[arin-ppml] private whois record

Chu, Yi [NTK] Yi.Chu at sprint.com
Tue Aug 7 15:17:25 EDT 2012 

I doubt you can find the street address of BoA's or CIA network security department in public.  Their customer facing department info is public, but their network org may be considered sensitive.

The point is some business and gov entities may consider their network records to be sensitive info, and want to keep them away from general public.  As an ISP, it is not my job to question whether they are just hyper-sensitive or not.

Those reassignments are leaf records, only one hop away from their upstream's LIR records.  Hence if an ISP make a particular leaf network record private, you can always find the immediate upstream ISP and go take up your network problem from there.

yi

-----Original Message-----
From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Seth Mattinen
Sent: Tuesday, August 07, 2012 2:25 PM
To: arin-ppml at arin.net
Subject: Re: [arin-ppml] private whois record

On 8/7/12 11:08 AM, Chu, Yi [NTK] wrote:
> The situation is my customer (a company, not residential) had gone through a security audit.  The audit identified the whois record as a potential security risk.  What they are asking is for their whois  record (inetnum, or network record) to be private.  So the assigning LIR has access to the private record, as well as ARIN.  But not to general public.  This 'private' feature has been incorporated in APNIC for almost 10 years (APNIC-16, 2003 http://www.apnic.net/services/services-apnic-provides/helpdesk/faqs/privacy-of-customer-assignments---faqs) .   I would like to know first if ARIN has a similar feature to accommodate my customer's request.  If not, has the topic been discussed and if there is interest in pursuing.
>


I remember the topic being discussed and the consensus I recall was that
residential entries in whois can be private but that businesses should
be public.

I would be curious to know if the audit identified their postal mailing
address as a security risk as well.

~Seth
_______________________________________________
PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-ppml
Please contact info at arin.net if you experience any issues.


________________________________

This e-mail may contain Sprint Nextel proprietary information intended for the sole use of the recipient(s). Any use by others is prohibited. If you are not the intended recipient, please contact the sender and delete all copies of the message.

More information about the ARIN-PPML mailing list