Re: [anti-abuse-wg] Co-Chair selection
On Tue, May 07, 2024 at 11:37:10AM +0200, Markus de Brün wrote: Hi, > the deadline for nominations has ended and we received one nomination. It > is our current and long-standing co-chair Brian. In case you do not know > Brian, there is a short biography at the end of this email. > > Brian is willing to accept his nomination. Tobias and I are happy to > continue to work with him. It would be great to hear from you if you > support Brian as well. Brian has my full support. Best, Piotr -- Piotr Strzyżewski -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Re: [anti-abuse-wg] Potential New Co-Chair
On Thu, Jan 20, 2022 at 10:04:21AM +, Brian Nisbet wrote: Brian, All, > So, as a first stage, does any object to this happening "out of cycle"? I'm > very happy to say that silence indicates consent here, but if you have any > objections then please state them here or to aa-wg-cha...@ripe.net before > 17:00 CET on Wednesday 26th January. > > If that is all good, we'll proceed with the next phase. I support this idea. -- Piotr Strzyżewski -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Re: [anti-abuse-wg] [db-wg] Fw: NWI reviews: NWI-1 staying on top of abuse contact changes
On Thu, Sep 24, 2020 at 12:30:06PM +, ripedenis--- via db-wg wrote: Denis, All, > We need to take some action on these old NWIs. Either we move forward with > them or we cancel them. It is difficult to draw a consensus on 2 comments. > Can you please give us a couple of minutes of your time and let us know if > this NWI-1 is needed, useful or a waste of time. I share the view already expressed. If we need a tool, maybe the problem is somewhere else. Best, Piotr -- Piotr Strzyżewski
Re: [anti-abuse-wg] Report & Co-Chair's Decision on Proposal 2019-04
On Mon, Sep 07, 2020 at 03:19:27PM +, Brian Nisbet wrote: Brian, Alireza, Tobias, > A few weeks ago we reached the end of the latest review phase for 2019-04. > The Co-Chairs have worked closely with the NCC Policy Development Office > since then to try to make a decision on this policy. This email contains a > report on the Discussion Phase and Review Phase and then a final decision > which, we believe, is supported by the activity during those phases. > > As always, this is underpinned by the RIPE PDP - > https://www.ripe.net/publications/docs/ripe-710 [cut] > With all of this in mind, and with the continued failure of any kind of > consensus from the working group, the Co-Chairs have decided to withdraw this > proposal. As always we would welcome proposals on this and other matters, > however we do not feel that there is any likelihood of 2019-04, regardless of > possible edits, reaching consensus in the short or medium term. Thank you for all your hard work here. It was not an easy task to fulfill. With this is mind, it is even more important that you have made this report. Thank you. Stay safe, Piotr -- Piotr Strzyżewski
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
On Thu, May 23, 2019 at 03:26:12AM -0700, Fi Shing wrote: > > > This is fully sufficient to notice technical brokenness. > > No it isn't for the reasons previously said by others: > > 1) if i put your email address as the abuse contact for my resource, the > system would make it as "valid", And as I pointed out during RIPE78 AA-WG session, this proposal is not addressing this issue at all. Piotr -- Piotr Strzyżewski Silesian University of Technology, Computer Centre Gliwice, Poland
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
On Sat, May 18, 2019 at 12:37:07AM +0100, Sérgio Rocha wrote: > > i.e. 1 region on track, 4 still to go (RIPE included here). > > So it looks that this proposal it's not so avant-garde, since the other > regions are having the same needs and one of them already include this > policy The fact that the authori has proposed the same idea in all regions doesn't mean that "other regions are having the same needs". Piotr -- Piotr Strzyżewski Silesian University of Technology, Computer Centre Gliwice, Poland
Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
On Fri, Apr 19, 2019 at 11:02:23PM +0100, Carlos Friaças via anti-abuse-wg wrote: > What i've heard from the Board so far on the list -- and the Board > currently has seven members -- was a concern expressed by Piotr about > timelines, which i think we have addressed in v2.0's text (which i also > hope to see published soon). Just to be clear - that was my private concern and not the Board. Piotr -- Piotr Strzyżewski Silesian University of Technology, Computer Centre Gliwice, Poland
Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
On Sun, Mar 24, 2019 at 01:16:59AM +0100, Töma Gavrichenkov wrote: > On Sat, Mar 23, 2019 at 10:42 PM JORDI PALET MARTINEZ via > anti-abuse-wg wrote: > > I think is very obvious that the experts [..] will make sure that when a > > warning is sufficient > > NO IT'S NOT > > The process is not clear. No guidelines for the "experts" are defined. > No selection process for "experts" is drafted. That's just wishful > thinking as of now, where the best candidate for the experts' panel is > probably Albus Dumbledore himself. Well said. +1 Piotr -- Piotr Strzyżewski Silesian University of Technology, Computer Centre Gliwice, Poland
Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
On Fri, Mar 22, 2019 at 11:09:24AM +, Carlos Friaças via anti-abuse-wg wrote: Dear Carlos, >> 8. "So Legacy holders (resources with a legacy status) are for obvious >> reasons, excluded for penalties and out of reach. Also according to the >> policy that specifies services to Legacy holders, as this policy doesn't >> state that it wants to include and impact legacy holders." > > I don't agree. If you check i was one of the co-authors of 2012-07 :-) > In my initial drafts for 2019-03, there was a line about legacy holders. It > seems now clear it needs to be recovered for version 2.0 :-) Although I have mixed feelings about this policy and haven't made my mind yet, I wish you good luck with that one thing. Piotr -- Piotr Strzyżewski Silesian University of Technology, Computer Centre Gliwice, Poland
Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
On Thu, Mar 21, 2019 at 09:18:02AM +, Carlos Friaças wrote: Dear Carlos, > What would be reasonable for you? > > 2 or 3 years before the date when the report is filed? I was thinking more about weeks not years. Mostly due to the nature of the incident(s) itself. However, I'm not strongly opposed to 2y term. Piotr -- Piotr Strzyżewski Silesian University of Technology, Computer Centre Gliwice, Poland
Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Dear All, What I'm lacking here is some sort of expiration date for the possibility of filling the report. I do not like the idea that someone could be chased down years after the alleged incident has happened (and after the policy has been implemented, with regards to the point 5.0 of the policy proposal). Piotr -- Piotr Strzyżewski Silesian University of Technology, Computer Centre Gliwice, Poland
Re: [anti-abuse-wg] 2016-01 Discussion Period Extended Until 21 June 2016 (Include Legacy Internet Resource Holders in the Abuse-c Policy)
On Wed, May 25, 2016 at 09:59:47PM +0200, Gilles Massen wrote: Dear AA-WG As a kind of post-mortem comment: > Specifically: forcing people to add an abuse-c as a matter of ticking a > checkbox leads to not-working or ignored abuse email boxes. And I rather > have no abuse-c than an ignored one - it is a clear signal and leads to > much better use of a reporters time. This argument could be easily extended by making it more general: forcing people to add any contact including e-mail or phone number could lead to kind of garbage. Yet, noone oppose to have ORGANISATION, ROLE and PERSON objects in the database. Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] 2016-01 New Policy Proposal (Include Legacy Internet Resource Holders in the Abuse-c Policy)
On Thu, Jan 28, 2016 at 07:18:38PM +0100, Gilles Massen wrote: Dear Gilles > Since the rationale mentions the "better quality of abuse contact data", > I'd like to point out that it is still not possible to have a different > abuse-c for different inetnums, if they belong to the same ORG. The > impossibility to have a "more specific" is the ONLY thing that prevents > me to have accurate abuse contact data for our LEGACY addresses, not the > absence of a specific policy. Let's make a proposal for a DB-WG to deal with that and will see what is the community's point of view for that. Is it ok for You? Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] 2016-01 New Policy Proposal (Include Legacy Internet Resource Holders in the Abuse-c Policy)
