Re: [db-wg] Changes for abuse
-
To: Hank Nussbacher <>
-
From: Arife Vural <>
-
Date: Tue, 10 May 2005 16:29:47 +0200
-
Cc: Shane Kerr <>, Database WG <>
Hi Hank,
> How can one add an abuse-mailbox attribute to an organisation object that
> is type=LIR? The LIR portal "organisation object editor" doesn't provide
> that attribute as an option.
You're right, it is not there. I'm looking at it. I will let you know when
abuse-mailbox attribute is added into "organisation object editor".
Arife
>
> Thanks,
> Hank
>
> >Dear Colleagues,
> >
> >The RIPE NCC has implemented the proposed changes to the Whois server
> >software. We will put the new software into production on Wednesday,
> >2005-04-27.
> >
> > *****************************************************************
> >
> > These changes alter the default output of the Whois server.
> >
> > If you need the old output, you can get it by using the "-B"
> > and "-G" flags, like this:
> >
> > whois -B -G 193.0.1.17
> >
> > *****************************************************************
> >
> >The current implementation is different from the original proposal in
> >this way:
> >
> >- INETNUM and INET6NUM object types will *not* have the
> > "abuse-mailbox:" attribute added.
> >
> >The reason for not adding the "abuse-mailbox:" attribute to the
> >INETNUM and INET6NUM object types is that there was no consensus to
> >add these. Some people supported it and some people did not.
> >
> >It is easier to add attributes than to delete them. Anyone in favour
> >of adding this attribute can attempt to create consensus within the
> >Database Working Group.
> >
> >We have also implemented the proposal to change the order of objects
> >in query results.
> >
> >A revised proposal is attached. As well as the above change:
> >
> >- It explicitly states that "trouble:" will be deprecated.
> >
> >- Some templates and examples were not correct, and have been fixed.
> >
> >--
> >Shane Kerr
> >Software Manager
> >RIPE NCC
> >
> >
> >
> > +++++++++++++++++++++++++++++++++++++++++++
> > This Mail Was Scanned By Mail-seCure System
> > at the Tel-Aviv University CC.The changes we propose are:
> >
> >o To hide attributes that contain e-mail addresses in the default
> > output of queries. We will also provide an option to disable this
> > feature,
> >
> >o To add a new "abuse-mailbox:" attribute to PERSON, ROLE, IRT,
> > MNTNER, and ORGANISATION objects,
> >
> >o To provide an option to display only key attributes and abuse
> > contacts,
> >
> >o To change the IRT object template so that the "signature:" and
> > "encryption:" attributes are no longer mandatory,
> >
> >o To change the behaviour of the '-c' switch in whois queries.
> >
> >We will announce the changes on our website. We will also contact any
> >third-party software developers who rely on the RIPE Database for
> >abuse contact information.
> >
> >You can read the minutes from the Database Working Group discussion
> >at:
> >
> >http://www.ripe.net/ripe/maillists/archives/db-wg/2004/msg00469.html
> >
> >
> >(1) Adding the "abuse-mailbox:" Attribute
> >
> >We will add a new attribute to the following object types:
> >
> >PERSON
> >ROLE
> >IRT
> >ORGANISATION
> >MNTNER
> >
> >This optional attribute will contain at least one e-mail address. It
> >will tell users where to send abuse complaints or queries.
> >
> >(The proposed templates for the above objects are at the end of this
> >document.)
> >
> >The description of the new attribute will be the same in all objects:
> >
> > abuse-mailbox:
> >
> > Specifies the e-mail address to which abuse complaints should be
> > sent.
> >
> > An e-mail address as defined in RFC 2822.
> >
> >There is currently a "trouble:" attribute in ROLE objects, which
> >contains free text. We will update ROLE objects, so that any ROLE
> >object that has a "trouble:" attribute that is an e-mail address as
> >defined in RFC 2822, will be copied to the "abuse-mailbox:" attribute.
> >Any other "trouble:" attributes will be converted to "remarks:".
> >The "trouble:" attribute will be deprecated.
