[ppml] Directory Services - Take 2
Stacy Taylor
ipgoddess at gmail.com
Thu Jun 9 19:15:46 EDT 2005
Strong Work again, Leo.
I support this revision.
/Stacy
On 5/9/05, Leo Bicknell <bicknell at ufp.org> wrote:
>
> Below is my directory services proposal, take two. Based on feedback
> from the last meeting, I have removed the option of displaying SWIP
> information, and also updated several minor terms which were confusing
> from feedback on the mailing list. I'd like to get some discussion
> going so this can be ready for the next ARIN meeting.
>
> Also, at the end of this message I included a context diff to call
> out the changes.
>
> $Author: bicknell $ - $Date: 2005/05/09 20:06:30 $ - $Revision: 1.4 $
>
> Replace all of section three with the following rewrite.
>
> 3 Directory Services
>
> 3.1 ARIN Directory Services Databases
>
> The ARIN Public Information Database (APID) is a collection
> of information created and collected by ARIN during the due
> course of business which the ARIN membership has deemed public
> information and decided to publish.
>
> The ARIN Confidential Information Database (ACID) is a collection
> of information created and collected by ARIN during the due course
> of business which the ARIN membership has deemed is confidential
> information that should be kept under a strict privacy policy.
>
> 3.2 Directory Information Made Public
>
> ARIN shall publish verified contact information and the
> resource(s) allocated (including identification for that
> allocation, like date of allocation or other information
> identified by ARIN) in the APID for all resources delegated
> by ARIN. In addition, all reassignment information as defined
> by section 4.2.3.7 will be included in the APID.
>
> ARIN shall insure all contact information in the APID is
> verified from time to time and is correct to the best of ARIN's
> ability. ARIN staff shall maintain verification criteria and
> post it on the ARIN web site.
>
> 3.2.1 Non-Responsive Contacts
>
> If ARIN is unable to verify contact information via the normal
> verification procedure ARIN shall attempt to notify the parent
> of the resource to have the information updated. If there is
> no parent, or if the data is not corrected in a reasonable
> amount of time the resource shall be SUSPENDED.
>
> Once the resource is suspended ARIN shall make one more
> request of all contacts listed with the resource and the
> parent resource (if available), and if no response is received
> in a reasonable amount of time the resource shall be reclaimed
> (APID records removed, DNS delegations removed, the space
> returned to the free pool).
>
> Third parties may report the inability to make contact with
> a party via information in the APID. In this case ARIN shall
> attempt the contact verification procedure for that contact
> immediately. If a response is received, ARIN should document
> that a problem occurred, and the response from the resource
> holder. Resource holders who fail to respond to third parties
> more than 4 times per month for three months may have their
> resources reclaimed at the discretion of ARIN staff.
>
> If a third party submits reports of the inability to make contact
> that are subsequently disproven, ARIN may choose to ignore reports
> from specific companies, people, e-mail addresses, or any other
> classification means as appropriate.
>
> The ARIN staff shall publish the time thresholds and procedural
> details to implement this policy on the ARIN web site.
>
> If a resource is reclaimed under no circumstances shall the
> holder of that resource be entitled to a refund of any fees.
>
> 3.3 Data Distribution
>
> 3.3.1 Methods of Access
>
> ARIN shall publish the APID in the following methods using
> industry standard practices:
>
> - Via the WHOIS protocol.
> - Via a query form accessible via the HTTP protocol.
> - Via FTP to users who complete the bulk data form.
> - Via CDROM to users who complete the bulk data form.
> - Via the RWHOIS protocol.
>
> All users of the APID must agree to the ARIN AUP. ARIN staff
> may make the APID available via other methods as conveniant.
>
> 3.3.1.1 Outside Sources
>
> ARIN may refer a query to a outside source (for instance via
> RWHOIS or HTTP redirect). Outside sources must:
>
> 1 Have an AUP deemed compatible with the ARIN AUP by ARIN staff.
> 2 Support the applications in section 3.3.1.
> 3 Prohibit the applications in section 3.3.2.
> 4 Meet the requirements in section 3.3.3.
>
> 3.3.2 Acceptable Usage Policy
>
> All data provided shall be subject to an AUP. The AUP shall
> be written by ARIN staff and legal and posted on the ARIN website.
> ARIN may require a signed copy of the AUP before providing
> bulk data.
>
> 3.3.3 Requirements for Internet Accessible Services
>
> For any method of access which is provided in real time via the
> Internet the following requirements must be met:
>
> * The distributed information service must be operational
> 24 hours a day, 7 days a week to both the general public
> and ARIN staff. The service is allowed reasonable
> downtime for server maintenance according to generally
> accepted community standards.
