From lists at help.org Fri Jun 1 11:06:14 2012 From: lists at help.org (lists at help.org) Date: Fri, 01 Jun 2012 05:06:14 -0400 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FB38209.6000508@heanet.ie> References: <4FB38209.6000508@heanet.ie> Message-ID: <4FC88606.6090108@help.org> I am interested in information about security and privacy of whois databases (domains and IP addresses). For instance, the legal authorities associated with the warning banners, blocking schemes and other limitations placed on the data. As well as court decisions, official rulings, etc. as it relates to privacy laws (including the packaging and resale of historical data). Also any working groups, etc. involving whois. The information is being compiled at http://WhoisSecurity.com Thank You From michele at blacknight.ie Fri Jun 1 12:10:56 2012 From: michele at blacknight.ie (Michele Neylon :: Blacknight) Date: Fri, 1 Jun 2012 10:10:56 +0000 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FC88606.6090108@help.org> References: <4FB38209.6000508@heanet.ie>,<4FC88606.6090108@help.org> Message-ID: <4F2538C315ACAC42AD334C533C247C47563C4BAA@bkexchmbx01.blacknight.local> Dear Anonymous Person And you are who exactly? You're sending an email without identifying who you are in any way and you're asking an incredibly vague and broad question. Sorry, but my reply for now would be to go to http://www.google.com Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Fax. +353 (0) 1 4811 763 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 ________________________________________ From: anti-abuse-wg-bounces at ripe.net [anti-abuse-wg-bounces at ripe.net] on behalf of lists at help.org [lists at help.org] Sent: 01 June 2012 10:06 To: anti-abuse-wg at ripe.net Subject: [anti-abuse-wg] WhoisSecurity.com I am interested in information about security and privacy of whois databases (domains and IP addresses). For instance, the legal authorities associated with the warning banners, blocking schemes and other limitations placed on the data. As well as court decisions, official rulings, etc. as it relates to privacy laws (including the packaging and resale of historical data). Also any working groups, etc. involving whois. The information is being compiled at http://WhoisSecurity.com Thank You From brian.nisbet at heanet.ie Fri Jun 1 12:16:06 2012 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Fri, 01 Jun 2012 11:16:06 +0100 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FC88606.6090108@help.org> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> Message-ID: <4FC89666.9050708@heanet.ie> Hello, "lists at help.org" wrote the following on 01/06/2012 10:06: > I am interested in information about security and privacy of whois > databases (domains and IP addresses). For instance, the legal > authorities associated with the warning banners, blocking schemes and > other limitations placed on the data. As well as court decisions, > official rulings, etc. as it relates to privacy laws (including the > packaging and resale of historical data). Also any working groups, etc. > involving whois. The information is being compiled at > http://WhoisSecurity.com While this list does not require introductions or anything of the sort, it is always nice to at least have a name for a poster. Like I said, it isn't required, but it might facilitate discussion if people had some idea who they're talking to, if that makes any sense? This is especially useful when you're asking such a broad question. Anyway, aside from that, the current position in the RIPE Region is given here: http://www.ripe.net/ripe/groups/tf/dp/report-of-the-ripe-data-protection-task-force and https://www.ripe.net/data-tools/support/documentation/legal-framework-and-procedures-proposed-by-the-data-protection-task-force However at the RIPE meeting in Ljubljana (RIPE 65), the RIPE NCC were asked to take another look at this and I hope to be able to update the WG soon on timelines for this 2nd look. Brian, Co-chair, RIPE AA-WG From dominique.custers at neat.nl Fri Jun 1 12:41:28 2012 From: dominique.custers at neat.nl (Dominique Custers) Date: Fri, 1 Jun 2012 12:41:28 +0200 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4F2538C315ACAC42AD334C533C247C47563C4BAA@bkexchmbx01.blacknight.local> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> <4F2538C315ACAC42AD334C533C247C47563C4BAA@bkexchmbx01.blacknight.local> Message-ID: dear anonymous - perhaps this helps you - http://bit.ly/LkSWET br - dominique On Fri, Jun 1, 2012 at 12:10 PM, "Michele Neylon :: Blacknight" < michele at blacknight.ie> wrote: > Dear Anonymous Person > > And you are who exactly? > > You're sending an email without identifying who you are in any way and > you're asking an incredibly vague and broad question. > > Sorry, but my reply for now would be to go to http://www.google.com > > Regards > > Michele > > -- > Mr Michele Neylon > Blacknight Solutions > Hosting & Colocation, Brand Protection > http://www.blacknight.com/ > http://blog.blacknight.com/ > http://mneylon.tel/ > Intl. +353 (0) 59 9183072 > Locall: 1850 929 929 > Fax. +353 (0) 1 4811 763 > Twitter: http://twitter.com/mneylon > ------------------------------- > Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty > Road,Graiguecullen,Carlow,Ireland Company No.: 370845 > > ________________________________________ > From: anti-abuse-wg-bounces at ripe.net [anti-abuse-wg-bounces at ripe.net] on > behalf of lists at help.org [lists at help.org] > Sent: 01 June 2012 10:06 > To: anti-abuse-wg at ripe.net > Subject: [anti-abuse-wg] WhoisSecurity.com > > I am interested in information about security and privacy of whois > databases (domains and IP addresses). For instance, the legal > authorities associated with the warning banners, blocking schemes and > other limitations placed on the data. As well as court decisions, > official rulings, etc. as it relates to privacy laws (including the > packaging and resale of historical data). Also any working groups, etc. > involving whois. The information is being compiled at > http://WhoisSecurity.com > > Thank You > > > > > Spam detection software, running on the system "relay1.emswitch.net", > has checked this incoming email. If you have any questions, contact > helpdesk at emswitch.net for details. > > Content analysis details: (-4.9 points, 3.5 threshold) > > pts rule name description > ---- ---------------------- > -------------------------------------------------- > -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay > domain > -4.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% > [score: 0.0000] > 0.0 AWL AWL: From: address is in the auto white-list > > > ------------------------------------------------------------------------------ > > If this message should have been marked as spam, click the following link > to let the software learn from this message: > > > http://www.emswitch.nl/sa/index.php?learn=spam&srv=relay1.emswitch.net&msgid=2012-06-01-12.11.09-001 > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at help.org Fri Jun 1 17:18:46 2012 From: lists at help.org (lists at help.org) Date: Fri, 01 Jun 2012 11:18:46 -0400 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FC89666.9050708@heanet.ie> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> <4FC89666.9050708@heanet.ie> Message-ID: <4FC8DD56.2050905@help.org> >While this list does not require introductions or anything of the sort, it is always nice to at least have a name for a poster. Like I said, it isn't required, but it might facilitate discussion if people had some idea who they're talking >to, if that makes any sense? This is especially useful when you're asking such a broad question. No, that does not make sense. The site is compiling resources and the name of the people compiling the resources is not relevant. You just want that information so you and people like Michele Neylon and Dominque Custers can attempt to ridicule the people developing the site. You guys do this to divert attention from the misinformation being presented about this issue. The RIPE reports on this issue are worthless and the reasons are explained at: http://whoissecurity.com/europeans-restrict-ip-address-whois-data/ http://whoissecurity.com/historical-whois-data-and-privacy-laws/ As for the whois scraping and the packaging and resale of whois data see http://whoissecurity.com/historical-whois-data-look-who-sells-it/ So as you can see the issues are already researched to a certain extent but I am sure things have been missed. Please use the form submission at the site since I do not monitor this list all the time. From rezaf at mindspring.com Fri Jun 1 18:06:54 2012 From: rezaf at mindspring.com (Reza Farzan) Date: Fri, 1 Jun 2012 12:06:54 -0400 (GMT-04:00) Subject: [anti-abuse-wg] WhoisSecurity.com Message-ID: <24309651.1338566814498.JavaMail.root@elwamui-rustique.atl.sa.earthlink.net> To whom it may concern at Help.Org, If you all think that writing such a meaningless e-mail and sending it anonymously will get you anywhere, you are sadly mistaken. The "anti-abuse-wg" is an open forum where interested individuals discuss abuse related matters in connection with Whois directories. Everyone who participate in these discussions identifies himself/herself as a professional courtesy. By calling anti abuse issues "worthless", Help.Org staff who has sent this meaningless e-mail diminishes its credibility. By hiding behind "Help.Org" and "whoissecurity.com" domains, you show your unwillingness to engage in the ongoing discussions professionally here. Reza Farzan =============== -----Original Message----- >From: "lists at help.org" >Sent: Jun 1, 2012 11:18 AM >To: anti-abuse-wg at ripe.net >Subject: Re: [anti-abuse-wg] WhoisSecurity.com > >While this list does not require introductions or anything of the >sort, it is always nice to at least have a name for a poster. Like I >said, it isn't required, but it might facilitate discussion if people >had some idea who they're talking >to, if that makes any sense? This is >especially useful when you're asking such a broad question. > >No, that does not make sense. The site is compiling resources and the >name of the people compiling the resources is not relevant. You just >want that information so you and people like Michele >Neylon and Dominque Custers can attempt to ridicule the people >developing the site. You guys do this to divert attention from the >misinformation being presented about this issue. > >The RIPE reports on this issue are worthless and the reasons are >explained at: > >http://whoissecurity.com/europeans-restrict-ip-address-whois-data/ >http://whoissecurity.com/historical-whois-data-and-privacy-laws/ > >As for the whois scraping and the packaging and resale of whois data see > >http://whoissecurity.com/historical-whois-data-look-who-sells-it/ > >So as you can see the issues are already researched to a certain extent >but I am sure things have been missed. > >Please use the form submission at the site since I do not monitor this >list all the time. From kjz at gmx.net Fri Jun 1 18:14:35 2012 From: kjz at gmx.net (Karl-Josef Ziegler) Date: Fri, 01 Jun 2012 18:14:35 +0200 Subject: [anti-abuse-wg] WhoisSecurity.com Message-ID: <4FC8EA6B.2030405@gmx.net> Hello! Look at the whois data of consumer.net, WhoisSecurity.com and HELP.org. For me it seems it's Russ again. Best regards, - Karl-Josef Ziegler From lists at help.org Fri Jun 1 18:49:22 2012 From: lists at help.org (lists at help.org) Date: Fri, 01 Jun 2012 12:49:22 -0400 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <24309651.1338566814498.JavaMail.root@elwamui-rustique.atl.sa.earthlink.net> References: <24309651.1338566814498.JavaMail.root@elwamui-rustique.atl.sa.earthlink.net> Message-ID: <4FC8F292.5040809@help.org> >By hiding behind "Help.Org" and "whoissecurity.com" domains, Well, I don't know the names of the people running most of the web sites I visit. Even if I knew their names I wouldn't know them personally anyway so I don't understand what your point is. If you don't like http://WhoisSecurity.com then you are free not to use it. If you have any suggestions for additional information that can be posted there send it along. If it is a good link to information I will use it (even if it were from someone convicted of assault in NJ). Thank You From rezaf at mindspring.com Fri Jun 1 19:48:00 2012 From: rezaf at mindspring.com (Reza Farzan) Date: Fri, 1 Jun 2012 13:48:00 -0400 (GMT-04:00) Subject: [anti-abuse-wg] WhoisSecurity.com Message-ID: <19058035.1338572880769.JavaMail.root@elwamui-rustique.atl.sa.earthlink.net> By sending such a message, it appears that you only want to promote your domain, "WhoisSecurity.com" and nothing else. Anti-abuse-wg is not the right forum for you to promote your domain, or to attract visitors to your site. In case you do not know, Anti-abuse-wg is a forum within RIPE. The RIPE NCC is one of five Regional Internet Registries (RIRs) providing Internet resource allocations, registration services and coordination activities that support the operation of the Internet globally. As representatives from the RIPE NCC can confirm, "ripe.net" is not like other websites that you visit and have no contacts. You can easily find go to RIPE contact page, http://www.ripe.net/contact, and contact them. The issue here is not about knowing anyone at RIPE personally, but it is about not promoting "WhoisSecurity.com" domain in this forum. This does not mean that "WhoisSecurity.com" is bad. Reza Farzan ========= -----Original Message----- >From: "lists at help.org" >Sent: Jun 1, 2012 12:49 PM >To: >Cc: anti-abuse-wg at ripe.net >Subject: Re: [anti-abuse-wg] WhoisSecurity.com > > >By hiding behind "Help.Org" and "whoissecurity.com" domains, > >Well, I don't know the names of the people running most of the web sites >I visit. Even if I knew their names I wouldn't know them personally >anyway so I don't understand what your point is. If you don't like >http://WhoisSecurity.com then you are free not to use it. If you have >any suggestions for additional information that can be posted there send >it along. If it is a good link to information I will use it (even if it >were from someone convicted of assault in NJ). > >Thank You From lists at help.org Fri Jun 1 20:00:05 2012 From: lists at help.org (lists at help.org) Date: Fri, 01 Jun 2012 14:00:05 -0400 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <19058035.1338572880769.JavaMail.root@elwamui-rustique.atl.sa.earthlink.net> References: <19058035.1338572880769.JavaMail.root@elwamui-rustique.atl.sa.earthlink.net> Message-ID: <4FC90325.6070001@help.org> >By sending such a message, it appears that you only want to promote your domain, "WhoisSecurity.com" and nothing else. Your post is ridiculous. Resource web sites are being posted all the time on here and you don't complain. You just don't like the facts being published on the Internet so you keep searching for reasons to ridicule. If you are worried about people spamming this list to promote their business then talk to Neylon. The information is available anywhere else. For instance, if you ask an RIR about their legal authority to post a warning banner you will get a blank stare or some nonsensical answer. Same with the privacy law issues. This info needs to be compiled in one place and RIPE won't do it and it takes forever to sift through the ICANN site to find the stuff and the info is still incomplete. From lists at help.org Sat Jun 2 09:21:09 2012 From: lists at help.org (lists at help.org) Date: Sat, 02 Jun 2012 03:21:09 -0400 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FC8DD56.2050905@help.org> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> <4FC89666.9050708@heanet.ie> <4FC8DD56.2050905@help.org> Message-ID: <4FC9BEE5.6000509@help.org> Just as I suspected, all the big mouths who shoot their mouth off all the time are unable to provide even a single additional reference related to whois. It is about time this stuff got published so people can see how RIPE and others have been deceiving them all these years. But I am sure it will all be corrected at the next meeting ... Have fun with your list pretending to be a group of "professionals" representing the entire Internet community. I am sure the work being done here is very important to your development: http://www.scholastic.com/resources/article/the-importance-of-pretend-play From brian.nisbet at heanet.ie Sun Jun 3 23:00:41 2012 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Sun, 03 Jun 2012 22:00:41 +0100 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FC8DD56.2050905@help.org> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> <4FC89666.9050708@heanet.ie> <4FC8DD56.2050905@help.org> Message-ID: <4FCBD079.3040401@heanet.ie> On 01/06/2012 16:18, lists at help.org wrote: > >While this list does not require introductions or anything of the > sort, it is always nice to at least have a name for a poster. Like I > said, it isn't required, but it might facilitate discussion if people > had some idea who they're talking >to, if that makes any sense? This is > especially useful when you're asking such a broad question. > > No, that does not make sense. The site is compiling resources and the > name of the people compiling the resources is not relevant. You just > want that information so you and people like Michele > Neylon and Dominque Custers can attempt to ridicule the people > developing the site. You guys do this to divert attention from the > misinformation being presented about this issue. I think it facilitates discussion, you disagree, that's up to you, but I think the reactions of the list so far suggest that it does. Anyway, I merely suggested it would help, I didn't request any information. > The RIPE reports on this issue are worthless and the reasons are > explained at: > > http://whoissecurity.com/europeans-restrict-ip-address-whois-data/ > http://whoissecurity.com/historical-whois-data-and-privacy-laws/ > > As for the whois scraping and the packaging and resale of whois data see > > http://whoissecurity.com/historical-whois-data-look-who-sells-it/ > > So as you can see the issues are already researched to a certain extent > but I am sure things have been missed. And as I mentioned the community have asked for a more detailed response from the NCC and I'm hoping to have timelines for this soon. This request came directly from conversation on this list. > Please use the form submission at the site since I do not monitor this > list all the time. I and the NCC will be reporting back to this list and possibly the NCC Services list. We won't be updating any forms on your website and that would be not only impractical but also not work I'm willing to undertake. My and Tobias' responsibility is to this group, not a random website. Brian. From lists at help.org Sun Jun 3 23:54:50 2012 From: lists at help.org (lists at help.org) Date: Sun, 03 Jun 2012 17:54:50 -0400 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FCBD079.3040401@heanet.ie> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> <4FC89666.9050708@heanet.ie> <4FC8DD56.2050905@help.org> <4FCBD079.3040401@heanet.ie> Message-ID: <4FCBDD2A.6020900@help.org> >I and the NCC will be reporting back to this list and possibly the NCC Services list. We won't be updating any forms on your website and that would be not only impractical but also not work I'm willing to undertake. My and >Tobias' responsibility is to this group, not a random website. You and others on here always suggest that if a problem is detected then the community should do something to fix it. Now you want to change your story once that gets done and you don't agree with it. The reason for the web site is because the information being posted here in incomplete and, in some cases, intentionally deceptive. Several people have recently posted external web site and they have not been met with all the complaints I see here. Mr. Veseley is the only person to submit any kind of legitimate response. I have been going through the weirds and I see some interesting stuff. I will be going through all the RIR's and adding links to their whois processes. I also see there is a survey and comment period for revamping the whois system (http://www.icann.org/en/news/public-comment/draft-whois-requirements-survey-30may12-en.htm). once I prepare my comments for that i will be updating WhoisSecurity.com with the weirds stuff. Finally, Mr. Nisbet, you should not use the word "responsibility" when you refer to yourself as you are completely irresponsible. Thank You From brian.nisbet at heanet.ie Mon Jun 4 02:26:30 2012 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Mon, 04 Jun 2012 01:26:30 +0100 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FCBDD2A.6020900@help.org> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> <4FC89666.9050708@heanet.ie> <4FC8DD56.2050905@help.org> <4FCBD079.3040401@heanet.ie> <4FCBDD2A.6020900@help.org> Message-ID: <4FCC00B6.8030309@heanet.ie> On 03/06/2012 22:54, lists at help.org wrote: > >I and the NCC will be reporting back to this list and possibly the NCC > Services list. We won't be updating any forms on your website and that > would be not only impractical but also not work I'm willing to > undertake. My and >Tobias' responsibility is to this group, not a random > website. > > > You and others on here always suggest that if a problem is detected then > the community should do something to fix it. Now you want to change your > story once that gets done and you don't agree with it. The reason for > the web site is because the information being posted here in incomplete > and, in some cases, intentionally deceptive. Several people have > recently posted external web site and they have not been met with all > the complaints I see here. Mr. Veseley is the only person to submit any > kind of legitimate response. I have been going through the weirds and I > see some interesting stuff. I will be going through all the RIR's and > adding links to their whois processes. I also see there is a survey and > comment period for revamping the whois system > (http://www.icann.org/en/news/public-comment/draft-whois-requirements-survey-30may12-en.htm). > once I prepare my comments for that i will be updating WhoisSecurity.com > with the weirds stuff. I find it truly baffling that you can take my words and twist them in the way you've managed. What the community has said has been taken on board, we've asked the NCC to put in the work to fully explain the reasons behind the current data protection procedures. This update, when complete, will be posted on ripe.net and reported here. I have made no comments against your website, good luck with it, what I've said is that we (or likely the NCC) will be reporting back to this list, not filling in a webform. I'm sorry if this angers you in some way I can't fathom. This is the last time I'll state this in this thread. > Finally, Mr. Nisbet, you should not use the word "responsibility" when > you refer to yourself as you are completely irresponsible. Brian is fine. If you have to go for ad hominem attacks, please don't dress them in false formality. However, for preference, as stated many times, please don't indulge in them on this mailing list. And I say this in full knowledge of the fact that you'll likely just claim I'm still trying to silence you. Brian, Co-chair, RIPE AA-WG. From lists at help.org Mon Jun 4 03:46:01 2012 From: lists at help.org (lists at help.org) Date: Sun, 03 Jun 2012 21:46:01 -0400 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FCC00B6.8030309@heanet.ie> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> <4FC89666.9050708@heanet.ie> <4FC8DD56.2050905@help.org> <4FCBD079.3040401@heanet.ie> <4FCBDD2A.6020900@help.org> <4FCC00B6.8030309@heanet.ie> Message-ID: <4FCC1359.5000802@help.org> > we've asked the NCC to put in the work to fully explain the reasons behind the current data protection procedures. This update, when complete, will be posted on ripe.net and reported here. I have made no comments against >your website, NCC already did that and they posted it at http://www.ripe.net/data-tools/support/documentation/legal-framework-and-procedures-proposed-by-the-data-protection-task-force It is worthless which is why i saw the need to put a site together. Plus there is this issue where the whois data (including RIPE) is being packaged and resold even though the banners say that should not be done. When I bring this up to various whois operators they don't do anything. So what is the point of the banners? What is the legal authority behind them? This has gone of for years so I find it hard to believe that RIPE is suddenly going to answer the question. Neustar brought in a privacy officer after I complained about .us. CIRA (.ca) says it against their AUP so I am waiting to hear back from them as well. You came on here and posted a message that you would not participate in my web site even though you did not do that when others posted web sites on here. You are like the kid who brought a soccer ball to the playground and then takes the ball home when things didn't go his way. From lists at help.org Mon Jun 4 07:38:21 2012 From: lists at help.org (lists at help.org) Date: Mon, 04 Jun 2012 01:38:21 -0400 Subject: [anti-abuse-wg] Whois final report In-Reply-To: <4FC9DED7.8040401@tana.it> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> <4FC9DED7.8040401@tana.it> Message-ID: <4FCC49CD.700@help.org> initial Comments end June 10 report http://www.icann.org/en/about/aoc-review/whois/final-report-11may12-en.pdf comment filing: http://www.icann.org/en/news/public-comment/whois-rt-final-report-11may12-en.htm From brian.nisbet at heanet.ie Mon Jun 4 11:26:34 2012 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Mon, 04 Jun 2012 10:26:34 +0100 Subject: [anti-abuse-wg] WhoisSecurity.com In-Reply-To: <4FCC1359.5000802@help.org> References: <4FB38209.6000508@heanet.ie> <4FC88606.6090108@help.org> <4FC89666.9050708@heanet.ie> <4FC8DD56.2050905@help.org> <4FCBD079.3040401@heanet.ie> <4FCBDD2A.6020900@help.org> <4FCC00B6.8030309@heanet.ie> <4FCC1359.5000802@help.org> Message-ID: <4FCC7F4A.5080808@heanet.ie> On 04/06/2012 02:46, lists at help.org wrote: > > we've asked the NCC to put in the work to fully explain the reasons > behind the current data protection procedures. This update, when > complete, will be posted on ripe.net and reported here. I have made no > comments against >your website, > > NCC already did that and they posted it at > http://www.ripe.net/data-tools/support/documentation/legal-framework-and-procedures-proposed-by-the-data-protection-task-force > > > It is worthless which is why i saw the need to put a site together. Plus > there is this issue where the whois data (including RIPE) is being > packaged and resold even though the banners say that should not be done. > When I bring this up to various whois operators they don't do anything. > So what is the point of the banners? What is the legal authority behind > them? This has gone of for years so I find it hard to believe that RIPE > is suddenly going to answer the question. Neustar brought in a privacy > officer after I complained about .us. CIRA (.ca) says it against their > AUP so I am waiting to hear back from them as well. Ok, one last time then. There were comments made on this list before the RIPE 64 meeting in regards to the information listed in the URL above. So, at that meeting, the NCC were asked to provide further information and far more details about the specific laws being followed. At this point I do not have a timeline for this response, but hopefully I'll be able to inform the list soon. > You came on here and posted a message that you would not participate in > my web site even though you did not do that when others posted web sites > on here. You are like the kid who brought a soccer ball to the > playground and then takes the ball home when things didn't go his way. No, you said that as you weren't always monitoring the list we would need to post any information to your website. I simply stated that as always we would report back to this list and I was not going to undertake to post the information directly to your website as well. I have not objected to you sharing your URL as I wouldn't object to anyone sharing a useful anti-abuse URL to this list. Brian. From brian.nisbet at heanet.ie Fri Jun 8 15:49:10 2012 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Fri, 08 Jun 2012 14:49:10 +0100 Subject: [anti-abuse-wg] Draft Minutes - RIPE 64 Message-ID: <4FD202D6.1080107@heanet.ie> Colleagues, Here are the draft minutes from the AA-WG meeting at RIPE 64 in Ljubljana. If you have any comments or corrections, please do let us know. https://www.ripe.net/ripe/groups/wg/anti-abuse/minutes/ripe-64 Draft RIPE Anti-Abuse Working Group Minutes -- RIPE 64 Thursday, 19 April 2012, 11:00-12:30, Ljubljana Co-Chairs: Brian Nisbet and Tobias Knecht Scribe: Fergal Cunningham Chat Monitor: Robert Kisteleki A. Administrative Matters Welcome The Anti-Abuse Working Group Co-Chair Brian Nisbet opened the session and welcomed the attendees. He thanked the scribe, chat monitor and stenographers and then introduced his co-chair, Tobias Knecht. Approve Minutes from RIPE 63 Brian noted that there was one comment on the posted minutes but it was not a request for a content change. There were no further comments so he declared that the RIPE 63 minutes were approved. Finalise Agenda There were no additions to the agenda. The agenda is available at: https://ripe64.ripe.net/presentations/189-AA-WG_RIPE_64.pdf B. Update B1: Recent List Discussion Brian noted that there was a lot of discussion on the mailing list since RIPE 63, and he encouraged people who had not subscribed to the mailing list to do so and participate in the discussions. He proposed to run through the main topics that emerged in the previous months. Abuse Reports/Allegations Brian said that a lot of the list discussion over the past months related to allegations of specific incidents of abuse. He said this can be a good thing and often highlights the working group's facility for exchange of information. He pointed out, however, that the mailing list was not the place to actually report abuse and that no direct action would come of that. He advised people to instead look at the hacking FAQs, see the new RIPE NCC reporting procedure and be careful about any language used to accuse people of wrongdoing. RIPE Database Bulk Access and Data Protection Task Force Legal Analysis Brian noted that there had been a lot of discussion on the mailing list about bulk access to the RIPE Database, what constituted public and private data, and what should be considered acceptable bulk access to the database. He said the rules on this matter were decided by the RIPE Data Protection Task Force. He said the RIPE NCC published the legal advice given to the task force and he said the working group would like to see more precise legal analysis containing reference to specific relevant legislation. Jochem de Ruig, Chief Financial Officer of the RIPE NCC, clarified that the report came from the Data Protection Task Force. Brian acknowledged this and said the working group would like to see the more detailed legal analysis. Peter Koch, DENIC, asked what the outcome of performing this more in-depth legal analysis would be. Brian said that the citation was requested and the working group was trying to provide it. He said the Data Protection Task Force did not arise out of the Anti-Abuse Working Group and he saw no reason for it to be formed again. He said this matter concerned the provision of information that was requested and, although he did not see the working group mailing list as the place to discuss this matter, he could not control what people talked about on the list. Peter thanked Brian for the clarification and noted that the RIPE NCC and operators work in an environment where consensus in a working group is not in a position to take precedence over the legal environment. Wilfried Woeber, ACOnet, said that in the RIPE framework, the task forces act in an advisory role and does not make a decision regarding what should be implemented. He said he appreciated the decision to improve the documentation but that task force is closed and it should not be half-heartedly resurrected. He recommended that if there were a justifiable need to cover this ground again, then it would be better to create a new task force or raise the issue in the RIPE NCC Services Working Group or the Anti-Abuse Working Group. ACTION: The RIPE NCC to provide more detailed legal analysis on the report of Data Protection Task Force. RIPE Policy Proposal 2011-06 Brian noted that this was a separate agenda item and Tobias would lead the discussion on this at the appropriate point. Community Self-help/Reputation Brian noted that there was some discussion on this matter on the working group mailing list but it seems to have died down after some useful responses were posted on the list. Spam FAQs and Community Interaction Brian noted with regard to the Spam FAQs that this was evidence that when the community feels that the RIPE NCC does something that is not good enough then it will react to feedback given and improve matters in consultation with people who are