ARIN-PPML Message

[ppml] Proposal: make Abuse Handle *REQUIRED* for AS Registration

> The AC discussed this issue in the context of policy proposals 2003-1 and
> 2003-2.  The argument against not requiring the handle is the belief that
> it will be no better maintained or utilized than any existing data.
> Certainly any organization which staffs an abuse role separately from the
> tech role can use the abuse contact and benefit from the separation of
> tasks which that theoretically provides.  For every other organization,
the
> extra listing would just be redundant clutter.

OK, perhaps I am mis-understanding something.

You seem to be implying that if a registrant elects NOT to specify an abuse
handle, then the Internet community should consider the Tech handle to be
the abuse contact?

I have NOT been operating under this assumption.  I assume the tech handle
for an AS registration is NOT the abuse contact, but rather a router
engineer.  I'm trying to be very, very careful about what contact I start
sending notices to as maintaing my reputation in the security community is
my primary concern.

>No, it would be the same Internet we already have.  If abuse@ goes to the
>same place as the tech contact, then nothing has been gained.  In many
>organizations, there is no separate person or staff to handle an
>abuse/security function.

Again, I think this is a side affect of my potential mis-understanding
above.

If I can't identify a specific abuse contact, I do NOT send a notice...or I
just default to postmaster@ ... which ultimately goes no where, or isn't
monitored by a human.


I retract my suggestion that an abuse handle should be mandatory, if it's
considered acceptable to notify the tech handle in it's absence.


Regards,

Lawrence Baldwin
myNetWatchman.com