[arin-ppml] Policy Proposal: Whois Integrity Policy Proposal

Ted Mittelstaedt tedm at ipinc.net
Tue Aug 19 15:17:44 EDT 2008

This is one of those proposals from the "smack them with a
sledgehammer" camp.

I definitely understand the feeling behind it, really I do.
But honestly, people, this isn't First Grade where the entire
class gets punished just because one kid is throwing spitballs.

I would definitely support a proposal that yanked a whois
record for a legacy block that has been proven to be abandoned.

For example, if ARIN gets a decently documented complaint
that a block has become hijacked by spammers, and does a
REASONABLE amount of effort to contact the legacy holder
(at minimum, contacting the upstream AS that is advertising
the block) and fails to get any kind of response that would
allow them to correct the WHOIS record so that the
IP holder can then be contacted by the complainant, why
then fine, pull the whois until an RSA is signed.

But this proposal basically assumes every legacy holder who
has not signed an RSA, even if they are minding their own business
and keeping their network clean, into the persona-non-grata camp.

There's plenty of spammers out there who are claiming themselves
to be opt-in e-mail promoters who are operating from blocks
under an RSA.  If you really want to reduce spam, go after those
people and leave the legacy holders alone who AREN'T spamming but
just happen to have not signed an RSA.

Ted Mittelstaedt

> -----Original Message-----
> From: arin-ppml-bounces at arin.net 
> [mailto:arin-ppml-bounces at arin.net] On Behalf Of Member Services
> Sent: Monday, August 18, 2008 7:39 AM
> To: arin-ppml at arin.net
> Subject: [arin-ppml] Policy Proposal: Whois Integrity Policy Proposal
> ARIN received the following policy proposal. In accordance 
> with the ARIN Internet Resource Policy Evaluation Process, 
> the proposal is being posted to the ARIN Public Policy 
> Mailing List (PPML) and being placed on ARIN's website.
> The ARIN Advisory Council (AC) will review this proposal at 
> their next regularly scheduled meeting. The AC may decide to:
>      1. Accept the proposal as written. If the AC accepts the 
> proposal, it will be posted as a formal policy proposal to 
> PPML and it will be presented at a Public Policy Meeting.
>      2. Not accept the proposal. If the AC does not accept 
> the proposal, the AC will explain their decision via the 
> PPML. If a proposal is not accepted, then the author may 
> elect to use the petition process to advance their proposal. 
> If the author elects not to petition or the petition fails, 
> then the proposal will be closed.
> The AC will assign shepherds in the near future. ARIN will 
> provide the names of the shepherds to the community via the PPML.
> In the meantime, the AC invites everyone to comment on this 
> proposal on the PPML, particularly their support or 
> non-support and the reasoning behind their opinion. Such 
> participation contributes to a thorough vetting and provides 
> important guidance to the AC in their deliberations.
> The ARIN Internet Resource Policy Evaluation Process can be 
> found at: http://www.arin.net/policy/irpep.html
> Mailing list subscription information can be found at: 
> http://www.arin.net/mailing_lists/
> Regards,
> Member Services
> American Registry for Internet Numbers (ARIN)
> ## * ##
> Policy Proposal Name:  Whois Integrity Policy Proposal
> Author: Heather Schiller
> Proposal Version: 1
> Submission Date:  August 15, 2008
> Policy statement:
> To ensure the integrity of information in the ARIN WHOIS 
> Database a resource must be under an RSA (either legacy or 
> traditional) in order to update the WHOIS record.  ARIN will 
> not update historical information in the ARIN Whois Database 
> until the resource holder can prove the organization's right 
> to the resource.
> Rationale:
> ARIN currently maintains WHOIS and in-addr.arpa delegation 
> records in a best-effort fashion.  In many cases ARIN does 
> not have a formal agreement with the legacy resource holders. 
>  Legacy records are frequently out of date and have become an 
> increasingly popular target for hijackers.  Having up to date 
> contact information and a formal relationship with legacy 
> record holders would assist ARIN and ISP's in ensuring these 
> records are maintained accurately.  A similar policy was 
> successfully adopted in the APNIC region.
> (http://www.apnic.net/policy/proposals/prop-018-v001.html)
> Timetable for implementation:
> Within sixty (60) days of approval - with notification to 
> current POC email addresses listed on historical assignments, 
> or as soon as reasonable for ARIN staff.
> _______________________________________________
> You are receiving this message because you are subscribed to 
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net). 
> Unsubscribe or manage your mailing list subscription at: 
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.

More information about the ARIN-PPML mailing list