-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 08/04/2004 13:14 +0100, Jeroen Massar wrote:
Clueless users ...
... buy some shrink-wrapped software to run on their WinXX box, which has a clue-free default configuration which they never review.
Which makes every proposal useless as in that case you are assuming the current toolwriters don't know about IRT objects. Then for sure they are not going to accept implementing the suddenly new abuse-mailbox and a separate spam-mailbox etc on every object too.
The IRT route has an extra step. Instead of inet[6]num -> e-mail address[es] they have to do inet[6]num -> IRT(if present) -> e-mail address[es] and tool-writers have to add extra code. They will understand that. There's a deadly embrace. Toolwriters will write the extra code (for IRT or multiple reporting addresses) if it gets them a working address nearly every time; and not if it doesn't. LIRs and ISPs will bother to deploy IRTs if almost everybody uses the e-mail address they publish; and not otherwise. The challenge for the WG is to come up with something in which the benefits exceed the costs for all the players involved, in a fairly short time. Of the ideas so far, the following combinations come somewhere close: 1. Encourage widespread deployment of IRT objects, and change the default behaviour of the whois _servers_ (in consultation with toolwriters and other RIRs) to follow through and show the right e-mail address and no wrong ones for a single _client_ request; 2. Like 1, but invent a separate AbuseHandler object that works like IRT; and make similar changes to default server behaviour; 3. Encourage LIRs and ISPs to add an abuse-mail atribute to inet[6]nums, and again change the default server behaviour. 4. Do any of the above without changing default server behaviour, and run a project to help all important toolwriters update their products. (other really different ideas, anyone?) (4) does not help the truly clueless (back to Jeroen's original point), as it needs changes to the installed base of dedicated tools and of plain whois clients. It will take several years. (3) looks a bad choice for any LIR or ISP who needs to change the destination e-mail address in all their inet[6]nums. That need not happen often; but if it does, the timing is sure to be inconvenient. (1) and (2) are technically identical; the choice between them depends on whether you think e-mail abuse is sometimes, always or never a suitable task for an Incident Response team. I do not know a rational way to make that choice. Rodney Tillotson, JANET-CERT +44 1235 822 255. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBQHVhPMxy/J7PAuvpEQLEyQCdFTPgAkHYwHujQwn+oTKRqzr9aacAn3Vp sOjYu0HNwF1m3PeCSyTCBH4D =3BEE -----END PGP SIGNATURE-----