[arin-ppml] Policy Proposal: Annual WHOIS POC Validation

Eric Westbrook arin-ppml at westbrook.com
Mon Aug 25 16:07:10 EDT 2008


1.  I suggest that the phrase "NO RESPONSE" should be used globally instead
of "REFUSED RESPONSE" in this proposal, since a lack of response, which is
not necessarily a refusal, is what triggers it.  It probably warrants the
same handling, but I think it's an important semantic distinction.

2.  I agree with the contention that this marker shouldn't really
"overwrite" the email address.  The email addresses, even if they fail to
respond, should not be discarded or lost.

Also, in this rationale section:

A netblock with no valid POC presents a target to hijackers.  Once POC
> info is marked or tagged as invalid (like this policy proposes), it
> becomes possible for potential hijackers to locate such netblocks by
> searching the whois database.  As a defense against such hijacking
> attempts, this policy proposes that the information be presented in
> full to the entire community.  This should do at least one of two
> things; bring the netblock to the attention of whomever is responsible
> for it and/or allow other network operators to understand the
> potential risk and take appropriate action to mitigate.
>

I'm not fully convinced that the benefit of increased visibility to
operators and white hats would universally trump the danger of increased
visibility to black hats.  But I suppose it could help mitigate it in some
(and perhaps many) cases.

Regardless, I do think the overall benefit gained by periodic verification
(with perhaps a few adjustments as others are suggesting) probably outweighs
that concern and any others of which I can currently think.

$0.02,
Eric
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20080825/d76650e5/attachment.htm>


More information about the ARIN-PPML mailing list