Send ARIN-PPML mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.arin.net/mailman/listinfo/arin-ppml
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of ARIN-PPML digest..."
Today's Topics:
1. Re: POC privacy (Jo Rhett)
2. Re: POC privacy (Jo Rhett)
3. Re: POC privacy (Christoph Blecker)
4. Re: POC privacy (Matthew Kaufman)
5. Re: POC privacy (Patrick Klos)
6. FW: POC privacy (Kevin Kargel)
7. Re: POC privacy (Chu, Yi [NTK])
----------------------------------------------------------------------
Message: 1
Date: Fri, 26 Oct 2012 11:46:30 -0700
From: Jo Rhett <[email protected]>
To: "<[email protected]>" <[email protected]>
Subject: Re: [arin-ppml] POC privacy
Message-ID: <[email protected]>
Content-Type: text/plain; charset="us-ascii"
I feel that making the addresses used for official communication from ARIN
private would make it a lot easier to not spam-block them by accident.
I would support making ADMIN and TECH contacts private, but only under the
circumstances that both a NOC and an ABUSE contact are posted. In fact, I would
say that this is a good manner to get people to post abuse contacts. If you
create listed NOC and ABUSE contacts then your TECH and ADMIN contacts will be
private.
I would also support a policy which suggests that non-working addresses be
eligible for removal. There are several addresses which have abuse contacts
that autorespond to forged addresses (creating backscatter) and inform the user
how to report spam, and they say that they don't accept spam at this address
and don't provide any other. That's non-functional.
--
Jo Rhett
Net Consonance : net philanthropy to improve open source and internet projects.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.arin.net/pipermail/arin-ppml/attachments/20121026/dc25d877/attachment-0001.html>
------------------------------
Message: 2
Date: Fri, 26 Oct 2012 11:48:46 -0700
From: Jo Rhett <[email protected]>
To: Patrick Klos <[email protected]>
Cc: "<[email protected]>" <[email protected]>
Subject: Re: [arin-ppml] POC privacy
Message-ID: <[email protected]>
Content-Type: text/plain; charset="iso-8859-1"
On Oct 26, 2012, at 8:30 AM, Patrick Klos wrote:
> A little spam?!? I get so little spam on my POC email addresses, it's silly
> to worry about it!
Um, no. I just checked and my mail server dropped 12k spam messages to my POC
email address yesterday. That's not a small amount. You must mean "after
filtering" which is part of the problem, as sometimes important communications
get filtered due to this.
--
Jo Rhett
Net Consonance : net philanthropy to improve open source and internet projects.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.arin.net/pipermail/arin-ppml/attachments/20121026/4abaeeb4/attachment-0001.html>
------------------------------
Message: 3
Date: Fri, 26 Oct 2012 11:54:45 -0700
From: Christoph Blecker <[email protected]>
To: Kevin Kargel <[email protected]>
Cc: "[email protected]" <[email protected]>
Subject: Re: [arin-ppml] POC privacy
Message-ID:
<CADx2oGEheikcSx8ekFn8bJqbBzj0UKcw_pJmvZ040tN8r=x...@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
On Fri, Oct 26, 2012 at 10:54 AM, Kevin Kargel <[email protected]> wrote:
> .
>
> What are people worried about that they feel their POC information should be
> "private"??
>
>
> 1. A little spam?!? I get so little spam on my POC email
> addresses, it's silly to worry about it!
>
> 2. What else? Privacy?? Businesses (legitimate ones, anyway)
> have no reason to hide themselves!
>
> <kjk> One other point I wanted to make here going further on point #2 -
> Businesses using a *shared* resource such as the *shared* public internet not
> only have no reason to hide themselves, they have an obligation to be
> reachable by the members of the community they are sharing the resources
> with. If they don't want to participate in the shared public resource then
> they don't need shared public resources in the first place. The simple act
> of reserving a globally unique address consumes a shared resource and
> obligates the consumer to be reachable, even if the globally unique address
> is never routed globally. JMO </kjk>
While I can't speak for Mike (who originally mentioned this at open
mic during ARIN30), I don't believe his intention was ever to hide all
POCs for an organization or to somehow hide from the global community.
