[ppml] Collapsing Residential and Business Privacy (ease of use) Was: Re: Privacy of Non-Residential Reassignments in Public Whois

Martin Hannigan hannigan at renesys.com
Fri Apr 21 18:35:13 EDT 2006 

At 02:53 PM 4/21/2006, Robert Bonomi wrote:

> > Date: Fri, 21 Apr 2006 10:15:25 -0700
> > From: "Azinger, Marla" <marla_azinger at eli.net>
> > To: <ppml at arin.net>
> > Subject: Re: [ppml] Collapsing Residential and Business Privacy (ease of
> >       use) Was: Re: Privacy of Non-Residential Reassignments in
> >       Public Whois
> >
> > I can support the need for some Residential changes.  But not 
> commercial and
> > not this way.
> >
> > I can not nor will not support the "collapse" and inclusion of Business/
> > Commercial into this  policy.  If you work as a hostmaster or ipadmin as
> > I do you will have the unpleasant experience of how even a /29 can be used
> > for spam or other abuse issues.  If its being used for commercial purposes
> > then it should be visible who is using it.
> >
> > As for the residential person that is running a office out of the house.
> > Cant we just make it simple and allow this type of scenerio to publish a
> > PO Box address instead of their home address?
> >
> > Moving the size from /30 to /29 is irresponsible and moves us a little
> > further from fighting abuse in a proactive manner and closer to reactive
> > manner.  This is not how I choose to work daily.  I do everything possible
> > to fight abuse issues proactively.
> >
> > So no, I do not support the following suggested policy changes:
> > - eliminate differentiation between residential and business
> > - designate /29's and smaller as private
> > - reduction of NA postal codes to 3 characters
> > - creating a confidential/undercover registration clause to allow
> >    LEA to mask registrations for investigative, intelligence,
> >    or other purposes as long as they identify these to ARIN
> >    staff AND ARIN is able to handle such information per FISA, Title III.
> >    CALEA, and other applicable regulations (IANAL). This
> >    follows a concept invoked by DMV's related to license plates.
> >    (and a memory jogging by Heather Skanks - thank you!)
> >
> >
> > Thank you
> > Marla Azinger
> > Frontier Communications
> >
>
>Folks,
>
>   Watching the on-going discussion on this matter, it seems to me that
>something _very_ fundamental has been overlooked.  As in, the 'fundamental
>purpose' of address-block delegations.  Which is to identify the entity
>that is 'responsible' for activities emmenating from that address-block.
>
>   In the case of PI space, there' no question as to who that party is, and
>one of the requirements for getting/keeping PI space is (or *should* be)
>'publicly admitting' that you _are_ reponsible for that space.
>
>
>   As for 'geo-location' services, address-block 'whois' info is largely
>meaningless to start with.  For starters, IBM's  "corporate" address in
>Deleware (or even 'headquarters' in NY) says nothing about where their
>network equipment is.  And, anybody who is maintaining 'geographically
>diverse' back-up sytems -- especially on as smaller scale, using PA
>address-space -- may have networks in 'remote' parts of the country,
>with the _same_ address-block contact-address info.  I'm sorry, but trying
>to 'preserve accuracy' for geo-location services is a straw-man, at best.
>*UNLESS* (and this just occurred to me) you're only talking about cross-
>checking address information on the registration for conistency -- e.g.
>street-address matches zipcode, zipcode matches phone-number, etc.
>

Robert,

Not entirely a straw man. I think that eliminating /29 data entirely,
for example, would not impact my use of geo location at all. In fact,
for the application I had in mind, I only need /24 and larger really.
There is a larger point related to "other" uses of whois data so I
wouldn't get hung up totally on geo location, but consider the bigger
picture. I'm focused on it only because that's what interests me at
the moment.

Marla made a good point about identifying spammers and abuse needs,
but in all blocks that could be obfuscated, I think the idea is that
the LIR would actually be aware of who was using that block. Having
been a hostmaster and ipadmin for too many years that I'd like to
not remember, it's a valid point, but addressable.

As I have explained in the case of geo-location, the whois data is used as
an input, one of many, to attempt to sort of triangulate an address, usually
down to City/State/Country. There are some invalidations that take place
and are dealt with in the accuracy engines. The whois data does not lose
it's value in the case that you describe since it would likely weaken the
accuracy "score" and the application would seek out "other" inputs for
validation as a result.

There are some very interesting things going on out there with many
pieces of the database regardless of how meaningless it may be to some.


I wonder how many people take bulk whois data? If I can explain anything
more about g/l, let me know. Thanks for the information.



Sidenote, and feel free to separate this out if you are going to respond:

How would the LEA case you describe work for reporting utilization when
it was not a store front operation? We still have the case of the status
quo. I'm fine with whatever happens there to be honest. I was interested
only as related to past experience. If you would call everyone
"customer" or "business", why bother collecting any data for public view
at all? It seems like we may as well go back to Internet Network Managers
handbook styles of presentation.


Enough said! If I can explain anything further about geo location,
please let me know!

Best Regards,


-M<

More information about the ARIN-PPML mailing list