[ppml] Petition Request for Whois Proposal

Steve Atkins steve at blighty.com
Wed Mar 10 11:53:07 EST 2004

On Wed, Mar 10, 2004 at 04:18:05PM +0000, Michael.Dillon at radianz.com wrote:

> >I'd like to document my opposition to this proposal. It is already
> >hard enough to investigate online fraud and other abuse without
> >intentional removal of contact information for allocated address
> >space.
> You don't really need to do this here. This proposal needs to get
> 5 supporters to send email to petition at arin.net with full point 
> of contact information, including their telephone number and 
> organizational affiliation or it won't even be on the agenda
> for discussion. 

Yup, did that. I thought it polite to reply here as well, though.
(Feel free to take it off-list if you want to go into more detail
 about the elements I see problems with.)

I also thought it worthwhile to raise the issue that some legitimate
(I believe) usage of ARIN data, while still being 'operational'
usage in a broad sense, isn't about the physical infrastructure.

> >Those who would be responding to requests for information at the large
> >providers are already horribly overworked, and this would be putting
> >yet more burden on them.
> I don't see how we put an increased burden on providers by 
> updating the whois directory to only contain contact
> info that people guarantee to ARIN will reach a person who is ready, 
> willing and able to communicate regarding network operations 
> and interconnect issues and who is able to act on that communication. 

If they were also to accept legal liability for the actions of their
customers, or at least act as a true point of contact for legal
service, then it wouldn't be something I'd see as big a problem with -
mostly because it would be clear to the ISPs up-front the additional
costs they would be incurring.

> Currently, the whois directory is filled with lots of blind alleys
> and contact information that simply is not useful in order to
> make contact with someone who can fix a problem. 

Indeed. The fact that the data ARIN maintains is of variable quality
is a problem. And, yes, something needs to change, and I can see the
reasoning behind this proposal. A simplified way to identify the
correct PoC for a specific category of operational issue would be
a great thing.

However, just to give one example, one lawyer I'm working with will be
sending out upwards of a hundred cease and desist letters in the next
week or so to addresses based, primarily, on ARIN data.

If the contact information were purged from the ARIN database then the
process would involved issuing subpoenas or search warrants to the
provider in order for them to release the contact information for
their customers. Ask any abuse desk how painful and time consuming
responding to subpoenas is.

Also a common goal when investigating online fraud and other 'abuse'
issues is to identify which of hundreds of possibly related IP
addresses are actually responsible for the behaviour and which are
innocent third-parties (such as, say, the owner of a compromised
machine that's being misused).

ARIN data is of a lot of value in separating those groups - and that
benefits everyone who isn't breaking the law, including those innocent
third parties and their ISPs, by reducing everyones overheads, and
eliminating them altogether in the case of the innocent third-parties.

> I want to make the whois directory smaller so that if you 
> have an issue, you can forward it confidently to the whois 
> contact and forget about it because it will be dealt with 
> properly by a clueful recipient. In my opinion, that is the 
> purpose of having a whois directory in the first place, not 
> to facilitate cat'n'mouse games or telephone tag.

You seem to have an expectation that the ISP will completely handle an
issue, and manage any communication needed between the person
operating the IP space and the person trying to notify them of a
problem. That's putting a significant overhead on the ISP even in
simple technical cases, let alone in complex, non-technical cases.

Of course, any ISP who _chooses_ to act as a point of contact for some
subset of their leased-line or colo customers can already do so by,
amongst other ways, allowing their customers to list the ISP as their
contact address.

> Also, please remember that this policy refers to ARIN's whois
> directory of organizations who are using IP addresses. It has
> absolutely nothing to do with any other sort of whois directory
> such as the many domain name registries.

Yes, understood.


More information about the ARIN-PPML mailing list