Re: [db-wg] Proposal: Abuse-C as a Reference
Why do you not just use IRT?
The prime reason, with which I agree, is that there is this 'mandatory' encryption field. Two things:
I have already polled the CERT community regarding the 'mandatory' for the key-cert attributes. As of today, I haven't heard anything which would prevent us from making those 'optional'. The NCC has confirmed that the modification would be straight-forward (and cheap :-). So this is solved, I think. Wilfried.
On Thu, 2004-05-06 at 17:12, Wilfried Woeber, UniVie/ACOnet wrote:
Why do you not just use IRT?
The prime reason, with which I agree, is that there is this 'mandatory' encryption field. Two things:
I have already polled the CERT community regarding the 'mandatory' for the key-cert attributes. As of today, I haven't heard anything which would prevent us from making those 'optional'.
The NCC has confirmed that the modification would be straight-forward (and cheap :-).
So this is solved, I think.
That is very good to hear as that is I think the main issue that some people where talking about. Can someone sum up the issues that are left with IRT's? Greets, Jeroen
On Thu, May 06, 2004 at 05:18:49PM +0200, Jeroen Massar wrote:
That is very good to hear as that is I think the main issue that some people where talking about.
Can someone sum up the issues that are left with IRT's?
There is not a problem with IRT, it's with the whole database. The problem which we are fighting here is that any ip lookup with the ripe database returns multiple attributes called e-mail and multiple other attributes containing an email address. Operational experience shows that most users aren't able to figure out which address to use when complaining so they just use all. Let me repeat again, the problem is not the IRT object itself, the probemm is that it only contains an e-mail attribute, which is used throughout the database in all objects. We just need a better representation of the data so people can easily find the correct address, without having to read the database specs. Hence the only problem now solved is the fact that the requirement for encryption held people back in creating an irt object. That is a nice change, but it will not fix the problem of being spammed with abuse complaints on various operational and personal email addresses. Grtx, MarcoH
On Fri, 2004-05-07 at 11:33, MarcoH wrote:
On Thu, May 06, 2004 at 05:18:49PM +0200, Jeroen Massar wrote:
That is very good to hear as that is I think the main issue that some people where talking about.
Can someone sum up the issues that are left with IRT's?
There is not a problem with IRT, it's with the whole database. The problem which we are fighting here is that any ip lookup with the ripe database returns multiple attributes called e-mail and multiple other attributes containing an email address.
The RIPE registry is a 'registration database' where a lot of information, eg contacts are stored in. Not only abuse contacts.
Operational experience shows that most users aren't able to figure out which address to use when complaining so they just use all.
<SNIP>
We just need a better representation of the data so people can easily find the correct address, without having to read the database specs.
That is not a problem of the database but of the usage of the database. Which results in a couple of 'solutions' which pop in my head: - Never show e-mail addresses * but that is completely bogus, why even have a database then - Per default not show any email addresses, unless explictly queried. * breaks a lot of existing software - Have a special *frontend* that filters this * users can go to http://www.example.net/findabusecontact/ Database gets queried, done. * Tools need to use this. The last option is the way to go, adding new objects doesn't do anything. The database is fine. The users are not. For example it would be the same as re-modeling google because the users need to do their own SQL (or whatever they use) queries on the database. The frontend needs to be fixed, not the database. Greets, Jeroen
On May 07, MarcoH <marcoh@marcoh.net> wrote:
Operational experience shows that most users aren't able to figure out which address to use when complaining so they just use all.
Let me repeat again, the problem is not the IRT object itself, the probemm is that it only contains an e-mail attribute, which is used throughout the database in all objects.
We just need a better representation of the data so people can easily find the correct address, without having to read the database specs. Wrong. What we need are better *tools*. Many clueless users use the www.ripe.net web interface anyway, so a large part of this problem could be solved by having RIPE advertise a tool like this one:
http://www.cert.pl/cgi-bin/ipdig.pl -- ciao, | Marco | [6253 alfRuehVcXzDI]
On May 06, Jeroen Massar <jeroen@unfix.org> wrote:
Can someone sum up the issues that are left with IRT's? It has been suggested that IRT objects should be automatically returned by queries for inetnum/inetnum6 objects, but I do not remember the RIPE DB people commenting on this.
-- ciao, | Marco | [6254 pa1QSF3gy5nOI]
participants (4)
-
Jeroen Massar
-
Marco d'Itri
-
MarcoH
-
Wilfried Woeber, UniVie/ACOnet