[ppml] Policy Proposal 2003-11: Purpose and Scope of WHOIS Di rectory

Bill Van Emburg arin-member at quadrix.com
Wed Aug 27 11:18:35 EDT 2003 

Lee Howard wrote:

> On Fri, 22 Aug 2003, Charles Scott wrote:
> 
> 
>>Date: Fri, 22 Aug 2003 14:27:38 -0400 (EDT)
>>From: Charles Scott <cscott at gaslightmedia.com>
>>To: "Azinger, Marla" <marla_azinger at eli.net>
>>Cc: 'Mury' <mury at goldengate.net>, Member Services <memsvcs at arin.net>,
>>     ppml at arin.net
>>Subject: RE: [ppml] Policy Proposal 2003-11: Purpose and Scope of WHOIS
>>    Di rectory
>>
>>On Fri, 22 Aug 2003, Azinger, Marla wrote:
>>
>>
>>>2.  If we dont include the name of the company that is actually "using" an
>>>IP block such as one of my End User's than I dont see much use of the whole
>>>WHOIS database. 
>>
>>  The corollary to which is... If we don't have valid contact data and
>>some chain of responsibility then I don't see much use of the whole WHOIS
>>database. (other than as a source of addresses to spam)
>>  I'd rather have less data that's valid than more data that's useless.
>>
>>Chuck
> 
> 
> To what extent are the following statements true?
> 
>   WHOIS without naming the end user is not much use.
> 

Not true at all.  As long as *someone* in the upline for that block is 
listed, and that organization's info and contacts are kept up to date, 
then you can reasonably assume that it is possible for that organization 
to, sooner or later, figure out who the end user is.  That, at least, is 
the beginnings of accountability.

Is it enough?  No.  But it is far better than a totally anonymous 
Internet!  (And, mind you, I am a strong proponent of privacy!)

>   End user information without contact information, as currently allowed
>   as reassign-simple, is not much use.
> 

Also not true at all!  If the information is current, you now know who 
is responsible.  There are plenty of mechanisms for tracking down the 
correct contacts, not the least of which is contacting their ISPs from 
whom they received their blocks.

>   Except for spammer address-harvesting and showing utilization to ARIN,
>   WHOIS is not much use.
> 
Also, not true at all.  Despite the existance of substantial amounts of 
garbage, there is a lot of useful info there.  Most of the larger ISPs, 
and I'd venture to guess probably most of ARIN's direct customers, have 
accurate information in WHOIS.  That certainly gives you a place to 
start.  BTW -- I have found that, while I get substantial amounts of 
spam from my NetSol WHOIS contacts, I get virtually none from my ARIN 
contacts.  Perhaps this problem has not become as big as it has been 
portrayed?


Now that I've answered these questions, I'd just like to add that I 
believe that having correct info for ARIN's direct customers is 
absolutely critical; that having correct info for allocations to other 
ISPs is important, saves time and is highly desirable; and that having 
correct end user information is desirable, but I don't think there is 
enough reason to force contact information to be included in that info. 
  Why shouldn't I, as my customers' ISP, be able to handle all issues 
relating to their Internet access, including being the listed contact? 
If I take responsibility to manage that communication and involve the 
customer as appropriate, I should be allowed to do so!

It seems to me that this issue does not have to be extremely complex. 
In fact, the only thing that is critically wrong here is that there is 
no enforcement of the requirement to maintain accurate information in 
the WHOIS database.  Data integrity should be the primary goal, and I 
believe it simply will not be achieved without some kind of enforcement.

The question is, how do we provide for that enforcement capability?
-- 
				     -- Bill Van Emburg
					Quadrix Solutions, Inc.

More information about the ARIN-PPML mailing list