On 29-Feb-2016, at 12:08 AM, Ruediger Volk <rv@NIC.DTAG.DE> wrote:
We have to assume that Internet number resource holders requested to establish abuse-c - usually are NOT focussed an abuse handling (different core business:-)
With all due respect - assume that the number resource holder is a corporation engaged in, for example, brewing beer. Admittedly their core business is not providing internet access or managing abuse. Wouldn’t they have a corporate IT team tasked with looking at compromises on their network that are causing abuse / DDoS issues (which might further lead to data leaks from their company etc)? With abuse-c an external reporter can reach out to the appropriate team, which might possibly be a third party vendor, rather than having to call or email the brewery’s corporate HQ and then have the message work through several layers of staff and possibly just get lost. This merely provides a standard format to contact the relevant team - which may well be the same corporate IT team for them that manages their IP space and routing. Reporters are simply spared the decision tree of whether to mail a tech contact for a ddos issue where he / she may be totally different from the security department that handles it. Or an ISP providing services and allocating a range to their customer may want their information in the abuse-c.