This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Abuse Contact Information
- Previous message (by thread): [anti-abuse-wg] Abuse Contact Information
- Next message (by thread): [anti-abuse-wg] Abuse Contact Information
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Tobias Knecht
tk at abusix.com
Mon May 3 12:12:33 CEST 2010
Hello together, > I like to recommend the following extension to Tobias' proposal: > > I should be noted that access to personal objects via > whois is currently limited, what blocks automated abuse > report generation. > > It is likely that these limits also apply for IRT objects. RIPE Database Query Reference Manual [1] says in chapter "2.12 Access Control for Queries" the following: "The control mechanism is based on the amount of contact information (contained in person and role objects) that is returned because of queries made for an IP address." Is the IRT Object a person or role Object? Is it handled the same way? Are there any restrictions? The other opportunity would be to use the new and really great AbuseFinder API [2] as soon as it is ready to use in production. > I recommend to publish a list of all IRT-objects on RIPEs > ftpserver for mirroring, maybe restricted to RIPE > members only or to explicitly drop all limits for > IRT queries (if somebody is concerned about email harvesting > it should be clear that harvesting will happen anyway via > whois, API or webservice, whatever limits are used). Restricted Access to a file is not the solution. What about non RIPE members like ISPs from the APNIC or ARIN region? Unlimited access to IRT Objects could make sense, but I would like to restrict it a bit more and let's say stop restrictions while using the "-b" flag. That would make 100% sense. That way it would be possible to query the addresses for automatic abuse handling (abuse-mailbox attribute), but secure the e-mail attribute for personal contact. > It should also be noted in the proposal that IRT-objects > have to bereturned also via the whois "-b" option. Over all I think this is something that should be thought about, but nevertheless it is not the main intention of this proposal to change query policies. It's about making the IRT Object mandatory. It's the decision of the community, if this proposal, shall be extended. Thanks, Tobias [1] http://www.ripe.net/db/support/query-reference-manual.pdf [2] http://labs.ripe.net/content/abuse-finder -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: </ripe/mail/archives/anti-abuse-wg/attachments/20100503/ddb53df9/attachment.sig>
- Previous message (by thread): [anti-abuse-wg] Abuse Contact Information
- Next message (by thread): [anti-abuse-wg] Abuse Contact Information
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]