About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [address-policy-wg] 2006-04 New Draft Document Published (Contact e-mail Address Requirements)

  • From: Michael.Dillon@localhost
  • Date: Tue, 31 Oct 2006 10:25:04 +0000
> >The real issue here is that current RIPE policies
> >allow RIPE members to wash their hands of all
> >network operational issues associated with the
> >addresses which they have assigned to other
> >organizations.
> 
> Allow me to disagree.  As someone who regularly sends out emails to 
contact 
> info as located in the various whois databases, I would rate the RIPE 
info 
> at #1, followed by RADB, APNIC, ARIN and last being LACNIC 

You have misinterpreted what I wrote. Perhaps you didn't
notice that the proposal is about an email address where
notifications of abuse can be sent.

The current policy means that LIRs have no obligation
to maintain active operational contact with the organizations
to which they assign addresses. They merely need to record
an email contact in the RIPE database and their job is done.
That contact info may be incorrect or it may become stale
over time.

In order to deal efficiently with network operational issues
including SPAM and DoS, we need to have contact points who
are ready, willing and able to act upon problem reports.
RIPE could impose this requirement on its LIRs with which
it has a binding contractual relationship but RIPE cannot
impose any obligation on 3rd parties who receive assignments
from an LIR.

If an LIR is made responsible for the totality of its allocation
and is required, as part of the RIPE agreement, to maintain a
contact point which is ready, willing and able to act upon
problem reports, then we have covered 100% of the RIPE region
address space. Of course, in many case, the LIR will need to
contact a 3rd party in order to resolve the issue, but it is
highly likely that the LIR has a binding contractual relationship
with that 3rd party so that they know who to contact.

In fact, some 3rd parties are not ABLE to deal with problem
reports because there is noone on staff who is competent to
deal with such issues.

Other 3rd parties are not WILLING to deal with such problem 
reports because they think that they are buying a network
service from the LIR and therefore the LIR should deal with
such network issues.

And yet other 3rd parties are not READY to deal with such
problems because of extenuating issues. For instance the
one capable staff member is sick or on holiday or has left
and not yet been replaced. Or they are in the midst of a
merger, or...

The key thing here is that a workable response system requires
that ALL contact points are READY, WILLING and ABLE to act
upon problem reports. If RIPE policy required this then it
would improve the process of dealing with network abuse. The
policy as proposed does nothing whatsoever to deal with network
abuse. Most 3rd parties do not follow RIPE activities so they
are unlikely to comply with the change. There is no mechanism
to police compliance and the policy proposed is so weak that
a spammer can simply install a copy of the RIPE hostmaster
auto-responder and leave the list of acceptable senders
blank.

--Michael Dillon
Post To The List:

Message References

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | © RIPE Community. All rights reserved.
RIPE.NET Homepage LIR Portal RIPE Community