Re: Abuse address attribute in RIPE whois?
- Date: Tue, 21 Aug 2001 20:31:27 +0200
My 5 cents:
We do not need DB support. All we need are some well-defined well-known
well-published and self-declaring tags within the descr:, remark: or
likewise lines.
remark: send-net-abuse-to: netabuse@localhost
remark: send-mail-abuse-to: abuse@localhost
This would help as well, and I think is applicable to any other RIR etc.
databases. All you need there ist to add some public remark blocks where
you can enter such type of information. In the RIPE-DB this is easy to
fullfill because remark fields exist everywhere in-place. I don't think it
is worth thinking about putting such data into the address lines or to add
some more new special-nifty-features to the databases before we can globally
agree that the method can be declared "stable". The only thing to mention
is that you cannot reverse lookup the eMail addresses stated in remarks,
however who needs to do this? If you really deserve such a feature, put the
remark in the admin-c of the netblock as well and then do a reverse-lookup
of the admin-c.
Beeing able to add remarks to netblocks etc. is a very basic feature which
is missing in ARIN (at least I don't see remarks it in ARIN's whois), so I
think it will be a very long way to get there. Which should not stop us to
improve what whe can improve today.
So all we need is a BCP for how to use the remark-fields in the RIPE-DB
*and* a prominent note in the RIPE docs about this BCP such that others can
rely on it that it is worth to follow the BCP.
--
Valentin `Tino4 Hilbig
URL:
http://geht.net/
1073 560D 7C71 7548 61F1
E5E1 D89E 4DF3 9557 4064
Ich hab' die Schnauze voll von Ferrero.
----- Original Message -----
From: "amar" amar@localhost
Sent: Tuesday, August 21, 2001 6:24 PM
Subject: Re: Abuse address attribute in RIPE whois?
>
>
> Rodney Tillotson wrote:
>
> > This is an interesting idea. It only works if we get the other RIRs and
> > LIRs to do the same, but a workable proposal from RIPE would be a good
> > start.
>
> I guess that this will be a big waste of time for us all in
> the future if we keep on in the same track as we do now. And
> I fully understand that this must be a global initiative to
> fully work. But we must start somewhere ;-)
>
> > It is exactly the sort of thing Rob wanted us to start thinking about
> > in Bologna. It isn't specific to spam, although I think the anti-spam
> > WG probably sees the need most clearly. Other people (perhaps in the
> > DB WG) have considered whether CSIRTs should be recorded in the
> > database.
>
> The input from the DB people is important as we don't want
> to decrease the performance of the DB itself.
>
> > We need a mechanism for answering the question
> > 'Who is responsible for this IP address?'
> > (where 'responsible' may have several different meanings each needing
> > a different answer).
>
> Correct.
>
> > I don't know whether you can do this with a convention about some
> > fields already in the DB, or whether it would be an extension.
>
> The important things i see is these two:
>
> * The attribute should be easy to find and "user friendly" for
> the human eye.
>
> * And it should be simple to use as a searchable string for programs
> that look up this information. The info under "Descr:" doesn't
> work that good today as we all know. Neither the info found in the
> routing objects on some blocks.
>
> > Perhaps some people will think this is an extra application for the
> > DNS, rather than the RIR whois services?
>
> I see this as two problems that needs to be solved:
>
> 1) Spam/UCE/UBE issues.
> 2) Intrution attempts/DDoS issues.
>
> Maybe we need to look for two different solutions for these problems.
>
> Regards
>
> -- amar
>
