[acm-tf] Abuse Contact Information - Policy Proposal
Alessandro Vesely vesely at tana.it
Tue Oct 11 20:23:15 CEST 2011
Hi, On 11/Oct/11 17:44, Denis Walker wrote: > As far as I understand the proposal you are considering is to add the > "abuse-mailbox:" attribute to the ROLE object, along with a new > attribute "role-type:". Business rules in the software will make sure > that "abuse-mailbox:" must be added to any ROLE object used for abuse > handling and referenced by an "abuse-c:" attribute. Yep, that's what you and Tobias suggested in May, and we've agreed upon, as far as I can understand. > Then as a follow up, after this policy implementation has been deployed, > there will be a clean up phase where all "abuse-mailbox:" attributes in > other object types will be migrated/merged/deleted. The syntax of the > other object types can then be changed to deprecate this attribute from > anywhere other than the ROLE object. So in the end you only have the > "abuse-mailbox:" attribute in one place. Right, I vaguely remembered this idea too. I would choose a new attribute. Say "role-mailbox", "report-mailbox", "abuse-reports-to", or anything to that meaning. It is only a name, but it might prevent someone from wondering whether "abuse of the abuse-c" is what is being meant there. > With the attribute in only one place and implemented using the > hierarchical nature of the resources, the workload on resource holders > will be kept to a minimum. It seems that we could have obtained something quite similar, in terms of workload on resource holders, by mandating an abuse-mailbox on the mntner and then having the abuse-finder deliver that address as a last resort. Instead we consider changing the DB structure. IMHO, we should justify our choice. I'd reword it like so: The "abuse-c:" reference to an abuse handler should make use of the hierarchical nature of the resource data so as to facilitate good database design, and to be consistent with how generic Internet users perceive service provider's duty[*], while keeping a minimal workload on resource holders. [*] Do they? I have no specific data to support this point. We should word this better... > In my previous email you can replace 'LIR' with 'holder of a less > specific resource'. This yields Because of the hierarchical nature, if an end user has their own abuse team, they can reference their own abuse type ROLE object with an "abuse-c:" in the INETNUM object for their assignment. This will override the holder of a less specific resource abuse team reference only for this one assignment. This seems to be a good explanation, doesn't it?
[ Acm-tf Archive ]