This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
- Previous message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
- Next message (by thread): [anti-abuse-wg] Global design (Abuse contact information)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Tobias Knecht
tk at abusix.com
Thu Nov 11 15:26:23 CET 2010
Hello everybody, first of all thank you for all your feedback on this proposal. It is great to see so many people joining and supporting or opposing the policy proposal. Thanks for that again. I think Denis did a great job yesterday bringing up some clarification about some issues. And I have seen that some people are still having a hard time to understand the idea of the proposal and some of them having a hard time to understand the proposal text, So I want to try to give some clarification and I hope I can do it as well as Denis did yesterday. * Why should we use the IRT-Object? - The IRT object is already existing, it is easy to implement for RIPE. - The IRT object underlies no whois server query restrictions. - The IRT object gives more flexibility. It is possible to monitore abuse, even if the inet(6)num is handled by your customer. - The IRT objects intend was similar to the intend of this proposal. - The IRT object is used by APNIC. * Why is an abuse-c a bad idea? Using an abuse-c would link the abuse-c field to already existing role, person, or org objects. Those objects are underlying query restrictions. If for example a person handle (including an abuse-mailbox attribute) is linked to abuse-c and to admin-c, two possibly different abuse-mailbox attributes are in one inetnum. * Why making the IRT Object mandatory? One of the main intentions of this proposal is to keep and make things simple and clean up. By making the IRT Object mandatory, there is a clear and understandable definition. Communicating that the IRT Object is mandatory is much more easy too understand than communication, that the IRT should be used and still having other options (remarks). * The abuse-mailbox attribute will be mandatory in the IRT Object. Why? Abuse departments are also receiving personal emails. Communication between different abuse departments or even automatic mail notification from for example blacklist providers. Offering 2 email addresses makes much sense in this case. "e-mail" attribute for personal communication and the "abuse-mailbox attribute for complaints. * How will this proposal clean up? By having a clear and understandable definition all in future created inet(6)nums and aut-nums will have an IRT Object with the abuse-contacts included. There is no need for remark fields or anything else. The already existing mess can be solved by, not letting people create abuse-mailbox attributes in non IRT objects anymore. That will solve the abuse-mailbox problem. I would not migrate these things, I would ask the maintainer as often as necessary to create an IRT Object and delete the abuse-mailbox attributes in all other handles. The problem with remark fields is quit bigger, but will not be a problem as long as the IRT object will be mandatory. Why care about remark fields? If the correct information is published in the IRT object. Nevertheless RIPE could contact maintainers with abuse@ or other keywords in remark fields and ask them to clean up. Another idea was to ask for a cleanup why being logged in the LIR portal. I think RIPE NCC will be able to find a good way. * What other impacts does this proposal have? I do just know about the impacts RIPE told me while working on the proposal and the things Denis Walker explained yesterday. So I hope that Denis can and is allowed to make a more general statement about this proposal in ways of other impacts. What I have seen so far the majority is okay with having a "single" place for abuse contact information. The main purpose is the question if this place should be mandatory or not. Leo Vegoda and Jorgen Hovland mentioned their concerns about the data quality. I can't see these problems coming up. I even see the opposite, having better data quality. But I can not prove Leo and Jorgen wrong, and so can't they. So I would outline this as: "If the IRT object will be made mandatory, data quality will change. Could get better, but could also get worse." So believe what you believe, we can not argue about that. But nevertheless: Is there any other concern or positive feedback about making the IRT Object mandatory? Is there any other concern or positive feedback using the IRT Object? Are there any other concerns or positive feedback? Are there any other questions or suggestions? Please ask yourself the above mentioned questions and let us all know, so we have the chance to explain and find a fair way. Thanks again for the great discussion Tobias abusix.org -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: </ripe/mail/archives/anti-abuse-wg/attachments/20101111/f9616433/attachment.sig>
- Previous message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
- Next message (by thread): [anti-abuse-wg] Global design (Abuse contact information)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]