[arin-ppml] Policy Proposal 95: Customer Confidentiality

George Bonser gbonser at seven.com
Thu Jan 28 20:31:38 EST 2010


> 
> There's something wrong about that sentence. If an IP address that has
> been SWIP'ed to a specific site is performing blatant network scans
> against you, I want you to be able to know who it is.
> 
> To me, trying to hide customer information like this is much like
> security through obscurity, imho.


There is another issue as well.  Say someone has a misconfigured server,
going through their transit provider to get them to fix it seems
ridiculous.  

If one of your customers is engaging in malicious activity, I want to
know not only who it is, but what other blocks do they have so I can
keep an eye on those source addresses, too.  And when they move to a
different provider, I want to know that, too.

If a customer has an AS and uses BGP, who their upstream connectivity
comes from can be obtained without whois.  Any major network on the
planet has the BGP routing table.  So are you asking that ASN
information be private, too?

The license plate on my car doesn't have my landlord's number on it.  It
has my number on it.  And if I move to a different place, it still has
my license number on it and not my new landlords.  And if someone has a
problem with what I am doing, they don't go to my landlord to get it
sorted out.

George




More information about the ARIN-PPML mailing list