[sig-policy] prop-079-v002: Abuse contact information

  • To: Policy SIG <sig-policy at apnic dot net>
  • Subject: [sig-policy] prop-079-v002: Abuse contact information
  • From: Randy Bush <randy at psg dot com>
  • Date: Wed, 10 Feb 2010 14:40:24 +1030
  • Delivered-to: sig-policy at mailman dot apnic dot net
  • List-archive: <http://mailman.apnic.net/mailing-lists/sig-policy>
  • List-help: <mailto:sig-policy-request@lists.apnic.net?subject=help>
  • List-id: APNIC SIG on resource management policy <sig-policy.lists.apnic.net>
  • List-post: <mailto:sig-policy@lists.apnic.net>
  • List-subscribe: <http://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=subscribe>
  • List-unsubscribe: <http://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=unsubscribe>
  • User-agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
      Version 2 of the proposal "Abuse contact information" has been sent to
      the Policy SIG for review. It will be presented at the Policy SIG at
      APNIC 29 in Kuala Lumpur, 1-5 March 2010.
      Information about this and other policy proposals is available from:
      This new version of the proposal reflects feedback from the community
      received on the Policy SIG mailing list:
            - While version 1 proposed that a mandatory "abuse-c" field be
              added to all inetnum, inet6num, and aut-num objects, version 2
              proposes that a mandatory reference to an IRT object be included
            - Version 2 updates the "Situation in other RIRs" section
              with regard to "abuse-c" existing in the inetnum and inet6num
              objects in the LACNIC region.
            - Version 2 updates the "Situation in other RIRs" section
              to state that if the proposal is successful in the APNIC region,
              the author will also propose it in the RIPE region.
            - To reflect the above changes, the title of the proposal has
              changed and sections 1, 3, 4, and 6 have significant changes.
              Section 2, paragraph 2 has minor word changes that do not affect
              the meaning of the paragraph and section 8 has minor changes.
      We encourage you to express your views on the proposal:
               - Do you support or oppose this proposal?
               - Is there anything in the proposal that is not clear?
               - What changes could be made to this proposal to make it more
      Randy, Ching-Heng, and Terence
      prop-079-v002: Abuse contact information
      Author:    Tobias Knecht <tk at abusix dot org>
      Version:   2
      Date:      10 February 2010
      1.  Introduction
      This is a proposal to introduce a mandatory reference to IRT objects
      in the inetnum, inet6num and aut-num objects in the APNIC Whois Database
      to provide a more efficient way for abuse reports to reach the correct
      network contact.
      2.  Summary of current problem
      More and more network owners are starting to establish dedicated abuse
      handling departments.
      More and more network owners and other institutions are also starting
      to exchange data about abusive behavior with each other to help networks
      identify internal abuse and security problems faster.
      Currently within the APNIC region, the growing amount of abuse reports
      are sent to tech-c or admin-c contacts as encouraged on the APNIC
      website.[1] This is because APNIC Whois Database currently has no
      mandatory specialized contact object for abuse departments. Instead, all
      abuse reports are sent to the "wrong" contact first.
      3.  Situation in other RIRs
           There are currently no specific abuse-related fields implemented in
           the AfriNIC Whois Database. However, if the current proposal
           is successful in the APNIC region, the author plans to submit a
           similar proposal for the AfriNIC region.
           An abuse-POC exists for Organizational ID identifiers.[2]
           An abuse-c exists for aut-num, inetnum and inet6num objects.[3]
           An optional IRT (Incident Response Team) object can be linked to
           inetnum and inet6num objects.[4] If the current proposal is
           successful in the APNIC region, the author plans to submit a similar
           proposal for the RIPE region.
      4.  Details of the proposal
      It is proposed that APNIC:
      4.1 Institute a mandatory reference to an IRT object in inetnum,
           inet6num, and aut-num objects.
           In terms of implementing the mandatory IRT references, it is
           suggested that this occur in the following two ways:
           - The first time organization attempt to update an existing inetnum,
             inet6num or aut-num object
           - When new inetnum, inet6num or aut-num objects are added to the
      4.2 Have a mandatory abuse-mailbox field in the IRT object.
      4.3 Delete abuse-mailbox fields in all objects without IRT and delete
           the trouble field everywhere starting 2011.
      5.  Advantages and disadvantages of the proposal
      5.1 Advantages
           - Networks will be able to supply their own contact information for
             abuse departments.
           - Abuse complaints will not be sent to the "wrong" contact any more.
           - There will be more flexibility. Faster abuse handling will be
             possible leading to less abusive behavior.
      5.2 Disadvantages
           - No disadvantages are foreseen.
      6.  Effect on APNIC Members
      There will be no immediate affect for APNIC Members with existing
      resource registrations already in the APNIC Whois Database.
      However, Members will need to add a reference to the mandatory IRT
      object in the following situations:
           - The first time Members attempt to update an existing inetnum,
             inet6num or aut-num object
           - When Members add new inetnum, inet6num or aut-num objects
      7.  Effect on NIRs
      It would be of benefit to the whole Internet community if NIRs were to
      implement a similar abuse contact scheme in their whois databases. But
      this would be another proposal.
      8.  References
      [1] Reporting abuse and spam
      [2] Introduction to ARIN's Database
      [3] There is no formal documentation on abuse-c in inetnum and inet6num
           objects, but for documentation on the abuse-c in ASN records, see
           LACNIC Policy Manual (v1.3 - 07/11/2009)
      [4] IRT Object FAQ