On Thu, Jan 28, 2016 at 04:53:57PM +, Erik Bais wrote: Hi Erik > >> > https://www.ripe.net/participate/policies/proposals/2016-01 > >> > >> I've read the proposal and I have a question on it. > >> > > >You propose that you want to extend the Abuse-C Contact management in > > >the RIPE Database policy towards Legacy Internet Resource Holders. > > > > > >However ... > > > > > >That is already the case ... isn't it ? ... > > >I don't think so. ;-) > > Can you explain what you are missing ? > Because there is already an option for Legacy holder to correctly > register the Org-ID in their Legacy resources .. And the Org-ID > already has the (currently non-mandatory) optional field : Abuse-C ... "An option" as you said is the answer to the question. I hope that Marco will send some numbers tomorrow and it will be more clear that the option is sadly not enough. > >> So the question that would come to my mind is, do you want to enforce > >> the inclusion of the Org-ID into the legacy ( or any type of inet-num) > >> object .. and have the abuse-c as a mandatory field in the org-id. ? > > >Yes and no. Yes, I do want to enforce the inclusion of the Org-ID into > >the legacy objects. No, I do not want to have the abuse-c as a mandatory > >field in organisation object. One of the reasons for the latter is that > >there is no need for mandatory abuse-c for assignments within > >allocation, due to the hierarchical nature of the abuse-c itself. > > So you don't want to enforce through the database (at an update by the > LRH ) to make sure that all parent objects will have an Org-ID.. which > will fix the database accuracy things you speak of.. > That you don't want it enforced for more specific objects, is > something to debate about.. but it should at least be possible at that > level.. Noted. > >> As for Legacy resource holders, that might be an issue to enforce, as > >> the RIPE NCC can't reach out to all legacy holders that are > >> 'incompliant' as we can't ask them to start guessing who are the > >> actual legitimate holders.. > > > True. But even for some of them, who sign the contract it is not > > possible to enforce that. Even considering the fact that those LRHs have > > to "maintain accurate data in the registry in respect of each resource > > identified" (see RIPE-639, Section 3.0, bullet 4). > > I think our view of enforcing is different here.. I see a mandatory > field in a database as a way to 'gently push' users into the And/or business rule in the database. > envisioned direction ... Without the requirement for the RIPE NCC to > call them up or make the change for them, based on guessing who the > actual LRH is ... Again. Let's wait for the numbers. From my opinion this could be a very long term process. > I think that you are looking for a stronger mandate here.. ( Please > correct me if I'm wrong on this ..) and do a new 2007-01 kind of > effort and start calling all Legacy holders .. with or without a > contract to make sure they are going to update their legacy inet-nums. > Where the Legacy holders may not have a contractual relationship with > the RIPE NCC and the RIPE NCC doesn't have a contact point into a > certain company who might have receive IP space in 1993 ... Well. Not all. Not every LRH have had registered its resources in the RIPE Whois DB. But I get your point. And probably the answer is yes. If and only if the community will decide to follow this approach. > I would not be in favor of such an effort ... > > I don't see how the RIPE NCC could ever do or complete such a task as > it is asking the (almost) impossible .. and there is no financial / > contractual relation between the LRH and the RIPE NCC, so why would > the LRH do it at all. That is the question from Pandora's box. I don't want to start a debate why NCC should serve those LRHs without contracts and invite them to register resources in the DB. I believe I know the arguments of both sides. > Doing a more light touch approach in a database schema, will not ask > for an impossible task and it will not cost X amount of men years of > work ... and get similar results.. > Those that will update / change their info in the RIPE DB, will need > to update the resources with the Org-ID including an Abuse-C. I'm glad that you propose that. This is one of the possible choices I'm aware of. And it seems that this is one which has a good balance of compromise, effectiveness and cost. > And don't under estimate the number of Legacy changes, especially with > all transfers currently.. so that might actually go quite fast.. Good point. Regards, Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] 2016-01 New Policy Proposal (Include Legacy Internet Resource Holders in the Abuse-c Policy)
