[anti-abuse-wg] whois access

russ at consumer.net wrote:
>> I'm sure ARIN had good reasons to act as they did, either favourably
> to your interests, or not, it simply doesn't matter in the RIPE Region.
> 
> Why would you be sure of that and why wouldn't it matter?

Because the policies to distribute and manage the number resources provided
by IANA to the RIRs are a regional matter. Policy delvelopment in this
context, when and if, it relates to the operation of IANA is a global
policy process. Even this process is a bootom-up process, not a top-down
mehanism as you seem to believe.

ARIN operates in the legal framework of the United States of America, the
RIPE NCC operates in the legal framework of the European Union in general
and Dutch Law in particular.

It is a pretty well-known fact that the legal systems in those regions
are not identical. Thus, imho, ARIN's approach to managing access to whois
data is not directly relevant to this region - in the sense that an aproach
by ARIN has automatically to be copied by other regions.

> It seems to
> me that all internet users have a stake in seeing that the services are
> reliable in all regions.

Agreed, totally, that's the reason why all the 5 RIRs do provide access to
whois data for *users*, individually.

>>Sorry, the bulk access/harvesting prevention mechanisms have been in
> place for a *very* long time. So, I guess the "suddenly" is more likely
> to be related to a change in your query pattern >and/or frequency, than
> to a change in the mechanisms.
> 
> No, something has changed.  They are claiming now there is some type of
> limit of 1000 queries per day.  They have not blocked me in the past and
> the queries exceed that so something changed recently.
> 
>>Well - although this is formally outside the topic of discussion -
> looking at your style, approach and choice of words, I am not overly
> surprised...
> 
> So you are saying Internet policy should be based on an evaluation of a
> person's choice of style?

No, what I am saying is that discussions regarding policy and discussions
related to solving perceived problems SHOULD be conducted with respect to
etiquette and mutual respect, rather than accusations.

>  In other words if you are not part of a small clique then you don't matter?

Like in any community, you will certainly receive the appropriate attention.
You are getting pretty much attention on this list already, isn't it?

>  Many system admins act like this and they
> think their anti-spam systems trumps every other need and they don't
> care how much damage is done.  There are many people like this involved
> in Internet governance and it is a big problem because they don't
> balance the needs of different parties.  these are the people that often
> ridicule anyone who brings up issues or ideas that goers against their
> view of the world from their limited experience.
> 
>>PS: and even I ( :-) ), or rather the lab where I am doing teaching
> this stuff, get blocked when we activate the triggers, for one reason or
> another. And that's how it is meant to work :-)
> 
> Yes.  Then there is supposed to be a policy in place to make a
> determination of what is allowed and what is not.  the problem is that
> ARIN says it is allowed but RIPE says it is not.

Please see above why there may (or probably will) be differences in the
regions.

>  It is apparentky
> common to all the commercial whois providers that they use a distributed
> system of IP's so I don't have any special knowledge or information.
> 
>>I believe many other players, including US-based ones, quite
> successfully use RIPE database contents for purposes similar to yours.
> 
> I was doing fine for 13 years until recently.  Apparently the successful
> ones uses distributed IP's to avoid the blocking.
> 
>> The RIPE database is maintained by the RIPE NCC, and to the best of my
>> knowledge, the RIPE-specific (non-mirrored) contents of the database have
>> been contributed, update by update, by the RIPE NCC and the RIPE
>> community.
>> I totally fail to see how e.g. my person object would have been
>> 'bought and
>> paid for by the US taxpayer'.
> 
> 
> 
> I believe the data is under the ultimate control of the US Government

Well, we keep hearing that generalized statement since quite a while,
outside the US, and not limited to whois data :-)

> based on the contract between the US and IANA.  Here is an EC news
> release about it:
> http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/1345&format=HTML&aged=0&language=en&guiLanguage=en

Thanks for providing this URL.

Alas, I do not see any indication in this text that would support your
interpretation.

> If someone has the contract between RIPE and IANA I would like to see
> that as well.

To my knowledge, such a contract does not exist, but I may be wrong!
However, there is an MoU in place, between ICANN and the NRO (the collective
of the five RIRs)

> It is interesting that nobody can explain why RIPE has one policy and
> ARIN has a different one.

I tried to do that above, to summarize:
- different legal environment
- different communities
- regional policies apply

>  Also, nobody seems to agree that the services
> like whois need to be standardized across the Internet.

I do know quite a few parties which do share that view.
I also know quit a few others which do not agree, for various reasons.

> Most shockingly
> nobody wants to address the fact that the IP address blocking does not
> do what it is intended to do.

I presume most people who get in contact with that do not see a problem.

>  Most comments just assume RIPE must be
> right and that I must have done something wrong ... my stye is wrong and
> I present myself incorrectly, etc, etc.  This is what happens when
> someone outside the closed community tries to bring issues to the
> table.  The speaker is attacked and the issues are glossed over.  It is
> interesting because I am usually on the other side of the privacy
> argument and I have testified before the US Federal Trade Commission
> arguing for greater privacy protection.
> 
> thank you

Best regards,
Wilfried.