[ppml] Last Call for Comment: Policy Proposal 2003-5

william(at)elan.net william at elan.net
Tue Mar 23 16:08:30 EST 2004

On Tue, 23 Mar 2004 Michael.Dillon at radianz.com wrote:

> I think that this proposal is flawed in two separate
> ways and should not go forward at this time. In one
> sense it specifies too much detail and therefore covers
> areas that are better covered in other policies. And
> in another sense it attempts to use policy to solve
> technical problems which is a bad way to use policies.
On one hand I agree that current text is not perfect, but on the other 
hand it is unfortunetly the situation that such policy is badly needed
and we can probably fix the text later on if it becomes a problem

> >The distributed information service must return reassignment
> >information for the IP address queried. The service may allow
> >for privacy protections for customers. 
That should be or possibly it can possibly end with
".. for customers as specific in arin policies concerning publishing
of reassignment information in whois records or in public forum"

> >For residential users, the
> >service may follow ARIN's residential privacy policy that includes
> >displaying only the city, state, zip code, and country.  For all
> >other reassignments, the service shall follow ARIN's privacy policy
> >for publishing data in a public forum.
The specific detail should be made available on speicial webpage which 
explains about rwhois server. I've previously tried to tell arin that they 
need to separate what is needed as far as policies and what is needed
as far as better documentation for those using or setring up rwhois server.

> This much detail should not be in this policy. 
> Any distributed information service should publish
> no more and no less than the information that ARIN
> itself publishes. In other words the distributed 
> information service is a choice of mechanism for
> publishing a whois directory. You can SWIP into
> ARIN's database or you can publish using your own
> distributed information service.
I agree.
> Also, the exact details of what should be published
> are currently under review and it is bad policy to
> slip this in here when it could very well be overridden
> in a month or so.
> >Many ISPs have opted to use RWhois servers for their reassignment
> >information over sending SWIPs to ARIN. But some of the ISPs who have
> >selected to use RWhois servers for their reassignment information have
> >not kept the servers operational 24x7, contents of the database up
> >to-date, or are restricting access only to ARIN staff.
Again this belongs on the special webpage that should explain in detail 
what is needed to run and setup rwhois server, this is not a policy text.
> If you really want a policy fix to this, you will
> get rid of RWhois entirely and allow ISPs to 
> publish a whois directory using other technologies
> that are supported, documented and available from
> more than one source. LDAP is a possibility but
> not the only one. You could also define a standard
> HTTP and assuming it was backed by an application,
> not static files, then we could use the HTTP redirect
> feature to get the same kind of distributed lookup 
> that RWhois has not been able to deliver.

It comes close to what I have written before once that we should have 
policy(ies) that specify what data is to be published on reassignments 
and reallocations (this is what we currently call "whois" data but it 
maybe better if we create another more general term) then we have 
protocols that can be used either by ARIN or by ISPs to provide access to 
such data and each protocol is documented separately and approved by AC. 
Possibly policy should also exist on how this "approval" process goes for 
new protocol to be used. 

As to my specific comments, LDAP is ok and during CRISP it was even 
developed into working prototype (the question is how many will be using 
it - what is needed is that the approval process also specify that if new 
protocol is proposed to be used for reassignment data that it should be
approved if certain number of existing arin members respond that they have 
immediate plans to use this). Straight HTTP is not ok - but CRISP is 
being developed into XML and just like IPP (internet printing protocol) 
it maybe possible to serve it through http server.

William Leibzon
Elan Networks
william at elan.net

More information about the ARIN-PPML mailing list