[arin-ppml] private whois record

Chris Engel cengel at conxeo.com
Tue Aug 7 13:40:05 EDT 2012 

> I see no great problem with private registration so long as there are active
> authoritative contacts that can actually do something should a network or
> abuse issue occur.  Having an abuse or NOC contact point to someone who
> can
> call someone who knows who to call is unacceptable.  We need to be able to
> reach a network administrator directly.
> 
> Having said that, if you are operating on the public network and wish to
> keep your contact information private then something just doesn't jive.  I
> do strongly support transparency.  If you don't want to disclose any
> information the solution is simple, don't transact on public networks.
> 
> 
> Kevin


While I sympathize with Kevin,  but from the standpoint of many organizations that (direct contact to an admin)  just doesn't make sense.  Organizations are generally better off having the listed contact be some sort of CSR/answering service type that has their own private contact/escalation list of who to call for a given situation. The reason is that Engineers tend to be a much more valuable/expensive resource then CSR/Answering Service personnel. You don't want to waste that resource with the initial screening of calls that might include a very high noise to signal ratio. The CSR can perform the initial screening of calls and separate the  "Hey I've got a great deal on routers I'd like to sell you" ,  from the "Your network seems to be flooding me with what looks to be a DOS attack",  from the "I sent an e-mail to someone at your network and it bounced back". This is a much more effective use of resources, especially for smaller organizations who may not have 24/7 Engineer staffing.  I know if I kept getting calls in the middle of the night from guys wanting to sell me network equipment, I would simply turn off my phone and then you'd have no contact to deal with your emergency.  The key here is that the CSR has enough training to separate real emergencies from the chaff and has accurate contact info of who to get ahold of for genuine emergencies. No one likes dealing with layers of abstraction when they have a genuine problem. But the reality is that publicly published information will get abused by people who don't have such problems. It's not an unreasonable trade-off for that to expect to have to deal with some initial screening and a layer or two of abstraction as long as you do eventually get to deal with someone who has authority to act on your problem, and it's done in a reasonably timely fashion. YMMV.




Christopher Engel

More information about the ARIN-PPML mailing list