>
> * The distributed information service must allow public
> access to reassignment information. The service may
> restrict the number of queries allowed per time interval
> from a host or subnet to defend against DDOS attacks,
> remote mirroring attempts, and other nefarious acts.
>
> * The distributed information service must return current
> information.
>
> 3.4 Distribution of the ARIN Public Information Database
>
> 3.4.1 Supported Uses
>
> ARIN shall make the APID available for the following uses
> (supported uses):
>
> 1 ARIN's use in implementing ARIN policies and other
> business.
> 2 Community verification, allowing members of the community
> to confirm the proper users of the various resources ARIN
> controls.
> 3 Statistic gathering by ARIN and third parties on resource
> utilization.
> 4 As a contact database to facilitate communication with the
> person or entity responsible for a particular resource.
>
> 3.4.2 Prohibited Uses
>
> ARIN prohibits the use of the APID for the following uses:
>
> 1 Sending any unsolicited commercial correspondence advertising
> a product or service to any address (physical or electronic)
> listed in the APID.
> 2 Using data in the APID to facilitate violating any state,
> federal, or local law.
>
> 3.4.3 Other Uses
>
> ARIN shall allow all non-prohibited uses of the APID, however
> unless those uses are listed as a supported use the data set
> may be changed in such a way as to render them ineffective,
> or they may be blocked outright as deemed necessary by ARIN
> staff. Users of applications not listed who are concerned
> that they are supported should introduce a proposal to add
> their application to the supported list.
>
> 3.5 Distribution of the ARIN Confidential Information Database
>
> ARIN Staff shall use industry standard procedures to prevent
> the distribution of any data in the ARIN Confidential Information
> Database.
>
> 3.6 Implementation Details
>
> ARIN Staff shall document all implementation specific details for
> directory services in a single document available on the web site.
> The document must contain, but is not limited to:
>
> - Database field definitions.
> - Update procedures.
> - Templates.
> - Points of contact.
> - Copies of the AUP.
> - Verification procedures.
>
> 3.7 [Routing Registry] Copy Verbatim from the existing 3.4.
>
> Section 4.2.3.7.4: Replace with:
>
> All reassignment information for current blocks shall be submitted to
> ARIN prior to submitting a request for a new allocation.
>
> -------------------Context diff below----------------------------------
>
> 2c2
> < $Author: bicknell $ - $Date: 2005/02/03 15:27:41 $ - $Revision: 1.2 $
> ---
> > $Author: bicknell $ - $Date: 2005/05/09 20:06:30 $ - $Revision: 1.4 $
> 25,30c25,27
> < identified by ARIN) in the APID in the following cases:
> <
> < - All resources delegated by ARIN.
> < - If allowed by the parent delegation, and requested by
> < the contact listed with the parent, a subdelegation of a
> < resource.
> ---
> > identified by ARIN) in the APID for all resources delegated
> > by ARIN. In addition, all reassignment information as defined
> > by section 4.2.3.7 will be included in the APID.
> 45,48c42,47
> < Once the resource is suspended ARIN shall make one more request
> < of all contacts listed with the resource and the parent resource
> < (if available), and if no response is received in a reasonable
> < amount of time the resource shall be reclaimed.
> ---
> > Once the resource is suspended ARIN shall make one more
> > request of all contacts listed with the resource and the
> > parent resource (if available), and if no response is received
> > in a reasonable amount of time the resource shall be reclaimed
> > (APID records removed, DNS delegations removed, the space
> > returned to the free pool).
> 50,51c49,50
> < Third parties may report the inability to make contact with a
> < party via information in the APID. In this case ARIN shall
> ---
> > Third parties may report the inability to make contact with
> > a party via information in the APID. In this case ARIN shall
> 55,57c54,56
> < holder. Offenders who fail to respond to third parties more
> < than 4 times per month for three months may have their resources
> < reclaimed at the discretion of ARIN staff.
> ---
> > holder. Resource holders who fail to respond to third parties
> > more than 4 times per month for three months may have their
> > resources reclaimed at the discretion of ARIN staff.
> 82a82,84
> > All users of the APID must agree to the ARIN AUP. ARIN staff
> > may make the APID available via other methods as conveniant.
> >
> 89,91c91,93
> < 2 Meet the requirements in section 3.3.3.
> < 3 Support the applications in section 3.3.1.
> < 4 Prohibit the applications in section 3.3.2.
> ---
> > 2 Support the applications in section 3.3.1.
> > 3 Prohibit the applications in section 3.3.2.
> > 4 Meet the requirements in section 3.3.3.
> 182,183d183
> <
> < Section 4.2.3.7.6: Strike.
>
> --
> Leo Bicknell - bicknell at ufp.org - CCIE 3440
> PGP keys at http://www.ufp.org/~bicknell/
> Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
>
>
>
More information about the ARIN-PPML
mailing list