<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: Abuse address attribute in RIPE whois?



Rodney Tillotson wrote:

> This is an interesting idea. It only works if we get the other RIRs and
> LIRs to do the same, but a workable proposal from RIPE would be a good
> start.

I guess that this will be a big waste of time for us all in 
the future if we keep on in the same track as we do now. And
I fully understand that this must be a global initiative to
fully work. But we must start somewhere ;-) 
 
> It is exactly the sort of thing Rob wanted us to start thinking about
> in Bologna. It isn't specific to spam, although I think the anti-spam
> WG probably sees the need most clearly. Other people (perhaps in the
> DB WG) have considered whether CSIRTs should be recorded in the
> database.

The input from the DB people is important as we don't want
to decrease the performance of the DB itself.
 
> We need a mechanism for answering the question
>    'Who is responsible for this IP address?'
> (where 'responsible' may have several different meanings each needing
> a different answer).

Correct.
 
> I don't know whether you can do this with a convention about some
> fields already in the DB, or whether it would be an extension.

The important things i see is these two:

* The attribute should be easy to find and "user friendly" for
  the human eye.

* And it should be simple to use as a searchable string for programs 
  that look up this information. The info under "Descr:" doesn't
  work that good today as we all know. Neither the info found in the
  routing objects on some blocks. 
   
> Perhaps some people will think this is an extra application for the
> DNS, rather than the RIR whois services?

I see this as two problems that needs to be solved:

1) Spam/UCE/UBE issues.
2) Intrution attempts/DDoS issues.

Maybe we need to look for two different solutions for these problems.

Regards

-- amar




<<< Chronological >>> Author    Subject <<< Threads >>>