experts on the subject. He thanked the RIPE NCC for improving the documentation relating to spam. He said that, despite some comments on the mailing list, there is a dialogue going on and the RIPE NCC will be responsive. He noted that the updated Spam FAQs were now online. The RIPE NCC Reporting Procedure Brian noted that Laura Cobley from the RIPE NCC would present on the RIPE NCC Reporting Procedure later in the agenda so discussion could take place at that point. Data Verification Brian noted that the subject of data verification has popped up on the mailing list intermittently for some time. He said there was a relevant policy proposal in 2010 but this was withdrawn for a number of reasons, one of which was the establishment of the Abuse Management Task Force. He said the increased discussion about data verification recently indicates that there could be a relevant policy proposal put forward at some stage. He said the proposal could come out of the task force or it could come from an individual, but as chair of the task force he will work with the rest of the task force on this. B2: Updates CleanIT Project But Klaasen from the Ministry of Security and Justice in the Netherlands gave a presentation on the CleanIT Project. The presentation is available at: https://ripe64.ripe.net/presentations/199-Ljubiljana.pdf Max Tuleyev, NetAssist, asked for the definition of terrorism that the project uses because it is a very broad term. But said the definition being used was the legal definition as used by the European Commission, which is available on the European Commission website. He added that the main concentration was currently on Al Qaeda-influenced matters because that was where they identified the main threat as coming from. He said this threat was mainly to disrupt society using ideological methods. Pascal Gloor, Finecom Telecommunications, asked about Facebook's real identity policy. But said he knew Facebook was in favour of a real name identity policy because it feels that Facebook works properly if the person whose profile you see is actually a real person, so they have a policy to enforce this. Pascal said that in Switzerland, there was a website where people could report illegal activity to the police and if it's interesting, the police can investigate further. But said that a number of countries had set up websites such as this and sometimes it proved successful and sometimes it did not. He said this was something countries should look to develop and he noted that France has a useful way of allowing people to make these notifications. He said it was difficult to evaluate if the activity reported is really illegal and there are also language problems that can prevent the information from getting to the authorities in the proper manner. Patrick Tarpey, OFCOM, asked But if he saw a conflict between the aims of the CleanIT Project and proposed draft regulations on privacy, particularly the notion of privacy by design for websites and also the idea of the right to be forgotten online. But confirmed that he thought such a conflict did exist, and he said this is why he wanted people to participate in the discussions to find solutions. He added that the main challenge of the project was to establish a correct border between freedom on the Internet on one side and effective law enforcement on the other side. Brian said he was encouraged to hear But's comments that website blocking is not effective at a company or state level. He lamented the fact that the Irish state was lagging somewhat in this regard as it thought website blocking would solve many of its problems. But concluded by noting that further information was available on the CleanIT website, which also included relevant definitions regarding terrorism: http://www.cleanitproject.eu/ Wilfried Woeber, ACOnet, said Austria was also involved in similar activities to some degree but the governments across the EU were not acting in an entirely consistent way. He said he hoped projects such as this one would have a trickle-up effect to governments because the methods used to fight terrorism can then be applied to fight something such as child pornography and then copyright violations and then other things. He said the presenter should not expect support with one particular goal if you punish that community using the same methods. But said this comment underlined the main challenge of the project. He said they were trying to position their work between the public and private sectors, and this is one of the reasons the project has its own website separate from any ministry. He said they could receive recommendations for the private sector and for governments, and he is aware that governments don't always work so efficiently. He said it is a non-legislative process, but if industry as well as governments support it, he believes it is a project that can grow. He agreed with Wilfried that what works for anti-terrorism might not be applicable to other areas. Patrick Tarpey, OFCOM, said that the project used the European Commission definition of terrorism, and he asked whether it might be more useful to use a United Nations definition, for example, as the Internet community covered a much larger area that the European Union. But said this was a valid point but that they had to be pragmatic. He said the project began in the Netherlands and it was not possible to introduce it on a worldwide level. He said the next obvious step was to move to a European Union level, but he agreed that moving to a more global level should be the next logical step. RIPE NCC Reporting Procedure Laura Cobley, RIPE NCC Customer Services Manager, presented on the RIPE NCC Reporting Procedure. The presentation is available at: https://ripe64.ripe.net/presentations/197-lauracobley.pdf Peter Koch, DENIC, asked if the maintainer of the object or the sponsoring LIR was the responsible party when incorrect data in the RIPE Database was reported. Laura said this depended on whether the resource was directly assigned by the RIPE NCC or it was a direct assignment via a sponsoring LIR. She said in all cases either the member or the DAU was contacted. Peter said some of the objects are maintained by people who are not members, so this channel is not available in those cases. He said that sometimes the person who is maintaining the object is the one who has entered incorrect data, so this leads to a deadlock. Laura said there was a contractual requirement for members to maintain the data and to make sure that End Users keep the data up to date. She said this was the proper channel to begin with and if this does not work, then the RIPE NCC would have to look at alternative means of communicating. Peter asked if this meant that the RIPE NCC used information that was not available publicly in the RIPE Database in order to contact people. Laura said they would first use the public data contained in the organisation object, for example, but sometimes the RIPE NCC had more specific contact information that could be used if necessary. Kaveh Ranjbar, RIPE NCC Database Manager, said that if a member does not directly maintain a resource, the RIPE NCC would go to the hierarchy to find the responsible party. He said this should work in the majority of cases but obviously not all cases. C. Policies Discussion on RIPE Policy Proposal 2011-06 Tobias Knecht, Anti-Abuse Working Group co-Chair, gave an update on RIPE Policy Proposal 2011-06, Abuse Contact Management in the RIPE NCC Database. He said the proposal to introduce an "abuse-c:" contact attribute in the RIPE Database was made about a year ago and following some good discussion on the mailing list a second version was posted before the RIPE 64 Meeting. He said the new proposal concentrates on the creation of the "abuse-c:" attribute in the RIPE Database and the implementation details can be proposed by the RIPE NCC in the next step. Tobias said the proposal was more or less for a role object with a mandatory "abuse-c:" attribute that should be available without query restrictions on all systems. He said there was discussion on the mailing list about data accuracy and it was proposed to include data accuracy provisions in the proposal, but it was felt by Brian, Tobias and the Abuse Management Task Force that this would be too complicated and it would be better to concentrate on the "abuse-c:" attribute for the moment. He said the data accuracy issue should cover the entire RIPE Database and not just the "abuse-c:" attribute. He noted that the proposal was still some way from the Final Phase but good progress had been made. Emilio Madaio, Policy Development Officer for the RIPE NCC, said that the proposal would go through the RIPE Policy Development Process in the standard way. He said the RIPE NCC would provide and impact analysis and he asked that as many people as possible contribute to the discussion on the mailing list so the RIPE NCC could provide a comprehensive analysis. Tobias said that even if people had no objections to the proposal, they should voice their support on the mailing list to help achieve broad consensus. Brian noted that he would act as the relevant working group chair regarding the proposal because Tobias was involved in drafting the proposal. D. Interactions Working Groups Brian said there was welcome interaction with the RIPE Database Working Group concerning RIPE Policy Proposal 2011-06. He noted that if a data verification proposal were made, it would be wide reaching and would necessarily involve the RIPE NCC Services, DNS and RIPE Database Working Groups. He said such a policy would probably not arise out of the Anti-Abuse Working Group but there would be a lot of interaction across a number of working groups. Legal Enforcement Agency (LEA) Interactions Brian said the RIPE NCC Roundtable Meeting for LEAs took place in March and he said he represented the Anti-Abuse Working Group at that meeting. He said it was a very productive meeting that showed good awareness from LEAs of the role of the RIRs and their communities. He thanked the UK's Serious Organised Crime Agency for its work in this area. He said LEAs were not as concerned about IPv6 issues as they were a year ago but there was a lot of concern expressed over technical issues such carrier grade NATs. He said, whatever people think about lawful interception and issues like that, this is another problem highlighted by technology moves towards using carrier grade NATs. He reiterated the advice to configure IPv6 as soon as possible. Brian said the desire to interact was demonstrated in issues such as the DNS changer conversation, which was largely covered in the DNS Working Group and RIPE NCC Services Working Group. He said the freezing of resources in the RIPE Database on the back of the Dutch police order means that the RIPE NCC is taking the Dutch state to court to clarify what exactly the procedure should be in the future. He said he was encouraged by comments from the RIPE NCC that it would not react in the same way if there were a similar occurrence or request again without first being fully aware of the implications and receiving a Dutch court order. He said the DNS changer issue was overall a positive thing for both RIPE and ARIN and should improve the way law enforcement works with the RIRs. Brian noted that the Cyber Crime Working Party (CCWP) also had some interactions in London and the CCWP continues to be a place where law enforcement and the RIR communities can come together to discuss issues of common concern. Pascal Gloor, Finecom Telecommunications, asked in relation to RPKI and the DNS changer issue whether it would be useful to diversify the source under different authorities. Brian said this was a big question and this working group might not be the correct forum to discuss it. He said, speaking personally, that he trusted the RIPE NCC to do the right thing. Pascal said he proposed that, with RPKI, the five RIRs would be independent authorities giving the advantage that you could use a majority system so it would be more difficult for authorities to invalidate a certificate. Brian thanked Pascal for the comment and said this issue could not be fully discussed at this point. X. A.O.B. There was no other business to discuss. Z. Agenda for RIPE 65 Brian noted that with the dynamic RIPE Programme Committee, items for the RIPE Meeting agendas were being received earlier each meeting. He asked attendees to consider if they might have something to present in Amsterdam in September 2012. He asked that people mail the list with suggestions or contact himself or Tobias. Brian thanked everyone for attending and he closed the session at 12:28 (UTC +2). The webcast recording and stenography transcripts from this session are available at: https://ripe64.ripe.net/archives/#Thursday From emadaio at ripe.net Fri Jun 8 16:19:55 2012 From: emadaio at ripe.net (Emilio Madaio) Date: Fri, 08 Jun 2012 16:19:55 +0200 Subject: [anti-abuse-wg] 2011-06 New Draft Document Published (Abuse Contact Management in the RIPE NCC Database) Message-ID: Dear Colleagues, The text of RIPE Policy Proposal, 2011-06, "Abuse Contact management in the RIPE NCC Database", has been revised. We have published the new version (version 3.0) today. Highlights of the changes in version 3.0 are: -Rewording of the RIPE Database in title and in the Abstract; -updated the format of database attribute and objects; -reworded more simply the attribution section. As per RIPE document ripe-500, "Policy Development Process in RIPE", the suggested changes were not considered significant to require a new Discussion Phase. Hence the proposal moves to the Review Phase of the RIPE Policy Development Process. The draft document for the proposal has been published. The impact analysis that was conducted for this proposal has also been published. You can find the full proposal at: https://www.ripe.net/ripe/policies/proposals/2011-06 and the draft document at: https://www.ripe.net/ripe/policies/proposals/2011-06/draft We encourage you to read the draft document text and send any comments to anti-abuse-wg at ripe.net before 6 July. Regards Emilio Madaio Policy Development Officer RIPE NCC From lists at help.org Tue Jun 12 17:38:19 2012 From: lists at help.org (lists at help.org) Date: Tue, 12 Jun 2012 11:38:19 -0400 Subject: [anti-abuse-wg] meeting minutes Message-ID: <4FD7626B.50808@help.org> Hi, the meeting minutes are so vague and unclear that most people would have no idea what is discussed or what the issues are. For instance, the issues include that there is no linkage between the EU privacy laws and the actions taken by RIPE. The same goes for the so-called consensus process. it is so vague and the issues are not spelled out so anyone can claim a "consensus" even though the issues were never really identified. Also, there is a proposal to change the way abuse contacts are listed in the database. however, there is no description as to what makes those contacts fundamentally different from other contacts as it relates to the law and the claimed "consensus". The minutes seemed designed to make sure outsiders have no idea what is going on. It is interesting to note the ".ro" database that claims technical contacts cannot be revealed because it is protected by a specific privacy law. they also claim "copyrights" on the data even though copyrights do not cover lists of facts like whois data. Thank You -------------- next part -------------- An HTML attachment was scrubbed... URL: From brian.nisbet at heanet.ie Tue Jun 12 18:18:02 2012 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Tue, 12 Jun 2012 17:18:02 +0100 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FD7626B.50808@help.org> References: <4FD7626B.50808@help.org> Message-ID: <4FD76BBA.7020104@heanet.ie> Hi, "lists at help.org" wrote the following on 12/06/2012 16:38: > Hi, > > the meeting minutes are so vague and unclear that most people would have > no idea what is discussed or what the issues are. For instance, the > issues include that there is no linkage between the EU privacy laws and > the actions taken by RIPE. The same goes for the so-called consensus > process. it is so vague and the issues are not spelled out so anyone can > claim a "consensus" even though the issues were never really identified. If the minutes are unclear you can view the full WG stream and read the stenography here: https://ripe64.ripe.net/archives/#Thursday https://ripe64.ripe.net/archives/steno/21 https://ripe64.ripe.net/programme/meeting-plan/anti-abuse-wg/ I'm not sure what other questions you have, precisely. > Also, there is a proposal to change the way abuse