Re: [Community-Discuss] [Ext] Re: Community-Discuss Digest, Vol 547, Issue 1
On 12/8/19, 3:33 PM, "Ronald F. Guilmette" wrote: [...] > Mr. Vegoda appears to be arguing that No, I am not making an argument, I am observing that there is a difference in the way these two RIRs perform this function. Kind regards, Leo Vegoda ___ Community-Discuss mailing list Community-Discuss@afrinic.net https://lists.afrinic.net/mailman/listinfo/community-discuss
Re: [Community-Discuss] [Ext] Re: Community-Discuss Digest, Vol 547, Issue 1
In message <4d311b9c-2bf1-45a8-bf21-a4dffb989...@icann.org>, Leo Vegoda wrote: >... {snipped} ... Mr. Vegoda appears to be arguing that even if one jumps through all necessary hoops in order to obtain "researcher" access to the RIPE data base, one still won't get a full and unredacted copy of that (RIPE) data base. I do not presently believe that to be true, but I would argue that even if it is true, it doesn't matter, and that any such restriction is just another sign of modern bureaucrats covering their own asses while making life pointlessly difficult for everyone else. In the case of both the RIPE data base and the AFRINIC data base, I hope that we can all agree that it is trivially possible to download, via FTP, redacted copies of these data bases, and that from these it is trivially possible to extract full lists of all relevant person and role handles. I hope that we can further agree that given such lists of person and role handles, it is also a programatically trivial matter to use those handle lists to directly query the relevant WHOIS servers, using the -B option, in order to obtain unredacted copies of all such person and role records, and further, that any one of the numerous commercially available proxy services may be used in order to trivially skirt any troublesome per-IP rate limits that may apply to such sets of sequential WHOIS queries. In short, the act of denying direct access to unredacted copies of *any* RIR WHOIS data base is a fool's errand, and one which may be trivially circumvented by any truly determined party. It's ultimate practical effect, therefore, is simply to inconvenience both bad actors and legitimate researchers alike, while not materially preventing access to the unredacted data in question. This does not even qualify as the much maligned "security through obscurity". This is "security through inconvenience" and is demonstratably, in the end, equally pointless and foolish. There are two possible responses to these undeniable facts: (1) arrange for all RIRs to *always* redact *all* contact information from *all* WHOIS queries, or else (2) stop wasting everyone's time with these ridiculous and provably futile attempts to pander to the anti-transparency lobby. Option (1) would quite obviously be disasterous for the continued smooth functioning of the Internet. If things start to go seriously haywire on any given network, and if no one on the entire planet can even find contact information for that network, then havoc will quite obviously ensue. Not that this means anything to the anti-transparency advocates. As far as they are concerned, personal privacy is the ultimate consideration, even for network opeerators, and even if, taken to its logical conclusion, it means that we all have to go back to living in our own privacy-enhancing personal caves. On the other hand, option (2) is equally unacceptable, at least to the anti-transparency "personal privacy" advocates and their attorneys who have, over time, deminstrated a pronounced preference for hiding not only all of their activities but also even their identities in places like Mauritius, Malta, the Seychelles, and the Cayman Islands. My hope is that the poople on this list will appreciate that a global interconnected network is not at all well served by rendering communication between network managers either difficult or impossible, and that thus, all here will soundly reject option (1) as the perfect idiocy that it is. It's time to stop hiding the ball and pandering to "offshore" skulduggery and none of the RIRs have any viable *or* legal excuse for continuing to do so, especially not now, when there has been an ample demonstration of the use of an opaque offshore jurisdiction in conjunction with the insider-engineered theft of AFRINIC IPv4 address space. (See the particulars relating to ORG-AISL1-AFRINIC for further information.) Regards, rfg ___ Community-Discuss mailing list Community-Discuss@afrinic.net https://lists.afrinic.net/mailman/listinfo/community-discuss
Re: [Community-Discuss] Community-Discuss Digest, Vol 547, Issue 1
In message <280ebc89-783c-48df-a93e-d8a539a9d...@delong.com>, Owen DeLong wrote: > On Dec 6, 2019, at 07:46 , Caleb Olumuyiwa Ogundele > wrote: >>Even if you are not familiar with Mauritius law, the EU GDPR which is >>more popular should tell you the implication of revealing a WHOIS >>database to a non-state prosecutorial actor like yourself who does not >>have a court warrant to see the redacted sections you seek. Please >>correct me if I'm wrong in my legal analysis of your request. > >Whois is data that is published generally, so your comments here about >DPR don't really apply. > >Such WHOIS dumps are available from RIPE, so I don't think it is >a GDPR issue at all. I am in agreement with Owen on this. The argument regarding the denial of access to unredacted copies of the WHOIS data base based on some alleged legal privacy issues is quite obviously not a reasonable or plausible one, not only because RIPE does not impose such a restriction but also, and more obviously, the argument makes no sense on the face of it because individual unredacted records may be obtained by anyone any time, just by querying the AFRINIC WHOIS data base using the -B option. If there were any serious legal problem with AFRINIC revealing unredacted contact information for resources holders, then even WHOIS queries for individual unredacted records (-B) would necessarily be disallowed. And they aren't, so obviously, there is not a serious legal issue here. On that basis, I stand by my assertion that Jan Vermeulen and myself have been stonewalled by AFRINIC staff, based on nothing at all, when we requested researcher access to the unredacted AFRINIC