[arin-ppml] POC privacy

Patrick Klos patrick at klos.com
Fri Oct 26 11:30:05 EDT 2012 

Andrew Koch wrote:
> Yesterday during the open mic at the policy meeting, Mike Joseph of
> Google had planted an idea of making Admin and Tech contacts private.
>
> Rather than being able to move all Admin and Tech contacts to being
> private, I would be in favor of requiring one public POC of each type
> be visible.  However,  additional POCs of those types could be marked
> private.
>
> This would provide for the ability to move all but a select
> representative or role account to receive communications into a
> private status.  These private POCs could continue to manage
> resources.  It also balances the concern that POCs may receive a large
> bit of unwanted communications and the need to contact them.
>
> As I think about this a bit further, creating a role POC and then
> being able to link multiple ARIN Online accounts to that role POC is
> already available.  This would meet the ability to manage resources,
> but not place personal details in the public database.  So, I think
> further information on the drivers of this are needed.
>
> In some after-meeting discussions, another thought that was brought
> forward was moving the ability to view certain POC data to a
> restricted system.  For example, in public whois, the resource would
> link to a POC name, but the details (name, phone, email) would be only
> accessible after logging into ARIN Online, or using REST with an API
> key.
>
> Regards,
> Andrew Koch
>   

These ideas of hiding POCs are ridiculous!  What is the purpose of a 
"point of CONTACT" if you cannot use it to CONTACT someone?!?!

I constantly use POCs to try to notify resource owners that their 
resources (usually a server on their network) have been compromised and 
are behaving badly (i.e. hosting phishing sites or viruses/trojans).  I 
don't get paid to do it - I do it because it needs to be done.  If more 
obstacles are put in my way (i.e. requiring me to use various web 
interfaces and log in to get the details I need), I will have less and 
less time to help out the community.

What are people worried about that they feel their POC information 
should be "private"?? 

   1. A little spam?!?  I get so little spam on my POC email addresses,
      it's silly to worry about it! 
   2. What else?  Privacy??  Businesses (legitimate ones, anyway) have
      no reason to hide themselves!

What good is a "private" POC?  Who would ever got to use it if it's 
private???

Can someone come up with a single legitimate example of why they should 
have public Internet resources assigned to them, but their contact 
information should be hidden from the world??

Sincerely,

Patrick Klos
Klos Technologies, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20121026/80b8235d/attachment.htm>

More information about the ARIN-PPML mailing list