[ppml] Policy Proposal 2003-11: Purpose and Scope of WHOIS Di rectory
Bill Van Emburg
arin-member at quadrix.com
Wed Aug 27 11:18:35 EDT 2003
Lee Howard wrote:
> On Fri, 22 Aug 2003, Charles Scott wrote:
>>Date: Fri, 22 Aug 2003 14:27:38 -0400 (EDT)
>>From: Charles Scott <cscott at gaslightmedia.com>
>>To: "Azinger, Marla" <marla_azinger at eli.net>
>>Cc: 'Mury' <mury at goldengate.net>, Member Services <memsvcs at arin.net>,
>> ppml at arin.net
>>Subject: RE: [ppml] Policy Proposal 2003-11: Purpose and Scope of WHOIS
>> Di rectory
>>On Fri, 22 Aug 2003, Azinger, Marla wrote:
>>>2. If we dont include the name of the company that is actually "using" an
>>>IP block such as one of my End User's than I dont see much use of the whole
>> The corollary to which is... If we don't have valid contact data and
>>some chain of responsibility then I don't see much use of the whole WHOIS
>>database. (other than as a source of addresses to spam)
>> I'd rather have less data that's valid than more data that's useless.
> To what extent are the following statements true?
> WHOIS without naming the end user is not much use.
Not true at all. As long as *someone* in the upline for that block is
listed, and that organization's info and contacts are kept up to date,
then you can reasonably assume that it is possible for that organization
to, sooner or later, figure out who the end user is. That, at least, is
the beginnings of accountability.
Is it enough? No. But it is far better than a totally anonymous
Internet! (And, mind you, I am a strong proponent of privacy!)
> End user information without contact information, as currently allowed
> as reassign-simple, is not much use.
Also not true at all! If the information is current, you now know who
is responsible. There are plenty of mechanisms for tracking down the
correct contacts, not the least of which is contacting their ISPs from
whom they received their blocks.
> Except for spammer address-harvesting and showing utilization to ARIN,
> WHOIS is not much use.
Also, not true at all. Despite the existance of substantial amounts of
garbage, there is a lot of useful info there. Most of the larger ISPs,
and I'd venture to guess probably most of ARIN's direct customers, have
accurate information in WHOIS. That certainly gives you a place to
start. BTW -- I have found that, while I get substantial amounts of
spam from my NetSol WHOIS contacts, I get virtually none from my ARIN
contacts. Perhaps this problem has not become as big as it has been
Now that I've answered these questions, I'd just like to add that I
believe that having correct info for ARIN's direct customers is
absolutely critical; that having correct info for allocations to other
ISPs is important, saves time and is highly desirable; and that having
correct end user information is desirable, but I don't think there is
enough reason to force contact information to be included in that info.
Why shouldn't I, as my customers' ISP, be able to handle all issues
relating to their Internet access, including being the listed contact?
If I take responsibility to manage that communication and involve the
customer as appropriate, I should be allowed to do so!
It seems to me that this issue does not have to be extremely complex.
In fact, the only thing that is critically wrong here is that there is
no enforcement of the requirement to maintain accurate information in
the WHOIS database. Data integrity should be the primary goal, and I
believe it simply will not be achieved without some kind of enforcement.
The question is, how do we provide for that enforcement capability?
-- Bill Van Emburg
Quadrix Solutions, Inc.
More information about the ARIN-PPML