Hi Aftab, We currently don't apply any query rate limit but do have a query size limit (200 object response).
If needed, we can enable a daily limit per source IP/prefix but will need to do some checks to ensure legitimate heavy users don't get impacted. We have had cases where we needed to limit some users in the past. Thanks Vivek From: Aftab Siddiqui <[email protected]> Date: Thursday, 23 January 2025 at 12:52 PM To: Vivek Nigam <[email protected]> Cc: Anupam Agrawal <[email protected]>, Mark Foster <[email protected]>, Philip Paeps <[email protected]>, Fernando Frediani <[email protected]>, [email protected] <[email protected]> Subject: Re: [sig-policy] Re: prop-162-v001: WHOIS Privacy Caution! This email is sent from outside with a name matching an APNIC staff. Please do NOT click links or open attachments unless you recognise the source of this email and know the content is safe. Contact [email protected] if needed. Thanks Vivek, Here is my question, irrespective of bulk whois or otherwise. INPUT: Hypothetical script to query WHOIS service in a loop DEFINE: target_service = "whois.apnic.net <http://whois.apnic.net>" DEFINE: query_threshold = Y (total queries from an IP per day) DEFINE: query_rate = N (queries/second) DEFINE: blocking_behavior = ???? - What is the query_threshold (value of Y) at which rate limiting or blocking is triggered? - Is there a specific limit on the query_rate (e.g., N queries per second) that results in alerts or blocking? - How does the system handle excessive queries (e.g., temporary blocking, permanent blocking, or other actions)? Regards, Aftab A. Siddiqui On Tue, 21 Jan 2025 at 17:25, Vivek Nigam <[email protected] <mailto:[email protected]>> wrote: Hi Anupam, all, We provide access to APNIC Whois data for bulk download to organisations that intend to use it for Internet operational or technical research purposes. To get access, organizations need to complete the acceptable use agreement and state how they plan to use the data. https://www.apnic.net/wp-content/uploads/2021/06/apnic-whois-agreement-update.pdf <https://www.apnic.net/wp-content/uploads/2021/06/apnic-whois-agreement-update.pdf> Typically, we get these requests from cybersecurity companies, research bodies, large ISP/IXPs, universities, law enforcement agencies etc. Over 400 organizations have signed this agreement and have access to this data. We have not had any abuse reports that match these organisations. We have had one case where we received multiple complains of marketing emails from an APNIC Member organisation who were also registered brokers. This resulted in APNIC terminating their agreement and closing their account. Our course of action is more limited when we receive evidence of whois data abuse from non APNIC Member organisations, which make up vast majority of these reports. In this case we issue an official warning requesting the offenders to stop sending marketing emails. We have had varying levels of success following up these reports. In some cases, the offender acknowledged it was a mistake by their marketing team and agreed to stop this practice. In most cases, they have argued that they have got these email addresses from third-party database vendors, or the emails were already registered in their platform to receive marketing emails. Hope this information helps. Thanks Vivek From: Anupam Agrawal <[email protected] <mailto:[email protected]>> Date: Friday, 17 January 2025 at 8:56 PM To: Mark Foster <[email protected] <mailto:[email protected]>> Cc: Philip Paeps <[email protected] <mailto:[email protected]>>, Fernando Frediani <[email protected] <mailto:[email protected]>>, [email protected] <mailto:[email protected]> <[email protected] <mailto:[email protected]>> Subject: [sig-policy] Re: prop-162-v001: WHOIS Privacy That's a good point Mark. Some information on the number of complaints or the number of access requests/ agreements would be helpful. Regards ________________________________________________________ Anupam Agrawal | India Internet Foundation - Chair | 91 905 170 3611 On Fri, Jan 17, 2025 at 9:20 AM Mark Foster <[email protected] <mailto:[email protected]>> wrote: Thanks Philip, I think that's an important point to remain savvy to. I think it's important to go back to, what is the purpose for which bulk access is provided, and whether the proposal interferes with that purpose or not. Noting the contents of the above and the assertion that folks using information derived from bulk access will be prosecuted - but no evidence of this actually occurring despite strong indicators that whois information is being used for unsolicited marketing (something which I can most certainly also report) ... in the absence of seeing actual negative consequences to these actors i'm comfortable with seeing information removed or anonymised - and up until doing so detracts from the purpose for which the bulk access is being provided, there's basically no impact. (Regular whois not impacted - just bulk). I support the proposal but the rider I would like to see on it, is to challenge APNIC to revalidate the reasons it provides bulk access, the assurance has that the database is being used for legitimate purposes in compliance with the AUP, and its actions in response to reports of abuse. Beyond that - if reducing the level of detail in the bulk output has no negative impact, why not? (Agree that network operators must be identifiable and reachable. Changes only to the bulk scope won't prevent this, unless the bulk view of the data is being used for that purpose. I suppose there are legitimate services that might have bulk access agreements for that purpose - I guess only APNIC can tell us if that's true.) Regards Mark. On Tue, 14 Jan 2025 at 15:02, Philip Paeps <[email protected] <mailto:[email protected]>> wrote: On 2025-01-14 00:46:49 (+0800), Fernando Frediani wrote: > Although I do understand the motivations to this proposal, I normally > don't like much this feel that may look obvious to many to remove as > much as contact data in order to not be bothered with marketing and > sales content due to the concern that make things more difficult for > legitimate need to get in touch for troubleshooting and legal demands. > > If you are operating an Autonomous System and have responsibilities > over it you must be able to be easily contacted in order to deal with > the legitimate demands you commited when you became one, and for that > there will be some burden which if reasonable should be accepted. > > I understand the proposal suggests removing it from the bulk access, > but it has not been clear how it will work and how easy it will be for > those with legitimate need to get these contact details, if it will be > with not human interaction or if someone will need to fill a form and > justify, etc ? Note that "bulk access" in this policy proposal (as I read it -- do correct me if I'm wrong) specifically refers to this service: https://www.apnic.net/manage-ip/using-whois/bulk-access/ <https://www.apnic.net/manage-ip/using-whois/bulk-access/>. The overwhelming majority of network operators in the world do not have bulk data access agreements with APNIC and would therefore not be affected in any way by this policy proposal. Philip _______________________________________________ SIG-policy - https://mailman.apnic.net/[email protected]/ <https://mailman.apnic.net/[email protected]/> To unsubscribe send an email to [email protected] <mailto:[email protected]> _______________________________________________ SIG-policy - https://mailman.apnic.net/[email protected]/ <https://mailman.apnic.net/[email protected]/> To unsubscribe send an email to [email protected] <mailto:[email protected]> _______________________________________________ SIG-policy - https://mailman.apnic.net/[email protected]/ <https://mailman.apnic.net/[email protected]/> To unsubscribe send an email to [email protected] <mailto:[email protected]>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ SIG-policy - https://mailman.apnic.net/[email protected]/ To unsubscribe send an email to [email protected]
