Hi All How about we just try this for a year and then take stock? Best Serge On 16/01/2020 18:07, Andreas Worbs wrote:
I'm completely with you.
For our US-AS i verify my contact once a year: open the mail, click the link, verify my data and that's it. You don't even need 5 minutes for it.
If you have an automation fpr your abuse mails? Ok, you have to adjust your configuration a little bit but you have to do this only once. Is it really a problem?
RIPE NCC will not deregister your ressources right now just because you missed the verification.
I would be happy if we have a mandatory abuse-c which is validated by the RIPE.
Rather go forward step-by-step than stop here for years. Stagnation means regression.
Have a good night,
Andi
Am 16.01.20 um 09:41 schrieb Serge Droz via anti-abuse-wg:
Hi All
I think we already spent way more executive time on this thread than it would cost us to verify e-mail addresses.
I agree e-mail does not solve all the problems. It's hard to automatically process, .....
But it is simple to use, and from my work as an incident handler it did do me good in the past. I participate in fora that validate abuse/emergency addresses. WHen I ask these people what their issues in daily life are it's never we have to validate or contact e-mail.
And honestly: taking a step back and reading this entire thread, I'm not surprised that the bad guys are winning. You know: They don't care about the purty and beauty of a solution. They just do it and profit, and probably have a fabulous time seeing us argue and go at each others throats.
I think we could do better.
Best Serge
-- Dr. Serge Droz Chair, Forum of Incident Response and Security Teams (FIRST) Phone +41 76 542 44 93 | serge.droz@first.org | https://www.first.org