On Thu, Jan 28, 2016 at 10:06:50AM +0100, Marco Schmidt wrote: Marco > A new RIPE Policy proposal, "Include Legacy Internet Resource Holders in > the Abuse-c Policy", is now available for discussion. > > The goal of this proposal is to extend RIPE Document ripe-563, "Abuse > Contact Management in the RIPE Database", to Legacy Internet Resource > Holders. > > You can find the full proposal at: > > https://www.ripe.net/participate/policies/proposals/2016-01 > > We encourage you to review this proposal and send your comments to > before 26 February 2016. Would you be so kind and publish possible approaches to deal with the requirements of this proposal. It will be a benefit for the members of this WG to see how NCC perceive this proposal. Thanks in advance, Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] 2016-01 New Policy Proposal (Include Legacy Internet Resource Holders in the Abuse-c Policy)
On Thu, Jan 28, 2016 at 11:18:16AM +, Erik Bais wrote: Hi Erik > Thank you for the formal proposal. > > > You can find the full proposal at: > > > https://www.ripe.net/participate/policies/proposals/2016-01 > > I've read the proposal and I have a question on it. > > You propose that you want to extend the Abuse-C Contact management in > the RIPE Database policy towards Legacy Internet Resource Holders. > > However ... > > That is already the case ... isn't it ? ... I don't think so. ;-) > If a Legacy holder changes his Organization Object to include the > abuse-c object in the RIPE DB and links it to the inet num object .. > it shows the abuse information. > > For instance : > https://apps.db.ripe.net/search/lookup.html?source=ripe&key=144.2.240.0%20-%20144.2.255.255&type=inetnum > ( No Abuse contact, because no Org-ID. ) > https://apps.db.ripe.net/search/lookup.html?source=ripe&key=144.2.168.0%20-%20144.2.171.255&type=inetnum > ( no Abuse Contact, Org ID present, but no abuse-c in the > Org-ID. ) > https://apps.db.ripe.net/search/lookup.html?source=ripe&key=144.2.176.0%20-%20144.2.191.255&type=inetnum > ( Abuse contact in the Org-ID. ) > > From what I see is that the Abuse-C contact can be added, but it is > org-id ( the link to the actual legitimate holder ) which holds the > abuse-c, is the issue. > > So the question that would come to my mind is, do you want to enforce > the inclusion of the Org-ID into the legacy ( or any type of inet-num) > object .. and have the abuse-c as a mandatory field in the org-id. ? Yes and no. Yes, I do want to enforce the inclusion of the Org-ID into the legacy objects. No, I do not want to have the abuse-c as a mandatory field in organisation object. One of the reasons for the latter is that there is no need for mandatory abuse-c for assignments within allocation, due to the hierarchical nature of the abuse-c itself. > As for Legacy resource holders, that might be an issue to enforce, as > the RIPE NCC can't reach out to all legacy holders that are > 'incompliant' as we can't ask them to start guessing who are the > actual legitimate holders.. True. But even for some of them, who sign the contract it is not possible to enforce that. Even considering the fact that those LRHs have to "maintain accurate data in the registry in respect of each resource identified" (see RIPE-639, Section 3.0, bullet 4). > So the mandatory database update needs to be done by the maintainer of > the legacy resource (whenever they change their allocations/make > changes). That could be done by having the Org-ID field mandatory in > the database for all parent inet-nums. > > Or am I missing something here ? Hope I was clear. Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] 2016-01 New Policy Proposal (Include Legacy Internet Resource Holders in the Abuse-c Policy)
On Thu, Jan 28, 2016 at 02:29:48PM +, Sascha Luck [ml] wrote: > On Thu, Jan 28, 2016 at 10:06:50AM +0100, Marco Schmidt wrote: >> A new RIPE Policy proposal, "Include Legacy Internet Resource Holders in >> the Abuse-c Policy", is now available for discussion. >> >> The goal of this proposal is to extend RIPE Document ripe-563, "Abuse >> Contact Management in the RIPE Database", to Legacy Internet Resource >> Holders. > > There goes my new year's resolution to not bother with RIPE > policy this year. > > Why in all hells is this proposal in AAWG? This belongs in > ncc-services or db-wg! (to be fair, Marco promulgated its existence on the > relevant > lists but why is everyone subjected to the ordeal of being > subscribed to this list?) It was agreed with the Chairs that it should be posted where the original abuse-c proposal was discussed. > As for the proposal, I can't see how the NCC could enforce the > correctness of this for all legacy resource holders, so it > doesn't serve the intended purpose. It was briefly discussed with the NCC and there are some sort of solutions for that. Besides, it was done in the past. Some "lazy" LIRs did not updated the organisation objects on time and NCC have had to resolve this inconvenience. Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] [db-wg] RIPE NCC to set abuse-c for remaining organisation with ASNs or other resources allocated or assigned by the RIPE NCC
On Wed, Dec 16, 2015 at 03:34:26PM +0100, denis wrote: Dear Denis, > On 16/12/2015 11:32, Alex Band wrote: >> Hi Michele, >> >>> On 15 Dec 2015, at 21:28, Michele Neylon - Blacknight >>> wrote: >>> >>> Tim >>> >>> I support this plan >>> >>> It makes a lot of sense on two fronts: 1 - making sure there are >>> abuse-c contacts for all resources 2 - making sure that it???s the >>> correct / appropriate contact >> >> To expedite the creation of abuse contacts we've just deployed an >> enhancement to the RIPE Database web interface. >> >> Whenever you create a new organisation object or you edit an existing >> one that does not have an abuse contact set, we will display a >> warning and offer a simple abuse-c creation workflow. > > An "abuse-c:" attribute is only required in an ORGANISATION object if it is > referenced by a resource object. So the wording in this revised web > interface may be a bit confusing to users. It would be better if you do a > check on the specified ORGANISATION object and only display this warning if > this object should have an "abuse-c:" reference. >From what I understood, warning is not an error and doesn't prevent the creation of the ORGANISATION object. Moreover, during object creation procedure it is unknown what for the ORGANISATION object is created. All the best, Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] [db-wg] RIPE NCC to set abuse-c for remaining organisation with ASNs or other resources allocated or assigned by the RIPE NCC
On Tue, Dec 15, 2015 at 04:58:20PM +, Brian Nisbet wrote: > I know that we're getting near to what for a lot of people will be a well > deserved break at the end of the year, but it would be great if there could > be some feedback for the NCC on this, even if it's just agreement! :) I support Tim's plan. Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] Sources of Abuse Contact Info For Abuse Handlers
On Wed, Nov 18, 2015 at 05:01:30PM +0100, de Brün, Markus wrote: > Unfortunately, there are still lots of CIDRs for which the RIPE DB does not > return a dedicated abuse contact. In some cases, you can find an appropriate > contact in the "remarks" or other records - which is difficult to parse > automatically. In other cases there is no contact information at all. And this is mostly the case of legacy resources. Hope we will deal with that. > Section 6.6.1 of this document says that "it [is] mandatory for every > resource > object (inetnum, inet6num and aut-num) to have a dedicated abuse contact." > > ripe-563 states that "every direct allocated inetnum and > inet6num > needs to have an ???abuse-c:???", which is different from "every" as is the > quote > above. I'm not sure what you are trying to say. RIPE-563 also states the same about aut-nums. And I'm pretty much sure that word "every" used in section 6.6.1 of the document mentioned above is used properly due to the hierarchical nature of IP address objects. > In fact, afaik you cannot add an abuse-c record to an inetnum object at all, Not directly, but indirectly through organisation objects it is possible for any single inetnum object. > can you? abuse-c records are usually added to higher level objects like LIR > ORG and then inherited by the lower level inetnum objects. If you want to set > a dedicated abuse-contact for an inetnum, you need to add a reference to an > ORG object with the corresponding abuse-c record. (see > https://labs.ripe.net/Members/denis/creating-and-finding-abuse-contacts-in-the-ripe-database) This works the same way for allocations and assignments (and legacy as well). Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] Solving the issue of rogue ROUTE objects in the RIPE Database
