-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 17.10.2012 23:16, Sascha Luck wrote:
On Wed, Oct 17, 2012 at 10:53:02PM +0200, Michael Markstaller wrote:
For a working Internet I'd appreciate a definite, clear, confirmed, current contact for resources in case of abuse etc..
For the n-th time now in this thread: The LIR IS NOT RESPONSIBLE for abuse from a sponsored PI range. Same as the NCC IS NOT RESPONSIBLE for abuse from a PA range.
As long as people will attempt to MAKE the LIRs responsible for their sponsored PI, I will oppose any such policy. Harassing a LIR for perceived abuse from a PI range wastes your time and pisses off the LIR.
Who is it then? Sorry, thats a little unfair.. We as LIR and me as CTO have to be responsible for our resources. Lets say it a little drastic: If someone asks me for a /24 to spam the world, I'd tell him I won't do this as I'm responsible what happens there. Point. But would it be ok to tell: "Well, hmm, get a PI don't tell anybody it's from me and push out your shit over another provider so they just don't call up me?" Don't think so..
That, the sponsoring LIR *IS* responsible for since 2007-01, so any non-contactable PI holders should be shut down when the next payday comes around at the latest. Also the NCC can shutdown LIRs for incorrect information, I assume that to include PI information.
I don't see this to happen but I maybe wrong..
That's the point where I want to know, whom to contact "upstream" to clarify this.. Someone should be able to get contacted (not responsible!)..
A sponsoring LIR *may* be the upstream, in which case the ASPATH should show it. Many LIRs do not route their sponsored PI resources.
Thats clear but there IMHO must be some path to get hold of the user - either via sponsoring LIR or via upstream (which might be more complicated but also a way..)
Just a suggestion: If its only about privacy, a tradeoff could be: only visible for LIRs in lirportal (?)
That may be acceptable, at least more so than making it uncontrolledly public.
I could live with that, as long as abuse-mails don't end up in a fictious, never existing mailbox ;) Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlB/ITQACgkQaWRHV2kMuAJeIQCfdm0mXW8XFEGbGR5+gofBkXkq gNUAnROcA9zHsew0BTb9Tz5DgEL+PKBc =8AhU -----END PGP SIGNATURE-----