[anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
- Previous message (by thread): [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
- Next message (by thread): [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ox
andre at ox.co.za
Mon Jan 22 14:42:09 CET 2018
Hi, sorry, Brian, i posted before receiving your email :) just to get back on topic then: I have not seen any objections to the process of emailing a alpha numeric number to abuse-c and then having that number entered into a website (after solving a capcha) This would solve many problems as it would mean that the abuse-c exists and is functional and not an auto-responder or other bot Kind Regards Andre On Mon, 22 Jan 2018 13:31:00 +0000 Brian Nisbet <brian.nisbet at heanet.ie> wrote: > Folks, > > On 22/01/2018 13:19, Gert Doering wrote: > > Hi, > > > > On Mon, Jan 22, 2018 at 11:25:12AM +0000, Nick Hilliard wrote: > >> I have no problem with abuse-c validation, either via ARC, or the > >> mechanism proposed in this policy, and probably not via a range of > >> other mechanisms either. But threatening to terminate the right > >> of an organisation to continue to exist in the case of non > >> compliance of the terms specified in 2017-02 is frankly absurd. > > > > I second this concern. > > > > I do see the need for a working abuse contact, and I do see the > > need of sanctions in case a policy is violated, but "deregister all > > resources, because your mail server was broken when we tested" is > > too extreme (exaggeration for emphasis). > > There's a lot more to discuss in Nick's email, but I want to talk > about this point immediately. > > I believe the NCC have stated very clearly how incredibly unlikely > deregistration of resources would be and I honestly don't believe the > exaggeration for emphasis or otherwise is useful. > > Yes, it could happen, after many, many attempts to get in contact with > the resource holder and lots of steps. > > However this is not a set of actions restricted to 2017-02. This is > part of the membership contracts and the interaction between this and > RIPE policies. There was a lot of discussion at the GM in October on > this topic. > > If a member doesn't abide by RIPE policies then there is a danger that > their resources could be deregistered. That's part of membership. > > As per the NCC's impact analysis this is something they deal with > regularly: > > "The RIPE NCC has significant experience with resolving these kinds of > situations. Over the past five years, it has investigated and resolved > more than 1,000 external reports on incorrect “abuse-mailbox:” > attributes, without ever needing to trigger the closure and > deregistration procedure. Making unresponsive resource holders aware > of this procedure has helped to ensure their cooperation." > > and > > "If the closure and deregistration procedure is triggered, the > resource holder still has a further three months to resolve the > problem before the actual LIR closure and/or resource deregistration > takes place." > > So please, can we moderate the fears and properly estimate the risks > around de-registration in the case of an invalid abuse-mailbox > attribute. > > Thanks, > > Brian > Co-Chair, RIPE AA-WG >
- Previous message (by thread): [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
- Next message (by thread): [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]