<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: Abuse address attribute in RIPE whois?


= > Maybe a little OT or wrong WG. But I see that this could maybe
= > be a benefit for all involved.

  I don't think so (wrong WG. :-)

= > My question is if there is an interest to create an "draft" for an
= > identifier in the inetnum object that could be used for abuse reports.
= > Like the "X-Complaints-To:" in NNTP. That identifier could the be used
= > by programs like the one mentioned in this mail. And could also be
= > easier to find on each assignment. As most LIRs have only created info
= > about this in the object for the whole block.
=
=This is an interesting idea. It only works if we get the other RIRs and
=LIRs to do the same, but a workable proposal from RIPE would be a good
=start.

  Actually, a few days ago I had the opportunity to review and refine our
  blue-print for the irt: object with Yuri (TF-CSIRT/IODEF, TERENA) and
  Andrei (RIPE NCC), alongside the IETF.
  
  I have since received implementation feed-back from the NCC, which I
  plan to summarize later today or tomorrow.

  While this effort obviously tries to accommodate the CERTs/IRTs (which
  in many cases do not deal with spam, at least not directly), the lookup
  behaviour and semantics could be of interest?!

=It is exactly the sort of thing Rob wanted us to start thinking about
=in Bologna. It isn't specific to spam, although I think the anti-spam
=WG probably sees the need most clearly. Other people (perhaps in the
=DB WG) have considered whether CSIRTs should be recorded in the
=database.

  It's actually a bit more than "considered". We already have a decision
  to go ahead with implementation (which is being resumed now, due to the
  fact that the DB-SW re-impl. and RPSL transition is almost complete). 
  I expect to have an agreement on the implemenation _details_ by the time
  of the Prague RIPE Meeting.
  
  And, of course, we would hope that other registries would see this as a
  useful development and either re-use the code or at least the concepts.

=We need a mechanism for answering the question
=   'Who is responsible for this IP address?'

  Agreed.

=(where 'responsible' may have several different meanings each needing
=a different answer).

  That's a valid point. But when and if we can come up with a reasonable
  definition, then it should be possible to do The Right Thing in the
  registry/ies?

=I don't know whether you can do this with a convention about some
=fields already in the DB, or whether it would be an extension.

  I guess we have to do more than a convention to see acceptance
  (eventually).

=Perhaps some people will think this is an extra application for the
=DNS, rather than the RIR whois services?

  That's going to be an interesting discussion (like over-loading DNS, who
  has the authority to registrer contacts for which set of resources,
  credibility (DNSSEC?)...)

>Rodney Tillotson, JANET-CERT
>+44 1235 822 255.
>
>--------------------------------------------------------------------------------

  Wilfried.





<<< Chronological >>> Author    Subject <<< Threads >>>