[db-wg] abuse-c

Hi Marco,


> IMHO you can define two groups of database users:
>
> - the relatively small group of techies who are updating the database
>   and/or know how to use it and how to find specific information like
>   incident response teams.
> - The large group of users who hardly know what the database is and why it
>   is there and only want to get one piece of information: Where can I
>   complain about this spam I got.
>
> For the first group everything is in place and working. As from my
> personal experience the second group doesn't understand how things work
> and how to read the information returned on a query and to be more
> specific admin-c, tech-c and especially changed attributes are not by
> default the best address to send complaints to as we already mentioned in
> the remarks section which got returned on the same query.
>
> Reading the remarks section which is used by most people to list abuse
> information is easy for the human reader, although I have came accross
> webinterfaces who didn't like the <address> notation most people use. But
> it's hard for a programmer to 'read' as it is not fixed format.
>
> Introducing the abuse: attribute as a single syntactically valid[1] email
> address on inetnum objects or the first level of objects it refers to
> makes it simple in the way that:
>
> whois ip-address | grep abuse:
>
> Will always result in a valid email address to send the complaint, without
> the need to walk to a tree of objects referring to each other and search
> for remarks fields pointing to the abuse desk or just collecting
> everything which includes an '@' and not even using uniq on them.
>
> Take it from the point of the non-professional "I'm sure this is easy to
> write in perl/php/shell/cobol/whatever" programmer who needs to query and
> parse the ripe database.
>
> MarcoH


I very much agree with your description of the 2 groups using the whois
database. It is very interesting that we got this big database running and
lots of tech people taking the time to update it, but it actually misses the
primary reason for its existence! As I have always understood the whois
database, its a system where everybody can find the person responsible for a
specific IP address in case they have a complaint about this IP address.

I also think that in order for abuse addresses to work successfully in the
system it has to be as easy as you described, with a grep command. If that
only works sometimes, some IP addresses are registered another way, then its
not worth much..

To make sure something which is implemented also works its very important
that its simple, eventhough most LIRs have technical people who can figure
out how to use Ripe systems it does not make sense if a very sofisticated
system is implemented which has advanced features which is fully used by
only about half the LIRs, then why should the rest bother with it?



Med venlig hilsen/Best regards


Christian Rasmussen
Hosting manager, jay.net a/s

Smedeland 32, 2600 Glostrup, Denmark

Email: noc at jay.net
Personal email: chr at corp.jay.net
Tlf./Phone: +45 3336 6300, Fax: +45 3336 6301

Produkter / Products:
http://hosting.jay.net