This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] Changes for abuse
- Previous message (by thread): [db-wg] abuse stuff implemented in the DB, and thanks
- Next message (by thread): [db-wg] Changes for abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue May 10 12:22:53 CEST 2005
At 06:06 PM 21-04-05 +0200, Shane Kerr wrote: How can one add an abuse-mailbox attribute to an organisation object that is type=LIR? The LIR portal "organisation object editor" doesn't provide that attribute as an option. Thanks, Hank >Dear Colleagues, > >The RIPE NCC has implemented the proposed changes to the Whois server >software. We will put the new software into production on Wednesday, >2005-04-27. > > ***************************************************************** > > These changes alter the default output of the Whois server. > > If you need the old output, you can get it by using the "-B" > and "-G" flags, like this: > > whois -B -G 193.0.1.17 > > ***************************************************************** > >The current implementation is different from the original proposal in >this way: > >- INETNUM and INET6NUM object types will *not* have the > "abuse-mailbox:" attribute added. > >The reason for not adding the "abuse-mailbox:" attribute to the >INETNUM and INET6NUM object types is that there was no consensus to >add these. Some people supported it and some people did not. > >It is easier to add attributes than to delete them. Anyone in favour >of adding this attribute can attempt to create consensus within the >Database Working Group. > >We have also implemented the proposal to change the order of objects >in query results. > >A revised proposal is attached. As well as the above change: > >- It explicitly states that "trouble:" will be deprecated. > >- Some templates and examples were not correct, and have been fixed. > >-- >Shane Kerr >Software Manager >RIPE NCC > > > > +++++++++++++++++++++++++++++++++++++++++++ > This Mail Was Scanned By Mail-seCure System > at the Tel-Aviv University CC.The changes we propose are: > >o To hide attributes that contain e-mail addresses in the default > output of queries. We will also provide an option to disable this > feature, > >o To add a new "abuse-mailbox:" attribute to PERSON, ROLE, IRT, > MNTNER, and ORGANISATION objects, > >o To provide an option to display only key attributes and abuse > contacts, > >o To change the IRT object template so that the "signature:" and > "encryption:" attributes are no longer mandatory, > >o To change the behaviour of the '-c' switch in whois queries. > >We will announce the changes on our website. We will also contact any >third-party software developers who rely on the RIPE Database for >abuse contact information. > >You can read the minutes from the Database Working Group discussion >at: > >http://www.ripe.net/ripe/maillists/archives/db-wg/2004/msg00469.html > > >(1) Adding the "abuse-mailbox:" Attribute > >We will add a new attribute to the following object types: > >PERSON >ROLE >IRT >ORGANISATION >MNTNER > >This optional attribute will contain at least one e-mail address. It >will tell users where to send abuse complaints or queries. > >(The proposed templates for the above objects are at the end of this >document.) > >The description of the new attribute will be the same in all objects: > > abuse-mailbox: > > Specifies the e-mail address to which abuse complaints should be > sent. > > An e-mail address as defined in RFC 2822. > >There is currently a "trouble:" attribute in ROLE objects, which >contains free text. We will update ROLE objects, so that any ROLE >object that has a "trouble:" attribute that is an e-mail address as >defined in RFC 2822, will be copied to the "abuse-mailbox:" attribute. >Any other "trouble:" attributes will be converted to "remarks:". >The "trouble:" attribute will be deprecated. > >As an example, see the following: > > > role: Example Role > address: Example Address > phone: +11 22 33445 > fax-no: +11 22 33445 > e-mail: info at example.com > admin-c: TEST1-RIPE > tech-c: TEST1-RIPE > trouble: Please contact > trouble: abuse at example.com > trouble: for abuse reports, not info at example.com > nic-hdl: TESTROLE1-RIPE > changed: info at example.com 20050101 > source: RIPE > >We will replace this with: > > role: Example Role > address: Example Address > phone: +11 22 33445 > fax-no: +11 22 33445 > e-mail: info at example.com > admin-c: TEST1-RIPE > tech-c: TEST1-RIPE > remarks: "trouble:" converted on 2005mmdd > remarks: Please contact > abuse-mailbox: abuse at example.com > remarks: for abuse reports > nic-hdl: TESTROLE1-RIPE > changed: info at example.com 20050101 > source: RIPE > > >(2) Hiding Attributes That Contain E-Mail Addresses > >Finding the right e-mail address for abuse reports can be confusing. >There is currently no easy way to find this information in the RIPE >Database. Users often send mail to every e-mail address they see in a >query result. To avoid this, we will hide all attributes that contain >e-mail addresses from the default output of a whois query for an >address. > >When a user looks up an address, the results may include the following >objects: > >INETNUM >INET6NUM >ROUTE >ROUTE6 >ORGANISATION >PERSON >ROLE > >By default, MNTNER objects are not shown, but they are often also >queried to get contact information. > >For each of the object types, the following attributes contain e-mail >addresses: > >INETNUM: notify, changed >INET6NUM: notify, changed >ROUTE: notify, changed >ROUTE6: notify, changed >ORGANISATION: e-mail, notify, changed >PERSON: e-mail, notify, changed >ROLE: e-mail, trouble, notify, changed > >For each address range returned, if there is at least one >"abuse-mailbox:" attribute in any of the returned objects, the >attributes mentioned above will be removed from the output. > >If there is no "abuse-mailbox:" attribute, only "notify:" and >"changed:" attributes will be filtered out. > >If an attribute of an object is changed, a comment will be added, to >avoid confusion. > >Users can turn off this suppression. To make this possible, we will >implement a '-B' flag. > >As an example: > >$ whois 10.0.0.10 > >Might currently give the following result: > > inetnum: 10.0.0.0 - 10.0.0.255 > netname: HOME-NETWORK > descr: Home Network > country: ZZ > admin-c: ME1-RIPE > tech-c: ME1-RIPE > status: ALLOCATED PI > mnt-by: I-MNT > changed: ripe-dbm at ripe.net 20050101 > source: RIPE > > person: Me Myself and I > address: Home Alone > phone: +11 22 33445 > fax-no: +11 22 33445 > e-mail: ripe-dbm at ripe.net > nic-hdl: ME1-RIPE > mnt-by: I-MNT > changed: ripe-dbm at ripe.net 20050101 > source: RIPE > >After the change, the result will be: > > % Note: this output has been filtered. > > inetnum: 10.0.0.0 - 10.0.0.255 > netname: HOME-NETWORK > descr: Home Network > country: ZZ > admin-c: ME1-RIPE > tech-c: ME1-RIPE > status: ALLOCATED PI > mnt-by: I-MNT > source: RIPE > > person: Me Myself and I > address: Home Alone > phone: +11 22 33445 > fax-no: +11 22 33445 > nic-hdl: ME1-RIPE > mnt-by: I-MNT > source: RIPE > >To see the unmodified result, users should type in: > >$ whois -B 10.0.0.10 > > >(3) Adding 'abuse output' Option > >To help authors of tools or users who are only interested in the abuse >contacts for IP addresses, we will implement a brief output mode. If a >user types '-b' when querying the RIPE Database, they will only see >the key attributes of address ranges and the "abuse-mailbox:" >attribute. This switch will also imply '-c', which requests first >level less specific INETNUM or INET6NUM objects with the "mnt-irt:" >attribute. It will only work with address space related queries. > >Here is an example: > >$ whois 10.0.0.0 > >Returns: > > inetnum: 10.0.0.0 - 10.0.0.255 > netname: HOME-NETWORK > descr: Home Network > country: ZZ > admin-c: ME1-RIPE > tech-c: ME1-RIPE > status: ALLOCATED PI > mnt-by: I-MNT > mnt-irt: IRT-I > changed: ripe-dbm at ripe.net 20050101 > source: RIPE > > person: Me Myself and I > address: Home Alone > phone: +11 22 33445 > fax-no: +11 22 33445 > e-mail: ripe-dbm at ripe.net > nic-hdl: ME1-RIPE > mnt-by: I-MNT > changed: ripe-dbm at ripe.net 20050101 > abuse-mailbox: ripe-dbm-person at ripe.net > source: RIPE > >So: > >$ whois -b 10.0.0.0 > >Will return: > > % Note: this output has been filtered. > % Only primary keys and abuse contact will be visible. > > inetnum: 10.0.0.0 - 10.0.0.255 > e-mail: ripe-dbm at ripe.net > e-mail: ripe-dbm-person at ripe.net > >This output will not generate valid objects, and there will be no >object separators. > >If two ranges are returned after making a query, an object separator >will be inserted between groupings. Therefore, the output will look >like this: > > inetnum: 10.0.0.0 - 10.0.0.255 > e-mail: ripe-dbm at ripe.net > e-mail: ripe-dbm-person at ripe.net (*) > > inetnum: 10.0.1.0 - 10.0.0.255 > e-mail: ripe-dbm-person-2 at ripe.net (*) > >Attributes