> This bit is not possible. The "abuse-c:" attribute is 'single'. So the

> resource object can only ever reference one abuse contact.

Thanks Denis. abuse-c arity is a point I was dubious about. 

Thus, it is not currently possible to publish an abuse-c with the customer address and keep the ISP copied at the same time, as desired.

In order to know what is being sent thete, the ISP needs to provide its own address and (if appropriate) forward complaints received there to the customer.

Best regards

-- 

INCIBE-CERT - Spanish National CSIRT

https://www.incibe-cert.es/

PGP keys: https://www.incibe-cert.es/en/what-is-incibe-cert/pgp-public-keys

====================================================================

INCIBE-CERT is the Spanish National CSIRT designated for citizens,

private law entities, other entities not included in the subjective

scope of application of the "Ley 40/2015, de 1 de octubre, de Régimen

Jurídico del Sector Público", as well as digital service providers,

operators of essential services and critical operators under the terms

of the "Real Decreto-ley 12/2018, de 7 de septiembre, de seguridad de

las redes y sistemas de información" that transposes the Directive (EU)

2016/1148 of the European Parliament and of the Council of 6 July 2016

concerning measures for a high common level of security of network and

information systems across the Union.

====================================================================

In compliance with the General Data Protection Regulation of the EU

(Regulation EU 2016/679, of 27 April 2016) we inform you that your

personal and corporate data (as well as those included in attached

documents); and e-mail address, may be included in our records 

for the purpose derived from legal, contractual or pre-contractual

obligations or in order to respond to your queries. You may exercise

your rights of access, correction, cancellation, portability,

limitationof processing and opposition under the terms established by

current legislation and free of charge by sending an e-mail to

dpd@incibe.es. The Data Controller is S.M.E. Instituto Nacional de

Ciberseguridad de España, M.P., S.A. More information is available

on our website: https://www.incibe.es/proteccion-datos-personales

and https://www.incibe.es/registro-actividad.

====================================================================