[dbwg] Re: [ppml] Bogons etc...

>We have been down these roads before.  There are liability concerns that 
>ARIN must address regardless of the protocol used to distribute this 
>information.  Nobody on this list aside from ARIN legal staff (if they 
are 
>on the list) are qualified to render an authoritative opinion with 
respect 
>to ARIN's legal exposure.  As an ARIN AC member, I will bring this issue 
up 
>(generally) at the next AC meeting and if there is sufficient consensus 
>among AC members we will request a legal opinion.

Will ARIN be shutting down their whois servers and web
servers until they can get an authoritative legal opinion?

>Now, on to operational considerations.  Does anybody remember ORBS?  They 

>were DoS'ed off the 'net by spammers.  If ARIN starts running this type 
of 
>service, there will be a _significant_ operational cost increase taken on 

>by ARIN, because the DoS attacks will come, and they may come with such a 

>volume as to completely render all of ARIN offline.

Correct me if I'm wrong but ARIN staff have already done a lot
of engineering work to deal with DoS issues on the existing 
whois service. In any case, if ARIN implements this using a
caching friendly protocol like LDAP or DNS then this is a non-issue
because the information will not all be served from one place.

>At any rate, I also think that this should be moved to the DBWG mailing 
>list, as this really is an operational issue that specifically deals with 

>the ARIN database.

There is still a policy issue that belongs here.

--Michael Dillon