[arin-ppml] Comments on Draft Policy 2010-3: Customer Confidentiality

Stephen Sprunk stephen at sprunk.org
Wed Apr 7 11:31:14 EDT 2010


On 06 Apr 2010 18:17, Steve Bertrand wrote:
> On 2010.04.06 17:27, Jay Hennigan wrote:
>   
>> I have to respectfully disagree. The vast majority of our customers
>> are small to medium sized businesses who have very little operational
>> clue.  Law firms, insurance agents, warehouse firms, etc. The
>> contacts at the phone number or physical address of these operations
>> can barely spell BGP, let alone describe it.
> The vast majority of my customers are exactly the same.
>   

I suspect that the vast majority of _everyone's_ customers are the
same.  Heck, most of the folks _working for ISPs_ I've dealt with can't
describe BGP.  The average customer can't even spell _IP_.

>> As their ISP, we are much more likely to able to do away with any problems that they may create than their on-premise staff.
>>     
> Agreed.
>   

True.

>> Listing their phone number and address instead of ours results in total confusion as their receptionist is likely to want to have someone call you back.  
>>     
> Even if an operator is half-baked, they still should know that it's trivial to look up the POCs for the encompassing block in the event that a receptionist responds with "no" when one asks "do you have a computer technician that looks after your stuff?".
>   

True.  It's trivially easy to format your WHOIS request to get the
parent block(s) of the address you're looking up.  I normally bypass the
end user altogether when I have a need to contact someone because the
odds of them having anyone technical enough to be useful are so small.

> Better yet, I throw it right into the SWIP 'Comments' section, just to
> be safe:
>
> Comment:    For other issues, or if the above contacts
> Comment:    are non-responsive, contact the ARIN POC registered
> Comment:    to the encompassing IP block.
>   

This is a decent idea, but IMHO it would be better to set a "technical"
and/or "abuse" POC on the SWIP itself (available with the "detailed"
template).

> Note that this proposal in my opinion is better for *technical* reasons, without regard to any business and privacy concerns driving it.
>   
> I completely understand what your stance is on this and why you feel
> this way, as seemingly we have a similar type of client base. However,
> you, like I, are the ones who *will* properly fix a problem when
> required. I'm concerned about the ones who will use this as a loophole
> to avoid that.
>   

Indeed.  IMHO, most of those who will take advantage of this policy will
do so for business reasons (e.g. hiding their customer lists from
competitors) rather than technical ones.

S

-- 
Stephen Sprunk         "God does not play dice."  --Albert Einstein
CCIE #3723         "God is an inveterate gambler, and He throws the
K5SSS        dice at every possible opportunity." --Stephen Hawking


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3646 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20100407/1dca6f20/attachment-0001.p7s>


More information about the ARIN-PPML mailing list