HI Nick I am not against policy change if that is the only way forward. But let me just throw a quick question back at you. If someone manages (legacy) resources and have customers using some of these resources and all this is documented in the RIPE Database and one of those customers 'could' cause abuse, does it not make sense to advertise an abuse contact? Isn't this just good management of resources? We have tried to set up one method of documenting abuse contacts so it simplifies the process of listing, finding and managing these contacts. I proposed cleaning up the old references to "abuse-mailbox:" in a variety of objects, as specified in the implementation plan for ripe-563. An argument against the cleanup was that some legacy resources still use this outdated database functionality and have abuse contacts in remotely referenced objects and RIPEstat still looks for these remote references. So to do a cleanup to complete the implementation of ripe-563 we have to make a choice: 1/ Ask the legacy resource holders who have voluntarily provided an abuse contact to document it in the correct way using "abuse-c:". 2/ Make a policy change to require all resources (including legacy) that are documented in the RIPE Database to reference an "abuse-c:". 3/ Attempt a much more complicated cleanup by removing "abuse-mailbox:" from objects that are only referenced by RIPE NCC managed resources and not in any way remotely referenced in any legacy resource. Then add business rules to the software to prevent any "abuse-mailbox:" attribute being added to the wrong object type, instead of deprecating these attributes. Also not allow updates to objects that should not have this attribute. 4/ Just do the full cleanup anyway and risk losing some information from those resource holders who have not kept their data up to date with current database functionality. cheers denis Independent Netizen On 28/05/2015 22:42, Nick Hilliard wrote:

On 28/05/2015 20:08, denis walker wrote:

...

During the RIPE Meeting you suggested the idea of legacy resource holders adopting the practice of referencing an abuse contact using the one accepted method currently in use in the RIPE Database with "abuse-c:". In terms of responsible management of internet resources I don't think anyone could argue against all resources documented in the RIPE Database making reference to an abuse contact via an ORGANISATION object showing who is responsible for a resource.

Many ideas raised at RIPE Meetings are quickly forgotten after the meeting. How can we move this idea forward so it does not become another of those 'good idea, but never implemented'? This will probably need a policy change, no?

https://www.ripe.net/publications/docs/ripe-639

...

Any existing or future RIPE policy referring to resources shall not apply to legacy resources unless the policy explicitly includes legacy resources in its scope. Nick

Hi Nick On 29/05/2015 14:47, Nick Hilliard wrote:

...

I am not against policy change if that is the only way forward. But let me just throw a quick question back at you. If someone manages (legacy) resources and have customers using some of these resources and all this is documented in the RIPE Database and one of those customers 'could' cause abuse, does it not make sense to advertise an abuse contact? Isn't this just good management of resources? in theory, advertising this is a good thing and won't do any harm. In

On 29/05/2015 13:33, denis wrote: practice people will continue to use their old templates as before and won't bother changing things unless there's some impetus to do so.

The LRH community is receptive to the idea of good stewardship of resources, so I don't see why they wouldn't be interested in mentioning legacy resources in the "Abuse Contact Management in the RIPE Database" document.

So are you suggesting that ripe-563 policy is amended to include legacy resources? cheers denis

Nick