[arin-ppml] Draft Policy ARIN-2021-7: Make Abuse Contact Useful

Michael Peddemors michael at linuxmagic.com
Wed Oct 27 10:02:04 EDT 2021

-1, I appose.

Anything that further waters down the requirement for a valid abuse 
'email' harms the internet as a whole.  We are still waiting for more 
ARIN action on invalid data, and more enforcement on the requirement to 
respond to abuse reports using the current methods.

Other methods may have barrier(s) to adoption, and put more onus on the 
reporter, rather than the network operator.

While 'adding' additional methods may on the surface seem harmless, it 
will allow network operators to position themselves as preferring the 
alternative form of contact, and slowly stop paying attention the 
current methods.

Not to mention, ARIN hasn't reached the level it can validate the 
simpler 'phone' and 'email', or affect corrections on invalid data, 
increasing the complexity of 'compliance' checking, is not something 
that ARIN has the capabilities of doing effectively.

(And my personal bone to pick, reporting inaccurate contact information 
to ARIN, does not result in that information being corrected.)

On 2021-10-26 1:18 p.m., ARIN wrote:
> On 21 October 2021, the ARIN Advisory Council (AC) accepted 
> "ARIN-prop-303: Make Abuse Contact Useful" as a Draft Policy.
> Draft Policy ARIN-2021-7 is below and can be found at:
> https://www.arin.net/participate/policy/drafts/2021_7/ 
> <https://www.arin.net/participate/policy/drafts/2021_7/>
> You are encouraged to discuss all Draft Policies on PPML. The AC will 
> evaluate the discussion in order to assess the conformance of this draft 
> policy with ARIN's Principles of Internet number resource policy as 
> stated in the Policy Development Process (PDP). Specifically, these 
> principles are:
> * Enabling Fair and Impartial Number Resource Administration
> * Technically Sound
> * Supported by the Community
> The PDP can be found at:
> https://www.arin.net/participate/policy/pdp/ 
> <https://www.arin.net/participate/policy/pdp/>
> Draft Policies and Proposals under discussion can be found at:
> https://www.arin.net/participate/policy/drafts/ 
> <https://www.arin.net/participate/policy/drafts/>
> Regards,
> Sean Hopkins
> Senior Policy Analyst
> American Registry for Internet Numbers (ARIN)
> Draft Policy ARIN-2021-7: Make Abuse Contact Useful
> Problem Statement:
> ARIN’s process of attaching an abuse contact to resource records is of 
> limited utility. The phone number is often an unmanned voicemail that 
> refers the caller to a web page while the email address is commonly an 
> auto-responder which does the same. Because the emails often involve 
> problematic content they can get lost in filters making it hard to even 
> find the URL let alone get an abuse report to go through. This is 
> further exacerbated by folks who write programs to automatically 
> generate unverified abuse reports and email them to the ARIN contact, 
> flooding the mailbox with useless reports that no human being is 
> assigned to look through.
> With responsible network providers, the process for dealing with network 
> abuse instead usually starts with a web page. The web page provides 
> instructions and may offer forms for describing the abuse and uploading 
> supporting material of the nature that the service provider needs in 
> order to take action.
> It would be helpful for ARIN to support the abuse reporting process they 
> actually use.
> Policy statement:
> Strike -
>  From 2.12 “and one valid abuse”
>  From 3.6.2 “Abuse”
> Add:
> 2.1.2 To “organization information must include…zip code equivalent,” 
> add “an abuse reporting URL”
> replace “upstream Abuse and Technical POCs " with “upstream 
> Technical POCs and URLs for reporting abuse”
> replace “upstream Abuse and Technical POCs " with “upstream 
> Technical POCs and URLs for reporting abuse”
> Timetable for implementation: Whenever
> Anything Else:
> Initial implementation suggested to replace the abuse POC with a URL 
> pointing to ARIN’s display of the same POC record which was used for 
> abuse reporting. Should support multiple URLs so that if desired an 
> organization can specify both “mailto:somebody at here” and “tel:1234567” 
> if that’s how they actually want abuse reported to them.
> _______________________________________________
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.

"Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

More information about the ARIN-PPML mailing list