On Thu, Nov 05, 2015 at 08:56:42PM +0100, Gert Doering wrote: Hi > On Thu, Nov 05, 2015 at 07:40:58PM +, ripede...@yahoo.co.uk wrote: > > STEP 4 > > > > This is a one off cleanup of existing ROUTE objects. For all ROUTE > > objects currently in the RIPE Database that relate to an out of > > region, existing resource, send the appropriate notifications. For > > any that no response is received within a week, delete the ROUTE > > object from the RIPE Database. > > I'm a bit more careful about that one, though - in principle, yes, but > "one week" is a bit harsh here, so I'd go for multiple reminders and > a longer time. This is a different case than "I have just added this > object and it is now showing up (with an appropriate message by the > DB robot), so let's just check my mail until the reminder appears!". +1 on that. > (NB: did you intentionally not copy db-wg?) What about routing-wg? Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] WHOIS (AS204224)
On Mon, Nov 02, 2015 at 07:06:09PM -0800, Ronald F. Guilmette wrote: > I've been to Europe only one time, in 2010. I had to buy a cell phone > there to communicate, and when I did I was entirely surprised to learn > that one cannot do so without presenting some form of identification, > passport, driver's license, etc. (We don't do that here.) The inference > I draw is that in Europe, even more than other places, law enforcement > at least can trace a phone number to a particular person. If true, that > represents both a deterrent to fraud, and a useful assist when and if > possible fraud in being investigated. Please, don't treat Europe as a single jurisdiction/country/state etc. Just to comment - last week I have been given a disposable sim card with new phone number at the local student cafeteria without even asking for it. In Europe. Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] WHOIS (AS204224)
On Mon, Nov 02, 2015 at 12:29:18PM -0800, Ronald F. Guilmette wrote: > Should we worry also that the penguins in Antartica won't be able to > obtain RIPE number resources because they also don't have working > phones? Although your argumentation most times violates the eristic rules I would like just to cheer you up. Don't worry about the penguins in Antarctica. They have working phones. Over the Internet. Piotr, who called few times to the Antarctic station. -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] WHOIS (AS204224)
On Wed, Nov 04, 2015 at 03:41:39PM -0800, Ronald F. Guilmette wrote: > If a formal proposal was put forward to the entire RIPE membership > which proposed that all mailing addresses and phone numbers be > completely removed from the WHOIS data base, would you personally > vote "yea" or "nay" on that proposal? Something sort of - just to make them optional in person objects: https://www.ripe.net/ripe/mail/archives/db-wg/2015-April/004520.html Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] Fwd: [aa-wg-chair] AAWG - Draft RIPE 70 minutes
On Mon, Jun 22, 2015 at 04:39:46PM +0100, Brian Nisbet wrote: > B2. Recent Mailing List Discussions > > The most recent discussion on the AA mailing list concerned abuse-c > contact methods. People were asking about other solutions, for example > web forms, rather than solely using email for abuse reports. Brian > believed that this was sufficiently discussed on the mailing list but > asked for comments from the audience. > > Piotr Strzyzewski, Database WG co-chair, approached the microphone and > noted that he had posted an email to the Euro-IX mailing list to bring It was ERX-HOLDERS mailing list. > the abuse-c discussion to their attention. He also mentioned the > proposed 'cleanup' of abuse contacts that is currently being discussed > in BoF groups in both the anti-abuse and database working groups. Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] abuse-c cleanup
On Wed, May 06, 2015 at 05:18:06PM +0200, Tim Bruijnzeels wrote:
Dear WG Members
> > The idea of "abuse-c:" was to create one single place/way of
> > documenting abuse contact details. So far all that has been achieved
> > is to add a fourth way to document it. All the old ways
> > ("abuse-mailbox:" in 5 object types, IRT and remarks) are still
> > littered throughout the database.
>
>
> A schema change like this would need to be discussed in the database
> working group, and can only be done in case "abuse-c:" can be made
> mandatory for all organisations - and this would also have to be
> discussed there.
