Chris wrote:
On 04/11/2012 06:43 PM, Frank Gadegast wrote:
obviously not true. ripe's core task is number resource coordination, the db is a service, if ripe decided not to provide for it - then there simply wouldn't be one.
Sorry, but the above statement IS true indeed. Chris: you are mixing RIPE and RIPE NCC.
no. it is ripe's and ncc's core task. so talking about ripe as a superset
Not a superset, a community.
or at least including ncc this is absolutely correct.
The community has a real interest in an up-to-date and working whois db,
first of all it's not up to you (or any single one else) to decide for the community.
I did not "decide" anything (great, if I could), but, as you can see on the list, at the RIPE meetings and other points where anti abuse people meet: people that have to deal with abuse every day want the best systems to direct abuse reports to the responsible people. Even most admins are very thankful, when they receive abuse reports quick as possible to prevent more abuse originating from their own, but abused resources. So: there is an interest in an up-to-date database from the community or at least a part of the community. And there is also a very understandable need to protect private data as well. Currently its all mixed up and Tobias RFC is still not in place, that will finally make it possible to protect private data, whenever the object owner wants it and still publish abuse details.
and it's e.g. my and probably many others' interest that ncc can coordinate to make ip work.
Sure.
what you are calling for - no matter what you call it - doesn't affect this coordination task. what you are calling for essentially also isn't a working db (it works, and you are free to talk to people to ask them to change their objects according to your ideas),
Thank you that you allow me to present my opinions and ideas here, didnt know, that Im allowed to do that on this list until now ...
but making ripe some sort of police-substitute,
Not at all, I dont see RIPE NCC following any specific abuse issues like a detective (well, not yet), they have no call to do this, probably no legal background or whatever what you need to play policemen. But: RIPE NCC has a contract wich forces them to store, maintain and publish this database, as far as I can see. And the NCC is also urged to do this in the best and most accurate way, but they simply dont. The database is mixing private with needed public data, gives access to this or that data in a strangly controlled method (objects owner should be allowed to protect there private data from all access, if they want or need to and should not have to hope on a maximum-of-3000-queries-per-day blacklist-stupid-kind-of-protection and abuse data should be released to the public without any restriction), the database is incomplete, not following the own guidelines and contains a lot, I mean, really a lot of old not updated data. Funny that google can present us the text of all webpages easily and up-to-date including all changes during the last 5 minutes, but the NCC never managed to clean the database up during the last years ? And never tried to.
and forcing everybody to follow your strange ideas which are not ripe-business.
Whats strange about a database with correct data ? If there is no mandate to have accurate data in this database, well, then you can shut it down completely (there is nothing worse than old data).
but being an enlightened (errm - i mean that french thing, you know, don't mistake this for hybris, please :) ) netizen, data economy btw is a real interest for me (actually it's the law)...
maybe sbdy from ncc has an estimate on introducing a refer attribute in inet*num objects. i guess this should effectively lead to a technically less complex, as more streamlined, db.
When is the mandatory abuse-c coming ? And will the NCC check the email addresses at least with some minor technical methods (like checking syntax, MX records, availability of the mailserver). Its law in Germany (and I think common sense in the world), that newsletter owner should only mail to users that double-opt-in, so whats so complicated to test the email addresses with an email including a link, that needs to be clicked ? Doing that NCC would have done, whats technical possible and proudly present a database, they have checked. Whoever wants to hide, still can hide and ignore mail, but the NCC would be save from any blame. Somebody asked me today, if there are whatever entities that could put some pressure on abuse friendly ISPs and I said no. Maybe we should publish the data we collect here (simply to protect our customers from abuse). Do you want to know the provider with the most contacts without any email address ? Or the ISPs with perfect abuse contacts leading to a non-responsive mailserver ? Full mailboxes ? And finally: whats about the amount of abuse reports we had to generate for IPs you are responsible for ? Public available and accessible for everybody ? Maybe we should invent an AS-based ranking, others could use via DNS as blacklist based on the amount of spam we received from any AS ... But we had this discussion already a few month ago, we all know where consol.net stands here ... I dont like to repeat myself. Kind regards, Frank
regards,
Chris
-- Mit freundlichen Gruessen, -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================