[arin-ppml] Policy Proposal: Annual WHOIS POC Validation

Ted Mittelstaedt tedm at ipinc.net
Tue Aug 26 15:37:33 EDT 2008

> -----Original Message-----
> From: Owen DeLong [mailto:owen at delong.com] 
> Sent: Tuesday, August 26, 2008 12:08 PM
> To: Ted Mittelstaedt
> Cc: 'John Santos'; arin-ppml at arin.net
> Subject: Re: [arin-ppml] Policy Proposal: Annual WHOIS POC Validation
> >
> > The proposals will be fundamentally identical with the 
> exception that 
> > Chris's proposal requires a response from the POC e-mail 
> address.  My 
> > proposal only requires that the POC e-mail address be 
> accepting mail, 
> > not that the POC actually responds.
> For interesting values of accepting where domain-squatter 
> simply black-holing the email qualifies as acceptance.

Correct.  I am not trying to fix the world, just one little
piece of it.

Does it really matter if someone is squatting on a domain
name belonging to a former POC or not?  Would you really
advocate ARIN make a determination of whether the holder
of an address - legacy or not - is the legitimate holder
based purely on whether the e-mail address in the POC
is accepting mail or not?  (or responding to mail or not?)

I am all in favor of having ARIN periodically validate POC's
of allocated blocks, both legacy and non-legacy.  But to
do this requires a LOT of data checks in the block owner.
Most importantly, is the block being routed?  Who is routing
it?  Is there an operating website on it?

For example suppose someone comes along and finds an old
defunct legacy block and hijacks the domain name on
it and starts routing the block and spamming from it.
They blackhole e-mails to it.

Would you have ARIN consider that block to be owned
by a valid holder simply because they are accepting
and black-holing mail on it?  I would not.

Clearly there is a debate over having ARIN validate
block holders.  For non-legacy blocks, we can assume
for the purpose of argument that any block being paid
up on it's annual fee is owned by the legitimate owner.
Thus, for legacy blocks not under LRSA it is quite possible
there are a lot of abandonded and invalid ones out there.

My proposal isn't trying to become the vehicle to go
out and identify all those abandoned and invalid
legacy blocks that we assume exist.  Perhaps I might
even write a proposal that would attempt to define
how to do this in the future.  But, this proposal is not
intended to be it.

All that I am trying to do, and all that Chris is trying
to do, with our proposals, is get the whois database
POC's to have valid e-mail addresses.  That is a very
simple, basic goal - and yet, there's already 2 proposals
that are fundamentally different on how to do that one
little thing, because there's multiple definitions of what
a valid e-mail address is.


More information about the ARIN-PPML mailing list