> >
> >As an example, see the following:
> >
> >
> > role: Example Role
> > address: Example Address
> > phone: +11 22 33445
> > fax-no: +11 22 33445
> > e-mail: info@localhost
> > admin-c: TEST1-RIPE
> > tech-c: TEST1-RIPE
> > trouble: Please contact
> > trouble: abuse@localhost
> > trouble: for abuse reports, not info@localhost
> > nic-hdl: TESTROLE1-RIPE
> > changed: info@localhost 20050101
> > source: RIPE
> >
> >We will replace this with:
> >
> > role: Example Role
> > address: Example Address
> > phone: +11 22 33445
> > fax-no: +11 22 33445
> > e-mail: info@localhost
> > admin-c: TEST1-RIPE
> > tech-c: TEST1-RIPE
> > remarks: "trouble:" converted on 2005mmdd
> > remarks: Please contact
> > abuse-mailbox: abuse@localhost
> > remarks: for abuse reports
> > nic-hdl: TESTROLE1-RIPE
> > changed: info@localhost 20050101
> > source: RIPE
> >
> >
> >(2) Hiding Attributes That Contain E-Mail Addresses
> >
> >Finding the right e-mail address for abuse reports can be confusing.
> >There is currently no easy way to find this information in the RIPE
> >Database. Users often send mail to every e-mail address they see in a
> >query result. To avoid this, we will hide all attributes that contain
> >e-mail addresses from the default output of a whois query for an
> >address.
> >
> >When a user looks up an address, the results may include the following
> >objects:
> >
> >INETNUM
> >INET6NUM
> >ROUTE
> >ROUTE6
> >ORGANISATION
> >PERSON
> >ROLE
> >
> >By default, MNTNER objects are not shown, but they are often also
> >queried to get contact information.
> >
> >For each of the object types, the following attributes contain e-mail
> >addresses:
> >
> >INETNUM: notify, changed
> >INET6NUM: notify, changed
> >ROUTE: notify, changed
> >ROUTE6: notify, changed
> >ORGANISATION: e-mail, notify, changed
> >PERSON: e-mail, notify, changed
> >ROLE: e-mail, trouble, notify, changed
> >
> >For each address range returned, if there is at least one
> >"abuse-mailbox:" attribute in any of the returned objects, the
> >attributes mentioned above will be removed from the output.
> >
> >If there is no "abuse-mailbox:" attribute, only "notify:" and
> >"changed:" attributes will be filtered out.
> >
> >If an attribute of an object is changed, a comment will be added, to
> >avoid confusion.
> >
> >Users can turn off this suppression. To make this possible, we will
> >implement a '-B' flag.
> >
> >As an example:
> >
> >$ whois 10.0.0.10
> >
> >Might currently give the following result:
> >
> > inetnum: 10.0.0.0 - 10.0.0.255
> > netname: HOME-NETWORK
> > descr: Home Network
> > country: ZZ
> > admin-c: ME1-RIPE
> > tech-c: ME1-RIPE
> > status: ALLOCATED PI
> > mnt-by: I-MNT
> > changed: ripe-dbm@localhost 20050101
> > source: RIPE
> >
> > person: Me Myself and I
> > address: Home Alone
> > phone: +11 22 33445
> > fax-no: +11 22 33445
> > e-mail: ripe-dbm@localhost
> > nic-hdl: ME1-RIPE
> > mnt-by: I-MNT
> > changed: ripe-dbm@localhost 20050101
> > source: RIPE
> >
> >After the change, the result will be:
> >
> > % Note: this output has been filtered.
> >
> > inetnum: 10.0.0.0 - 10.0.0.255
> > netname: HOME-NETWORK
> > descr: Home Network
> > country: ZZ
> > admin-c: ME1-RIPE
> > tech-c: ME1-RIPE
> > status: ALLOCATED PI
> > mnt-by: I-MNT
> > source: RIPE
> >
> > person: Me Myself and I
> > address: Home Alone
> > phone: +11 22 33445
> > fax-no: +11 22 33445
> > nic-hdl: ME1-RIPE
> > mnt-by: I-MNT
> > source: RIPE
> >
> >To see the unmodified result, users should type in:
> >
> >$ whois -B 10.0.0.10
> >
> >
> >(3) Adding 'abuse output' Option
> >
> >To help authors of tools or users who are only interested in the abuse
> >contacts for IP addresses, we will implement a brief output mode. If a
> >user types '-b' when querying the RIPE Database, they will only see
> >the key attributes of address ranges and the "abuse-mailbox:"
> >attribute. This switch will also imply '-c', which requests first
> >level less specific INETNUM or INET6NUM objects with the "mnt-irt:"
> >attribute. It will only work with address space related queries.
