[address-policy-wg] 2023-04 Review Phase (Add AGGREGATED-BY-LIR status for IPv4 PA assignments)

Dear Jan!

You and Denis are arguing that registration/user data needs to include 
certain (sometimes  sensitive details (ie: PII)) that need to be put in 
the database. Your Argument is that this is a policy requirement.

When I tried to get both of you to spell out what this "user 
data"/"contact information" is exactly and where that is defined - We do 
not get a clear answer.

I have read every single of denis replies/comments.

When asked, neither of you cannot reference a policy section that 
actually spells out what is considered "contact details".

According to your own e-mail - your opinion is based on a software 
interface/implementation (ripe-db). This interface itself is an 
interpretation of what the policy could mean.
The Interface of the DB also does not specify what kind of Information 
(regular address, proxy address,...) needs to be inserted. Just that 
some fields need to be filled out (and its open to interpret what goes 
into them to a certain extent - wich is the point of this discussion).

The relationship is policy -to- database. Not Database -to- Policy.

And yet, we have no document or reference that defines what kind of 
contact information (direct only, or indirect via proxy/masking/....) is 
permissable.
Just that it needs to be maintained (meaning "if it works" -> OK).
In my previous e-mail i did argue that in some scenarios working 
witout"proxy" data is impossible (think: Role/NOC Contacts).

I have also read your reference 
https://www.ripe.net/publications/docs/ripe-705 . It defines an abuse 
inbox is mandatory for certain objects. And that it has to be an email 
address. - Nothing else.

Regards




On 1/12/24 09:40, Jan Ingvoldstad wrote:
> On Fri, Jan 12, 2024 at 9:28 AM Sebastian Graf 
> <ripe-lists at sebastian-graf.at> wrote:
>
>     Dear Jan!
>
>
> Dear Sebastian,
>
>     Thank you for your reply. But you have not answerred my question.
>
> I answered your question, but I did not understand that you intended 
> your ancillary comment as an additional question. Sorry about that.
>
>     We are all clear/well aware on the fact that the policy states
>     (paraphrasing here: resources need to be registered and the
>     registions need to have contact information).
>
>     We are looking for the DEFINITION of "contact details of the End
>     User.". This is not directly defined (as far as i can tell) and is
>     therefore open for interpretation.
>
>     Unless i missed something?
>
>
> As I understand it, this comes from how contact objects are defined in 
> the database, and this is what RIPE-804 references.
>
> Denis has provided more detailed context.
>
> RIPE-705 sets specific requirements regarding abuse contact details.
>
> -- 
> Jan
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/address-policy-wg/attachments/20240112/d317d39d/attachment.html>