[arin-discuss] Privacy of Reassignment Information
Member Services
memsvcs at arin.net
Sat Apr 8 13:19:48 EDT 2006
Owen,
As this is a policy issue, please forward this discussion onto the
Public Policy Mailing List, ppml at arin.net.
For those of you on arin-discuss not subscribed to ppml, you can find
subscription instructions at:: http://www.arin.net/mailing_lists/index.html.
PPML is open to the general public and provides a forum to raise and
discuss policy-related ideas and issues surrounding existing and
proposed ARIN policies.
Regards,
Susan Hamlin
Director, Member Services
Owen DeLong wrote:
>Actually, no, I don't like being solicited. I'm as annoyed by SPAM as
>anyone. Phishing is little more than SPAM in my experience, since it's
>usually pretty easy to identify and I know better than to provide my
>personal information to URLs that don't look right.
>
>Education is the answer to phishing. Hiding private information doesn't
>actually help. The reality is that I can't recall ever receiving a
>phishing attempt that used information from whois. The phishers
>don't generally bother. For one thing, there isn't a high enough
>percentage of targets with whois entries.
>
>My opinions on this subject have nothing to do with being affiliated or not
>with a service provider or with the fact that I also work as a consultant.
>
>My opinions are based exactly on the fact, as I stated, that IP addresses
>are a resource assigned from the public trust. If you obtain the use of
>federal land, that use permit is a matter of public record. I don't see
>any reason IP address assignments should be treated any differently.
>Resource allocations in the public trust should be a matter of public
>record.
>
>Owen
>
>
>--On April 8, 2006 10:38:19 AM -0400 Eric Kagan <ekagan at axsne.com> wrote:
>
>
>
>>David,
>>
>>I fully support and agree with the privacy policy you speak of below. In
>>this day and age of deception (spam, phishing, fraud and a number of
>>other things) I feel having any information publically accessible that
>>could help defraud an individual or enterprise is neglegent. I feel the
>>Con's far out-weigh the Pro's in this area. I get constant push back from
>>internal resources as well as private enterprise on releasing their
>>information. (Solely in regards to reassignments, not reallocations).
>>The service providers info should be public and accurate and all
>>communications should come to the service provider and dealt with
>>privately to their customers. Thats a responsibility and part of
>>business of being a service provider. (If space is assigned downstream,
>>the reallocated service provider info should be publically posted.)
>>
>>Lets realize that domain registrars have allowed private registrations
>>for some time. Can anyone on this list say they have *never* received
>>inappropriate communications (via email, mail, phone call) that used this
>>certain public information ? I know Owen mentioned he is registered with
>>his info, but if he's on this list and a "consultant" he is closely tied
>>to the service provider world and maybe even likes that he can be
>>solicitied. I am sure most business in the private sector would not feel
>>the same way.
>>
>>Unfirtnuately I am unable to attend the Montreal event, but I am willing
>>to assist or backup the private policy effort in any way possible. I
>>will welcome online or offline responses and ideas as well.
>>
>>Thank you
>>Eric
>>
>>Eric Kagan
>>CTO
>>Access Northeast/ASN 17113
>>Direct 508-281-7626
>>ekagan at axsne.com
>>
>>
>>
>>
>>-----Original Message-----
>>From: arin-discuss-bounces at arin.net
>>[mailto:arin-discuss-bounces at arin.net] On Behalf Of Divins, David
>>Sent: Saturday, April 08, 2006 1:26 AM
>>To: Owen DeLong; ARIN-discuss at arin.net
>>Subject: Re: [arin-discuss] Privacy of Reassignment Information
>>
>>
>>
>>All IP Allocations are done based upon trust. If an ISP just wanted to
>>obscure a reassignment they could simply make up a customer.
>>
>>Allowing ISP's to enter into NDA type status for reassignments and
>>representing these reassignments as private in public servers should
>>provide the registrar with more accurate information-- as that is the
>>basis for the reassignment policy. Additionally, this provides much
>>needed privacy for companies that must adhere to ever more restrictive
>>privacy laws. This allows a valid mechanism.
