[ppml] Directory Services - Take 2

Stacy Taylor ipgoddess at gmail.com
Thu Jun 9 19:15:46 EDT 2005


Strong Work again, Leo.
I support this revision.
/Stacy

On 5/9/05, Leo Bicknell <bicknell at ufp.org> wrote:
> 
> Below is my directory services proposal, take two.  Based on feedback
> from the last meeting, I have removed the option of displaying SWIP
> information, and also updated several minor terms which were confusing
> from feedback on the mailing list.  I'd like to get some discussion
> going so this can be ready for the next ARIN meeting.
> 
> Also, at the end of this message I included a context diff to call
> out the changes.
> 
> $Author: bicknell $ - $Date: 2005/05/09 20:06:30 $ - $Revision: 1.4 $
> 
> Replace all of section three with the following rewrite.
> 
> 3 Directory Services
> 
>   3.1 ARIN Directory Services Databases
> 
>      The ARIN Public Information Database (APID) is a collection
>      of information created and collected by ARIN during the due
>      course of business which the ARIN membership has deemed public
>      information and decided to publish.
> 
>      The ARIN Confidential Information Database (ACID) is a collection
>      of information created and collected by ARIN during the due course
>      of business which the ARIN membership has deemed is confidential
>      information that should be kept under a strict privacy policy.
> 
>   3.2 Directory Information Made Public
> 
>      ARIN shall publish verified contact information and the
>      resource(s) allocated (including identification for that
>      allocation, like date of allocation or other information
>      identified by ARIN) in the APID for all resources delegated
>      by ARIN.  In addition, all reassignment information as defined
>      by section 4.2.3.7 will be included in the APID.
> 
>      ARIN shall insure all contact information in the APID is
>      verified from time to time and is correct to the best of ARIN's
>      ability.  ARIN staff shall maintain verification criteria and
>      post it on the ARIN web site.
> 
>      3.2.1 Non-Responsive Contacts
> 
>        If ARIN is unable to verify contact information via the normal
>        verification procedure ARIN shall attempt to notify the parent
>        of the resource to have the information updated.  If there is
>        no parent, or if the data is not corrected in a reasonable
>        amount of time the resource shall be SUSPENDED.
> 
>        Once the resource is suspended ARIN shall make one more
>        request of all contacts listed with the resource and the
>        parent resource (if available), and if no response is received
>        in a reasonable amount of time the resource shall be reclaimed
>        (APID records removed, DNS delegations removed, the space
>        returned to the free pool).
> 
>        Third parties may report the inability to make contact with
>        a party via information in the APID.  In this case ARIN shall
>        attempt the contact verification procedure for that contact
>        immediately.  If a response is received, ARIN should document
>        that a problem occurred, and the response from the resource
>        holder.  Resource holders who fail to respond to third parties
>        more than 4 times per month for three months may have their
>        resources reclaimed at the discretion of ARIN staff.
> 
>        If a third party submits reports of the inability to make contact
>        that are subsequently disproven, ARIN may choose to ignore reports
>        from specific companies, people, e-mail addresses, or any other
>        classification means as appropriate.
> 
>        The ARIN staff shall publish the time thresholds and procedural
>        details to implement this policy on the ARIN web site.
> 
>        If a resource is reclaimed under no circumstances shall the
>        holder of that resource be entitled to a refund of any fees.
> 
>   3.3 Data Distribution
> 
>      3.3.1 Methods of Access
> 
>        ARIN shall publish the APID in the following methods using
>        industry standard practices:
> 
>            - Via the WHOIS protocol.
>            - Via a query form accessible via the HTTP protocol.
>            - Via FTP to users who complete the bulk data form.
>            - Via CDROM to users who complete the bulk data form.
>            - Via the RWHOIS protocol.
> 
>        All users of the APID must agree to the ARIN AUP.  ARIN staff
>        may make the APID available via other methods as conveniant.
> 
>      3.3.1.1 Outside Sources
> 
>        ARIN may refer a query to a outside source (for instance via
>        RWHOIS or HTTP redirect).  Outside sources must:
> 
>        1 Have an AUP deemed compatible with the ARIN AUP by ARIN staff.
>        2 Support the applications in section 3.3.1.
>        3 Prohibit the applications in section 3.3.2.
>        4 Meet the requirements in section 3.3.3.
> 
>      3.3.2 Acceptable Usage Policy
> 
>        All data provided shall be subject to an AUP.  The AUP shall
>        be written by ARIN staff and legal and posted on the ARIN website.
>        ARIN may require a signed copy of the AUP before providing
>        bulk data.
> 
>      3.3.3 Requirements for Internet Accessible Services
> 
>        For any method of access which is provided in real time via the
>        Internet the following requirements must be met:
> 
>          * The distributed information service must be operational
>            24 hours a day, 7 days a week to both the general public
>            and ARIN staff.  The service is allowed reasonable
>            downtime for server maintenance according to generally
>            accepted community standards.
> 
>          * The distributed information service must allow public
