In message <B83C8F8C-C5C3-4AAA-B00F-07EA193AB943@foobar.org>, Nick Hilliard via db-wg <db-wg@ripe.net> wrote:
On 29 Jul 2019, at 12:02, Carlos Fria=C3=A7as <cfriacas@fccn.pt> wrote:
Perhaps excluding jurisdictions *outside* the RIPE NCC service region, where company related data *can't* be verified by the RIPE NCC.
The RIPE NCC doesn't claim verification. It only states due diligence.
For some reason, the above comment reminds me of this very old and tired joke: MAN: "Doctor, doctor! What's wrong with me?" DOCTOR: "Well, you evidently have a broken leg." MAN: "I want a second opinion!" DOCTOR: "OK. Also, you're an idiot." Sounds like due diligence of the doctor's part to me! :-) But seriously, one man's due diligence may be another man's slipshod pantomime. And it is not clear, to me at least, what the precise meaning of "due diligence" is in the context of RIPE NCC and the parties it is alleged to "vet". Traditionally, the term "due diligence" is used in the business world to denote an investigation relating to a merger or acqusition. And it involves, quite certainly, a detailed examination of all financial and bank records. I rather doubt that RIPE NCC ever undertakes any such invasive interrogations of any parties that are just trying to get some number resources. So in this context, "due diligence" must have some rather different meaning, and NOT it's traditional meaning from the world of mergers and acqusitions. What that meaning actually is, and or what it should be, in this context, is something that I personally think could benefit from some more detailed elaboration than what currently seems to be publicly available. But that's just my opinion. Regards, rfg