[anti-abuse-wg] Decision on Proposal 2017-02

Morning,

What we’re discussing right now is the policy as proposed and the NCC’s implementation plan. We’ve had discussion at an earlier point in regards to additional methods of verification, however it was made clear that there would be marked opposition to things that required human interaction in this way.

With this in mind we are proceeding on this basis. Obviously if you would like to propose an alternative, then the WG Co-Chairs and the RIPE Policy Development Office are very happy to assist you with this.

Thanks,

Brian

Brian Nisbet
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet at heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270

From: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> On Behalf Of Name
Sent: Thursday 15 March 2018 00:40
To: Marco Schmidt <mschmidt at ripe.net>; anti-abuse-wg at ripe.net
Subject: Re: [anti-abuse-wg] Decision on Proposal 2017-02

"If this policy change reaches consensus, the RIPE NCC will proactively
validate whether the "abuse-mailbox:" attribute is valid."

No it doesn't. How does RIPE loading a system that checks whether a mail server exists even need a change to policy? There is nothing listed in this "policy" that even needs to be  implemented as policy.

From what is said, RIPE will not check whether an abuse mailbox is valid, but whether a mail server exists at a domain specified.

Mail server exists ≠ valid abuse mailbox attribute

-------- Original Message --------
Subject: Re: [anti-abuse-wg] Decision on Proposal 2017-02
From: Marco Schmidt <mschmidt at ripe.net<mailto:mschmidt at ripe.net>>
Date: Thu, March 15, 2018 2:02 am
To: anti-abuse-wg at ripe.net<mailto:anti-abuse-wg at ripe.net>

Dear Malcolm,


On 2018-03-14 14:47:13 CET, Malcolm Hutty wrote:
> On 14/03/2018 13:32, Marco Schmidt wrote:
> > Please let me reiterate that the RIPE NCC will not activate the
> > closure procedure simply for failure to maintain the "abuse-mailbox:"
> > attribute.
> >
> > The closure procedure could be activated if the resource holder refuses
> > to provide correct abuse contact information or is unresponsive over a
> > longer period (during which the RIPE NCC will have made several attemps
> > to contact the resource holder via different channels).
>
> Marco,
>
> Thank you for your detailed mail. However I do not understand how the
> two sentences quoted above are consistent with each other. Is it that
> you won't activate the closure procedure *solely* for failure to
> maintain abuse-mailbox, but might activate it if this was compounded
> with some other breach?
>
> How would you feel if the policy was amended to say something along the
> lines of
>
> "For the pupose of RIPE-676 paragraph 1.6.2.1.1 (Violation of RIPE
> Policys and RIPE NCC Procedures), failure to maintain the abuse-mailbox
> attribute shall not be deemed sufficient reason to terminate the SSA in
> itself, but may be deemed an aggravating factor contributing towards a
> decision to terminate the SSA."

I see how those two lines can be confusing when taken together - thank
you for asking us to clarify.

If this policy change reaches consensus, the RIPE NCC will proactively
validate whether the "abuse-mailbox:" attribute is valid. If our
automated validation indicates that the attribute is technically
incorrect, we will contact the resource holder (directly or indirectly
via the sponsoring LIR) and ask them to review and correct the "abuse-mailbox:"
attribute.

This is still outside of the closure and deregistration procedure.

It would be the following actions of the resource holder that could lead
to us activating the closure procedure - such as refusing to provide
correct abuse contact information or remaining unresponsive over a
longer period.

This is already our current procedure when investigating incorrect
contact information and this would not change if the policy change
reaches consensus.

Regarding potential amendments, it would be up to the Anti-Abuse
Working Group to decide if these are worthwhile. But I am happy to
provide the RIPE NCC's understanding based on the current version of the
policy proposal as well as clarification on the current RIPE policy
framework.

Kind regards,
Marco Schmidt
Policy Development Officer
RIPE NCC

>
> Kind Regards,
>
> Malcolm.
>
> --
> Malcolm Hutty | tel: +44 20 7645 3523
> Head of Public Affairs | Read the LINX Public Affairs blog
> London Internet Exchange | http://publicaffairs.linx.net/
>
> London Internet Exchange Ltd
> Monument Place, 24 Monument Street London EC3R 8AJ
>
> Company Registered in England No. 3137929
> Trinity Court, Trinity Street, Peterborough PE1 1DA
>
>


Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20180315/e1b9101d/attachment.html>