contacts are listed in > the database. however, there is no description as to what makes those > contacts fundamentally different from other contacts as it relates to > the law and the claimed "consensus". The minutes seemed designed to make > sure outsiders have no idea what is going on. The full text of 2011-06 as it stands right now can be found here: http://www.ripe.net/ripe/policies/proposals/2011-06 This policy has not reached consensus and is still in review phase, as Emilio stated last week. > It is interesting to note the ".ro" database that claims technical > contacts cannot be revealed because it is protected by a specific > privacy law. they also claim "copyrights" on the data even though > copyrights do not cover lists of facts like whois data. Interesting, certainly, but not relevant to 2011-06 because that only relates to the RIPE DB. In fact 2011-06 is attempting to make abuse contact more accessible to everyone, even in bulk. Brian. From lists at help.org Tue Jun 12 23:26:53 2012 From: lists at help.org (lists at help.org) Date: Tue, 12 Jun 2012 17:26:53 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FD76BBA.7020104@heanet.ie> References: <4FD7626B.50808@help.org> <4FD76BBA.7020104@heanet.ie> Message-ID: <4FD7B41D.1080305@help.org> >If the minutes are unclear you can view the full WG stream and read the stenography here: Since the minutes are unclear I request you update the minutes to make them clear. Many people have no idea about the RIPE process and if they read the minutes they should be able to get some idea about the issues. Only a tiny, almost infinitesimal, fraction of the many millions of Internet users affected by the issues would have enough inside knowledge to figure out what was going on. It is not practical to demand people sift through large amounts of data to get basic information about what is going on. >Interesting, certainly, but not relevant to 2011-06 because that only relates to the RIPE DB. In fact 2011-06 is attempting to make abuse contact more accessible to everyone, even in bulk. As I have explained many times is is not just an issue of making it "more accessible to everyone" it is about following laws, procedures, and policies and being able to explain the authority for any action that is taken. I realize for most of the people involved they have never done this, they make things up as they go along, and then they go around harassing people and accusing them of being spammers if they dare to raise these issues. But that is not really a legitimate process. From james.davis at ja.net Wed Jun 13 11:11:30 2012 From: james.davis at ja.net (James Davis) Date: Wed, 13 Jun 2012 10:11:30 +0100 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> Message-ID: <4FD85942.2090901@ja.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 12/06/2012 16:38, lists at help.org wrote: > they also claim "copyrights" on the data even though copyrights do > not cover lists of facts like whois data. IANA(EU)L, but I believe you are correct in that within the EU objective collections of data should not automatically obtain copyright protection. Entirely separate to copyright there do appear to be 'database rights' that allow the owner of a database to object to things like copying of the database to protect the effort that went into creating it. I expect there are a large number of harmless explanations for what you've seen, including: - - RoTLD believe that they've done something to confer copyright protection. - - Their notice is simply mistranslated into English - - Romania is a new member of the EU and hasn't yet harmonized this aspect of it's copyright law If you haven't done so already it'd be worth writing to them and asking. Regards, James - -- James Davis 0300 999 2340 (+44 1235 822340) Senior CSIRT Member Lumen House, Library Avenue, Didcot, Oxfordshire, OX11 0SG -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREIAAYFAk/YWUIACgkQjsS2Y6D6yLxA4AD/Srca7GMOXWqGFB4xdm37Qoc9 eOuENSISnaNXw3KK97IA/i3YjIsGf5H3SB/tN/SQ9Nv2bnZMgGzjjkSBiqNONvqw =lgfj -----END PGP SIGNATURE----- Janet is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG From michele at blacknight.ie Wed Jun 13 11:17:10 2012 From: michele at blacknight.ie (Michele Neylon :: Blacknight) Date: Wed, 13 Jun 2012 09:17:10 +0000 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FD85942.2090901@ja.net> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> Message-ID: <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> Pretty much all domain name registries will hold copyright in their whois database Do a lookup on any ccTLD domain name and you'll see this On 13 Jun 2012, at 10:11, James Davis wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 12/06/2012 16:38, lists at help.org wrote: > >> they also claim "copyrights" on the data even though copyrights do >> not cover lists of facts like whois data. > > IANA(EU)L, but I believe you are correct in that within the EU > objective collections of data should not automatically obtain > copyright protection. Entirely separate to copyright there do appear > to be 'database rights' that allow the owner of a database to object > to things like copying of the database to protect the effort that went > into creating it. > > I expect there are a large number of harmless explanations for what > you've seen, including: > > - - RoTLD believe that they've done something to confer copyright > protection. > - - Their notice is simply mistranslated into English > - - Romania is a new member of the EU and hasn't yet harmonized this > aspect of it's copyright law > > If you haven't done so already it'd be worth writing to them and asking. > > Regards, > > James > > - -- > James Davis 0300 999 2340 (+44 1235 822340) > Senior CSIRT Member > Lumen House, Library Avenue, Didcot, Oxfordshire, OX11 0SG > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (Darwin) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iF4EAREIAAYFAk/YWUIACgkQjsS2Y6D6yLxA4AD/Srca7GMOXWqGFB4xdm37Qoc9 > eOuENSISnaNXw3KK97IA/i3YjIsGf5H3SB/tN/SQ9Nv2bnZMgGzjjkSBiqNONvqw > =lgfj > -----END PGP SIGNATURE----- > > Janet is a trading name of The JNT Association, a company limited > by guarantee which is registered in England under No. 2881024 > and whose Registered Office is at Lumen House, Library Avenue, > Harwell Oxford, Didcot, Oxfordshire. OX11 0SG > > Mr Michele Neylon Blacknight Solutions ? Hosting & Colocation, Brand Protection ICANN Accredited Registrar http://www.blacknight.com/ http://blog.blacknight.com/ http://blacknight.biz http://mneylon.tel Intl. +353 (0) 59 9183072 US: 213-233-1612 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Facebook: http://fb.me/blacknight Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From emadaio at ripe.net Wed Jun 13 15:50:56 2012 From: emadaio at ripe.net (Emilio Madaio) Date: Wed, 13 Jun 2012 15:50:56 +0200 Subject: [anti-abuse-wg] Proposal 2011-06: some mailing list solicitation Message-ID: <4FD89AC0.7040108@ripe.net> Hi Brian and Tobias, we moved to Review Phase the proposal 2011-06 last Friday. Although Kaveh and I were expecting input at any time, nothing much has happened. Just as a heads up, I'd suggest to be ready if the situation does not change this and/or the next week. It might be necessary to solicit and invite for more input and feedback in the mailing list. It is something that one of the WG co-chair and/or the proposer can do. Usually the timing I suggest is after one week and a half (19-20 June) but it is actually arbitrary. Anyway, this is just to let you know. Regards Emilio From tk at abusix.com Wed Jun 13 16:34:07 2012 From: tk at abusix.com (Tobias Knecht) Date: Wed, 13 Jun 2012 16:34:07 +0200 Subject: [anti-abuse-wg] Proposal 2011-06: some mailing list solicitation In-Reply-To: <4FD89AC0.7040108@ripe.net> References: <4FD89AC0.7040108@ripe.net> Message-ID: <4FD8A4DF.5090603@abusix.com> OK, Emilio, let's see if the mailing list will wake up after your last message. :-) Thank you On 13.06.12 15:50, Emilio Madaio wrote: > Hi Brian and Tobias, > we moved to Review Phase the proposal 2011-06 last Friday. Although > Kaveh and I were expecting input at any time, nothing much has happened. > > Just as a heads up, I'd suggest to be ready if the situation does not > change this and/or the next week. It might be necessary to solicit and > invite for more input and feedback in the mailing list. > > It is something that one of the WG co-chair and/or the proposer can do. > Usually the timing I suggest is after one week and a half (19-20 June) > but it is actually arbitrary. > > > Anyway, this is just to let you know. > > > Regards > Emilio > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 307 bytes Desc: OpenPGP digital signature URL: From lists at help.org Wed Jun 13 18:34:37 2012 From: lists at help.org (lists at help.org) Date: Wed, 13 Jun 2012 12:34:37 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> Message-ID: <4FD8C11D.7010903@help.org> >Pretty much all domain name registries will hold copyright in their whois >database Do a lookup on any ccTLD domain name and you'll see this The point is that nobody holds a copyright on a set of facts such as whois registration data. People just put these banner notices without any thought to whether they have legal authority to do so or whether they make sense at all. They may have some rights but it is not under copyright law. I did not contact .ro but I have contacted others about their whois policies. RIPE gave evasive answers and ARIN will not give any kind of answer other than to point to their posted policies (when I asked for clarification they won't answer). It is generally a waste of time to contact whois operators about these issues because you will get some techie who thinks he knows it all and who thinks his technical knowledge gives him a free pass to disregard the law. When you point out things that don't make sense they just don't answer. it is like this group, you ask that the minutes be fixed so people can understand it you get excuses and/or no response. This is just arrogance of techies who want to shut out the users. From gert at space.net Wed Jun 13 19:01:49 2012 From: gert at space.net (Gert Doering) Date: Wed, 13 Jun 2012 19:01:49 +0200 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FD8C11D.7010903@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> Message-ID: <20120613170149.GN84425@Space.Net> Hi, On Wed, Jun 13, 2012 at 12:34:37PM -0400, lists at help.org wrote: > it is like this group, you ask that the minutes be fixed so people can > understand it you get excuses and/or no response. This is just > arrogance of techies who want to shut out the users. The minutes are not a children's introduction to the world. They are a transcript of what has been said and done at the meeting - and you can verify their accurateness using the audio/video recording. If you do not understand what these people are talking about, it doesn't mean the minutes are incorrect. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279 From lists at help.org Thu Jun 14 00:11:45 2012 From: lists at help.org (lists at help.org) Date: Wed, 13 Jun 2012 18:11:45 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <20120613170149.GN84425@Space.Net> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> Message-ID: <4FD91021.308@help.org> >The minutes are not a children's introduction to the world. They are a transcript of what has been said and done at the meeting. Minutes are not transcripts. see http://www.robertsrules.com/ for more information. The postings are meant to allow the entire Internet community to see and understand what is going on. Right now they are cryptic and they do not identify the actual issues at hand and don't achieve the goal of allowing people the opportunity to see what is going on. It may be used by "experts" such as yourself or someone who may not know as much as you and never attended a meeting. You want to take a radical view by claiming an extreme by saying a "childrens introduction to the world." What you really mean is that you want to exclude everybody except your small group of buddies and you want to tell the rest of the world (or "children" as you see it) what to do. If all these issues were posted somewhere else and the minutes were a little cryptic I could see that but the information is not posted anywhere else and every report, summary, framework, etc. is so vague people have to exert an extensive effort just to understand what is going on. From pk at DENIC.DE Thu Jun 14 08:54:53 2012 From: pk at DENIC.DE (Peter Koch) Date: Thu, 14 Jun 2012 08:54:53 +0200 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FD91021.308@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> Message-ID: <20120614065453.GJ10866@x27.adm.denic.de> On Wed, Jun 13, 2012 at 06:11:45PM -0400, lists at help.org wrote: > understand what is going on. Right now they are cryptic and they do not > identify the actual issues at hand and don't achieve the goal of > allowing people the opportunity to see what is going on. I disagree with this assessment. The minutes are detailed and, to my reading, reflect the session well. They list statements, facts, and actions. Minutes do not provide conclusions or speculation, therefore I'd appreciate if you took the time to re-read and clearly state the deficiencies you perceive instead of using terms like "cryptic" without substantiation. And for that matter, approval of the minutes does not imply happiness with either the content or the result of the meeting. -Peter From shane at time-travellers.org Thu Jun 14 09:32:04 2012 From: shane at time-travellers.org (Shane Kerr) Date: Thu, 14 Jun 2012 09:32:04 +0200 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <20120614065453.GJ10866@x27.adm.denic.de> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> Message-ID: <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> Peter, On Thursday, 2012-06-14 08:54:53 +0200, Peter Koch wrote: > On Wed, Jun 13, 2012 at 06:11:45PM -0400, lists at help.org wrote: > > > understand what is going on. Right now they are cryptic and they > > do not identify the actual issues at hand and don't achieve the > > goal of allowing people the opportunity to see what is going on. > > I disagree with this assessment. The minutes are detailed and, to > my reading, reflect the session well. They list statements, facts, > and actions. Minutes do not provide conclusions or speculation, > therefore I'd appreciate if you took the time to re-read and > clearly state the deficiencies you perceive instead of using terms > like "cryptic" without substantiation. > And for that matter, approval of the minutes does not imply happiness > with either the content or the result of the meeting. This is spot-on. (Although I wasn't at the meeting this time and haven't reviewed the streaming feed, so I am talking about form, and can't confirm the content!) Most actual issues are discussed on this list before the meetings, although of course not all. Some come from the wider world, and some are brought to the attention of the working group at the RIPE meeting itself. If one wants to know the background of what is being discussed in a RIPE working group, then one should simply follow the mailing list for a while, and either attend a RIPE meeting or watch the live streams. It takes time, but most things worth doing do! An alternate strategy may be to ask someone involved in the group (like one of the working group chairs) for some of their time, and they may be willing to explain their view of the current status of the work. Also any actual policy proposals are on the policy development page: http://www.ripe.net/ripe/policies/current-proposals Cheers, -- Shane From lists at help.org Thu Jun 14 14:43:01 2012 From: lists at help.org (lists at help.org) Date: Thu, 14 Jun 2012 08:43:01 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> Message-ID: <4FD9DC55.1010206@help.org> >If one wants to know the background of what is being discussed in a RIPE working group, then one should simply >follow the mailing list for a while, and either attend a RIPE meeting or watch the live streams. It takes time, but >most things worth doing do! This attitude is just arrogance. People are busy and are involved in many things. Just because they don't have the time to do this all day doesn't mean they should be shut out of the process. What about various other issues like product safety, politics, etc. Just because you don't spend large amounts of time studying product safety or political candidates doesn't mean you are not allowed to vote in an election or have a say in product safety issues. In other words, the world does not revolve around you. From lists at help.org Thu Jun 14 14:49:45 2012 From: lists at help.org (lists at help.org) Date: Thu, 14 Jun 2012 08:49:45 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <20120614065453.GJ10866@x27.adm.denic.de> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> Message-ID: <4FD9DDE9.9070704@help.org> >clearly state the deficiencies you perceive instead of using terms like "cryptic" without substantiation. It references issues brought up on the mailing list without listing those issues. Someone would have to read through all the e-mails to understand what the issues are and even then many people will have different perspectives of what the issues actually are. The issues need to be listed somewhere. Maybe they shouldn't be in the the minutes, maybe a summary of the issues posted somewhere and a link provided in the minutes. In any case the issues should be spelled out somewhere in a summary of what the task force is trying to do. From gert at space.net Thu Jun 14 14:52:45 2012 From: gert at space.net (Gert Doering) Date: Thu, 14 Jun 2012 14:52:45 +0200 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FD9DC55.1010206@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> Message-ID: <20120614125245.GX84425@Space.Net> Hi, On Thu, Jun 14, 2012 at 08:43:01AM -0400, lists at help.org wrote: > In other words, the world does not revolve around you. Amen. Have you looked into a mirror recently? Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279 From thor.kottelin at turvasana.com Thu Jun 14 15:05:52 2012 From: thor.kottelin at turvasana.com (Thor Kottelin) Date: Thu, 14 Jun 2012 16:05:52 +0300 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FD9DC55.1010206@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> Message-ID: > -----Original Message----- > From: anti-abuse-wg-bounces at ripe.net [mailto:anti-abuse-wg- > bounces at ripe.net] On Behalf Of lists at help.org > Sent: Thursday, June 14, 2012 3:43 PM > To: anti-abuse-wg at ripe.net > >If one wants to know the background of what is being discussed in > a > RIPE working group, then one should simply > >follow the mailing list for a while, and either attend a RIPE > meeting > or watch the live streams. It takes time, but > >most things worth doing do! > > This attitude is just arrogance. People are busy and are involved > in > many things. Just because they don't have > the time to do this all day doesn't mean they should be shut out of > the > process. This is a working group, the word 'working' implying that some effort is expected of active participants. Meeting minutes should accurately describe what transpired at the meeting. Non-participants who find the terminology difficult to understand are better served by less specific information. -- Thor Kottelin http://www.anta.net/ From aftab.siddiqui at gmail.com Thu Jun 14 15:01:34 2012 From: aftab.siddiqui at gmail.com (Aftab Siddiqui) Date: Thu, 14 Jun 2012 18:01:34 +0500 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FD9DDE9.9070704@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <4FD9DDE9.9070704@help.org> Message-ID: @ list at help On Thu, Jun 14, 2012 at 5:49 PM, lists at help.org wrote: > > It references issues brought up on the mailing list without listing those > issues. Someone would have to read through all the e-mails > to understand what the issues are and even then many people will have > different perspectives of what the issues actually are. The > issues need to be listed somewhere. Maybe they shouldn't be in the the > minutes, maybe a summary of the issues posted somewhere and a link > > Can you please list down all the "real" issues and put it in a human readable form and share it with everyone. It would be a huge favor for everyone, isn't it? Just a request. Regards, Aftab A. Siddiqui. -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at help.org Thu Jun 14 18:58:45 2012 From: lists at help.org (lists at help.org) Date: Thu, 14 Jun 2012 12:58:45 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> Message-ID: <4FDA1845.8050604@help.org> >This is a working group, the word 'working' implying that some effort is expected of active participants. Not all people are active participants. The vast majority of people affected are not active participants and some people just want to see what is going on. >Non-participants who find the terminology difficult to understand are better served by less specific information. I am glad you have decided for all those millions of Internet users what is best for them. Basically you are admitting there is no consensus process and that few people get to decide what everyone else gets to know. I have already submitted a list of issues several times to this group and RIPE and nobody wants to describe these issues on the information that is provided to the Internet community. I am compiling that information at http://WhoisSecurity.com. I still have more work to do and I will be adding information as I get it but you are free to take any information there and add it to your various reports. A couple here people have sent me suggestions of things to look into and I am getting to it. I am hoping to hear back from ARIN, CIRA, and the US Department of Commerce (.us) about their whois policies and their enforcement as it relates to the information being harvested, repackaged and sold in whois history reports and the legal authority behind those banner notices. I don't expect I will get any solid answers from those entities but I have made the inquiries. From aftab.siddiqui at gmail.com Thu Jun 14 19:35:38 2012 From: aftab.siddiqui at gmail.com (Aftab Siddiqui) Date: Thu, 14 Jun 2012 22:35:38 +0500 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FDA1845.8050604@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> <4FDA1845.8050604@help.org> Message-ID: [pardon for the top post] @ list at help Do you believe in consensus? If you do than the consensus of this WG is very clear. The pace is very slow but atleast in forward direction. Only IMO Secondly, I requested you humbly to compile a list of real issues with real work examples and share it with everyone so anyone who failed to understand the meeting minutes can get the proper insight of real issues. Can you please point me to that particular mail from archives where you listed all the "real" issues. I couldnt find any from 'list at help' Sorry, I don't want to visit the site you mentioned to gather any information. I went there once and saw loads of google ads and I dont want to be part of any revenue stream. Regards, Aftab A. Siddiqui. On Thursday, June 14, 2012, lists at help.org wrote: >>This is a working group, the word 'working' implying that some effort is expected of active participants. > > Not all people are active participants. The vast majority of people affected are not active participants and some people just want to see what is going on. > >>Non-participants who find the terminology difficult to understand are better served by less specific information. > > I am glad you have decided for all those millions of Internet users what is best for them. Basically you are admitting there is no consensus process and that few people get to decide what everyone else gets to know. > > I have already submitted a list of issues several times to this group and RIPE and nobody wants to describe these issues on the information that is provided to the Internet community. I am compiling that information at http://WhoisSecurity.com. I still have more work to do and I will be adding information as I get it but you are free to take any information there and add it to your various reports. A couple here people have sent me suggestions of things to look into and I am getting to it. I am hoping to hear back from ARIN, CIRA, and the US Department of Commerce (.us) about their whois policies and their enforcement as it relates to the information being harvested, repackaged and sold in whois history reports and the legal authority behind those banner notices. I don't expect I will get any solid answers from those entities but I have made the inquiries. > > > -- Regards, Aftab A. Siddiqui -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at help.org Thu Jun 14 22:18:45 2012 From: lists at help.org (lists at help.org) Date: Thu, 14 Jun 2012 16:18:45 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> <4FDA1845.8050604@help.org> Message-ID: <4FDA4725.7080903@help.org> >Do you believe in consensus? If you do than the consensus of this WG is very clear. The pace is very slow but atleast in forward direction. Only IMO There is no "consensus" because you shut people out. the people who claim there is one are not truthful >Secondly, I requested you humbly to compile a list of real issues with real work examples I have already done that for the issues I raised. of course many other people raised issued and I would like to see how the group interpreted those comments and turned them into issue. Right now the minutes say that there was some decision about some unnamed issues so the minutes are not valid as it stands. >Sorry, I don't want to visit the site you mentioned to gather any information. I went there once and saw loads of google ads and I dont want to be part of any revenue stream. That is not a legitmate or credible response. I am sure you visit Google all the time. On top of that you sent me an e-mail from a Gmail account so it seems you are pretty deep into the Google revenue stream. Why don't stop wasting time with your petty, childish, idiotic responses, You are just throwing a temper tantrum because I pointed how your little group is not operating in a legitimate manner. Why don't you just admit there is no "consensus" and that a small group shuts everyone else out and tells them what to do? From tk at abusix.com Fri Jun 15 01:30:13 2012 From: tk at abusix.com (Tobias Knecht) Date: Fri, 15 Jun 2012 01:30:13 +0200 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FDA4725.7080903@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> <4FDA1845.8050604@help.org> <4FDA4725.7080903@help.org> Message-ID: <4FDA7405.5050704@abusix.com> Dear lists at help.org > Why don't stop wasting time with your petty, childish, idiotic responses This is not the kind of language we will accept on this list, no matter how controversial and tough the discussion is. Next time, before you press the send button, go for a walk, take a deep breath, calm down, read it again, get rid of such language and then send it. If you have the feeling that your voice is not heard here, please list your concerns in an understandable and easy readable way without any personal and disproportional comments. If people on the list still do not understand your concerns rephrase them and post them again in a more understandable way or try to explain them in a friendly way. The AA-WG is always listening to concerns and is discussing them in a often very controversial manner. Never the less AA-WG was never and will never be a working group that is able to explain every single decision to all internet users. Interested internet users are always welcome to join the mailinglist and attend the ongoing discussions in the same way other members do. Thank you for your understanding and your cooperation. Tobias Knecht -- Co-Chair RIPE AA-WG -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 307 bytes Desc: OpenPGP digital signature URL: From lists at help.org Fri Jun 15 06:17:19 2012 From: lists at help.org (lists at help.org) Date: Fri, 15 Jun 2012 00:17:19 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FDA7405.5050704@abusix.com> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> <4FDA1845.8050604@help.org> <4FDA4725.7080903@help.org> <4FDA7405.5050704@abusix.com> Message-ID: <4FDAB74F.6020007@help.org> >This is not the kind of language we will accept on this list, no matter how controversial and tough the discussion is. Save your petty little personal attacks and temper tantrums for someone else. The fact is people on this list harass and intimate people to the people no longer want to post. A number of people personally attack me but you only complain when I respond in kind. The fact is the posts speak for themselves. The people running this group have shown that their intent is to cut out most of the Internet and make the decisions themselves. Then they lie about it and claim a "consensus." Several people have contacted me off list and indicated they agree to a certain extent with what I have been saying, However, the people running this group have created an atmosphere where these people don't want to post publicly because they will be harassed and ridiculed. It all boils down to this group is a bunch of bullies who are now throwing a temper tantrums because I am standing up to the group. Just go back and look at some of the posts of how you are all arguing NOT to make it clear what the issue are that you are discussing. It all boild down to simple concept, if someone reads minutes of a meeting they should be able to tell what was done at the meeting and what issues were discussed and voted upon and possibly why the vote was made. In this case the minutes just reference some unnamed issues that aren't written down anywhere and it is not explained why they were deemed not important enough for some specific action to be taken. (this is probably the number one complaint about ICANN and ICANN_related processes). Then you all go around claiming a community "consensus." You have turned this process into a joke. From lists at help.org Fri Jun 15 06:33:18 2012 From: lists at help.org (lists at help.org) Date: Fri, 15 Jun 2012 00:33:18 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FDA7405.5050704@abusix.com> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> <4FDA1845.8050604@help.org> <4FDA4725.7080903@help.org> <4FDA7405.5050704@abusix.com> Message-ID: <4FDABB0E.1060708@help.org> >Tobias Knecht I see, you took this position so you can advertise your RIPE position to try to sell your anti-abuse services: http://abusix.com/partners/organizations You run blacklist and reputation services. I wonder if you coordinate these activities with the client's posted privacy policies and various privacy laws ... or if you completely ignore these issues because you feel abuse issues trump everything else? From aftab.siddiqui at gmail.com Fri Jun 15 06:57:10 2012 From: aftab.siddiqui at gmail.com (Aftab Siddiqui) Date: Fri, 15 Jun 2012 09:57:10 +0500 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FDAB74F.6020007@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> <4FDA1845.8050604@help.org> <4FDA4725.7080903@help.org> <4FDA7405.5050704@abusix.com> <4FDAB74F.6020007@help.org> Message-ID: lists at help.org > Save your petty little personal attacks and temper tantrums for someone > else. The fact is people on this list harass and intimate people to the > people no longer want to post. A number of people personally attack me but > you only complain when I respond in kind > Revelation... King Julian.. > The fact is the posts speak for themselves. The people running this group > have shown that their intent is to cut out most of the Internet and make > the decisions themselves. Then they lie about it and claim a "consensus." > Several people have contacted me off list and indicated they agree to a > certain extent with what I have been saying > Consensus based decision making is "a process that seeks the consent, not necessarily the agreement of all participants but majority". Any objection on the definition? > It all boils down to this group is a bunch of bullies who are now throwing > a temper tantrums because I am standing up to the group. > Bullies? oh you mean people trying to answer your baby cries crap. sure.. sure.. > Just go back and look at some of the posts of how you are all arguing NOT > to make it clear what the issue are that you are discussing. > Again "humbly requested" sort out all the issues and put it in human readable form and share it with the list. Were you there in the meeting? if yes than what/who is stopping you to share the actual minutes? if not than how can you be so sure about the inaccuracy of the minutes? btw, I do SEO as a hobby, so if you need help for enhancing the revenue stream on your personal whois website than let me know. Just to add, its because of Tobias that now we have IRT in APNIC, we receive max numbers of abuse reports using abusix db for good. And as suggested, take a walk before hitting the send button :) relax dear we all knows how frustrated you are because no one is accepting ur baseless cries. I wonder where is your