Ulrich Kiermayr wrote at 5/6/04 09:25:
This abuse-c inherits all the features of irt as well ...
Except that crypto is optional. Fair enough.
... resulting in just one object for this area
I suggest we keep IRT for the purpose for which it was built, and make no changes to it (so it will be different from the role or person used we make available for abuse). This might actually encourage the use of IRT objects, since it reduces the risk that CSIRTs will get abuse reports they mostly don't want. And IRTs may then be useful, so I don't support removing them.
Implementing abuse-c that way would give a 1:1 mapping between irt and role and therefore making irt obsolete (and the existing objects auto-convertable).
I think the 1-1 mapping is unnecessary; auto-copying is still possible. Can you confirm that the abuse-c: attribute can also refer to an IRT object for people who want to do it that way?
Add the missing features from irt: to the person and role objects:
person: [mandatory] [single] [lookup key] address: [mandatory] [multiple] [ ] phone: [mandatory] [multiple] [ ] fax-no: [optional] [multiple] [ ] e-mail: [optional] [multiple] [lookup key] signature: [optional] [multiple] [ ] <-- encryption: [optional] [multiple] [ ] <-- nic-hdl: [mandatory] [single] [primary/look-up key] remarks: [optional] [multiple] [ ] notify: [optional] [multiple] [inverse key] mnt-by: [optional] [multiple] [inverse key] ref-nfy: [optional] [multiple] [inverse key] <-- mnt-ref: [optional] [multiple] [ ] <-- changed: [mandatory] [multiple] [ ] source: [mandatory] [single] [ ]
Do we need a dedicated attribute in role and person? abuse-mail: [optional] [multiple] [ ] (or the name could be 'abuse-mailbox' as in Ulrich's example) Does the attribute need to be a lookup key like e-mail? (again as in the example) Should we make the abuse-mail attribute mandatory for the object types concerned? But that might force us to use a new object type :-(
Query behaviour:
Return abuse-c by default as well
The thing to return is not the name of the abuse-c reference; it's the abuse-mail attribute of the object referred to. Perhaps that's what you meant anyway?
Return abuse-c by default as well (or include default -c i.e. return abuse-c from the least specific inetnum containing the ip in question).
Not quite, surely. We want to provide one user population with exactly one e-mail address and not too much else; so somehow we have to walk the database for them and not put the burden on them or their client software. I do not believe we can expect tool writers (eg SpamCop, geektools) to do that for us; I do not believe we can deploy a different whois client. We might get away with publishing a different server location (whois-for-the-masses.ripe.net? abuse.ripe.net?); or with putting this behaviour on whois.ripe.net and moving the present behaviour to a new address. But don't we want to present the mail address derived from the _most_ specific inetnum (rather than the least)?
Change the -c flag to use abuse-c instead of mnt-irt.
No need to change that behaviour if we take the above approach. Rodney Tillotson, JANET-CERT