-------- Original Message --------
Subject: Re: [anti-abuse-wg] 2017-02 New Policy Proposal (Regular
abuse-c Validation)
From: Nick Hilliard <nick@foobar.org>
Date: Tue, September 12, 2017 12:00 am
To: "anti-abuse-wg@ripe.net" <anti-abuse-wg@ripe.net>

> The goal of this proposal is to give the RIPE NCC a mandate to
> regularly validate "abuse-c:" information and to follow up in cases
> where contact information is found to be invalid.

which states:

> b. Arguments opposing the proposal
[...]
> If organisations are not cooperative, the RIPE NCC ultimately has the
> possibility to close their RIPE NCC membership and deregister their
> Internet number resources.

The most serious problem with this proposal is that it's saying: "make
sure your abuse-c mailbox is working and if it isn't, this proposal is
explicitly threatening that the RIPE NCC can take your numbering
resources away". This is a highly aggressive approach and I don't think
this is a viable or appropriate way of handling stewardship of IP
numbering resources, and particularly not from a monopoly organisation.

Useful abuse management is far more than tickbox compliance with having
your abuse-c mailbox connected up to an autoresponder. A working
abuse-c mailbox is great, but mandating this requirement in this way is
going to turn the abuse-c mechanism into a window-dressing exercise
which can be satisfied by an autoresponder.

On this basis I don't support this proposal.

Why didn't the authors just talk to the RIPE NCC and ask them to include
abuse-c validation in the Assisted Registry Check? This seems like a
far less heavy-handed option than creating a policy proposal. It also
involves better quality community outreach, and without the threat of
aggression implicit in proposal 2017-02.

Nick