data base. And I say again, we were given no reason for the refusal to provide this information. Neither any legal reason nor any community-ratified policy for this refusal was cited as the basis for the refusal at the time. To make matters even more bizzarely comical, as is the case with all of the other RIRs, AFRINC has on its web site a special form that must be filled out in order to obtain unredacted copies of the entire WHOIS data base: https://afrinic.net/support/general-queries/how-can-i-request-for-bulk-whois-data Researchers must fill out this form, giving a lot of personal data, and then must FAX or email it to AFRINIC, which we did. (Essentially the same procedure is used by all five of the RIRs for any party wishing to obtain access to unredacted copies of their respective WHOIS data bases.) Note that access to a *redacted* copy of the WHOIS data base for any one of the five RIRs generally requires none of this fooling around. Anyone who wants redacted copies of these data bases can just use anonymous FTP and fetch them directly from the five RIR FTP servers. (We have done that also.) One only needs to fill out the form and go through all of this extra rigamorole if one specifically wants to obtain an unredacted copy of the WHOIS data base. Given that, you can readily imagine our shock and surprise when we filled out the form, and then FAXed it back to AFRINIC HQ, only to be told that despite our having jumped through ALL of the required procedural hoops, we would only be given the exact same (redacted) copy of the data base that we had already downloaded previously, via anonymous FTP. Any random party from anywhere in the world can, with no special prior arrangements, fetch a copy of the redacted AFRINIC WHOIS data base from ftp.afrinic.net. Given that fact, and given that this is all that AFRINC will give you, no matter what you do, someone is going to have to explain to me the reasons for the existance of the official AFRINIC web page linked to above. Why even have a complicated special procedure if the people who do all of the steps of that procedure just end up with the exact same un-special access privileges as they had before they did any of this? It makes no sense on the face of it, unless... I assert again that we have been very deliberately stonewalled by AFRINIC when we requested an unredacted copy of the data base. We do not know if we were selectively targeted for this stonewalling by one or more AFRINIC staff members, perhaps including but not limited to Mr. Byaruhanga and/or those working in collusion with him, or if there is, nowadays a general stonewalling, by AFRINIC staff, of all requests for any and all information where staff members feel that they can get away with it. But I can definitely say that, as of this moment, we still do not have access to the unredacted AFRINIC WHOIS data base and we also still have no explanation whatsoever for *why* we don't. And I still do need that access in order to fully complete my research. The proper response here is as simple as it is obvious. I call on the new CEO, Mr. Eddy Kayihura, to take command of the situation, and to immediately grant reasonable and confidential researcher access to the entire unredacted AFRINIC WHOIS data base to myself and Jan Vermeulen. We have alread
Re: [Community-Discuss] [Ext] Re: Community-Discuss Digest, Vol 547, Issue 1
Owen DeLong wrote: [...] > Whois is data that is published generally, so your comments here > about DPR don’t really apply. > > Such WHOIS dumps are available from RIPE, so I don’t think it is a > GDPR issue at all. Both AFRINIC and RIPE NCC public database dumps on their FTP sites but the RIPE NCC data is cleaned to remove more person data than the AFRINIC data dumps. The AFRINIC data includes the unique nic-hdl of contacts for resources but the dumps published by the RIPE NCC replace the unique nic-hdl with DUMY-RIPE: person: Placeholder Person Object address: RIPE Network Coordination Centre address: P.O. Box 10096 address: 1001 EB Amsterdam address: The Netherlands phone: +31 20 535 nic-hdl: DUMY-RIPE mnt-by: RIPE-DBM-MNT remarks: ** remarks: * This is a placeholder object to protect personal data. remarks: * To view the original object, please query the RIPE remarks: * Database at: remarks: * http://www.ripe.net/whois remarks: ** created: 2009-11-11T16:36:07Z last-modified: 2009-11-11T16:36:07Z source: RIPE Kind regards, Leo ___ Community-Discuss mailing list Community-Discuss@afrinic.net https://lists.afrinic.net/mailman/listinfo/community-discuss
Re: [Community-Discuss] The Looting of AFRINIC
The best way to empower useful work is to move forward with IPv6. Owen > On Dec 5, 2019, at 03:02 , Sunday Folayan wrote: > > Isn't it time to address Legacy space issues, specifically ancient squatters > on spaces meant to develop the Internet in Africa, AfriNIC Services and > bringing legacy spaces under some form of RSA? > > I urge the community to think beyond the sensation and let us see how to help > and empower the people doing useful work for Africa. > > Thanks. > > Sunday. > > On 04/12/2019 6:23 PM, Ronald F. Guilmette wrote: >> I hope you all will take the time to read and think about the following >> news story. >> >> https://mybroadband.co.za/news/internet/330379-how-internet-resources-worth-r800-million-were-stolen-and-sold-on-the-black-market.html >> I will have more to say about this in due course. For the moment, I only >> wish to say that the investigation undertaken by myself and Jan Vermeulen >> is ongoing, and that many others are provably involved. >>Regards, >> rfg >> >> >> ___ >> Community-Discuss mailing list >> Community-Discuss@afrinic.net >> https://lists.afrinic.net/mailman/listinfo/community-discuss >> > -- > -- > Sunday Adekunle Folayan > Managing Director > General data Engineering Services (SKANNET) > 16 Oshin Road, Kongi Bodija, Ibadan - Nigeria > Phone: +234 802 291 2202, +234 816 866 7523 > Email: sfola...@skannet.com.ng, sfola...@gmail.com > --- > > > ___ > Community-Discuss mailing list > Community-Discuss@afrinic.net > https://lists.afrinic.net/mailman/listinfo/community-discuss ___ Community-Discuss mailing list Community-Discuss@afrinic.net https://lists.afrinic.net/mailman/listinfo/community-discuss