[ppml] Policy Proposal 2003-11: Purpose and Scope of WHOIS Di rectory

Ian Baker ibaker at codecutters.org
Wed Aug 27 19:27:35 EDT 2003

----- Original Message ----- 
From: "Charles Scott" <cscott at gaslightmedia.com>
To: "Ian Baker" <ibaker at codecutters.org>
Cc: <ppml at arin.net>
Sent: Wednesday, August 27, 2003 10:54 PM
Subject: Re: [ppml] Policy Proposal 2003-11: Purpose and Scope of WHOIS Di

> Ian:
>   Not sure what you mean by making 5) and 6) a reccomendation. If you mean
> that verification should be optional for direct ARIN allocations, then I'm
> not sure what good the rest of it is. Perhaps I missed your point.
>   I don't see item 6) as such a big deal, just thought it would be nice to
> opt to see only verified reccords if you wanted to. Simply a search
> option.
>   As for rigid, I think verification is important to the proposal and to
> serving a main purpose of the whois database. Much of the rest of my
> points are intended to make it less rigid in that it still permits
> unverified contact data for assignments and end-user reccords, still
> permits access to the full amount of data if people want to use unverified
> contact data, permits people to lessen their workload in one of two ways
> (by either not doing the assignment reccords or by possibly avoiding
> handling the calls if their verified).

    I was thinking simply that mandating end-user records could be quite a
mammoth task, and one that could stall the other, very worthy, points.

I haven't run the latest bulk data through the scanner yet, but (from a dim
memory) I think this would be on the order of a million organizations to
contact and correlate. A "click on the link" type of response /might/ work,
but I suspect that many people would just mentally filter it as

Manual replies would take some processing and, I suspect, a fair degree of
manual intervention.

Just thinking practicalities, really - I'd like to see mandatory
verification for the larger allocations, and "verification of end-user
contact details, where possible".

As goes filtering - I see your point, but would suggest a simple "last
verified" date field, and filters for (e.g.) "verified witing the last three
months", "verified in the last six months", and so on. I'm not familiar
enough with the actual systems in-use to know how much development effort
that would entail, and the possible impact on hardware sizing.



> On Wed, 27 Aug 2003, Ian Baker wrote:
> > >   Perhaps there's a compromise in this. If (1) whois data for top
> > > allocations is mandatory (2) contact data verification for top level
> > > allocations is mandatory, (3) contact data verification is optional
> > > provider assignments and end users, (4) records required to have
> > > verification and records that have opted to have contact verification
> > > clearly marked as being subject to verification, (5) a process
> > > periodically verifies all such records and clearly marks those that
> > > verify, and (6) there is an optional method to query only verified
> > > records, then I think we have the best of all worlds.
> >
> > That's similar thinking, but I'm wondering if that's too rigid a
regime -
> > more implementation than policy.
> >
> > Make points 5) and 6) a recommendation and we're in full agreement.

More information about the ARIN-PPML mailing list