>>
>>Why is a corporate entities right to privacy any less than an individuals
>>(when it comes to IP space-- and remember not all companies are public)?
>>
>>Why is there a need to know what company owns a block provided there is a
>>valid contact provided? This probably brings the question of how can we
>>ensure a valid contact. Since all assignments are done based on trust,
>>there must be some base assumption that for the most part ISP's act
>>according to ARIN rules-- I am not aware of any ARIN para-military-esque
>>auditing arm that checks ISP corporate accounting against IP assignments
>>to see who skirts the rules.
>>
>>Honestly, I would be content to see a policy that allows an ISP to go
>>full NDA with ARIN and provide reassignment information to ARIN on a
>>private basis. Under this condition, the ISP would need to maintain
>>valid contact (abuse/noc) for all address space it has been assigned and
>>not publicly reassigned.
>>
>>I firmly believe that this issue will not be going away.
>>
>>-dsd
>>
>>David Divins
>>Principal Engineer
>>ServerVault Corp.
>>(703) 652-5955
>>
>>_____________________________________________
>>From: Owen DeLong [mailto:owen at delong.com]
>>Sent: Friday, April 07, 2006 11:56 PM
>>To: Divins, David; ARIN-discuss at arin.net
>>Subject: Re: [arin-discuss] Privacy of Reassignment Information
>>
>>* PGP Signed by an unknown key: 04/07/2006 at 11:55PM
>>
>>
>>--On April 7, 2006 10:25:11 PM -0400 "Divins, David"
>><dsd at servervault.com>
>>wrote:
>>
>>
>>
>>>All,
>>>
>>>Provided an ISP, or other direct assignment recipient, supplies valid
>>>and responsive (24x7) Abuse, NOC, and other pertinent contact
>>>information, a reassignment should be allowed to remain private.
>>>
>>>
>>>
>>First, a direct assignment recipient cannot reassign, so, this would
>>not apply to a direct assignment recipient.
>>
>>Second, the policy was abandoned fairly recently due to lack of
>>support by the community and lack of consensus to move forward.
>>
>>IP resources are an element of public trust. It is common and widespread
>>practice to disclose as a matter of public record possessory interest
>>in public resources. The public interest in an open and equitable
>>system of resource assignments and allocations overrides ISPs
>>interest in hiding the identities of their customers.
>>
>>
>>
>>>The ability for an ISP to selectively and voluntarily make an assignment
>>>private will still allow ARIN to have accurate reassignment information
>>>as the assignments will be provided to ARIN privately whenever address
>>>utilization must be determined.
>>>
>>>
>>>
>>ARIN is a stewardship organization. The IP addresses are no more owned
>>by ARIN than by any recipient organization. They are administered by
>>ARIN and the ISPs in the public trust. They are public resources.
>>
>>
>>
>>>The private designation in no way relieves the ISP of its responsibility
>>>to the Internet community. In fact, a private reassignment expands this
>>>responsibility as the ISP actually must take on the responsibility
>>>providing valid 24x7 point of contact.
>>>
>>>
>>>
>>The community vehemently opposed adding such a requirement to the
>>previous
>>attempt at such a policy.
>>
>>
>>
>>>If an ISP is unable or unwilling to provide a responsive NOC/abuse
>>>contact, then they may not designate any reassignments as private.
>>>
>>>
>>>
>>How would you propose to prevent ISPs from ignoring this requirement?
>>
>>Owen
>>
>>--
>>If it wasn't crypto-signed, it probably didn't come from me.
>>
>>* Unknown Key
>>* 0x0FE2AA3D - unknown
>>
>>
>>
>
>
>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>ARIN-discuss mailing list
>ARIN-discuss at arin.net
>http://lists.arin.net/mailman/listinfo/arin-discuss
>
>
More information about the ARIN-discuss
mailing list