[arin-ppml] Draft Policy ARIN-2017-12: Require New POC Validation Upon Reassignment

Owen DeLong owen at delong.com
Thu Nov 30 13:25:21 EST 2017


> On Nov 30, 2017, at 05:38 , hostmaster at uneedus.com wrote:
> 
> I support this policy.
> 
> Giving ISP's/LIR's the ability to add reassignment contacts without verification from the contacts being added I think was always wrong. Often, the email added was NOT someone who actually processed abuse issues, but often was instead someone from purchasing or marketing who had absolutely no clue who or why we have ARIN.  Often that person had no clue as to what address should be used (often a role account), and thus never provided the ISP with that correct information. Thus, the ISP used that person's info instead. As a result, when they got the verification email, they thought it was phishing or spam and ignored it.

In our case, at least, it was often some contracting agent or other similar role who dealt with signing the legal documents with the ISP or filling out the order forms with the ISP to get the space and had little or no correlation to the technical, billing, or abuse aspects of actually administering the space.

> Ensuring that added contacts in the database have been verified at creation time should go a long way in helping to keep the database clean. At a minimum, at least those who have verified their contact before entry into the database should know who ARIN is, and why they need to respond to that annual email.  I would suggest that the verification email also remind the person of the future annual verification email that will be sent, and reminding them that they need to confirm their info once a year.

It will also remove an ongoing problem that I’ve spent roughly 200 hours per year for the last 2 years sorting out.

Owen




More information about the ARIN-PPML mailing list