> >
> >Here is an example:
> >
> >$ whois 10.0.0.0
> >
> >Returns:
> >
> > inetnum: 10.0.0.0 - 10.0.0.255
> > netname: HOME-NETWORK
> > descr: Home Network
> > country: ZZ
> > admin-c: ME1-RIPE
> > tech-c: ME1-RIPE
> > status: ALLOCATED PI
> > mnt-by: I-MNT
> > mnt-irt: IRT-I
> > changed: ripe-dbm@localhost 20050101
> > source: RIPE
> >
> > person: Me Myself and I
> > address: Home Alone
> > phone: +11 22 33445
> > fax-no: +11 22 33445
> > e-mail: ripe-dbm@localhost
> > nic-hdl: ME1-RIPE
> > mnt-by: I-MNT
> > changed: ripe-dbm@localhost 20050101
> > abuse-mailbox: ripe-dbm-person@localhost
> > source: RIPE
> >
> >So:
> >
> >$ whois -b 10.0.0.0
> >
> >Will return:
> >
> > % Note: this output has been filtered.
> > % Only primary keys and abuse contact will be visible.
> >
> > inetnum: 10.0.0.0 - 10.0.0.255
> > e-mail: ripe-dbm@localhost
> > e-mail: ripe-dbm-person@localhost
> >
> >This output will not generate valid objects, and there will be no
> >object separators.
> >
> >If two ranges are returned after making a query, an object separator
> >will be inserted between groupings. Therefore, the output will look
> >like this:
> >
> > inetnum: 10.0.0.0 - 10.0.0.255
> > e-mail: ripe-dbm@localhost
> > e-mail: ripe-dbm-person@localhost (*)
> >
> > inetnum: 10.0.1.0 - 10.0.0.255
> > e-mail: ripe-dbm-person-2@localhost (*)
> >
> >Attributes marked by (*) are taken from the person object retrieved by
> >a recursive lookup.
> >
> >
> >(4) Modifications on the IRT Object
> >
> >We will change the template for the IRT object will be changed. You
> >will no longer need a KEY-CERT object to create an IRT object.
> >
> >Currently, the template for the IRT object is:
> >
> >
> > irt: [mandatory] [single] [primary/look-up key]
> > address: [mandatory] [multiple] [ ]
> > phone: [optional] [multiple] [ ]
> > fax-no: [optional] [multiple] [ ]
> > e-mail: [mandatory] [multiple] [lookup key]
> > signature: [mandatory] [multiple] [ ]
> > encryption: [mandatory] [multiple] [ ]
> > org: [optional] [multiple] [inverse key]
> > admin-c: [mandatory] [multiple] [inverse key]
> > tech-c: [mandatory] [multiple] [inverse key]
> > auth: [mandatory] [multiple] [inverse key]
> > remarks: [optional] [multiple] [ ]
> > irt-nfy: [optional] [multiple] [inverse key]
> > notify: [optional] [multiple] [inverse key]
> > mnt-by: [mandatory] [multiple] [inverse key]
> > changed: [mandatory] [multiple] [ ]
> > source: [mandatory] [single] [ ]
> >
> >"signature:" and "encryption:" attributes need existing key-cert
> >objects. The Anti-spam Working Group asked us to make these objects
> >optional. You can read an archive of this discussion at:
> >
> >http://www.ripe.net/ripe/maillists/archives/db-wg/2004/msg00452.html
> >
> >The template for irt objects will be:
> >
> > irt: [mandatory] [single] [primary/look-up key]
> > address: [mandatory] [multiple] [ ]
> > phone: [optional] [multiple] [ ]
> > fax-no: [optional] [multiple] [ ]
> > e-mail: [mandatory] [multiple] [lookup key]
> > signature: [optional] [multiple] [ ]
> > encryption: [optional] [multiple] [ ]
> > org: [optional] [multiple] [inverse key]
> > admin-c: [mandatory] [multiple] [inverse key]
> > tech-c: [mandatory] [multiple] [inverse key]
> > auth: [mandatory] [multiple] [inverse key]
> > remarks: [optional] [multiple] [ ]
> > irt-nfy: [optional] [multiple] [inverse key]
> > notify: [optional] [multiple] [inverse key]
> > mnt-by: [mandatory] [multiple] [inverse key]
> > changed: [mandatory] [multiple] [ ]
> > source: [mandatory] [single] [ ]
> >
> >Therefore, the object below would be valid:
> >
> > irt: irt-someorg-zz
> > address: address for the irt
> > phone: +11 22 3344556
> > fax-no: +11 22 3344556
> > e-mail: contact@localhost
> > admin-c: CONTACT1-RIPE
> > tech-c: CONTACT1-RIPE
> > auth: CRYPT-PW XXXXXXXXXXXXX
> > mnt-by: mnt-someorg
> > changed: someone@localhost 20050101
> > source: RIPE
> >
> >We will automate this process, so that help from the RIPE Database
> >Management will no longer be necessary create IRT objects.