technical twin Russ these days. Regards, Aftab A. Siddiqui. -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at help.org Fri Jun 15 08:18:38 2012 From: lists at help.org (lists at help.org) Date: Fri, 15 Jun 2012 02:18:38 -0400 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> <4FDA1845.8050604@help.org> <4FDA4725.7080903@help.org> <4FDA7405.5050704@abusix.com> <4FDAB74F.6020007@help.org> Message-ID: <4FDAD3BE.9020903@help.org> >no one is accepting ur baseless cries. People involved with a tiny group think that they are the whole world. That is delusional thinking. You will often see this in local politics where people can't understand how a candidate lost because "everybody" (meaning their tiny group of friends) supported the person. I don't know about the so-called abuse reputation services in Europe but I am familiar with the US ones such as Microsoft Frontbridge and Cisco Ironport. When businesses complain they were put on a blacklist or given a poor reputation score by mistake they are often given no recourse. Even when the problem is fixed there are many reports the staffs of these companies are accusatory, rude, threatening, and have a know-it-all attitude. This is how abuse groups are. They keep in close knit groups, hardly interact with the rest of the world, and they have disdain for regular users who don't live up to their technical expectations. They also they think they are above the law. This is how they caught up lawsuits like the guy who had to pay damages to a spammer and that lawsuit with e360 that spun out of control. The same thing happened years ago with the credit reporting agencies. They went out of control with these reputation scores that were often wrong and impossible to fix and it led to a bunch of regulatory laws. But of course everybody who complained was probably a deadbeat so we should probably just disregard their complaints ... From Niall.oReilly at ucd.ie Fri Jun 15 11:49:21 2012 From: Niall.oReilly at ucd.ie (Niall O'Reilly) Date: Fri, 15 Jun 2012 10:49:21 +0100 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FDAB74F.6020007@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> <4FDA1845.8050604@help.org> <4FDA4725.7080903@help.org> <4FDA7405.5050704@abusix.com> <4FDAB74F.6020007@help.org> Message-ID: <8F010241-7040-486E-B46E-37D6D002587E@ucd.ie> On 15 Jun 2012, at 05:17, lists at help.org wrote: > >This is not the kind of language we will accept on this list, no matter how controversial and tough the discussion is. > > Save your petty little personal attacks and temper tantrums for someone else. I don't know what you thought was a personal attack or temper tantrum. Tobias' message seems to me to be exemplary in avoiding both personal references and emotive language. [...] > The fact is the posts speak for themselves. Indeed. Those from you come across as intemperate and unconstructive. I would very much appreciate not seeing any more such posts. A number of people have tried, with a remqrkable level of patience, to suggest how you might more usefully engage with the group. You seem not to be minded to heed their advice. That's your choice. It's difficult to see how such a choice is conducive to achieving any goals, including those you may have set for yourself. Best regards, Niall O'Reilly University College Dublin IT Services From tk at abusix.com Fri Jun 15 17:05:09 2012 From: tk at abusix.com (Tobias Knecht) Date: Fri, 15 Jun 2012 17:05:09 +0200 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FDABB0E.1060708@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> <20120614065453.GJ10866@x27.adm.denic.de> <20120614093204.5a46d23d@shane-eeepc.home.time-travellers.org> <4FD9DC55.1010206@help.org> <4FDA1845.8050604@help.org> <4FDA4725.7080903@help.org> <4FDA7405.5050704@abusix.com> <4FDABB0E.1060708@help.org> Message-ID: <4FDB4F25.5000004@abusix.com> > I see, you took this position so you can advertise your RIPE position > to try to sell your anti-abuse services: > > http://abusix.com/partners/organizations I'm not commenting personal attacks. > You run blacklist and reputation services. No, we don't. > I wonder if you coordinate these activities with the client's posted > privacy policies and various privacy laws ... or if you completely > ignore these issues because you feel abuse issues trump everything > else? Yes, we coordinate that. This mailinglist is not intended to discuss business models and company products. No further answers on this subject on this list from my side. If you have questions feel free to contact me offlist. Tobias -- RIPE AA-WG Co-Chair -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 307 bytes Desc: OpenPGP digital signature URL: From iane at sussex.ac.uk Tue Jun 19 21:18:05 2012 From: iane at sussex.ac.uk (Ian Eiloart) Date: Tue, 19 Jun 2012 19:18:05 +0000 Subject: [anti-abuse-wg] meeting minutes In-Reply-To: <4FD91021.308@help.org> References: <20120612153910.55CAD1A9DB81_FD7629EB@egw001.ukerna.ac.uk> <4FD85942.2090901@ja.net> <4F2538C315ACAC42AD334C533C247C47565966F9@bkexchmbx02.blacknight.local> <4FD8C11D.7010903@help.org> <20120613170149.GN84425@Space.Net> <4FD91021.308@help.org> Message-ID: <0FD25A40-2FE5-426B-9378-6E6D2619BEC8@sussex.ac.uk> On 13 Jun 2012, at 23:11, lists at help.org wrote: > > Minutes are not transcripts. see http://www.robertsrules.com/ for more information. > > The postings are meant to allow the entire Internet community to see and understand what is going on. Roberts Rules are a useful resource for organisations setting up their own rules, but they're not authoritative. Minutes are made in order to help the organisation to have a memory for what has occurred at meetings. They need to record actions that have been decided upon, and they may also need to record reasons for those decisions. They don't need to be comprehensible to anyone but (a) those that attended the meeting, (b) those who have to implement the actions, and (c) anyone to whom that meeting may be responsible (in a legal sense). It's (c) that is at issue here: the claim seems to be that the AAWG is responsible to the general public. Perhaps it is in a moral sense. If the meeting is responsible to the general public, then clearly plain English is required. And, since the public here is the entire world, translations into every global language. There's a limit to how far you can go here. In general (my experience is with social housing and local government), the task of interpreting minutes of meetings for the general public falls to journalists, and in politics to spin doctors. I do think that the AAWG might usefully publish some sort of glossary, and perhaps a primer, that makes it easier to understand the AAWG. Perhaps it already does this. And, I also think that when anyone is writing anything, it helps if some effort is put into using simpler language. -- Ian Eiloart Postmaster, University of Sussex +44 (0) 1273 87-3148 From brian.nisbet at heanet.ie Thu Jun 21 16:02:42 2012 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Thu, 21 Jun 2012 15:02:42 +0100 Subject: [anti-abuse-wg] Discussion on 2011-06 Message-ID: <4FE32982.5070707@heanet.ie> Colleagues, Two weeks ago Emilio published the revised version of 2011-06 and the RIPE NCC Impact Analysis. I was hoping that this would answer some of the questions that were raised in the discussion phase and prompt further discussion of the proposal, but this hasn't happened. Could I ask the WG to take a look at the links: https://www.ripe.net/ripe/policies/proposals/2011-06 and the draft document at: https://www.ripe.net/ripe/policies/proposals/2011-06/draft and see if there are remaining questions or things you would like to discuss so we can gauge reaction to 2011-06? Thanks, Brian. From ripe-anti-spam-wg at powerweb.de Thu Jun 21 16:35:37 2012 From: ripe-anti-spam-wg at powerweb.de (Frank Gadegast) Date: Thu, 21 Jun 2012 16:35:37 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE32982.5070707@heanet.ie> References: <4FE32982.5070707@heanet.ie> Message-ID: <4FE33139.70603@powerweb.de> Brian Nisbet wrote: Hello, I still like to have mentoined that "Phase one: Implementing the policy" will include a new whois switch beeing introduced, that will return the abuse-c's abuse-mailbox attribute for a given IPv4/IPv6 addresses straight away and fall back to a result from the abuse finder tool, if there is no abuse-c for this address yet. The access to this whois query needs to be unrestricted. If the community thinks, that this should happen later, Im also ok with it. So: simply a +1 from me. Kind regards, Frank > Colleagues, > > Two weeks ago Emilio published the revised version of 2011-06 and the > RIPE NCC Impact Analysis. I was hoping that this would answer some of > the questions that were raised in the discussion phase and prompt > further discussion of the proposal, but this hasn't happened. > > Could I ask the WG to take a look at the links: > > https://www.ripe.net/ripe/policies/proposals/2011-06 > > and the draft document at: > > https://www.ripe.net/ripe/policies/proposals/2011-06/draft > > and see if there are remaining questions or things you would like to > discuss so we can gauge reaction to 2011-06? > > Thanks, > > Brian. > > > -- Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank at powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ====================================================================== From gilles.massen at restena.lu Thu Jun 21 16:53:52 2012 From: gilles.massen at restena.lu (Gilles Massen) Date: Thu, 21 Jun 2012 16:53:52 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE32982.5070707@heanet.ie> References: <4FE32982.5070707@heanet.ie> Message-ID: <4FE33580.4040807@restena.lu> Hello, > Two weeks ago Emilio published the revised version of 2011-06 and the > RIPE NCC Impact Analysis. I was hoping that this would answer some of > the questions that were raised in the discussion phase and prompt > further discussion of the proposal, but this hasn't happened. Since you asked for it... Even considering Tobias' comments on the topic, I'm still not happy that the overlapping with the IRT objects is not adressed before mudding the RIPE DB further. And generally speaking, creating new data because of access restrictions on existing data seems weird. This said, reading the Impact Analysis I see two points that worries me. Under A.: "The "abuse-c:" attribute must reference a role object". The policy text does not specify 'role'. And I see no good reason for the NCC to interpret the policy that way. (btw, if a policy needs interpretation even before it is implemented then maybe it might need some refining) Under C, phase two: I was under the impression that the policy was to be voluntary at first, and that the mandatory part was to be discussed further on, ideally with some information about the uptake of the object. Now I missed when the restrictive appeared in v.2 of the draft appeared...so be it. But now "The RIPE NCC will also plan to decommission irt objects...". So if the current, short and simple, policy text is used to sneak in undiscussed features via the impact analysis I have no choice but to object. Best regards, Gilles -- Fondation RESTENA - DNS-LU 6, rue Coudenhove-Kalergi L-1359 Luxembourg tel: (+352) 424409 fax: (+352) 422473 From tk at abusix.com Thu Jun 21 18:28:32 2012 From: tk at abusix.com (Tobias Knecht) Date: Thu, 21 Jun 2012 18:28:32 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE33580.4040807@restena.lu> References: <4FE32982.5070707@heanet.ie> <4FE33580.4040807@restena.lu> Message-ID: <4FE34BB0.3000808@abusix.com> Hi Gilles, first of all thank you for your feedback. > This said, reading the Impact Analysis I see two points that worries me. > > Under A.: "The "abuse-c:" attribute must reference a role object". > > The policy text does not specify 'role'. And I see no good reason for > the NCC to interpret the policy that way. (btw, if a policy needs > interpretation even before it is implemented then maybe it might need > some refining) I did that on purpose. :-) The first version of this proposal was very technical and did not really take care about internal RIPE NCC things. The idea now was to shorten it to a minimum and let the maintainers of the DB, the RIPE NCC tech staff, come up with a starting point for further discussion. RIPE NCC tech staff has much more experience in developing and maintaining their database, than I will ever have. ;-) > Under C, phase two: I was under the impression that the policy was to be > voluntary at first, and that the mandatory part was to be discussed > further on, ideally with some information about the uptake of the > object. Now I missed when the restrictive appeared in v.2 of the draft > appeared...so be it. But now "The RIPE NCC will also plan to > decommission irt objects...". > > So if the current, short and simple, policy text is used to sneak in > undiscussed features via the impact analysis I have no choice but to > object. I think this is not a completely undiscussed topic at all. We have already talked about the future of the IRT Object. And undiscussed issues are one of the reasons, that Emilio last week and Brian today asked for feedback. I do not see RIPE NCC sneaking in undiscussed features. RIPE NCC was asked to make a suggestion on how to implement the policy text into DB. The irt issue is part of the clean-up that I talked about in the proposal. RIPE NCC just described it in the way they would implement it. Thanks for your feedback, Tobias -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 307 bytes Desc: OpenPGP digital signature URL: From lists at help.org Thu Jun 21 23:49:01 2012 From: lists at help.org (lists at help.org) Date: Thu, 21 Jun 2012 17:49:01 -0400 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE33139.70603@powerweb.de> References: <4FE32982.5070707@heanet.ie> <4FE33139.70603@powerweb.de> Message-ID: <4FE396CD.6070708@help.org> > "Phase one: Implementing the policy" will include a new whois switch being introduced This will break existing software that makes whois queries for IP's. When you run an IP for possible abuse you don't want one command for ARIN and a different command for RIPE. That is why this issue must be coordinated between different RIR's. Inconstant whois policies is cited as a problem in the latest ICANN whois report and comments: http://www.icann.org/en/news/public-comment/whois-rt-final-report-11may12-en.htm However, this proposal is premature as the legal issues involving the whois restrictions have not been fully analyzed or described. Also, the fundamental difference between different contacts as it relates to the privacy laws has also not been fully analyzed or describe. The reasons and methods RIPE uses to implement these policies has also not been fully analyzed or described. The undisclosed issue is that some technical folks have this feeling that whois data should restricted even though the contacts agreed to make it public. They believe they can control how data is used once it is made public. Unfortunately none of these people can actually describe why they do it or the legal authority behind it and they don't want to admit the tactics they use to stop it don't work. It is just a feeling people get once their information gets into the hands of spammers. The result is that legitimate services get disrupted while spammers continue on essentially unabated. From michele at blacknight.ie Fri Jun 22 00:34:12 2012 From: michele at blacknight.ie (Michele Neylon :: Blacknight) Date: Thu, 21 Jun 2012 22:34:12 +0000 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE396CD.6070708@help.org> References: <4FE32982.5070707@heanet.ie> <4FE33139.70603@powerweb.de> <4FE396CD.6070708@help.org> Message-ID: <4F2538C315ACAC42AD334C533C247C475C0FBECA@bkexchmbx02.blacknight.local> On 21 Jun 2012, at 22:49, lists at help.org wrote: > > "Phase one: Implementing the policy" will include a new whois switch being introduced > > This will break existing software that makes whois queries for IP's. When you run an IP for possible abuse you don't want one command for ARIN and a different command for RIPE. That is why this issue must be coordinated between different RIR's. Inconstant whois policies is cited as a problem in the latest ICANN whois report and comments: > > http://www.icann.org/en/news/public-comment/whois-rt-final-report-11may12-en.htm The WHOIS RT report is about domain names and whois. It is NOT about IP addresses Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Fax. +353 (0) 1 4811 763 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From lists at help.org Fri Jun 22 07:10:30 2012 From: lists at help.org (lists at help.org) Date: Fri, 22 Jun 2012 01:10:30 -0400 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4F2538C315ACAC42AD334C533C247C475C0FBECA@bkexchmbx02.blacknight.local> References: <4FE32982.5070707@heanet.ie> <4FE33139.70603@powerweb.de> <4FE396CD.6070708@help.org> <4F2538C315ACAC42AD334C533C247C475C0FBECA@bkexchmbx02.blacknight.local> Message-ID: <4FE3FE46.1030407@help.org> >The WHOIS RT report is about domain names and whois. It is NOT about IP addresses You are correct. That is a deficiency in the report that I pointed out in my comments. As I have explained to you before if you check a web site for authenticity it is prudent to check both the domain whois and IP whois in once process which is why these whois policies needs to be consistent. These things have been explained to you many times. You ignore these posting and continue to post misinformation. The only purpose of your nonsense posts seems to be that you just want to spam everyone with the ads in your signature. From ripe-anti-spam-wg at powerweb.de Fri Jun 22 09:14:49 2012 From: ripe-anti-spam-wg at powerweb.de (Frank Gadegast) Date: Fri, 22 Jun 2012 09:14:49 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4F2538C315ACAC42AD334C533C247C475C0FBECA@bkexchmbx02.blacknight.local> References: <4FE32982.5070707@heanet.ie> <4FE33139.70603@powerweb.de> <4FE396CD.6070708@help.org> <4F2538C315ACAC42AD334C533C247C475C0FBECA@bkexchmbx02.blacknight.local> Message-ID: <4FE41B69.3020909@powerweb.de> "Michele Neylon :: Blacknight" wrote: Hi, > On 21 Jun 2012, at 22:49, lists at help.org wrote: > >>> "Phase one: Implementing the policy" will include a new whois switch being introduced >> >> This will break existing software that makes whois queries for IP's. >> When you run an IP for possible abuse you don't want one command for ARIN and a different command for RIPE. That is why this issue must be coordinated between different RIR's. Inconstant whois policies is cited as a problem in the latest ICANN whois report and comments: >> >> http://www.icann.org/en/news/public-comment/whois-rt-final-report-11may12-en.htm > > The WHOIS RT report is about domain names and whois. > > It is NOT about IP addresses A new switch will not break anything, because: - IP whois switches are already different between the RIRs, some RIRs support some switches, others dont (why should there be special RIPE version of the whois program itself, developed by the NCC, when they are all the same ? and why should there be and open source whois, like jwhois that tries to follow all different whois service implementations ?) - some RIRs return objects wich dont belong to them, that might be good or not, but its different - all RIRs have really different objects they store abuse contact information in some examples: doing a whois for an korean IP at APNIC returns objects copies from KRNIC in a really different format compared to what KRNIC supplies, same (and even worse with JPNIC) APNIC uses IRT objects to store abuse contact information, but IRT isnt used much there, most objects arent updated and still use remarks and abuse-mailbox AFRINIC and LACNIC have no IRT AFRINIC is not supporting -B (or I simply did never find an object where it makes a difference) ARIN has about 5 different places ot look, like OrgAbuseHandle and RAbuseEmail, OrgTechEmail or RTechEmail and more LACNIC is proxying all RIRs, but is sometimes simply wrong (simply because they dont supply all whois switches, that RIPE supports) ARIN should be able to at least tell wich RIR is responsible for with network, but this fails. I know a lot of networks (and not only legacy/ERX), where ARIN cannot tell and you have to look at ALL RIRs, to find the right RIR. (btw: somebody pointed out here once, that IANA is not an operational organization, they are at least in one case, because they are supplying whois.iana.org with could be used to find the right RIR for an IP object, but this also fails, because sometimes they dont even know) So, things ARE already broken, our whois parser (and the parsers of all blacklists) knows already about 50 different cases. - inserting a new switch will not turn old switches off - my idea was to really have ONE switch to find the abuse contact email address, simply because we on this list know, where to look, but no normal user knows about all these differences, maybe this switch will then also be implemented at other RIRs - RIPE NCC is having the abuse finder tool, but is not supllying it via whois or any non interactive way, what is sad But again: I simply wanted to have comments, if something likes this should be in the implementation section of the draft or if that should be done later. I think it should be in, because one big reason FOR the proposal is to HAVE one place where to store the abuse contact information and this should be also expressed in the implementation. Having this implemented will also cover the period, where some objects arent touched yet and still store the abuse contact information in old places. This will stop us from having the current situation at APNIC, where the new IRT object is making the situation worse (this was also critizised here). So: implementing a new whois switch including the fallback to the abuse finder tool result will technically lead to the result intended by the draft. Kind regards, Frank > > Regards > > Michele > > -- > Mr Michele Neylon > Blacknight Solutions > Hosting& Colocation, Brand Protection > http://www.blacknight.com/ > http://blog.blacknight.com/ > http://mneylon.tel/ > Intl. +353 (0) 59 9183072 > Locall: 1850 929 929 > Fax. +353 (0) 1 4811 763 > Twitter: http://twitter.com/mneylon > ------------------------------- > Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty > Road,Graiguecullen,Carlow,Ireland Company No.: 370845 > > > > -- Mit freundlichen Gruessen, -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank at powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ====================================================================== From shane at time-travellers.org Fri Jun 22 11:22:58 2012 From: shane at time-travellers.org (Shane Kerr) Date: Fri, 22 Jun 2012 11:22:58 +0200 Subject: [anti-abuse-wg] Changing Whois server behaviour, was Discussion on 2011-06 In-Reply-To: <4FE396CD.6070708@help.org> References: <4FE32982.5070707@heanet.ie> <4FE33139.70603@powerweb.de> <4FE396CD.6070708@help.org> Message-ID: <20120622112258.14577139@shane-eeepc.home.time-travellers.org> Dear madam, sir, mythical creature, or cleverly-designed AI, On Thursday, 2012-06-21 17:49:01 -0400, "lists at help.org" wrote: > > "Phase one: Implementing the policy" will include a new whois > > switch > being introduced > > This will break existing software that makes whois queries for IP's. The time for hoping for consistent query behavior or answers from Whois was over about 20 years ago, sorry. Since that time there have been at least 4 efforts to "fix" or replace Whois: * Whois++ * RWhois * IRIS * weirds (currently on-going) The first three all failed to get any reasonable traction, for various reasons. The weirds working group at the IETF is proceeding apace, including participation from ARIN and the RIPE NCC at least, so perhaps there is a certain amount of hope. (WARNING: The IETF working group does not have a complete summary of all issues open to it in a way that is accessible to any casual observer, so you may be offended and outraged by it.) As far as the RIPE Whois service specifically... the query and answer formats have evolved continuously over the past 20+ years, without severe breakage. 2011-06 is much less radical than previous changes to the RIPE Database, so we can safely say that this is not a major concern. Cheers, -- Shane From james.davis at ja.net Fri Jun 22 11:32:34 2012 From: james.davis at ja.net (James Davis) Date: Fri, 22 Jun 2012 10:32:34 +0100 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <20120621162919.EDB311A9EA8B_FE34BDFB@egw001.ukerna.ac.uk> References: <4FE32982.5070707@heanet.ie> <4FE33580.4040807@restena.lu> <20120621162919.EDB311A9EA8B_FE34BDFB@egw001.ukerna.ac.uk> Message-ID: <4FE43BB2.3030605@ja.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 21/06/2012 17:28, Tobias Knecht wrote: > I think this is not a completely undiscussed topic at all. We have > already talked about the future of the IRT Object I've passed on the feedback from the NCC to the TI community. James - -- James Davis 0300 999 2340 (+44 1235 822340) Senior CSIRT Member Lumen House, Library Avenue, Didcot, Oxfordshire, OX11 0SG -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREIAAYFAk/kO7IACgkQjsS2Y6D6yLyjfwEAshrgM8Br3DlaZ/+wMWUzfUya XZwtPdE7Cxstl3DV9ZUBAML8iOLxVdp17ljQhzoZCHUsvC1gbuGGJVXr6S1at+f4 =gJPZ -----END PGP SIGNATURE----- Janet is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG From lists at help.org Fri Jun 22 12:02:05 2012 From: lists at help.org (lists at help.org) Date: Fri, 22 Jun 2012 06:02:05 -0400 Subject: [anti-abuse-wg] Changing Whois server behaviour, was Discussion on 2011-06 In-Reply-To: <20120622112258.14577139@shane-eeepc.home.time-travellers.org> References: <4FE32982.5070707@heanet.ie> <4FE33139.70603@powerweb.de> <4FE396CD.6070708@help.org> <20120622112258.14577139@shane-eeepc.home.time-travellers.org> Message-ID: <4FE4429D.9090502@help.org> I would agree with all the discussion about the various RIR's. Something being "broken" is a matter of perspective so there is no point in arguing over that. I think it highlights the need for at least some kind of standard across the RIR's even if it it is inadequate at this time. It seems to be a waste of time to develop all kinds of local standards. As for the overall process the "outrage" comes from people who keep claiming a "consensus" when the truth of the matter is that most people have no idea what is going on. Millions of people use the domain and IP whois databases every day. There are many automated possibilities for security and these services are being inhibited by a poor whois system. It isn't going to get improved if people can't even figure out what is going on without spending half their life going through transcripts of meetings. From gilles.massen at restena.lu Fri Jun 22 13:54:41 2012 From: gilles.massen at restena.lu (Gilles Massen) Date: Fri, 22 Jun 2012 13:54:41 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE34BB0.3000808@abusix.com> References: <4FE32982.5070707@heanet.ie> <4FE33580.4040807@restena.lu> <4FE34BB0.3000808@abusix.com> Message-ID: <4FE45D01.7000100@restena.lu> Hi Tobias, >> Under A.: "The "abuse-c:" attribute must reference a role object". >> >> The policy text does not specify 'role'. And I see no good reason for >> the NCC to interpret the policy that way. (btw, if a policy needs >> interpretation even before it is implemented then maybe it might need >> some refining) > > I did that on purpose. :-) > > The first version of this proposal was very technical and did not really > take care about internal RIPE NCC things. The idea now was to shorten it > to a minimum and let the maintainers of the DB, the RIPE NCC tech staff, > come up with a starting point for further discussion. > > RIPE NCC tech staff has much more experience in developing and > maintaining their database, than I will ever have. ;-) I certainly hope so :) It certainly makes sense to include feedback from NCC. But if that feedback shows that the policy text is interpreted, then the policy text should be amended accordingly. A fundamental statement of the RIPE NCC is not to create policies, but to implement the policies coming from the community. A large part of its credibility comes from that setup. So for the 'role' thing: for a proper process either the RIPE NCC feedback needs a clear technical reasoning on why this MUST be role objects, or the requirement should be dropped, or it should be included in the policy text (and then I'd still like to know why). > >> Under C, phase two: I was under the impression that the policy was to be >> voluntary at first, and that the mandatory part was to be discussed >> further on, ideally with some information about the uptake of the >> object. Now I missed when the restrictive appeared in v.2 of the draft >> appeared...so be it. But now "The RIPE NCC will also plan to >> decommission irt objects...". >> >> So if the current, short and simple, policy text is used to sneak in >> undiscussed features via the impact analysis I have no choice but to >> object. > > I think this is not a completely undiscussed topic at all. We have > already talked about the future of the IRT Object. And undiscussed > issues are one of the reasons, that Emilio last week and Brian today > asked for feedback. It has been mentioned several times - but the discussion has always been postponed until after the abuse-c. From your last email on that topic (unless i'm mistaken): "That's why I would like to wait for an implementation of the abuse-c if we find consensus on that and look at the numbers of the IRT Objects again and start making decisions on what should happen with it." Although it seem the wrong way around, I can even live with that...and won't go into further details > I do not see RIPE NCC sneaking in undiscussed features. RIPE NCC was > asked to make a suggestion on how to implement the policy text into DB. > The irt issue is part of the clean-up that I talked about in the > proposal. RIPE NCC just described it in the way they would implement it. If it was only discussing possible ways forward, then the wording is appropriate. I'd go even further: supposing that if you need a policy to create an object, I'd expect the same to deprecate one. Any comment from the NCC beyond 'and in case of clean-up the IRT object needs consideration' would be a step into policy-making territory. Now don't get me wrong, I do not suggest that the text from the NCC is a deliberate attempt to avoid a discussion or policy. But the fact that it does exists makes me suggest to have a more narrow policy text, with an explicit reference that IRT objects are to be handled later on. Best regards, Gilles -- Fondation RESTENA - DNS-LU 6, rue Coudenhove-Kalergi L-1359 Luxembourg tel: (+352) 424409 fax: (+352) 422473 From gilles.massen at restena.lu Fri Jun 22 13:57:20 2012 From: gilles.massen at restena.lu (Gilles Massen) Date: Fri, 22 Jun 2012 13:57:20 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE43BB2.3030605@ja.net> References: <4FE32982.5070707@heanet.ie> <4FE33580.4040807@restena.lu> <20120621162919.EDB311A9EA8B_FE34BDFB@egw001.ukerna.ac.uk> <4FE43BB2.3030605@ja.net> Message-ID: <4FE45DA0.7050305@restena.lu> Hi James, >> I think this is not a completely undiscussed topic at all. We have >> already talked about the future of the IRT Object > > I've passed on the feedback from the NCC to the TI community. May I ask where or when (as I obviously missed that)? This said, even of the TI community is probably the most efficient creator of IRT objects, I'm not sure that they are the only creator, and not the only consumer. Best regards, Gilles -- Fondation RESTENA - DNS-LU 6, rue Coudenhove-Kalergi L-1359 Luxembourg tel: (+352) 424409 fax: (+352) 422473 From james.davis at ja.net Fri Jun 22 14:01:25 2012 From: james.davis at ja.net (James Davis) Date: Fri, 22 Jun 2012 13:01:25 +0100 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <20120622115748.959511A9A5F0_FE45DBCB@egw001.ukerna.ac.uk> References: <4FE32982.5070707@heanet.ie> <4FE33580.4040807@restena.lu> <20120621162919.EDB311A9EA8B_FE34BDFB@egw001.ukerna.ac.uk> <4FE43BB2.3030605@ja.net> <20120622115748.959511A9A5F0_FE45DBCB@egw001.ukerna.ac.uk> Message-ID: <4FE45E95.1000206@ja.