My understanding of his intention was that the public facing contacts
(NOC, peering coordinator, abuse team, legal department) are many
times different then the people who are interacting with ARIN (senior
engineers, architects, etc). Hiding the latter could potentially
*improve* communication, by funneling the external communications
through the intended channels that can actually do something with
those communications.
While I agree with all your points that organizations using public
shared resources should be open and transparent, I really don't think
that's what we're talking about. This is a great discussion to have,
hopefully we can just keep it focused.
Cheers,
Christoph
>
> What good is a "private" POC? Who would ever got to use it if it's
> private???
>
> Can someone come up with a single legitimate example of why they
> should have public Internet resources assigned to them, but their contact
> information should be hidden from the world??
------------------------------
Message: 4
Date: Fri, 26 Oct 2012 12:15:01 -0700
From: Matthew Kaufman <[email protected]>
To: [email protected]
Subject: Re: [arin-ppml] POC privacy
Message-ID: <[email protected]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
On 10/26/2012 10:54 AM, Kevin Kargel wrote:
> .
>
> <kjk> One other point I wanted to make here going further on point #2 -
> Businesses using a *shared* resource such as the *shared* public internet not
> only have no reason to hide themselves, they have an obligation to be
> reachable by the members of the community they are sharing the resources with.
So I should be able to hide my POCs if I plan to use the addresses only
with private interconnections that don't reach "the public Internet"?
> If they don't want to participate in the shared public resource then they
> don't need shared public resources in the first place.
Disagree. We've had this argument repeatedly. Guaranteed uniqueness of
addresses for private interconnection is a perfectly valid reason to
consume addresses from the shared public pool.
> The simple act of reserving a globally unique address consumes a shared
> resource and obligates the consumer to be reachable, even if the globally
> unique address is never routed globally. JMO </kjk>
That makes no sense at all. Why would you ever need to reach them
*except* to spam them?
Matthew Kaufman
------------------------------
Message: 5
Date: Fri, 26 Oct 2012 16:18:59 -0400
From: Patrick Klos <[email protected]>
To: Steven Noble <[email protected]>
Cc: "[email protected]" <[email protected]>
Subject: Re: [arin-ppml] POC privacy
Message-ID: <[email protected]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Steven Noble wrote:
> Michael Siebel called Kyle's friends and found out he was in Lake Tahoe and
> got the address of the house. So here's a problem for you, you know the
> address where someone is and he's not answering his phone. How do you get a
> message to him right away? Michael went on Yelp and looked for a pizza place
> near the house and called them up and said, "I want to have a pizza
> delivered. But never mind the pizza. Just send a delivery guy over and say
> these four words: The site is down." The pizza place was very confused by
> this, but they send the pizza guy without a pizza, Kyle answers the door, and
> the pizza guy says, "The site is down." Kyle was able to fix it, and the site
> was down for less than an hour total from beginning to end.
>
> Sent from my iPhone
>
Wow... PIZZA-GRAM... that's a great story! (And you typed in on an
iPhone - I don't have the patience!)
I've been known to jump through hoops once or twice to track down
someone at some domain or network, but Michael Siebel has taken it to
the next level. I am seriously impressed! I'll have to remember this
one. I suspect it'll work with Chinese take-out as well?? ;^)
I hope Kyle got a pizza out of the deal anyway?
Patrick
------------------------------
Message: 6
Date: Fri, 26 Oct 2012 15:26:46 -0500
From: Kevin Kargel <[email protected]>
To: "'[email protected]'" <[email protected]>
Subject: [arin-ppml] FW: POC privacy
Message-ID:
<[email protected]>
Content-Type: text/plain; charset="us-ascii"
> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]] On Behalf Of Matthew Kaufman
> Sent: Friday, October 26, 2012 2:15 PM
> To: [email protected]
> Subject: Re: [arin-ppml] POC privacy
>
> On 10/26/2012 10:54 AM, Kevin Kargel wrote:
> > .
> >
> > <kjk> One other point I wanted to make here going further
> on point #2 - Businesses using a *shared* resource such as the
> *shared* public internet not only have no reason to hide themselves,
> they have an obligation to be reachable by the members of the
> community they are sharing the resources with.
