[arin-ppml] ARIN-prop-180 ISP Private Reassignment - ISP liability

Scott Leibrand scottleibrand at gmail.com
Wed Aug 15 16:51:48 EDT 2012


Speaking practically (not legally) what usually happens in that situation is that C will contact A and ask them to address the DDoS. A will then be more responsible for blocking the traffic (or getting in touch with B) than if B's info were up to date. 

Scott

On Aug 15, 2012, at 1:33 PM, "Chu, Yi [NTK]" <Yi.Chu at sprint.com> wrote:

> So ISP A made a reassignment, and created the org ID on behalf of its customer (company B).  At that time, the business location and POC were correct in the swipped records.  A year later, company B changed its business location, or its POC switched job.  However,  B did not notify ISP A of the change.  Now some third party C has some DDOS traffic coming from the company B.  C is checking on WHOIS and found the contact info for B outdated.  Is this ground for C to make a legal case against ISP A?
>  
> yi
>  
> From: McTim [mailto:dogwallah at gmail.com] 
> Sent: Wednesday, August 15, 2012 3:20 PM
> To: Chu, Yi [NTK]
> Cc: arin-ppml at arin.net
> Subject: Re: [arin-ppml] ARIN-prop-180 ISP Private Reassignment - ISP liability
>  
> Hi,
> 
> On Wed, Aug 15, 2012 at 1:50 PM, Chu, Yi [NTK] <Yi.Chu at sprint.com> wrote:
> Can ARIN staff answer the question whether ISP have legal liability
>  
>  
> Perhaps if you could be more specific about what type of liability you mean?
>  
> 
> -- 
> Cheers,
> 
> McTim
> "A name indicates what we seek. An address indicates where it is. A route indicates how we get there."  Jon Postel
>  
>  
>  
> for the reassignment they made on their downstream customers’ behalf?
>  
> yi
>  
> From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Chu, Yi [NTK]
> Sent: Tuesday, August 14, 2012 4:13 PM
> To: Aaron Dudek
> Cc: arin-ppml at arin.net
> Subject: Re: [arin-ppml] ARIN-prop-180 ISP Private Reassignment
>  
> Aaron:
> Not necessarily true.  Customer can move their mailing address without telling their upstream ISP.  They can just forget it.  Their accounts receiving department may or may not be the same as their ‘authoritative’ contact info that ISP put in the whois for them.
>  
> Let alone the POC records.  It actually took quite a while for my company to update some folks after they switched jobs. (you know whom I am referring to).  I know that for a fact.  And as for my customers, I do not recall last time anyone told me that their POC changed, but I suspect a lot of them did.
>  
> So I am a bit uneasy as the discussion seemed to implicate that I am legally liable in some ways.  I need to find out, and if so, need to get my acts together.  It is a bit off topic, so I apologize.
>  
> yi
>  
> From: Aaron Dudek [mailto:adudek16 at gmail.com] 
> Sent: Tuesday, August 14, 2012 3:57 PM
> To: Chu, Yi [NTK]
> Cc: Jimmy Hess; Owen DeLong; arin-ppml at arin.net
> Subject: Re: [arin-ppml] ARIN-prop-180 ISP Private Reassignment
>  
> Well, you bill the customer, so if the customer moves without telling you, you can figure out how that works.
> POCs change all the time. I'm sure that you know how to update and correct that when it is found out. Either someone will contact your company and say something or they will contact you when they are no longer able to reach certain sites. 
> 
> Aaron
> 
> On Tue, Aug 14, 2012 at 3:51 PM, Chu, Yi [NTK] <Yi.Chu at sprint.com> wrote:
> So ISP creates swip and POC records on behalf of its customers.  Does that put ISP in a legal binding that in case customer moves, or customer's POC changes job without telling the ISP, that ISP has any legal implication for not knowing?
> 
> yi
> 
> -----Original Message-----
> From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf Of Jimmy Hess
> Sent: Friday, August 10, 2012 10:20 PM
> To: Owen DeLong
> Cc: arin-ppml at arin.net
> Subject: Re: [arin-ppml] ARIN-prop-180 ISP Private Reassignment
> 
> On 8/9/12, Owen DeLong <owen at delong.com> wrote:
> [snip]
> > some legitimate contact address for the customer in question. Ideally
> > the one where they would prefer to receive service of legal process.
> 
> I think many organizations would prefer to not receive service of
> legal process at any address.
> 
> The org address listed in WHOIS should be a mailing address that is an
> authoritative contact for both the organization and the network.
> Example uses of a mailing address could include:
> 
> (*) Verification of of identity on the part of upstreams and
> prospective peers,  by proof of ability to receive mail, or comparison
> to other records.
> 
> (*) Contact by letter sent via postal mail or private courier as a
> last resort, for reporting technical or abuse issues, that for some
> reason the e-mail based or telephone contact was not responsive for,
> for example, the telephone may be malfunctioning, or disconnected,
> and someone forgot to update WHOIS.
> 
> (*) Reporting of network abuse issues,  by going there in person to
> report face-to-face or via courier/postal mail, where the technical
> contact was believed to be complicit in the abuse for some reason.
> 
> (*)  Reporting of possible hacker compromises impacting the mail
> server that  the technical contact's mail is hosting on,  or  when
> e-mail is otherwise returned as undeliverable  or not acknowledged.
> 
> 
> > Owen
> --
> -JH
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
> 
> 
> ________________________________
> 
> This e-mail may contain Sprint Nextel proprietary information intended for the sole use of the recipient(s). Any use by others is prohibited. If you are not the intended recipient, please contact the sender and delete all copies of the message.
> 
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>  
>  
> 
> This e-mail may contain Sprint Nextel proprietary information intended for the sole use of the recipient(s). Any use by others is prohibited. If you are not the intended recipient, please contact the sender and delete all copies of the message.
>  
> 
> This e-mail may contain Sprint Nextel proprietary information intended for the sole use of the recipient(s). Any use by others is prohibited. If you are not the intended recipient, please contact the sender and delete all copies of the message.
> 
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
> 
> 
>  
> 
> 
> This e-mail may contain Sprint Nextel proprietary information intended for the sole use of the recipient(s). Any use by others is prohibited. If you are not the intended recipient, please contact the sender and delete all copies of the message.
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20120815/113b7396/attachment.html>


More information about the ARIN-PPML mailing list