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 22/06/2012 12:57, Gilles Massen wrote: > May I ask where or when (as I obviously missed that)? > > This said, even of the TI community is probably the most efficient > creator of IRT objects, I'm not sure that they are the only > creator, and not the only consumer. This morning via the accredited teams list. James - -- James Davis 0300 999 2340 (+44 1235 822340) Senior CSIRT Member Lumen House, Library Avenue, Didcot, Oxfordshire, OX11 0SG -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREIAAYFAk/kXpUACgkQjsS2Y6D6yLwyMAD/fGA+fyO/SMh0ykYVZNM1/gXu oXhfO40KX9GGINK4wQgA/jaJuqBwB1hUtyK/oPhNIKKgdEHl0Ts9qNk3y3ZAKYre =XmX0 -----END PGP SIGNATURE----- Janet is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG From tk at abusix.com Sat Jun 23 14:27:15 2012 From: tk at abusix.com (Tobias Knecht) Date: Sat, 23 Jun 2012 14:27:15 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE45D01.7000100@restena.lu> References: <4FE32982.5070707@heanet.ie> <4FE33580.4040807@restena.lu> <4FE34BB0.3000808@abusix.com> <4FE45D01.7000100@restena.lu> Message-ID: <4FE5B623.20803@abusix.com> Hi, > I certainly hope so :) It certainly makes sense to include feedback from > NCC. But if that feedback shows that the policy text is interpreted, > then the policy text should be amended accordingly. I do not see this as a problem at all, quit the opposite. The proposal asks for a place to store abuse contact information and some non technical features around that. As a proposer I do not care about the way it will be implemented. That's one of the reasons a TF was created to get as much input from RIPE NCC tech staff as possible and come up with the best possible way from their point of view. And in this case I appreciate interpretations that make sense. > A fundamental statement of the RIPE NCC is not to create policies, but > to implement the policies coming from the community. A large part of its > credibility comes from that setup. RIPE NCC does not create policies. The question is where to put the line between what is a policy and what is implementation. I think on the other extreme it does not make sense if community dictates RIPE NCC how to implement things. Because at the end RIPE NCC has to run and maintain the DB and not the community. But that is a tricky questions that probably can never been answered completely. > So for the 'role' thing: for a proper process either the RIPE NCC > feedback needs a clear technical reasoning on why this MUST be role > objects, or the requirement should be dropped, or it should be included > in the policy text (and then I'd still like to know why). I maybe have a clue why it's the role object, but I'm not sure. Maybe it's the part about personal and non-personal data. But hei, let's just ask. Does anybody know and I bet people who wrote the impact analysis do, why this should be a role-object? > It has been mentioned several times - but the discussion has always been > postponed until after the abuse-c. From your last email on that topic > (unless i'm mistaken): > > "That's why I would like to wait for an implementation of the abuse-c if > we find consensus on that and look at the numbers of the IRT Objects > again and start making decisions on what should happen with it." > > Although it seem the wrong way around, I can even live with that...and > won't go into further details I can live with that as well. And I will propose this to RIPE NCC, that we will have a look at irt later on. > If it was only discussing possible ways forward, then the wording is > appropriate. I'd go even further: supposing that if you need a policy to > create an object, I'd expect the same to deprecate one. Any comment from > the NCC beyond 'and in case of clean-up the IRT object needs > consideration' would be a step into policy-making territory. Agree. So let's keep the irt discussion out of this policy proposal and review this later. Makes a lot of sense to me and keep focus on the main intend of the proposal. > Now don't get me wrong, I do not suggest that the text from the NCC is a > deliberate attempt to avoid a discussion or policy. But the fact that it > does exists makes me suggest to have a more narrow policy text, with an > explicit reference that IRT objects are to be handled later on. I think that should be possible. @Emilio, can we change the irt part and add something like this to it. I think it does not hurt in anyway, neither technical nor from a policy perspective. Thanks, Tobias -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 307 bytes Desc: OpenPGP digital signature URL: From denis at ripe.net Mon Jun 25 16:15:26 2012 From: denis at ripe.net (Denis Walker) Date: Mon, 25 Jun 2012 16:15:26 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE5B623.20803@abusix.com> References: <4FE32982.5070707@heanet.ie> <4FE33580.4040807@restena.lu> <4FE34BB0.3000808@abusix.com> <4FE45D01.7000100@restena.lu> <4FE5B623.20803@abusix.com> Message-ID: <4FE8727E.5030203@ripe.net> Dear Colleagues, Here is some background information to provide an insight into the reasoning behind the impact analysis and proposed implementation plan made by the RIPE NCC for policy proposal 2011-06. The RIPE NCC attended the meetings of the RIPE Abuse Contact Management Task Force (ACM TF) to understand the requirements and the underlining issues and advise on implementation details. We have also followed all the discussions on the mailing list. Several points have been raised and the RIPE NCC has been asked to clarify some of these points. >From the proceedings we understood the requirement is to have a single location in the RIPE Database to store abuse contact details for any Internet resource and for this to be applied hierarchically to minimise management effort by the users and avoid unnecessary data duplication in the database. The reasoning behind the selection of a ROLE object for the task is partly based on our interaction with RIPE NCC member organisations. We understand that abuse handling in the real world is a role within an organisation. It therefore makes sense to map it directly to the ROLE object within the database. Also the original intention of the database design was to represent people by PERSON objects and to group people into roles using ROLE objects. Then only ROLE objects should be referenced in any other data objects. This avoids a situation which the RIPE NCC is regularly asked to help with when a person leaves a company and in some cases is directly referenced in tens of thousands of objects. This methodology is explained in the RIPE Database Update Reference Manual, but was never enforced in the database software. The proposal for decommissioning the IRT object was discussed briefly by the ACM TF. The RIPE NCC pointed out that with a general abuse handling ROLE defined, the IRT can be seen as a special case of the general ROLE. It would simplify the user interaction with RIPE database as well as the database design and management if the two were combined. The only reason that it was mentioned in the impact analysis was to point out the similarity of use cases and suggest a review if the policy passes. The RIPE NCC fully supports the view of the policy proposer to consider these as separate issues. The use of the phrase "plan to decommission IRT objects" in the impact analysis was not meant to imply the RIPE NCC would just go ahead and do it. Our intention was to raise the awareness with the community of the similarities of use and seek approval, or otherwise, to merge the IRT functionality with the more general "abuse-c:" implementation. The Abuse Finder tool available through the ripe.net website is a first iteration. We found it very difficult to define a proper scope for heuristics to identify the correct abuse contacts for any given resource with the current abuse contact documentation methods. A number of users have reported issues with this tool providing the wrong contacts. We held back from modifying the logic pending the outcome of the 2011-06 proposal. If the community agrees on a new method of storing abuse contacts the RIPE NCC will re-write the Abuse Finder tool to use the new contact details. As we have recently re-implemented the RIPE Database query service from scratch, we can also integrate the Abuse Finder directly into the query logic. It will then also be available through a web interface and by the RESTful API. During the transition from the current swamp of abuse contact data to the 2011-06 method (if approved) the RIPE NCC will aim to provide user tools to assist with updates, where possible. We hope this answers some of the questions raised regarding the implementation of the policy proposal 2011-06. Regards, Denis Walker Business Analyst RIPE NCC Database Group From tk at abusix.com Mon Jun 25 17:24:59 2012 From: tk at abusix.com (Tobias Knecht) Date: Mon, 25 Jun 2012 17:24:59 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE8727E.5030203@ripe.net> References: <4FE32982.5070707@heanet.ie> <4FE33580.4040807@restena.lu> <4FE34BB0.3000808@abusix.com> <4FE45D01.7000100@restena.lu> <4FE5B623.20803@abusix.com> <4FE8727E.5030203@ripe.net> Message-ID: <4FE882CB.5060508@abusix.com> Thanks Denis for this clarification. Tobias On 25.06.12 16:15, Denis Walker wrote: > Dear Colleagues, > > Here is some background information to provide an insight into the > reasoning behind the impact analysis and proposed implementation plan > made by the RIPE NCC for policy proposal 2011-06. > > The RIPE NCC attended the meetings of the RIPE Abuse Contact Management > Task Force (ACM TF) to understand the requirements and the underlining > issues and advise on implementation details. We have also followed all > the discussions on the mailing list. Several points have been raised and > the RIPE NCC has been asked to clarify some of these points. > > From the proceedings we understood the requirement is to have a single > location in the RIPE Database to store abuse contact details for any > Internet resource and for this to be applied hierarchically to minimise > management effort by the users and avoid unnecessary data duplication in > the database. > > The reasoning behind the selection of a ROLE object for the task is > partly based on our interaction with RIPE NCC member organisations. We > understand that abuse handling in the real world is a role within an > organisation. It therefore makes sense to map it directly to the ROLE > object within the database. > > Also the original intention of the database design was to represent > people by PERSON objects and to group people into roles using ROLE > objects. Then only ROLE objects should be referenced in any other data > objects. This avoids a situation which the RIPE NCC is regularly asked > to help with when a person leaves a company and in some cases is > directly referenced in tens of thousands of objects. This methodology is > explained in the RIPE Database Update Reference Manual, but was never > enforced in the database software. > > The proposal for decommissioning the IRT object was discussed briefly by > the ACM TF. The RIPE NCC pointed out that with a general abuse handling > ROLE defined, the IRT can be seen as a special case of the general ROLE. > It would simplify the user interaction with RIPE database as well as the > database design and management if the two were combined. The only reason > that it was mentioned in the impact analysis was to point out the > similarity of use cases and suggest a review if the policy passes. The > RIPE NCC fully supports the view of the policy proposer to consider > these as separate issues. The use of the phrase "plan to decommission > IRT objects" in the impact analysis was not meant to imply the RIPE NCC > would just go ahead and do it. Our intention was to raise the awareness > with the community of the similarities of use and seek approval, or > otherwise, to merge the IRT functionality with the more general > "abuse-c:" implementation. > > The Abuse Finder tool available through the ripe.net website is a first > iteration. We found it very difficult to define a proper scope for > heuristics to identify the correct abuse contacts for any given resource > with the current abuse contact documentation methods. A number of users > have reported issues with this tool providing the wrong contacts. We > held back from modifying the logic pending the outcome of the 2011-06 > proposal. If the community agrees on a new method of storing abuse > contacts the RIPE NCC will re-write the Abuse Finder tool to use the new > contact details. As we have recently re-implemented the RIPE Database > query service from scratch, we can also integrate the Abuse Finder > directly into the query logic. It will then also be available through a > web interface and by the RESTful API. > > During the transition from the current swamp of abuse contact data to > the 2011-06 method (if approved) the RIPE NCC will aim to provide user > tools to assist with updates, where possible. > > We hope this answers some of the questions raised regarding the > implementation of the policy proposal 2011-06. > > Regards, > Denis Walker > Business Analyst > RIPE NCC Database Group > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 307 bytes Desc: OpenPGP digital signature URL: From vesely at tana.it Tue Jun 26 13:25:53 2012 From: vesely at tana.it (Alessandro Vesely) Date: Tue, 26 Jun 2012 13:25:53 +0200 Subject: [anti-abuse-wg] Discussion on 2011-06 In-Reply-To: <4FE8727E.5030203@ripe.net> References: <4FE32982.5070707@heanet.ie> <4FE33580.4040807@restena.lu> <4FE34BB0.3000808@abusix.com> <4FE45D01.7000100@restena.lu> <4FE5B623.20803@abusix.com> <4FE8727E.5030203@ripe.net> Message-ID: <4FE99C41.3080103@tana.it> I'd recommend that both the final text of 2011-06 and the Spam FAQs reference the new IETF proposed standard below. On Mon 25/Jun/2012 16:15:26 +0200 Denis Walker wrote: > > From the proceedings we understood the requirement is to have a single > location in the RIPE Database to store abuse contact details for any > Internet resource and for this to be applied hierarchically to minimise > management effort by the users and avoid unnecessary data duplication in > the database. > > The reasoning behind the selection of a ROLE object for the task is > partly based on our interaction with RIPE NCC member organisations. We > understand that abuse handling in the real world is a role within an > organisation. It therefore makes sense to map it directly to the ROLE > object within the database. > > [...] > > The Abuse Finder tool available through the ripe.net website is a first > iteration. We found it very difficult to define a proper scope for > heuristics to identify the correct abuse contacts for any given resource > with the current abuse contact documentation methods. A number of users > have reported issues with this tool providing the wrong contacts. We > held back from modifying the logic pending the outcome of the 2011-06 > proposal. If the community agrees on a new method of storing abuse > contacts the RIPE NCC will re-write the Abuse Finder tool to use the new > contact details. As we have recently re-implemented the RIPE Database > query service from scratch, we can also integrate the Abuse Finder > directly into the query logic. It will then also be available through a > web interface and by the RESTful API. I paste below the announce of RFC 6650. It envisions how to transmit solicited and unsolicited abuse reports. In particular, it mentions the use case of the Abuse Finder tool: Deciding where to send an unsolicited report will typically rely on heuristics. Abuse addresses in WHOIS [RFC3912] records of the IP address relaying the subject message and/or of the domain name found in the results of a PTR ("reverse lookup") query on that address are likely reasonable candidates, as is the abuse at domain role address (see [RFC2142]) of related domains. -------- Original Message -------- From: rfc-editor at rfc-editor.org Date: Mon, 25 Jun 2012 10:31:45 -0700 (PDT) To: ietf-announce at ietf.org, rfc-dist at rfc-editor.org Cc: marf at ietf.org, rfc-editor at rfc-editor.org Subject: RFC 6650 on Creation and Use of Email Feedback Reports: An Applicability Statement for the Abuse Reporting Format (ARF) A new Request for Comments is now available in online RFC libraries. RFC 6650 Title: Creation and Use of Email Feedback Reports: An Applicability Statement for the Abuse Reporting Format (ARF) Author: J. Falk, M. Kucherawy, Ed. Status: Standards Track Stream: IETF Date: June 2012 Mailbox: none, superuser at gmail.com Pages: 15 Characters: 35273 Updates: RFC5965 I-D Tag: draft-ietf-marf-as-16.txt URL: http://www.rfc-editor.org/rfc/rfc6650.txt RFC 5965 defines an extensible, machine-readable format intended for mail operators to report feedback about received email to other parties. This applicability statement describes common methods for utilizing this format for reporting both abuse and authentication failure events. Mailbox Providers of any size, mail-sending entities, and end users can use these methods as a basis to create procedures that best suit them. Some related optional mechanisms are also discussed. [STANDARDS-TRACK] This document is a product of the Messaging Abuse Reporting Format Working Group of the IETF. This is now a Proposed Standard Protocol. STANDARDS TRACK: This document specifies an Internet standards track protocol for the Internet community,and requests discussion and suggestions for improvements. Please refer to the current edition of the Internet Official Protocol Standards (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.