This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] EU Data Protection

Previous message (by thread): [anti-abuse-wg] EU Data Protection
Next message (by thread): [anti-abuse-wg] EU Data Protection

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sascha Luck lists-ripe at c4inet.net
Wed Nov 5 13:23:01 CET 2014

On Wed, Nov 05, 2014 at 03:03:15AM -0800, Ronald F. Guilmette wrote:
>Thereafter, it is up to the registrant to maintain the relevant WHOIS
>data, and all registrants are pledged to, and expected to do so in
>a way that causes the WHOIS data to always be accurate.  But I did
>not get any clear sense that RIPE NCC would always and in all cases
>vet, or re-vet changes made by a registrant to a WHOIS record, post-
>allocation... and perhaps they routinely do not do so.  This would

I don't think so. However, the "organisation:" object is
maintained by the NCC and they will revert changes that don't
agree with the documentation they have. (Actually has happened to
me)

>leave open the door to deliberately malicious registrants who might
>provide all correct contact information initially, and then, a week
>or a month later, go in and scramble their WHOIS to make it point
>to something/someone entirely fictitious.

Not possible AFAIK. You can put anything you want in role: and
person: objects but the organisation: object is under NCC
control. (and if you put fictional info in the objects that
refers, you can be sanctioned up to de-registration of resources
and closure if a LIR. (cf MoU and service terms)

>Registration documents for RIPE resources???  They are??? Where can I
>view those please?

For corporations:
At the appropriate national registrar-of-companies. Usually from
their website, depends on the country though.
The NCC requires those for the registration of independent
resources (cf ripe-556) but I don't know whether
they even keep them after checking. 

For natural persons I think you are out of luck. 

>>In any case, I'm sure I'm not the only member whose idea of what we pay
>>the NCC for is to be a resource registry,  *not* an intelligence
>>repository
>
>To be clear, I _do not_ want to bug their homes and/or offices, but
>anything that _corporations_ have _voluntarily_ given to RIPE should
>be fair game, and a matter of public record, I think.

This information is not voluntary and given to the NCC on the
understanding that it is confidential and used only to verify
that a resource holder exists, be it a natural or legal person.
It is certainly not "fair game".

rgds,
Sascha Luck

Previous message (by thread): [anti-abuse-wg] EU Data Protection
Next message (by thread): [anti-abuse-wg] EU Data Protection

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]