With the horse trading of post-ipv4 depletion, we almost need a reg for this.
-Ben > On May 25, 2018, at 9:36 AM, Mike Hammett <na...@ics-il.net> wrote: > > I would like to call on organizations that provide IP reputation information > to have methods available for network operators to determine if they are on > their lists, what their reputation is, what it means, optionally evidence, > and a means of removal of negative information. Near real-time notice of > changes in your status would be recommended as well. If those wants sound > ridiculous, nearly that same list of wants is provided by e-mail SPAM DNSRBL > maintainers so it isn't exactly unprecedented. > > I recently interacted with an organization that provides IP reputation > information as a component in a larger security offering. A particular > eyeball network couldn't get to a number of large web destinations. After > some prodding of the company providing the security offering, it was > determined that the prefix in question was because on a scale of 0 to 10 with > 0 being the best and 10 being the worst, that prefix had a score of 1. They > claimed they could do nothing about it as their client (the web site being > visited) had that in their control. That's a half-truth. The company > providing that IP reputation put them on the list (for whatever reason), > while the web site chose whatever metrics to block. > > > Their proposed solution was to contact every web site there were issues with > and request that they fix it. Okay, so an eyeball is supposed to reach out to > dozens of major brands and get someone that understands the situation and can > resolve it in a reasonable time frame? Most of these brands take days to > address core things dealing with their core product or service, much less > getting someone in IT to whitelist a prefix. I'm sorry, that's not a > realistic solution. > > If not a proactive alert (like a SPAM feedback loop), they need an easy form > to fill out and after some automated means of verification (ASN or IP whois > contact lookup), spill the beans on who, what, where, why, and how to get it > fixed. > > I'm not saying there was no valid reason to put them on the list. There's no > easy way to determine that they're on the list, why, and any means of getting > removed from the list when the problem is fixed. > > > > > ----- > Mike Hammett > Intelligent Computing Solutions > > Midwest Internet Exchange > > The Brothers WISP >