[ppml] Proposal: make Abuse Handle *REQUIRED* for AS Registration

Lawrence Baldwin baldwinL at mynetwatchman.com
Thu Jul 24 12:00:05 EDT 2003


> The AC discussed this issue in the context of policy proposals 2003-1 and
> 2003-2.  The argument against not requiring the handle is the belief that
> it will be no better maintained or utilized than any existing data.
> Certainly any organization which staffs an abuse role separately from the
> tech role can use the abuse contact and benefit from the separation of
> tasks which that theoretically provides.  For every other organization,
the
> extra listing would just be redundant clutter.

OK, perhaps I am mis-understanding something.

You seem to be implying that if a registrant elects NOT to specify an abuse
handle, then the Internet community should consider the Tech handle to be
the abuse contact?

I have NOT been operating under this assumption.  I assume the tech handle
for an AS registration is NOT the abuse contact, but rather a router
engineer.  I'm trying to be very, very careful about what contact I start
sending notices to as maintaing my reputation in the security community is
my primary concern.

>No, it would be the same Internet we already have.  If abuse@ goes to the
>same place as the tech contact, then nothing has been gained.  In many
>organizations, there is no separate person or staff to handle an
>abuse/security function.

Again, I think this is a side affect of my potential mis-understanding
above.

If I can't identify a specific abuse contact, I do NOT send a notice...or I
just default to postmaster@ ... which ultimately goes no where, or isn't
monitored by a human.


I retract my suggestion that an abuse handle should be mandatory, if it's
considered acceptable to notify the tech handle in it's absence.


Regards,

Lawrence Baldwin
myNetWatchman.com




More information about the ARIN-PPML mailing list