This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
- Previous message (by thread): [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
- Next message (by thread): [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Brian Nisbet
brian.nisbet at heanet.ie
Mon Jan 22 14:31:00 CET 2018
Folks, On 22/01/2018 13:19, Gert Doering wrote: > Hi, > > On Mon, Jan 22, 2018 at 11:25:12AM +0000, Nick Hilliard wrote: >> I have no problem with abuse-c validation, either via ARC, or the >> mechanism proposed in this policy, and probably not via a range of other >> mechanisms either. But threatening to terminate the right of an >> organisation to continue to exist in the case of non compliance of the >> terms specified in 2017-02 is frankly absurd. > > I second this concern. > > I do see the need for a working abuse contact, and I do see the need of > sanctions in case a policy is violated, but "deregister all resources, > because your mail server was broken when we tested" is too extreme > (exaggeration for emphasis). There's a lot more to discuss in Nick's email, but I want to talk about this point immediately. I believe the NCC have stated very clearly how incredibly unlikely deregistration of resources would be and I honestly don't believe the exaggeration for emphasis or otherwise is useful. Yes, it could happen, after many, many attempts to get in contact with the resource holder and lots of steps. However this is not a set of actions restricted to 2017-02. This is part of the membership contracts and the interaction between this and RIPE policies. There was a lot of discussion at the GM in October on this topic. If a member doesn't abide by RIPE policies then there is a danger that their resources could be deregistered. That's part of membership. As per the NCC's impact analysis this is something they deal with regularly: "The RIPE NCC has significant experience with resolving these kinds of situations. Over the past five years, it has investigated and resolved more than 1,000 external reports on incorrect “abuse-mailbox:” attributes, without ever needing to trigger the closure and deregistration procedure. Making unresponsive resource holders aware of this procedure has helped to ensure their cooperation." and "If the closure and deregistration procedure is triggered, the resource holder still has a further three months to resolve the problem before the actual LIR closure and/or resource deregistration takes place." So please, can we moderate the fears and properly estimate the risks around de-registration in the case of an invalid abuse-mailbox attribute. Thanks, Brian Co-Chair, RIPE AA-WG
- Previous message (by thread): [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
- Next message (by thread): [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]