[ppml] Policy Proposal 2003-11: Purpose and Scope of WHOIS Di rectory

[Azinger, Marla]

2.  If we dont include the name of the company that is actually "using" an
IP block such as one of my End User's than I dont see much use of the whole
WHOIS database.  If all ARIN WHOIS shows is the Directly Allocated Recipient
then my company for example wouldnt be able to handle the number of calls
coming in.  Right now people daily use the "true users" info off of the
WHOIS database in order to resolve issues....and then if that doesnt work we
are contacted and get involved.  I suppose if you want to make it an option
as to whether or not "the true user POC info is included" on WHOIS....maybe
that would be ok.....but I shouldnt have to take any extra steps to ensure
all of our End User and ISP's info is included on WHOIS.

3.  I still strongly believe a 3 month POC validation is excessive.  Once a
year would be more realistic.  I also strongly believe that in no way should
it be done the same way it was done this last year.  I have wasted way to
much time on a daily basis sending in an "update org template"  for
companies that the information has not changed.  I'm still sending in the
damn things for companies that the info hasnt changed.  I shouldnt have to
do this unless someone has proved the info is not valid.

Marla



-----Original Message-----
From: Charles Scott [mailto:cscott at gaslightmedia.com]
Sent: Friday, August 22, 2003 10:57 AM
To: Azinger, Marla
Cc: 'Mury'; Member Services; ppml at arin.net
Subject: RE: [ppml] Policy Proposal 2003-11: Purpose and Scope of WHOIS
Di rectory






On Fri, 22 Aug 2003, Azinger, Marla wrote:

> 2.  In the end...does this policy mean that if I want the End Users and
> ISP's that I Re-assign and RE-allocate to will not have their abuse,
> technical and whatever else contact info visibile unless I take extra
steps
> to ensure "I want them visible"?  If this does mean I have to take extra
> steps....I give up...because as a person that sends these in daily....I'm
> already jumping through to many hoops.

  If I understand this the way I'd like to see it :), only those receiving 
allocations direct from ARIN would be required to be listed in the 
database. Providers receiving allocations from ARIN may opt to have 
assignments to their customers listed, provided that those listings have 
current good contact data. This makes sense as it offers the ability to 
have contacts listed for assignments so issues can be resolved directly at 
that level where possible, but still requires the allocation recipient to 
be ultimately responsible. I see this as an excellent compromise to permit 
a hierarchy of responsibility where possible and practical, but as an 
option, and only where verifiable. I therefore support some level of 
consequence should contacts not be verifiable. 
 
> 3.  When you mention validating the POC info every three months....is this
> to be done with just Direct Allocation from ARIN?  Or do you really mean
the
> whole WHOIS database?  If its the whole database...and its done in the
same
> manner it was done this last year by ARIN....where you have to update
> records that are really already updated.............Every 3 months is
> excessive and I dont see this being easily supported. 

  If the WHOIS database is limited to the responsible parties as indicated 
above, then the process should be efficient once it's established. I feel 
the 3 month verification cycle is proper and appropriate. If verification 
is as simple as replying to an email that contains a verification code the 
process should have minimal impact. (Although, I wonder if there may need 
to be some additional verification code that is not supplied in the 
verification request to ensure the proper party responds.)

Chuck