Florian Weimer <fweimer@bfk.de> schrieb:
NIC handles are operational data for many of us who need to contact operators to address issues we encounter and make the Internet a better place for everyone.
I'm disappointed that RIPE NCC plans to take things into that direction.
I concur 100%.
Was this project prompted by requests from the membership?
A more-specific question would be, was this policy change authorised by any decision reached by means of the RIPE Policy Development Process? If so, can we please be given a reference to the documentation?
At the very least, you could introduce an opt-in flag so that we can agree to have our data published in bulk form, so that we can benefit from others willing to help us to keep our networks clean.
Contact information would only ever contain personal information if the person submitting the information chooses to utilise a personal mailbox rather than a role-account. I am reachable by email at abuse@btuser.net or richard.cox@btuser.net; only one of those constitutes personal data. It is my choice which I use in any given scenario. One size does not always fit all, so I'm not saying that because that works for me it should be imposed for everybody. What I am saying is that it provides a path forward. Perhaps the AAWG should at last dust off the policy-development process manuals and find out how we can DO something instead of just talking about it. It is just as valid for the AAWG to create a RIPE policy using that process, as it is for any of the other RIPE working groups to do so. My personal thinking goes something like this: Any entity which holds either an ASN, or an IP address range obtained DIRECTLY from RIPE or from an LIR, should be required by policy to provision an abuse mailbox; we should also recommend that such an abuse mailbox be in the form of a role account rather than an individual's mailbox. The same policy could also be applied to any sub-assignment greater than /25 (IPv4) or larger (and a similar figure should be chosen for IPv6 address blocks). That abuse mailbox should be included in all RIPE data elements, no matter how they are delivered. There is another strategy, which I have suggested before, which is that abuse (and possibly other contact) mailboxes would not be at the domain of the resource-holder, but in a special form "xxxxxxxxx@abuse.ripe.net" where "xxxxxxxxx" is an encrypted string pointing to the real mailbox and that string would actually change every (N) days, so that there would be no value in spammers harvesting such addresses. Mail to those addresses would be forwarded by the RIPE mailserver, with a re-written Return-Path etc so that a bounce would never go directly to the sender but instead come to the RIPE server where it would pass through a filter taking out the personal data. If mail to such an address did bounce in any quantity that could alert the RIPE analysts to the possibility that the resource was no longer in use, or that the resource holder no longer existed. That's a simplified description of a more-detailed spec which I worked out a while back, and something similar is currently in successful use by several domain registrars. So that proves it's not rocket-science! -- Richard Cox RDGC1-RIPE