>            access to reassignment information. The service may
>            restrict the number of queries allowed per time interval
>            from a host or subnet to defend against DDOS attacks,
>            remote mirroring attempts, and other nefarious acts.
> 
>          * The distributed information service must return current
>            information.
> 
>   3.4 Distribution of the ARIN Public Information Database
> 
>       3.4.1 Supported Uses
> 
>         ARIN shall make the APID available for the following uses
>         (supported uses):
> 
>           1 ARIN's use in implementing ARIN policies and other
>             business.
>           2 Community verification, allowing members of the community
>             to confirm the proper users of the various resources ARIN
>             controls.
>           3 Statistic gathering by ARIN and third parties on resource
>             utilization.
>           4 As a contact database to facilitate communication with the
>             person or entity responsible for a particular resource.
> 
>       3.4.2 Prohibited Uses
> 
>         ARIN prohibits the use of the APID for the following uses:
> 
>           1 Sending any unsolicited commercial correspondence advertising
>             a product or service to any address (physical or electronic)
>             listed in the APID.
>           2 Using data in the APID to facilitate violating any state,
>             federal, or local law.
> 
>       3.4.3 Other Uses
> 
>         ARIN shall allow all non-prohibited uses of the APID, however
>         unless those uses are listed as a supported use the data set
>         may be changed in such a way as to render them ineffective,
>         or they may be blocked outright as deemed necessary by ARIN
>         staff.  Users of applications not listed who are concerned
>         that they are supported should introduce a proposal to add
>         their application to the supported list.
> 
>   3.5 Distribution of the ARIN Confidential Information Database
> 
>     ARIN Staff shall use industry standard procedures to prevent
>     the distribution of any data in the ARIN Confidential Information
>     Database.
> 
>   3.6 Implementation Details
> 
>     ARIN Staff shall document all implementation specific details for
>     directory services in a single document available on the web site.
>     The document must contain, but is not limited to:
> 
>       - Database field definitions.
>       - Update procedures.
>       - Templates.
>       - Points of contact.
>       - Copies of the AUP.
>       - Verification procedures.
> 
>   3.7 [Routing Registry] Copy Verbatim from the existing 3.4.
> 
> Section 4.2.3.7.4: Replace with:
> 
>   All reassignment information for current blocks shall be submitted to
>   ARIN prior to submitting a request for a new allocation.
> 
> -------------------Context diff below----------------------------------
> 
> 2c2
> < $Author: bicknell $ - $Date: 2005/02/03 15:27:41 $ - $Revision: 1.2 $
> ---
> > $Author: bicknell $ - $Date: 2005/05/09 20:06:30 $ - $Revision: 1.4 $
> 25,30c25,27
> <      identified by ARIN) in the APID in the following cases:
> <
> <          - All resources delegated by ARIN.
> <        - If allowed by the parent delegation, and requested by
> <          the contact listed with the parent, a subdelegation of a
> <          resource.
> ---
> >      identified by ARIN) in the APID for all resources delegated
> >      by ARIN.  In addition, all reassignment information as defined
> >      by section 4.2.3.7 will be included in the APID.
> 45,48c42,47
> <        Once the resource is suspended ARIN shall make one more request
> <        of all contacts listed with the resource and the parent resource
> <        (if available), and if no response is received in a reasonable
> <        amount of time the resource shall be reclaimed.
> ---
> >        Once the resource is suspended ARIN shall make one more
> >        request of all contacts listed with the resource and the
> >        parent resource (if available), and if no response is received
> >        in a reasonable amount of time the resource shall be reclaimed
> >        (APID records removed, DNS delegations removed, the space
> >        returned to the free pool).
> 50,51c49,50
> <        Third parties may report the inability to make contact with a
> <        party via information in the APID.  In this case ARIN shall
> ---
> >        Third parties may report the inability to make contact with
> >        a party via information in the APID.  In this case ARIN shall
> 55,57c54,56
> <        holder.  Offenders who fail to respond to third parties more
> <        than 4 times per month for three months may have their resources
> <        reclaimed at the discretion of ARIN staff.
> ---
> >        holder.  Resource holders who fail to respond to third parties
> >        more than 4 times per month for three months may have their
> >        resources reclaimed at the discretion of ARIN staff.
> 82a82,84
> >        All users of the APID must agree to the ARIN AUP.  ARIN staff
> >        may make the APID available via other methods as conveniant.
> >
> 89,91c91,93
> <        2 Meet the requirements in section 3.3.3.
> <        3 Support the applications in section 3.3.1.
> <        4 Prohibit the applications in section 3.3.2.
> ---
> >        2 Support the applications in section 3.3.1.
> >        3 Prohibit the applications in section 3.3.2.
> >        4 Meet the requirements in section 3.3.3.
> 182,183d183
> <
> < Section 4.2.3.7.6: Strike.
> 
> --
>        Leo Bicknell - bicknell at ufp.org - CCIE 3440
>         PGP keys at http://www.ufp.org/~bicknell/
> Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
> 
> 
>



More information about the ARIN-PPML mailing list