanks Greg and Hervé From: anti-abuse-wg [mailto:anti-abuse-wg-bounces@ripe.net] On Behalf Of herve.clement@orange.com Sent: 09 October 2017 15:01 To: Nick Hilliard; Michele Neylon - Blacknight Cc: ox; Gert Doering; anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] 2017-02 New Policy Proposal (Regular abuse-c Validation) Hello Nick, We have already talked with the RIPE NCC about ARC. If the ARC would include actual contact validation, a same LIR would be contacted less frequently for a global audit. Dealing specifically with abuse-c validation, RIPE NCC Impact Analysis will answer the question of extra work evaluation. Hervé -----Message d'origine----- De : anti-abuse-wg [mailto:anti-abuse-wg-bounces@ripe.net] De la part de Nick Hilliard Envoyé : lundi 9 octobre 2017 13:01 À : Michele Neylon - Blacknight Cc : ox; Gert Doering; anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net> Objet : Re: [anti-abuse-wg] 2017-02 New Policy Proposal (Regular abuse-c Validation) Michele Neylon - Blacknight wrote:
The current situation is that abuse-c can be populated with rubbish.
The email addresses can be completely non-functioning.
That is the real and current issue.
the real issue is that this is a complex layer 9 problem inside each organisation, and although creating technological tickbox policies will provide a veneer of doing something, that veneer is very thin. The RIPE NCC already has a mechanism for information consistency audits, namely the Assisted Registry Check. Has anyone talked to the RIPE NCC about including abuse contacts in the ARC, and been given credible reasons as to why this wouldn't be a simpler, better and more effective way of dealing with issue of stale / inaccurate details? Nick _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. ******************* DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it. Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated. *******************