marked by (*) are taken from the person object retrieved by >a recursive lookup. > > >(4) Modifications on the IRT Object > >We will change the template for the IRT object will be changed. You >will no longer need a KEY-CERT object to create an IRT object. > >Currently, the template for the IRT object is: > > > irt: [mandatory] [single] [primary/look-up key] > address: [mandatory] [multiple] [ ] > phone: [optional] [multiple] [ ] > fax-no: [optional] [multiple] [ ] > e-mail: [mandatory] [multiple] [lookup key] > signature: [mandatory] [multiple] [ ] > encryption: [mandatory] [multiple] [ ] > org: [optional] [multiple] [inverse key] > admin-c: [mandatory] [multiple] [inverse key] > tech-c: [mandatory] [multiple] [inverse key] > auth: [mandatory] [multiple] [inverse key] > remarks: [optional] [multiple] [ ] > irt-nfy: [optional] [multiple] [inverse key] > notify: [optional] [multiple] [inverse key] > mnt-by: [mandatory] [multiple] [inverse key] > changed: [mandatory] [multiple] [ ] > source: [mandatory] [single] [ ] > >"signature:" and "encryption:" attributes need existing key-cert >objects. The Anti-spam Working Group asked us to make these objects >optional. You can read an archive of this discussion at: > >http://www.ripe.net/ripe/maillists/archives/db-wg/2004/msg00452.html > >The template for irt objects will be: > > irt: [mandatory] [single] [primary/look-up key] > address: [mandatory] [multiple] [ ] > phone: [optional] [multiple] [ ] > fax-no: [optional] [multiple] [ ] > e-mail: [mandatory] [multiple] [lookup key] > signature: [optional] [multiple] [ ] > encryption: [optional] [multiple] [ ] > org: [optional] [multiple] [inverse key] > admin-c: [mandatory] [multiple] [inverse key] > tech-c: [mandatory] [multiple] [inverse key] > auth: [mandatory] [multiple] [inverse key] > remarks: [optional] [multiple] [ ] > irt-nfy: [optional] [multiple] [inverse key] > notify: [optional] [multiple] [inverse key] > mnt-by: [mandatory] [multiple] [inverse key] > changed: [mandatory] [multiple] [ ] > source: [mandatory] [single] [ ] > >Therefore, the object below would be valid: > > irt: irt-someorg-zz > address: address for the irt > phone: +11 22 3344556 > fax-no: +11 22 3344556 > e-mail: contact at example.com > admin-c: CONTACT1-RIPE > tech-c: CONTACT1-RIPE > auth: CRYPT-PW XXXXXXXXXXXXX > mnt-by: mnt-someorg > changed: someone at example.com 20050101 > source: RIPE > >We will automate this process, so that help from the RIPE Database >Management will no longer be necessary create IRT objects. > > >(5) Changing the behaviour of '-c' option in whois queries > >Currently, the -c option requests first level less specific INETNUM or >INET6NUM objects with the "mnt-irt:" attribute. It does not return any >related IRT objects. This will change, so that -c will treat IRT >objects as contacts and do recursive lookups on related IRT objects. > >Here is an example: > >$ whois -c 10.0.0.0 > >Returns: > > inetnum: 10.0.0.0 - 10.0.0.255 > netname: TEST-NET > descr: Test Net > country: ZZ > admin-c: TEST1-RIPE > tech-c: TEST1-RIPE > status: ASSIGNED PA > mnt-by: TEST-MNT > mnt-irt: IRT-TEST > changed: info at example.com 20050101 > source: RIPE > > person: TEST1-RIPE > . > . > >After the change, the result will be: > > inetnum: 10.0.0.0 - 10.0.0.255 > netname: TEST-NET > descr: Test Net > country: ZZ > admin-c: TEST1-RIPE > tech-c: TEST1-RIPE > status: ASSIGNED PA > mnt-by: TEST-MNT > mnt-irt: IRT-TEST > changed: info at example.com 20050101 > source: RIPE > > person: TEST1-RIPE > . > . > > irt: IRT-TEST > . > . > > >(6) Modified Templates > > inetnum: [mandatory] [single] [primary/look-up key] > netname: [mandatory] [single] [lookup key] > descr: [mandatory] [multiple] [ ] > country: [mandatory] [multiple] [ ] > org: [optional] [single] [inverse key] > admin-c: [mandatory] [multiple] [inverse key] > tech-c: [mandatory] [multiple] [inverse key] > rev-srv: [optional] [multiple] [inverse key] > status: [mandatory] [single] [ ] > remarks: [optional] [multiple] [ ] > notify: [optional] [multiple] [inverse key] > mnt-by: [mandatory] [multiple] [inverse key] > mnt-lower: [optional] [multiple] [inverse key] > mnt-domains: [optional] [multiple] [inverse key] > mnt-routes: [optional] [multiple] [inverse key] > mnt-irt: [optional] [multiple] [inverse key] > changed: [mandatory] [multiple] [ ] > source: [mandatory] [single] [ ] > > inet6num: [mandatory] [single] [primary/look-up key] > netname: [mandatory] [single] [lookup