> >
> >
> >(5) Changing the behaviour of '-c' option in whois queries
> >
> >Currently, the -c option requests first level less specific INETNUM or
> >INET6NUM objects with the "mnt-irt:" attribute. It does not return any
> >related IRT objects. This will change, so that -c will treat IRT
> >objects as contacts and do recursive lookups on related IRT objects.
> >
> >Here is an example:
> >
> >$ whois -c 10.0.0.0
> >
> >Returns:
> >
> > inetnum: 10.0.0.0 - 10.0.0.255
> > netname: TEST-NET
> > descr: Test Net
> > country: ZZ
> > admin-c: TEST1-RIPE
> > tech-c: TEST1-RIPE
> > status: ASSIGNED PA
> > mnt-by: TEST-MNT
> > mnt-irt: IRT-TEST
> > changed: info@localhost 20050101
> > source: RIPE
> >
> > person: TEST1-RIPE
> > .
> > .
> >
> >After the change, the result will be:
> >
> > inetnum: 10.0.0.0 - 10.0.0.255
> > netname: TEST-NET
> > descr: Test Net
> > country: ZZ
> > admin-c: TEST1-RIPE
> > tech-c: TEST1-RIPE
> > status: ASSIGNED PA
> > mnt-by: TEST-MNT
> > mnt-irt: IRT-TEST
> > changed: info@localhost 20050101
> > source: RIPE
> >
> > person: TEST1-RIPE
> > .
> > .
> >
> > irt: IRT-TEST
> > .
> > .
> >
> >
> >(6) Modified Templates
> >
> > inetnum: [mandatory] [single] [primary/look-up key]
> > netname: [mandatory] [single] [lookup key]
> > descr: [mandatory] [multiple] [ ]
> > country: [mandatory] [multiple] [ ]
> > org: [optional] [single] [inverse key]
> > admin-c: [mandatory] [multiple] [inverse key]
> > tech-c: [mandatory] [multiple] [inverse key]
> > rev-srv: [optional] [multiple] [inverse key]
> > status: [mandatory] [single] [ ]
> > remarks: [optional] [multiple] [ ]
> > notify: [optional] [multiple] [inverse key]
> > mnt-by: [mandatory] [multiple] [inverse key]
> > mnt-lower: [optional] [multiple] [inverse key]
> > mnt-domains: [optional] [multiple] [inverse key]
> > mnt-routes: [optional] [multiple] [inverse key]
> > mnt-irt: [optional] [multiple] [inverse key]
> > changed: [mandatory] [multiple] [ ]
> > source: [mandatory] [single] [ ]
> >
> > inet6num: [mandatory] [single] [primary/look-up key]
> > netname: [mandatory] [single] [lookup key]
> > descr: [mandatory] [multiple] [ ]
> > country: [mandatory] [multiple] [ ]
> > org: [optional] [single] [inverse key]
> > admin-c: [mandatory] [multiple] [inverse key]
> > tech-c: [mandatory] [multiple] [inverse key]
> > rev-srv: [optional] [multiple] [inverse key]
> > status: [mandatory] [single] [ ]
> > remarks: [optional] [multiple] [ ]
> > notify: [optional] [multiple] [inverse key]
> > mnt-by: [mandatory] [multiple] [inverse key]
> > mnt-lower: [optional] [multiple] [inverse key]
> > mnt-routes: [optional] [multiple] [inverse key]
> > mnt-domains: [optional] [multiple] [inverse key]
> > mnt-irt: [optional] [multiple] [inverse key]
> > changed: [mandatory] [multiple] [ ]
> > source: [mandatory] [single] [ ]
> >
> > person: [mandatory] [single] [lookup key]
> > address: [mandatory] [multiple] [ ]
> > phone: [mandatory] [multiple] [ ]
> > fax-no: [optional] [multiple] [ ]
> > e-mail: [optional] [multiple] [lookup key]
> > abuse-mailbox: [optional] [multiple] [inverse key] **
> > org: [optional] [multiple] [inverse key]
> > nic-hdl: [mandatory] [single] [primary/look-up key]
> > remarks: [optional] [multiple] [ ]
> > notify: [optional] [multiple] [inverse key]
> > mnt-by: [optional] [multiple] [inverse key]
