This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] Re: abuse-c: proposal
- Previous message (by thread): [db-wg] Re: abuse-c: proposal
- Next message (by thread): [db-wg] Re: abuse-c: proposal
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Christian Rasmussen
chr at jay.net
Mon Feb 9 16:25:31 CET 2004
Hi Marco, hehe.. this is apparently always a good subject to get some discussion!.. :) > >> I looked at the inetnum object CISBRD-CUST-ADSL-113, one of these > >> created by you for your broadband customers: it contains in > the remarks > >> attributes a well visible notice about where complaints > should be sent, > >> yet you say that you still get them at your personal email address. > >> Do you really think that users would understand better if they read > >> "abuse-mailbox: user at example.com" instead of that sentence in english > >> which explains what the allocation is for and who should be > notified of > >> abuse? > >Of course not. But how many inetnum objects have these remarks? > How is this relevant to what we are discussing? It is very relevant for your argument, you say this remark-thing is easy to understand, but if very few use it, then its not relevant if it's easy to understand or not. > >Agreed. But the primary concern is the applications used to > find an abuse > >address for a specific IP address, they have a hard time > finding anything in > >a freetext format... We have to make sure these applications find the > >correct mail address, if they don't, we haven't solved anything. > This is true, I agree that this must be a goal, but abuse-mailbox is not > the only way to reach it. Maybe RIPE could provide a web page to query > the DB for abuse desk addresses (which would report no other data), or > maybe the port 43 server could be modified to always check for IRT > objects for inetnum/inetnum6 queries and report the address in a comment > at the top of the reply with big eye-catching ASCII art. > So far only one tool writer contributed to this thread, and he reported > that both abuse-mailbox and irt could be used by his tools. Im glad we can agree on something. And you're right, abuse-mailbox entered in each customer inetnum objects is not exactly the only way to do it. Yes, it might be a good idea to just have an "Abuse-Whois", abuse.ripe.net, enter an IP adresse and you get the corresponding abuse address and nothing else! I believe tool-writers can do anything which is not freetext. > > >> I think that there is a consensus that there is the need for > a method to > >> look up the abuse desk address for an IP address, and I > believe that irt > >> objects (which have the big advantage of existing) are fit to this. > >> > >> Creating irt objects is not any harder than creating a new maintainer, > >> maybe the documentation should focus more on this and less on > marketing > >> the TI concept (which apparently only NRENs care about). > > > >First problem with IRT is that in order for it to have any > value every LIR > >has to actively modify ALL their inetnum objects......... Now > that must mean > >that the intention has never been to make sure all LIRs implement it. > No, you are getting it backward: this is the problem with abuse-mailbox > or abuse-c. Yes, but not with abuse in the maintainer. > >Next problem is the idea behind IRT, apparently it is to be used by > >companies who outsource handling of abuse - we don't. If I > should use this > It may support outsourcing, but I can't see why this would be a problem. > I set up an IRT object for an ISP with an internal abuse desk and found > it appropriate for my needs. Can you be more clear? > > >object it should have a normal mnt-by attribute and the following fields > >either removed or made optional: address, signature, encryption, auth. > I would not strongly oppose to this, but I can't see how it would make > easier to deploy IRT objects. > It's not like you do not already have an address or a PGP key... Well, I believe it would be easier to deploy IRT if LIRs wouldn't have to create encryptions, simply because it would be administrativly easier. If it did not matter how many LIRs create the object then it wouldn't be a problem with these mandatory attributes, but in this case we haven't achieved anything unless almost all LIRs create it. Med venlig hilsen/Best regards Christian Rasmussen Hosting manager, jay.net a/s Smedeland 32, 2600 Glostrup, Denmark Email: noc at jay.net Personal email: chr at corp.jay.net Tlf./Phone: +45 3336 6300, Fax: +45 3336 6301 Produkter / Products: http://hosting.jay.net
- Previous message (by thread): [db-wg] Re: abuse-c: proposal
- Next message (by thread): [db-wg] Re: abuse-c: proposal
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]