[ppml] ***POSSIBLE SPAM*** RE: /29 limit for ARIN SWIP whois

Divins, David dsd at servervault.com
Wed Jan 9 14:13:00 EST 2008


As stated in my earlier messages, I think RWHOIS should only REQUIRE
valid Technical and Abuse contact.  You are more than welcome to add as
much info as you want (Ted, this way you have the option of passing the
buck to downstreams).

The example below requires a tech contact, so does my desire.  Did you
benefit from having the Grocery stores physical address? Or even care
that the grocery store was SWIPed.  No you wanted a tech contact for
ServerX, which I agree with.

-dsd

David Divins
Principal Engineer
ServerVault Corp.
(703) 652-5955
-----Original Message-----
From: Paul G. Timmins [mailto:ptimmins at clearrate.com] 
Sent: Wednesday, January 09, 2008 2:01 PM
To: Divins, David
Cc: Public Policy Mailing List
Subject: ***POSSIBLE SPAM*** RE: [ppml] /29 limit for ARIN SWIP whois

There are legitimate reasons for whois that an abuse desk doesn't cover.
I've had quite a few badly written spiders hammer websites I control,
and they don't use the User-Agent header properly. Since blocking them
gets annoying after a while, I hit whois, find the contact info for
whatever little llc out of someone's home hoping to be google someday,
or sometimes a badly written internal crawler that starts searching my
pages because my site was linked from their intranet, etc.

In fact, I used it a few weeks ago to contact a technical person at a
well known (unnamed) regional grocery chain here in the midwest, who had
a malfunctioning server that sent me 140 copies of their online weekly
circular over the course of 3-4 days. Because they had a tech POC, I was
able to get a hold of them right away, and they were able to stop it in
hours. I'm thinking that if they didn't have that, I'd probably have had
to build a procmail rule, and they probably would have been annoying
other customers with it too, many not smart enough to use whois or
procmail. 

I'm not sure what their upstream's abuse POC would have done in the
above circumstances, but I'm glad they populated whois.

-Paul


-----Original Message-----
From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net] On Behalf Of
Divins, David
Sent: Wednesday, January 09, 2008 7:20 AM
Cc: Public Policy Mailing List
Subject: Re: [ppml] /29 limit for ARIN SWIP whois

Mr. Conrad is correct that I have overstated my desire to rid the world
of these tools and what I really want is a policy revamp of information
required.

I do take exception to the idea that I want the internet to be full of
child predators and spammers-- I hate spammers.

However, my point is as long as an address has the appropraite contact
info (be it my abuse desk or a reassigned abuse desk) I feel there is no
reason that end user info and physical address information needs to be
published.  Despite what many believe, for me, it is not because I don't
want my customer base "raped".  I am secure enough in my service
delivery that my customers will stay even if targeted by others.

-dsd

David Divins
Principal Engineer
ServerVault Corp.

-----Original Message-----
From: Ted Mittelstaedt [mailto:tedm at ipinc.net]
Sent: Tuesday, January 08, 2008 7:00 PM
To: David Conrad; Divins, David
Cc: Public Policy Mailing List
Subject: ***POSSIBLE SPAM*** RE: [ppml] /29 limit for ARIN SWIP whois

OK so I guess let me summarize the points of view:

1) SWIP is a valuable and much-needed tool that allows network
administrators on the Internet to quickly find and report spammers, and
other network miscreants.  The current limit of /29 is obsolete since
lots of entities today are assigned /32s under DSL, and that does not
allow for disclosure of every entity assigned an IP address.

2) SWIP is an evil thing that allows my competitors to rape me of my
customer base and spam the hell out of people.


I think it's pretty clear that David Divins is in the #2 camp.
My comment to this is that I think it pointless to set policy to make
the #2 camp happy.  They won't be happy until the entire Internet is
just one big anonymous network that allows spammers, child predators and
other miscreants to wreak havoc with no oversight or any way to track
them down.

It is pointless to make the claim that a single technical and abuse
contact is all that is necessary for a netblock assignment of tens of
thousands of IPv4 numbers, and potentially millions of IPv6 numbers.
That is the thrust of the "I provide valid POC for my netblock, and my
customers are none of your business" people. A single POC for that many
entities merely means a single mailbox that is overflowing with
complaints that are ignored.

I think we ALL have had the experience of sending a spam complaint to
abuse at aol.com and seeing how useful it is to getting the spammer shut
down.  That's the morally bankrupt result of the #2 camp logic.
So please, let's ignore their input on SWIP policy.  If we mandate /32
SWIPS they are just going to ignore them, the way they are currently
ignoring
/29 SWIPS.  So, to hell with them.

For the rest of us who have a modicum of responsibility, in the
#1 camp, clearly SWIPS aren't doing the job.  I will point out that they
aren't even doing the job for the RIR.  If they were, then the RIR would
not allow people to submit spreadsheets and such as evidence of
utilization.

