[arin-ppml] Policy Proposal 95: Customer Confidentiality

[James Hess]

On Thu, Jan 28, 2010 at 9:29 PM, George Bonser <gbonser at seven.com> wrote:

I am opposed to policy proposal 95.

> That said, I would not be opposed to a way to protect the service
> providers from someone perusing ARIN information for sales contacts.  I
> just haven't come up with a good suggestion.  Heck, it seems any time I

How about encouraging  POCs  to list  unique  contact information in
the WHOIS  directory   (such as  E-mail addresses and telephone
numbers that are 'specific to the whois listing'  and not used for any
other purpose)  and  also: providing  a dedicated    ARIN e-mail
address for reporting or  forwarding WHOIS-related "marketing
attempts"  to?

A  public webpage  gets dedicated to the purpose of  listing  any
organizations responsible for spam complaints.     If  it gets too
bad,  or  ARIN gets evidence the POC of an organization is complicit,
revoke their IPs, or direct their ISP to do so,  providing it can be
proven they abused ARIN whois for the purpose of spamming contacts.

I mean, the RSA signed by ISPs, End-Users, etc,  ought to include a
clause for address revokation in case of refusing to correct or cease
certain abuses of ARIN resources on demand,  such as using  e-mail
addresses or phone numbers collected from WHOIS to generate spam.


Have a  'log'  of  what IPs  requested what WHOIS records be kept.
And  perform   correlation,  so that the  IP range  that looked up the
records that were 'abused'   gets  flagged as  the spammer...


--
-J