On 15 Jun 2007, at 4:37pm, Denis Walker wrote: [...]
accountability is also important. Governments and LEAs want to know "who" is responsible for Internet resources.
I agree.
A faceless role object will not be good enough.
I doubt person objects would be, either. That's what organisation objects, do.
The "who" is probably the enduser. This is often a customer of an ISP. They will not have an organisation object.
If they're a domestic user with a /32 then there's no need to register their assignment and the police have to ask the ISP for details. If they are a small business with a small assignment of /29 or shorter then a role object with the full business name and possibly a postal address for the business premises will give enough information. I don't understand what value is added by asking a person to put their name and personal contact information in the database in such a situation.
If we drop person objects, the full picture is split over many databases. An LEA has to go to the RIPE Database with a list of IP addresses. Find the organisations, then go to the individual organisations to find the "who" from their customer databases.
I'm suggesting that personal identifying information is probably not necessary for most small network operators. I'm not suggesting that no contact information should be provided at all. However, I really think that this discussion is premature and should only be addressed once we have identified the database's purpose(s). Regards, -- Leo Vegoda IANA Numbers Liaison