[acm-tf] Poster on theory of abuse contact management, was Date and time next ACM-TF meeting
Alessandro Vesely vesely at tana.it
Wed Apr 13 14:22:08 CEST 2011
On 13/Apr/11 10:45, Brian Nisbet wrote: > "Alessandro Vesely" wrote the following on 12/04/2011 08:55: >> Will there be room to hang a poster illustrating how abuse contacts >> are expected to work and play a role in the current scenario? > > I'm largely with Tobias here, I do not see this as part of the scope > of the TF. To repeat the agreed points of the charter from the first > meeting: > > - Should be a single logical path to document abuse POC > - The current abuse POC data in the RIPE Database should be deprecated > and/or migrated. > - The target audience needs to be defined > - Should it be mandatory? > - Should include a best-practises document > - Should there be a consequence attached for non-compliance? > - It should be done in a way that it doesn’t fall under the “Personal > Data” restrictions I agree that those points don't formally require to describe the intended use of abuse POCs, let alone the effect that such use is expected to provoke. However, airing what are the real reasons why we want to do all that and gathering consensus from the community at large will help to accomplish our task effectively. > While BCP is mentioned there, I do not think that expands to FBLs or > the flow of an abuse complaint. I possibly misused the term "FBL", meaning what Tobias calls "global reporting" --see below. > As Suresh says, this may be far better placed in the AA-WG, > although I'm not sure how much spare time we have in the session > right now. Having such a session may be a neat idea too. Hanging a poster is just an easy and a rakish way to raise attention/consensus. On 13/Apr/11 03:08, Jochem de Ruig wrote: > Will make sure there is a flip-over and post-it's so we can work out > your suggestion. Thanks. I'll need the actual dimensions for printing. Knowing early if it is landscape or portrait will help. On 12/Apr/11 22:20, Tobias Knecht wrote: >> A third thing is to maintain this information. In order for a Sender >> to confidently send a report to a Receiver, someone has to collect >> assessments about their trustworthiness, so that they can reliably >> understand each other. > > Imho way to complicated and impossible. Let's keep this point off the poster, since we don't fully agree. >>> Feedbackloops are a completely different ecosystem. They are usually on >>> subscription only and it's only about spam. >> >> Currently it is like so. However, I counted less than a dozen of >> those FBLs, all of which are located in North America. > > Right, this is just a legal problem in Europe. Maybe there will be > feedbackloops that do not need subscription in future, which is in my > definition not a feedbackloop anymore, it is "global reporting". Yes, that's what I meant, whatever we'll call it. > I think we can agree that everybody who wants to report abusive behavior > and does not have a direct source for the abuse contact (as it is > handled with todays feedbackloops by subscription) needs a source to > find the abuse contact. Someone mentioned abuse at ripe.net will be put in use, some day. Perhaps, RIPE will just blindly forward reports to the relevant allocation-specific abuse POC, in some cases. In such cases, the Sender should find the target address directly (and thus optimize the traffic.) This consideration would suggest a "hierarchical database", in some sense. To depict it, we may represent a Receiver forwarding a report to a sub-allocation, e.g. an ISP to a customer of theirs. > The abusix "global reporting" is not subscription based. The > Deutsche Telekom reporting is not, the TDC repoting is not. But we > usually do not call it feedbackloops. AFAIK, the abusix db can be considered a sort of whois digest, rather than independent data. Dunno about the other two. Shall we depict multiple databases? > Or is your definition of a feedbackloop just reporting abusive > behavior back to its source? Yeah, sort of. I never saw a formal definition, but IMHO it should provide for reaching the original source --the author-- of a reported message, in some cases. > If that is the way we are talking different directions just by not > having the same definition. :-) Yup, most likely. Some definitions, a legend, and a title would complete the poster.
[ Acm-tf Archives ]