[arin-ppml] Draft Policy ARIN-2021-7: Make Abuse Contact Useful

Steven Ryerse SRyerse at eclipse-networks.com
Wed Oct 27 18:20:29 EDT 2021


Adding another optional option in addition to an email that can be queried somehow would be fine - as long as the current email option doesn't go away.  Some organizations may want to automate this process and if another option could be queried programmatically to see if it exists it might be beneficial to both parties.  This works as long as the old fashion manually write an email to the abuse listing is still available.    


Steven Ryerse
President 

sryerse at eclipse-networks.com | O: 770.399.9099  C: 770.656.1460
100 Ashford Center North | Suite 110 | Atlanta, Georgia 30338

      




-----Original Message-----
From: ARIN-PPML <arin-ppml-bounces at arin.net> On Behalf Of JORDI PALET MARTINEZ via ARIN-PPML
Sent: Wednesday, October 27, 2021 10:23 AM
To: arin-ppml at arin.net
Subject: Re: [arin-ppml] Draft Policy ARIN-2021-7: Make Abuse Contact Useful

Maybe I should review and resubmit my abuse-c proposal now that it is clear that at least in other 2 RIRs is being a success?

https://www.arin.net/vault/policy/proposals/ARIN_prop_264_orig.html

https://www.arin.net/vault/policy/proposals/2019_5.html


Regards,
Jordi
@jordipalet



El 27/10/21 16:02, "ARIN-PPML en nombre de Michael Peddemors" <arin-ppml-bounces at arin.net en nombre de michael at linuxmagic.com> escribió:

    -1, I appose.

    Anything that further waters down the requirement for a valid abuse
    'email' harms the internet as a whole.  We are still waiting for more
    ARIN action on invalid data, and more enforcement on the requirement to
    respond to abuse reports using the current methods.

    Other methods may have barrier(s) to adoption, and put more onus on the
    reporter, rather than the network operator.

    While 'adding' additional methods may on the surface seem harmless, it
    will allow network operators to position themselves as preferring the
    alternative form of contact, and slowly stop paying attention the
    current methods.

    Not to mention, ARIN hasn't reached the level it can validate the
    simpler 'phone' and 'email', or affect corrections on invalid data,
    increasing the complexity of 'compliance' checking, is not something
    that ARIN has the capabilities of doing effectively.

    (And my personal bone to pick, reporting inaccurate contact information
    to ARIN, does not result in that information being corrected.)



    On 2021-10-26 1:18 p.m., ARIN wrote:
    > On 21 October 2021, the ARIN Advisory Council (AC) accepted
    > "ARIN-prop-303: Make Abuse Contact Useful" as a Draft Policy.
    >
    > Draft Policy ARIN-2021-7 is below and can be found at:
    >
    > https://www.arin.net/participate/policy/drafts/2021_7/
    > <https://www.arin.net/participate/policy/drafts/2021_7/>
    >
    > You are encouraged to discuss all Draft Policies on PPML. The AC will
    > evaluate the discussion in order to assess the conformance of this draft
    > policy with ARIN's Principles of Internet number resource policy as
    > stated in the Policy Development Process (PDP). Specifically, these
    > principles are:
    >
    > * Enabling Fair and Impartial Number Resource Administration
    >
    > * Technically Sound
    >
    > * Supported by the Community
    >
    > The PDP can be found at:
    >
    > https://www.arin.net/participate/policy/pdp/
    > <https://www.arin.net/participate/policy/pdp/>
    >
    > Draft Policies and Proposals under discussion can be found at:
    >
    > https://www.arin.net/participate/policy/drafts/
    > <https://www.arin.net/participate/policy/drafts/>
    >
    > Regards,
    >
    > Sean Hopkins
    >
    > Senior Policy Analyst
    >
    > American Registry for Internet Numbers (ARIN)
    >
    > Draft Policy ARIN-2021-7: Make Abuse Contact Useful
    >
    > Problem Statement:
    >
    > ARIN’s process of attaching an abuse contact to resource records is of
    > limited utility. The phone number is often an unmanned voicemail that
    > refers the caller to a web page while the email address is commonly an
    > auto-responder which does the same. Because the emails often involve
    > problematic content they can get lost in filters making it hard to even
    > find the URL let alone get an abuse report to go through. This is
    > further exacerbated by folks who write programs to automatically
    > generate unverified abuse reports and email them to the ARIN contact,
    > flooding the mailbox with useless reports that no human being is
    > assigned to look through.
    >
    > With responsible network providers, the process for dealing with network
    > abuse instead usually starts with a web page. The web page provides
    > instructions and may offer forms for describing the abuse and uploading
    > supporting material of the nature that the service provider needs in
    > order to take action.
    >
    > It would be helpful for ARIN to support the abuse reporting process they
    > actually use.
    >
    > Policy statement:
    >
    > Strike -
    >
    >  From 2.12 “and one valid abuse”
    >
    >  From 3.6.2 “Abuse”
    >
    > Add:
    >
    > 2.1.2 To “organization information must include…zip code equivalent,”
    > add “an abuse reporting URL”
    >
    > 4.2.3.7.3.2: replace “upstream Abuse and Technical POCs " with “upstream
    > Technical POCs and URLs for reporting abuse”
    >
    > 6.5.5.3.1: replace “upstream Abuse and Technical POCs " with “upstream
    > Technical POCs and URLs for reporting abuse”
    >
    > Timetable for implementation: Whenever
    >
    > Anything Else:
    >
    > Initial implementation suggested to replace the abuse POC with a URL
    > pointing to ARIN’s display of the same POC record which was used for
    > abuse reporting. Should support multiple URLs so that if desired an
    > organization can specify both “mailto:somebody at here” and “tel:1234567”
    > if that’s how they actually want abuse reported to them.
    >
    >
    > _______________________________________________
    > ARIN-PPML
    > You are receiving this message because you are subscribed to
    > the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
    > Unsubscribe or manage your mailing list subscription at:
    > https://lists.arin.net/mailman/listinfo/arin-ppml
    > Please contact info at arin.net if you experience any issues.
    >



    --
    "Catch the Magic of Linux..."
    ------------------------------------------------------------------------
    Michael Peddemors, President/CEO LinuxMagic Inc.
    Visit us at http://www.linuxmagic.com @linuxmagic
    A Wizard IT Company - For More Info http://www.wizard.ca
    "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
    ------------------------------------------------------------------------
    604-682-0300 Beautiful British Columbia, Canada

    This email and any electronic data contained are confidential and intended
    solely for the use of the individual or entity to which they are addressed.
    Please note that any views or opinions presented in this email are solely
    those of the author and are not intended to represent those of the company.
    _______________________________________________
    ARIN-PPML
    You are receiving this message because you are subscribed to
    the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
    Unsubscribe or manage your mailing list subscription at:
    https://lists.arin.net/mailman/listinfo/arin-ppml
    Please contact info at arin.net if you experience any issues.



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.



_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact info at arin.net if you experience any issues.


CAUTION: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.


More information about the ARIN-PPML mailing list