> > changed: [mandatory] [multiple] [ ]
> > source: [mandatory] [single] [ ]
> >
> > role: [mandatory] [single] [lookup key]
> > address: [mandatory] [multiple] [ ]
> > phone: [optional] [multiple] [ ]
> > fax-no: [optional] [multiple] [ ]
> > e-mail: [mandatory] [multiple] [lookup key]
> > trouble: [optional] [multiple] [ ]
> > abuse-mailbox: [optional] [multiple] [inverse key] **
> > org: [optional] [multiple] [inverse key]
> > admin-c: [mandatory] [multiple] [inverse key]
> > tech-c: [mandatory] [multiple] [inverse key]
> > nic-hdl: [mandatory] [single] [primary/look-up key]
> > remarks: [optional] [multiple] [ ]
> > notify: [optional] [multiple] [inverse key]
> > mnt-by: [optional] [multiple] [inverse key]
> > changed: [mandatory] [multiple] [ ]
> > source: [mandatory] [single] [ ]
> >
> > irt: [mandatory] [single] [primary/look-up key]
> > address: [mandatory] [multiple] [ ]
> > phone: [optional] [multiple] [ ]
> > fax-no: [optional] [multiple] [ ]
> > e-mail: [mandatory] [multiple] [lookup key]
> > abuse-mailbox: [optional] [multiple] [inverse key] **
> > signature: [mandatory] [multiple] [ ]
> > encryption: [mandatory] [multiple] [ ]
> > org: [optional] [multiple] [inverse key]
> > admin-c: [mandatory] [multiple] [inverse key]
> > tech-c: [mandatory] [multiple] [inverse key]
> > auth: [mandatory] [multiple] [inverse key]
> > remarks: [optional] [multiple] [ ]
> > irt-nfy: [optional] [multiple] [inverse key]
> > notify: [optional] [multiple] [inverse key]
> > mnt-by: [mandatory] [multiple] [inverse key]
> > changed: [mandatory] [multiple] [ ]
> > source: [mandatory] [single] [ ]
> >
> > organisation: [mandatory] [single] [primary/look-up key]
> > org-name: [mandatory] [single] [lookup key]
> > org-type: [mandatory] [single] [ ]
> > descr: [optional] [multiple] [ ]
> > remarks: [optional] [multiple] [ ]
> > address: [mandatory] [multiple] [ ]
> > phone: [optional] [multiple] [ ]
> > fax-no: [optional] [multiple] [ ]
> > e-mail: [mandatory] [multiple] [lookup key]
> > abuse-mailbox: [optional] [multiple] [inverse key] **
> > org: [optional] [multiple] [inverse key]
> > admin-c: [optional] [multiple] [inverse key]
> > tech-c: [optional] [multiple] [inverse key]
> > ref-nfy: [optional] [multiple] [inverse key]
> > mnt-ref: [mandatory] [multiple] [inverse key]
> > notify: [optional] [multiple] [inverse key]
> > mnt-by: [mandatory] [multiple] [inverse key]
> > changed: [mandatory] [multiple] [ ]
> > source: [mandatory] [single] [ ]
> >
> > mntner: [mandatory] [single] [primary/look-up key]
> > descr: [mandatory] [multiple] [ ]
> > org: [optional] [multiple] [inverse key]
> > admin-c: [mandatory] [multiple] [inverse key]
> > tech-c: [optional] [multiple] [inverse key]
> > abuse-mailbox: [optional] [multiple] [inverse key] **
> > upd-to: [mandatory] [multiple] [inverse key]
> > mnt-nfy: [optional] [multiple] [inverse key]
> > auth: [mandatory] [multiple] [inverse key]
> > remarks: [optional] [multiple] [ ]
> > notify: [optional] [multiple] [inverse key]
> > mnt-by: [mandatory] [multiple] [inverse key]
> > referral-by: [mandatory] [single] [inverse key]
> > changed: [mandatory] [multiple] [ ]
> > source: [mandatory] [single] [ ]
> >
> >Rows that are marked with '**' are additions to the templates.
|
you are here: RIPE -> RIPE Maillists > Archives
