[arin-discuss] Privacy of Reassignment Information

Owen DeLong owen at delong.com
Sat Apr 8 12:18:53 EDT 2006 

Actually, no, I don't like being solicited.  I'm as annoyed by SPAM as
anyone.  Phishing is little more than SPAM in my experience, since it's
usually pretty easy to identify and I know better than to provide my
personal information to URLs that don't look right.

Education is the answer to phishing.  Hiding private information doesn't
actually help.  The reality is that I can't recall ever receiving a
phishing attempt that used information from whois.  The phishers
don't generally bother.  For one thing, there isn't a high enough
percentage of targets with whois entries.

My opinions on this subject have nothing to do with being affiliated or not
with a service provider or with the fact that I also work as a consultant.

My opinions are based exactly on the fact, as I stated, that IP addresses
are a resource assigned from the public trust.  If you obtain the use of
federal land, that use permit is a matter of public record.  I don't see
any reason IP address assignments should be treated any differently.
Resource allocations in the public trust should be a matter of public
record.

Owen


--On April 8, 2006 10:38:19 AM -0400 Eric Kagan <ekagan at axsne.com> wrote:

> 
> David, 
>   
> I fully support and agree with the privacy policy you speak of below.  In
> this day and age of deception (spam, phishing, fraud and a number of
> other things) I feel having any information publically accessible that
> could help defraud an individual or enterprise is neglegent.  I feel the
> Con's far out-weigh the Pro's in this area. I get constant push back from
> internal resources as well as private enterprise on releasing their
> information.  (Solely in regards to reassignments, not reallocations).
> The service providers info should be public and accurate and all
> communications should come to the service provider and dealt with
> privately to their customers.  Thats a responsibility and part of
> business of being a service provider. (If space is assigned downstream,
> the reallocated service provider info should be publically posted.) 
>   
> Lets realize that domain registrars have allowed private registrations
> for some time.  Can anyone on this list say they have *never* received
> inappropriate communications (via email, mail, phone call) that used this
> certain public information ? I know Owen mentioned he is registered with
> his info, but if he's on this list and a "consultant" he is closely tied
> to the service provider world and maybe even likes that he can be
> solicitied.  I am sure most business in the private sector would not feel
> the same way. 
>   
> Unfirtnuately I am unable to attend the Montreal event, but I am willing
> to assist or backup the private policy effort in any way possible.  I
> will welcome online or offline responses and ideas as well. 
>   
> Thank you 
> Eric 
>   
> Eric Kagan 
> CTO 
> Access Northeast/ASN 17113 
> Direct 508-281-7626 
> ekagan at axsne.com 
>   
> 
> 
> 
> -----Original Message-----
> From: arin-discuss-bounces at arin.net
> [mailto:arin-discuss-bounces at arin.net] On Behalf Of Divins, David
> Sent: Saturday, April 08, 2006 1:26 AM
> To: Owen DeLong; ARIN-discuss at arin.net
> Subject: Re: [arin-discuss] Privacy of Reassignment Information
> 
>  
> 
> All IP Allocations are done based upon trust.  If an ISP just wanted to
> obscure a reassignment they could simply make up a customer. 
> 
> Allowing ISP's to enter into NDA type status for reassignments and
> representing these reassignments as private in public servers should
> provide the registrar with more accurate information-- as that is the
> basis for the reassignment policy.  Additionally, this provides much
> needed privacy for companies that must adhere to ever more restrictive
> privacy laws.  This allows a valid mechanism. 
> 
> Why is a corporate entities right to privacy any less than an individuals
> (when it comes to IP space-- and remember not all companies are public)? 
> 
> Why is there a need to know what company owns a block provided there is a
> valid contact provided? This probably brings the question of how can we
> ensure a valid contact.  Since all assignments are done based on trust,
> there must be some base assumption that for the most part ISP's act
> according to ARIN rules--  I am not aware of any ARIN para-military-esque
> auditing arm that checks ISP corporate accounting against IP assignments
> to see who skirts the rules. 
> 
> Honestly, I would be content to see a policy that allows an ISP to go
> full NDA with ARIN and provide reassignment information to ARIN on a
> private basis.  Under this condition, the ISP would need to maintain
> valid contact (abuse/noc) for all address space it has been assigned and
> not publicly reassigned. 
> 
> I firmly believe that this issue will not be going away. 
> 
> -dsd 
> 
> David Divins 
> Principal Engineer 
> ServerVault Corp. 
> (703) 652-5955 
> 
> _____________________________________________ 
> From:   Owen DeLong [mailto:owen at delong.com] 
> Sent:   Friday, April 07, 2006 11:56 PM 
> To:     Divins, David; ARIN-discuss at arin.net 
> Subject:        Re: [arin-discuss] Privacy of Reassignment Information 
> 
> * PGP Signed by an unknown key: 04/07/2006 at 11:55PM 
> 
> 
> --On April 7, 2006 10:25:11 PM -0400 "Divins, David"
> <dsd at servervault.com> 
> wrote: 
> 
>> All, 
>> 
>> Provided an ISP, or other direct assignment recipient, supplies valid 
>> and responsive (24x7) Abuse, NOC, and other pertinent contact 
>> information, a reassignment should be allowed to remain private. 
>> 
> First, a direct assignment recipient cannot reassign, so, this would 
> not apply to a direct assignment recipient. 
> 
> Second, the policy was abandoned fairly recently due to lack of 
> support by the community and lack of consensus to move forward. 
> 
> IP resources are an element of public trust.  It is common and widespread 
> practice to disclose as a matter of public record possessory interest 
> in public resources.  The public interest in an open and equitable 
> system of resource assignments and allocations overrides ISPs 
> interest in hiding the identities of their customers. 
> 
>> The ability for an ISP to selectively and voluntarily make an assignment 
>> private will still allow ARIN to have accurate reassignment information 
>> as the assignments will be provided to ARIN privately whenever address 
>> utilization must be determined. 
>> 
> ARIN is a stewardship organization.  The IP addresses are no more owned 
> by ARIN than by any recipient organization.  They are administered by 
> ARIN and the ISPs in the public trust.  They are public resources. 
> 
>> The private designation in no way relieves the ISP of its responsibility 
>> to the Internet community.  In fact, a private reassignment expands this 
>> responsibility as the ISP actually must take on the responsibility 
>> providing valid 24x7 point of contact. 
>> 
> The community vehemently opposed adding such a requirement to the
> previous 
> attempt at such a policy. 
> 
>> If an ISP is unable or unwilling to provide a responsive NOC/abuse 
>> contact, then they may not designate any reassignments as private. 
>> 
> How would you propose to prevent ISPs from ignoring this requirement? 
> 
> Owen 
> 
> -- 
> If it wasn't crypto-signed, it probably didn't come from me. 
> 
> * Unknown Key 
> * 0x0FE2AA3D - unknown 
> 



-- 
If it wasn't crypto-signed, it probably didn't come from me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-discuss/attachments/20060408/95e03409/attachment.sig>

More information about the ARIN-discuss mailing list