>
> So I should be able to hide my POCs if I plan to use the addresses
> only with private interconnections that don't reach "the public
> Internet"?
No. Read again, even just holding the addresses obligates you to be reachable.
>
> > If they don't want to participate in the shared public
> resource then they don't need shared public resources in the first
> place.
>
> Disagree. We've had this argument repeatedly. Guaranteed uniqueness of
> addresses for private interconnection is a perfectly valid reason to
> consume addresses from the shared public pool.
By merely holding addresses that could be used by the community you are
consuming community resources and thereby interacting with the community. At
this point you need to be reachable. Holding community resources makes you
part of the community and you then have responsibilities to the community.
>
> > The simple act of reserving a globally unique address consumes a
> > shared resource and obligates the consumer to be reachable, even if
> > the globally unique address is never routed globally. JMO </kjk>
>
> That makes no sense at all. Why would you ever need to reach them
> *except* to spam them?
Umm, maybe I notice that some evildoer in Barringtonia has hijacked your IP
block and is using it to distribute kiddie porn which will give your child
advocate company a bad name and you haven't noticed yet so I want to be a nice
guy and make you aware of the situation.
Maybe I fell in love with your numbers and want to offer you an obscene amount
of money for them..
Maybe your firewall failed and your private only routing is misconfigured and
is DoS'ing my network.
Requiring publicly available responsive contacts adds accountability and
reduces (even if only minimally) the risk that the resource will be used for
evil.
There are countless other possibilities.
>
> Matthew Kaufman
>
------------------------------
Message: 7
Date: Fri, 26 Oct 2012 20:55:38 +0000
From: "Chu, Yi [NTK]" <[email protected]>
To: Patrick Klos <[email protected]>, Steven Noble <[email protected]>
Cc: "[email protected]" <[email protected]>
Subject: Re: [arin-ppml] POC privacy
Message-ID: <2ddb96a6-d065-476f-b4df-9c5d5bce0ee3@blur>
Content-Type: text/plain; charset="utf-8"
Good story aside, some people may not appreciate the fact that any anonymous
person on earth can track them down, especially the pizza guy had no business
in the network.
I take this story as indication that the current system is lacking concern for
privacy.
Yi
Sent from my Motorola Smartphone on the Now Network from Sprint!
-----Original message-----
From: Patrick Klos <[email protected]>
To: Steven Noble <[email protected]>
Cc: "[email protected]" <[email protected]>
Sent: Fri, Oct 26, 2012 15:19:41 CDT
Subject: Re: [arin-ppml] POC privacy
Steven Noble wrote:
> Michael Siebel called Kyle's friends and found out he was in Lake Tahoe and
> got the address of the house. So here's a problem for you, you know the
> address where someone is and he's not answering his phone. How do you get a
> message to him right away? Michael went on Yelp and looked for a pizza place
> near the house and called them up and said, "I want to have a pizza
> delivered. But never mind the pizza. Just send a delivery guy over and say
> these four words: The site is down." The pizza place was very confused by
> this, but they send the pizza guy without a pizza, Kyle answers the door, and
> the pizza guy says, "The site is down." Kyle was able to fix it, and the site
> was down for less than an hour total from beginning to end.
>
> Sent from my iPhone
>
Wow... PIZZA-GRAM... that's a great story! (And you typed in on an
iPhone - I don't have the patience!)
I've been known to jump through hoops once or twice to track down
someone at some domain or network, but Michael Siebel has taken it to
the next level. I am seriously impressed! I'll have to remember this
one. I suspect it'll work with Chinese take-out as well?? ;^)
I hope Kyle got a pizza out of the deal anyway?
Patrick
_______________________________________________
PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
________________________________
This e-mail may contain Sprint Nextel proprietary information intended for the
sole use of the recipient(s). Any use by others is prohibited. If you are not
the intended recipient, please contact the sender and delete all copies of the
message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.arin.net/pipermail/arin-ppml/attachments/20121026/b4f6dac7/attachment.html>
------------------------------
_______________________________________________
ARIN-PPML mailing list
[email protected]
http://lists.arin.net/mailman/listinfo/arin-ppml
End of ARIN-PPML Digest, Vol 88, Issue 23
*****************************************