>
> From a technical point of view this change is not necessarily
> difficult to implement, provided that missing abuse-c roles could be
> created using either the existing abuse-mailbox or email attribute on
> organisations - presumably the addresses people would turn to today in
> the absence of an explicit abuse-c. So, in a way this change should
> not have a big semantic impact. Consistency would help to reduce
> complexity in documentation and business rules. It would also make it
> easier when assigning resources to new non-LIR organisations - now we
> need to check whether abuse-c has been set, because it's not mandatory
> and we often find that this makes dealing with requests longer.
>
> But that said, the above is only a partial picture of this, and this
> should in our view be discussed in the database working group. We can
> implement after consensus is called.
I agree with that. Denis do you want to make a follow-up on DB-WG?
Piotr
--
gucio -> Piotr Strzyżewski
E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] Abuse-C attributes - required e-mail address contact method.
On Fri, Mar 13, 2015 at 03:18:17PM +, Gist, Jonathan wrote: Hi > Is this a view that is help by others? No, not by me. Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] AS43890
On Sun, Nov 16, 2014 at 07:32:25PM -0800, Ronald F. Guilmette wrote: > 31.2.128.0/17 > 46.51.0.0/17 > 95.64.0.0/17 > 164.138.128.0/18 > 188.229.0.0/17 > > Prior to AS197207's decision to begin announcing the above routes (which > they did, starting on Oct. 25th), it appears that the proprietors of > AS43890, a Romanian ISP and RIPE LIR in good standing, apparently elected > to announce their own set of routes to some or all of the above Iranian > IP blocks, using lots and lots of little deaggregated /24 announcements > to do so. Try to compare: ftp://ftp.ripe.net:/ripe/stats/2014/delegated-ripencc-20141026.bz2 with ftp://ftp.ripe.net:/ripe/stats/2014/delegated-ripencc-20141027.bz2 looking for a change apply to 188.229.0.0/17 instead of drawing some (most probably) invalid conclusions. This page should also be very helpful: http://www.ripe.net/lir-services/resource-management/ipv4-transfers/table-of-transfers Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] RIPE Autonomous System Numbers
On Wed, Nov 05, 2014 at 11:06:34AM +0100, furio ercolessi wrote: > On Wed, Nov 05, 2014 at 06:38:36AM +, Sascha Luck wrote: > > On Tue, Nov 04, 2014 at 04:37:13PM -0800, Ronald F. Guilmette wrote: > > [...] > > >So there is no trace... no chain of documentation on how an AS got to > > >be an AS. Is that correct? Is that really what you are telling me? > > > > It is not. There is a contract for every independent resource assigned > > after -525 came into force and when Phase 3 is completed, there will be > > contracts for legacy ASN/PI resources also. > > These contracts are confidential and not public information. On this > > side of the pond, we call it "data protection" and it is the law. > > But if the community perceives that the amount of information disclosed > in the public database is not adequate to the needs (and I personally > regretted to be unable to get the informations that RFG is talking about, > several times!), then new information could be supplied in the whois after > asking for consent from the resource holder, no ? > > So perhaps we can take this opportunity to discuss an extension of > the data shown in the public whois. Have any of you ever consider making a policy proposal to change this? Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
Re: [anti-abuse-wg] RIPE Autonomous System Numbers
On Tue, Nov 04, 2014 at 11:16:44AM -0800, Ronald F. Guilmette wrote: > >> A few questions, if you don't mind... > >> > >> Given some arbitrary record which is stored within the RIPE WHOIS > >> data base, such as an organization (ORG-*) record or a record for > >> a number resource, such as an AS, how can I determine the date on > >> which that record was created? Do I just look for the earliest > >> date found in any of the associated changed: fields? > > Just to make sure I'm clear... No one on this list knows the answer, > even to the above trivial question? Or noone care/want to answer "above trivial question". My advice is - check the --list-versions description plus latest updates from the db-wg. Best regards, Piotr -- gucio -> Piotr Strzyżewski E-mail: piotr.strzyzew...@polsl.pl
