[sig-policy] prop-079-v002: Abuse contact information

  • To: Policy SIG <sig-policy at apnic dot net>
  • Subject: [sig-policy] prop-079-v002: Abuse contact information
  • From: Randy Bush <randy at psg dot com>
  • Date: Wed, 10 Feb 2010 14:40:24 +1030
  • Delivered-to: sig-policy at mailman dot apnic dot net
  • List-archive: <http://mailman.apnic.net/mailing-lists/sig-policy>
  • List-help: <mailto:sig-policy-request@lists.apnic.net?subject=help>
  • List-id: APNIC SIG on resource management policy <sig-policy.lists.apnic.net>
  • List-post: <mailto:sig-policy@lists.apnic.net>
  • List-subscribe: <http://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=subscribe>
  • List-unsubscribe: <http://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=unsubscribe>
  • User-agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
    • 
      Version 2 of the proposal "Abuse contact information" has been sent to
      the Policy SIG for review. It will be presented at the Policy SIG at
      APNIC 29 in Kuala Lumpur, 1-5 March 2010.
      
      Information about this and other policy proposals is available from:
      
              http://www.apnic.net/policy/proposals
      
      This new version of the proposal reflects feedback from the community
      received on the Policy SIG mailing list:
      
            - While version 1 proposed that a mandatory "abuse-c" field be
              added to all inetnum, inet6num, and aut-num objects, version 2
              proposes that a mandatory reference to an IRT object be included
              instead.
      
            - Version 2 updates the "Situation in other RIRs" section
              with regard to "abuse-c" existing in the inetnum and inet6num
              objects in the LACNIC region.
      
            - Version 2 updates the "Situation in other RIRs" section
              to state that if the proposal is successful in the APNIC region,
              the author will also propose it in the RIPE region.
      
            - To reflect the above changes, the title of the proposal has
              changed and sections 1, 3, 4, and 6 have significant changes.
              Section 2, paragraph 2 has minor word changes that do not affect
              the meaning of the paragraph and section 8 has minor changes.
      
      We encourage you to express your views on the proposal:
      
               - Do you support or oppose this proposal?
               - Is there anything in the proposal that is not clear?
               - What changes could be made to this proposal to make it more
                 effective?
      
      Randy, Ching-Heng, and Terence
      
      ________________________________________________________________________
      
      prop-079-v002: Abuse contact information
      ________________________________________________________________________
      
      Author:    Tobias Knecht <tk at abusix dot org>
      
      Version:   2
      
      Date:      10 February 2010
      
      1.  Introduction
      ----------------
      
      This is a proposal to introduce a mandatory reference to IRT objects
      in the inetnum, inet6num and aut-num objects in the APNIC Whois Database
      to provide a more efficient way for abuse reports to reach the correct
      network contact.
      
      2.  Summary of current problem
      ------------------------------
      
      More and more network owners are starting to establish dedicated abuse
      handling departments.
      
      More and more network owners and other institutions are also starting
      to exchange data about abusive behavior with each other to help networks
      identify internal abuse and security problems faster.
      
      Currently within the APNIC region, the growing amount of abuse reports
      are sent to tech-c or admin-c contacts as encouraged on the APNIC
      website.[1] This is because APNIC Whois Database currently has no
      mandatory specialized contact object for abuse departments. Instead, all
      abuse reports are sent to the "wrong" contact first.
      
      3.  Situation in other RIRs
      ---------------------------
      
      AfriNIC:
      
           There are currently no specific abuse-related fields implemented in
           the AfriNIC Whois Database. However, if the current proposal
           is successful in the APNIC region, the author plans to submit a
           similar proposal for the AfriNIC region.
      
      ARIN:
      
           An abuse-POC exists for Organizational ID identifiers.[2]
      
      LACNIC:
      
           An abuse-c exists for aut-num, inetnum and inet6num objects.[3]
      
      RIPE:
      
           An optional IRT (Incident Response Team) object can be linked to
           inetnum and inet6num objects.[4] If the current proposal is
           successful in the APNIC region, the author plans to submit a similar
           proposal for the RIPE region.
      
      4.  Details of the proposal
      ---------------------------
      
      It is proposed that APNIC:
      
      4.1 Institute a mandatory reference to an IRT object in inetnum,
           inet6num, and aut-num objects.
      
           In terms of implementing the mandatory IRT references, it is
           suggested that this occur in the following two ways:
      
           - The first time organization attempt to update an existing inetnum,
             inet6num or aut-num object
      
           - When new inetnum, inet6num or aut-num objects are added to the
             database
      
      4.2 Have a mandatory abuse-mailbox field in the IRT object.
      
      4.3 Delete abuse-mailbox fields in all objects without IRT and delete
           the trouble field everywhere starting 2011.
      
      5.  Advantages and disadvantages of the proposal
      ------------------------------------------------
      
      5.1 Advantages
      
           - Networks will be able to supply their own contact information for
             abuse departments.
      
           - Abuse complaints will not be sent to the "wrong" contact any more.
      
           - There will be more flexibility. Faster abuse handling will be
             possible leading to less abusive behavior.
      
      5.2 Disadvantages
      
           - No disadvantages are foreseen.
      
      6.  Effect on APNIC Members
      ---------------------------
      
      There will be no immediate affect for APNIC Members with existing
      resource registrations already in the APNIC Whois Database.
      
      However, Members will need to add a reference to the mandatory IRT
      object in the following situations:
      
           - The first time Members attempt to update an existing inetnum,
             inet6num or aut-num object
      
           - When Members add new inetnum, inet6num or aut-num objects
      
      7.  Effect on NIRs
      ------------------
      
      It would be of benefit to the whole Internet community if NIRs were to
      implement a similar abuse contact scheme in their whois databases. But
      this would be another proposal.
      
      8.  References
      --------------
      
      [1] Reporting abuse and spam
           http://www.apnic.net/reporting-abuse
      
      [2] Introduction to ARIN's Database
           https://www.arin.net/knowledge/database.html#abusepoc
      
      [3] There is no formal documentation on abuse-c in inetnum and inet6num
           objects, but for documentation on the abuse-c in ASN records, see
           LACNIC Policy Manual (v1.3 - 07/11/2009)
           http://lacnic.net/en/politicas/manual4.html
      
      [4] IRT Object FAQ
           http://www.ripe.net/db/support/security/irt/faq.html