[anti-abuse-wg] EU Data Protection
- Previous message (by thread): [anti-abuse-wg] EU Data Protection
- Next message (by thread): [anti-abuse-wg] EU Data Protection
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sascha Luck
lists-ripe at c4inet.net
Wed Nov 5 13:23:01 CET 2014
On Wed, Nov 05, 2014 at 03:03:15AM -0800, Ronald F. Guilmette wrote: >Thereafter, it is up to the registrant to maintain the relevant WHOIS >data, and all registrants are pledged to, and expected to do so in >a way that causes the WHOIS data to always be accurate. But I did >not get any clear sense that RIPE NCC would always and in all cases >vet, or re-vet changes made by a registrant to a WHOIS record, post- >allocation... and perhaps they routinely do not do so. This would I don't think so. However, the "organisation:" object is maintained by the NCC and they will revert changes that don't agree with the documentation they have. (Actually has happened to me) >leave open the door to deliberately malicious registrants who might >provide all correct contact information initially, and then, a week >or a month later, go in and scramble their WHOIS to make it point >to something/someone entirely fictitious. Not possible AFAIK. You can put anything you want in role: and person: objects but the organisation: object is under NCC control. (and if you put fictional info in the objects that refers, you can be sanctioned up to de-registration of resources and closure if a LIR. (cf MoU and service terms) >Registration documents for RIPE resources??? They are??? Where can I >view those please? For corporations: At the appropriate national registrar-of-companies. Usually from their website, depends on the country though. The NCC requires those for the registration of independent resources (cf ripe-556) but I don't know whether they even keep them after checking. For natural persons I think you are out of luck. >>In any case, I'm sure I'm not the only member whose idea of what we pay >>the NCC for is to be a resource registry, *not* an intelligence >>repository > >To be clear, I _do not_ want to bug their homes and/or offices, but >anything that _corporations_ have _voluntarily_ given to RIPE should >be fair game, and a matter of public record, I think. This information is not voluntary and given to the NCC on the understanding that it is confidential and used only to verify that a resource holder exists, be it a natural or legal person. It is certainly not "fair game". rgds, Sascha Luck
- Previous message (by thread): [anti-abuse-wg] EU Data Protection
- Next message (by thread): [anti-abuse-wg] EU Data Protection
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]