Ted

>-----Original Message-----
>From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net]On Behalf Of 
>David Conrad
>Sent: Tuesday, January 08, 2008 2:25 PM
>To: Divins, David
>Cc: Public Policy Mailing List
>Subject: Re: [ppml] /29 limit for ARIN SWIP whois
>
>
>Oh.
>
>That's different.  "Down with SWIP and RWHOIS" is an unfortunate 
>shorthand for "Whois data publication policy should be revised."
>
>Opinions vary.  No doubt we'll hear most of them repeated with vigor.
>
>Regards,
>-drc
>
>On Jan 8, 2008, at 2:00 PM, Divins, David wrote:
>> I have no problem sharing that information with my RIR at any tie.
>>
>> I do take issue with the full amount of information required being 
>> available to any one who wants it.  My position is if I provide valid

>> technical and abuse contac for an address space, the specific end- 
>> entity it is in use by and their physical address is irrelevant.
>>
>> -dsd
>>
>> David Divins
>> Principal Engineer
>> ServerVault Corp.
>>
>> -----Original Message-----
>> From: David Conrad [mailto:drc at virtualized.org]
>> Sent: Tuesday, January 08, 2008 4:56 PM
>> To: Divins, David
>> Cc: Public Policy Mailing List
>> Subject: Re: [ppml] /29 limit for ARIN SWIP whois
>>
>> If you don't have SWIP, Rwhois, or its equivalent, how would an RIR
be
>> able to determine utilization?
>>
>> Regards,
>> -drc
>>
>> On Jan 8, 2008, at 1:23 PM, Divins, David wrote:
>>> I think it is clear from these discussions that SWIP is unnecessary.
>>>
>>> Down with SWIP and RWHOIS!
>>>
>>> -dsd
>>>
>>> David Divins
>>> Principal Engineer
>>> ServerVault Corp.
>>>
>>> -----Original Message-----
>>> From: arin-discuss-bounces at arin.net
>>> [mailto:arin-discuss-bounces at arin.net] On Behalf Of Ray Plzak
>>> Sent: Tuesday, January 08, 2008 6:31 AM
>>> To: arin-discuss at arin.net
>>> Subject: ***POSSIBLE SPAM*** Re: [arin-discuss] /29 limit for ARIN 
>>> SWIP whois
>>>
>>> This discussion needs to move to the ppml as it concerns a policy
and
>>> its merits and rationale.
>>>
>>> Ray
>>>
>>>> -----Original Message-----
>>>> From: arin-discuss-bounces at arin.net [mailto:arin-discuss- 
>>>> bounces at arin.net] On Behalf Of Leo Bicknell
>>>> Sent: Monday, January 07, 2008 10:14 PM
>>>> To: arin-discuss at arin.net
>>>> Subject: Re: [arin-discuss] /29 limit for ARIN SWIP whois
>>>>
>>>> In a message written on Sun, Jan 06, 2008 at 10:23:23AM -0500, Joe 
>>>> Maimon wrote:
>>>>> Is there any overriding reason to limit ARIN swip to /29 or
bigger?
>>>>
>>>> I will point out (in IPv4):
>>>>
>>>> /32 assignment (e.g. dial up, DSL, etc) is by definition 100% 
>>>> utilized.
>>>>
>>>> In terms of subnets, which only make sense if you have two more
more
>>>> devices (router + one or more hosts):
>>>>
>>>> /31 subnet by definition is 100% used.
>>>> /30 subnet by definition is 100% used (router, host, network, 
>>>> broadcast).
>>>> /29 subnet is at minimum 50% used (router, host, network, 
>>>> broadcast).
>>>>   If we further assume this was done because a /30 was not large
>>>>   enough (e.g. people are doing the right thing) there must be at
>>>>   least 5/8's, or 62.5% in use.  Also, while the standard may be
80%
>>>>   utilization, which would require 7 of the 8 IP's to be in use;
>>>>   that leaves an interesting corner case where 5/8 and 6/8 can't
>>>>   fit in a /30, but don't meet 80%.  Thus it makes sense to count
>>>>   5/8 and 6/8 as fully utilized, making it all but impossible to
>>>>   have an underutilized /29.
>>>>
>>>> Now, one of ARIN's primary uses for the data is to insure 
>>>> assignments
>>
>>>> were made in accordance with ARIN's rules when someone requests
more
>>>> space.  There's no reason to review a /30, /31, or 32, as there's
no
>>>> chance those assignments were under-utilized.
>>>>
>>>> --
>>>>      Leo Bicknell - bicknell at ufp.org - CCIE 3440
>>>>       PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - 
>>>> tmbg-list-request at tmbg.org, www.tmbg.org
>>
>>
>>
>
>_______________________________________________
>PPML
>You are receiving this message because you are subscribed to the ARIN 
>Public Policy Mailing List (PPML at arin.net).
>Unsubscribe or manage your mailing list subscription at:
>http://lists.arin.net/mailman/listinfo/ppml
>Please contact the ARIN Member Services Help Desk at info at arin.net if 
>you experience any issues.
>
_______________________________________________
PPML
You are receiving this message because you are subscribed to the ARIN
Public Policy Mailing List (PPML at arin.net).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/ppml
Please contact the ARIN Member Services Help Desk at info at arin.net if
you experience any issues.



More information about the ARIN-PPML mailing list