key] > descr: [mandatory] [multiple] [ ] > country: [mandatory] [multiple] [ ] > org: [optional] [single] [inverse key] > admin-c: [mandatory] [multiple] [inverse key] > tech-c: [mandatory] [multiple] [inverse key] > rev-srv: [optional] [multiple] [inverse key] > status: [mandatory] [single] [ ] > remarks: [optional] [multiple] [ ] > notify: [optional] [multiple] [inverse key] > mnt-by: [mandatory] [multiple] [inverse key] > mnt-lower: [optional] [multiple] [inverse key] > mnt-routes: [optional] [multiple] [inverse key] > mnt-domains: [optional] [multiple] [inverse key] > mnt-irt: [optional] [multiple] [inverse key] > changed: [mandatory] [multiple] [ ] > source: [mandatory] [single] [ ] > > person: [mandatory] [single] [lookup key] > address: [mandatory] [multiple] [ ] > phone: [mandatory] [multiple] [ ] > fax-no: [optional] [multiple] [ ] > e-mail: [optional] [multiple] [lookup key] > abuse-mailbox: [optional] [multiple] [inverse key] ** > org: [optional] [multiple] [inverse key] > nic-hdl: [mandatory] [single] [primary/look-up key] > remarks: [optional] [multiple] [ ] > notify: [optional] [multiple] [inverse key] > mnt-by: [optional] [multiple] [inverse key] > changed: [mandatory] [multiple] [ ] > source: [mandatory] [single] [ ] > > role: [mandatory] [single] [lookup key] > address: [mandatory] [multiple] [ ] > phone: [optional] [multiple] [ ] > fax-no: [optional] [multiple] [ ] > e-mail: [mandatory] [multiple] [lookup key] > trouble: [optional] [multiple] [ ] > abuse-mailbox: [optional] [multiple] [inverse key] ** > org: [optional] [multiple] [inverse key] > admin-c: [mandatory] [multiple] [inverse key] > tech-c: [mandatory] [multiple] [inverse key] > nic-hdl: [mandatory] [single] [primary/look-up key] > remarks: [optional] [multiple] [ ] > notify: [optional] [multiple] [inverse key] > mnt-by: [optional] [multiple] [inverse key] > changed: [mandatory] [multiple] [ ] > source: [mandatory] [single] [ ] > > irt: [mandatory] [single] [primary/look-up key] > address: [mandatory] [multiple] [ ] > phone: [optional] [multiple] [ ] > fax-no: [optional] [multiple] [ ] > e-mail: [mandatory] [multiple] [lookup key] > abuse-mailbox: [optional] [multiple] [inverse key] ** > signature: [mandatory] [multiple] [ ] > encryption: [mandatory] [multiple] [ ] > org: [optional] [multiple] [inverse key] > admin-c: [mandatory] [multiple] [inverse key] > tech-c: [mandatory] [multiple] [inverse key] > auth: [mandatory] [multiple] [inverse key] > remarks: [optional] [multiple] [ ] > irt-nfy: [optional] [multiple] [inverse key] > notify: [optional] [multiple] [inverse key] > mnt-by: [mandatory] [multiple] [inverse key] > changed: [mandatory] [multiple] [ ] > source: [mandatory] [single] [ ] > > organisation: [mandatory] [single] [primary/look-up key] > org-name: [mandatory] [single] [lookup key] > org-type: [mandatory] [single] [ ] > descr: [optional] [multiple] [ ] > remarks: [optional] [multiple] [ ] > address: [mandatory] [multiple] [ ] > phone: [optional] [multiple] [ ] > fax-no: [optional] [multiple] [ ] > e-mail: [mandatory] [multiple] [lookup key] > abuse-mailbox: [optional] [multiple] [inverse key] ** > org: [optional] [multiple] [inverse key] > admin-c: [optional] [multiple] [inverse key] > tech-c: [optional] [multiple] [inverse key] > ref-nfy: [optional] [multiple] [inverse key] > mnt-ref: [mandatory] [multiple] [inverse key] > notify: [optional] [multiple] [inverse key] > mnt-by: [mandatory] [multiple] [inverse key] > changed: [mandatory] [multiple] [ ] > source: [mandatory] [single] [ ] > > mntner: [mandatory] [single] [primary/look-up key] > descr: [mandatory] [multiple] [ ] > org: [optional] [multiple] [inverse key] > admin-c: [mandatory] [multiple] [inverse key] > tech-c: [optional] [multiple] [inverse key] > abuse-mailbox: [optional] [multiple] [inverse key] ** > upd-to: [mandatory] [multiple] [inverse key] > mnt-nfy: [optional] [multiple] [inverse key] > auth: [mandatory] [multiple] [inverse key] > remarks: [optional] [multiple] [ ] > notify: [optional] [multiple] [inverse key] > mnt-by: [mandatory] [multiple] [inverse key] > referral-by: [mandatory] [single] [inverse key] > changed: [mandatory] [multiple] [ ] > source: [mandatory] [single] [ ] > >Rows that are marked with '**' are additions to the templates.
- Previous message (by thread): [db-wg] abuse stuff implemented in the DB, and thanks
- Next message (by thread): [db-wg] Changes for abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]