[db-wg] ORG record vetting ?
Nick Hilliard nick at foobar.org
Mon Jul 29 11:36:30 CEST 2019
Jacob Slater via db-wg wrote on 29/07/2019 06:25: > In this context, RIPE's published guidelines on due diligence > (https://www.ripe.net/publications/docs/ripe-700) cover what exactly is > checked. From my experience, the guidelines are always enforced as written. > As you mention, due to a variety of factors (based primarily on > differences in jurisdiction), this process isn't always perfect. I'm > sure the NCC deals with at least some of fraudulent activity as a result > of the flaws you mention. Unfortunately, short of drastic measures (such > as prohibiting certain jurisdictions from requesting resources), I can't > see an easy way to improve the current situation. > Do you have a suggestion for how the process could be improved? Would it be feasible for the RIPE NCC to add a read-only record to org: objects which provided the date of the last due diligence check? E.g. something like organisation: ORG-FNL99-RIPE org-name: Foo Networks Limited org-type: LIR [...] mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT abuse-c: FOO2000-RIPE created: 2019-01-01T01:01:01Z last-modified: 2019-01-01T01:01:01Z due-diligence: 2019-07-01T12:00:00Z source: RIPE Otherwise it doesn't look like it's easy to heuristically work out whether due diligence has been carried out on a particular object or not. Nick
[ db-wg Archives ]