In message <3.0.5.32.19980514130721.008d8e30@norfolk.infi.net>, Dean Robb write
s:
Rather than whining about the "powers that be" and pointing out how the
system is broken, why not propose a solution that these so-called "powers"
could implement to solve the problem. IANA and ARIN and RIPE and APNIC are
composed of some very ordinary yet clueful Internet folks that are capable
of recognizing a good idea when it is explained to them.
OK, Good Idea People...here's one.
The ARIN WhoIs database contains many false entries, as does InterNIC's.
The proposal made to InterNIC (which was ignored in so many words) was that
when we users notice a bogus entry, we notify the registrar who contacts
the registration owner for a correction or, if it's a blatant
falsification, deletes the entry.
Warmington, Drew (DW5183-ARIN) nomailbox@NOWHERE
7149661345 (FAX) 714-263-9260
...
Kindly note that the email address doesn't even have a TLD. Hard to
consider it valid, what?
As a side note, why not modify your software so that things like this are
rejected? It shouldn't be all that hard to make sure that the email
address at least has the required components.
I think it would be a reasonable proposal for ARIN to modify
its SWIP process to do a dnslookup for the email domain to very
it as valid. Possibly even a SMTP VRFY or EXPN command.
However there are some companies that feel that their customer
data is confidential, and refuse to reveal it. (Also if they
use rwhois fixing swip won't solve the problem completely.)
Right now, I haven't seen any input from ARIN members indicating this
is somethign desire. I don't see raising the issue to the advisory council
unless the ARIN membership desires this. (If your not an ARIN member
then your opinion may not have any weight with the AC.)
I think its a reasonable idea, but I'm not inclined to go against the
wishes of the membership.
is somethign desire. I don't see raising the issue to the advisory council
unless the ARIN membership desires this. (If your not an ARIN member
then your opinion may not have any weight with the AC.)
I'm willing to look at good ideas no matter where they come from.
I think its a reasonable idea, but I'm not inclined to go against the
wishes of the membership.
I suspect that often the members don't know what they think on an issue
unless they are asked. That's why I like to see these things discussed in
relatively open forums because if someone suggests a really bad thing,
then at least one member is likely to call up the AC and point out why it
is a problem. But in the absence of member input the AC has to operate
based on their understanding of the addressing infrastructure. That's why
we look for knowledgable people for the AC regardless of whether they work
for an ARIN member or not.
I must say I find your attitude....appalling.
1. How can you say you're not inclined to "go against the wishes of the
membership" if you don't even ask the membership what their wishes are?
I'd lay odds that no one has even thought about the issue, let alone decide
if it's a weighty matter.
2. You explicitly say that unless I'm a member, my opinion may carry no
weight with the AC. Does that mean that I can't have a good idea unless I
first pony up $1000? How positively absurd and insulting...to the other
members.
Mr. Dillon said "IANA and ARIN and RIPE and APNIC are composed of some very
ordinary yet clueful Internet folks that are capable of recognizing a good
idea when it is explained to them.". He did NOT add the codicil that
people must have paid One Thousand Dollars for the privilege of presenting
an idea to these clueful folks. I sincerely hope and trust that others
don't think that only the elite few can have an idea.
3. It's too late, anyway. I'm NOT a member but have made the suggestion.
Hopefully, some forward-thinking, intellegent members may see this and
think it worthy of discussion.
4. Of course, you can ignore the issue and let the ARIN database
deteriorate to the state that InterNIC's WhoIs is in. Shall we take a poll
on how many people are happy with IT? Far better to deal with a problem
while it's small and keep it from becoming large.
5. I sincerely hope other members take you to task for your attitude. If
all members have your mindset, I wouldn't join even if I DID had a spare
grand sitting around.
Spam(tm) is pressed meat. Spammers should be too.
Dean Robb
PC-Easy
On-site computer services
(757) 495-EASY [3279]
How about a simple script checking the template for little things like
numbers in the the phone number fields, or TLDs attached to email addresses?
As for the confidentiality matter: there's a problem...a little thing
called the RFCs. Specifically, RFCs 1032, 1033, 920, 1173, 1174 (and
several others) require contact information that is "complete, correct and
current". The information provided in a registry information is no more
than what the Supreme Court has ruled is public data and as such not
entitled to special protections.
Furthermore, I direct your attention to RFC 1355 which deals specifically
with database accuracy and privacy issues, notably:
" 4. NIC Database Accuracy
The value of any NIC database is dependent on the accuracy and
timeliness of its contents. Any database not being maintained well
can create major difficulties for those using it and for those people
and organizations listed.
For each publically accessible database that a NIC operates, the NIC
should have a clear statement that describes the process that the NIC
uses to maintain accuracy in the database. This statement could be
combined with the privacy statement described above for sake of
administrative convenience."
In short, by permissively allowing "some ISPs" to avoid providing valid
contact data you are not only defeating the purpose of the WhoIs database
(may as well toss it!), but you are allowing these ISPs to flout the RFCs
that govern the Internet's operation. The Internet is a cooperative
endeavor, if certain entities choose not to cooperate then why should the
rest of the Internet allow them connectivity? If one can pick and choose
which RFCs (including STDs) to follow then where will the line be drawn?
If you're not going to keep the data in the database valid, why have a
database in the first place?
Spam(tm) is pressed meat. Spammers should be too.
Dean Robb
PC-Easy
On-site computer services
(757) 495-EASY [3279]
Any rational request or comment that any stakeholder (meaning user, network
operator, etc) would like to present I will entertain and be more than happy
to listen to.
My duty as an AC member is to the public.
<snip>
I think it would be a reasonable proposal for ARIN to modify
its SWIP process to do a dnslookup for the email domain to very
it as valid. Possibly even a SMTP VRFY or EXPN command.
<snippity>
Correct me if I'm wrong but more than likley the false contact info was
done on a Modify not on a New reg.