so... this thread has a couple of really interesting characteristics.
a couple are worth mentioning more directly (they have been alluded to elsewhere)...
as always, despite your choice in floral patterned shirts good
Who gets to define "bad" \- other than a blacklist operator?
Are the common, consistent defintions of "contamination"?
nope, each BL (as near as I can tell) has their own criteria (with
some overlaps to be certain) and they all have their own set of rules
that they either break at-will or change when it suits them. Their
incentives are not aligned with actually getting the problem resolved,
sadly... and they really don't have any power to resolve problems
If these are social/political \- recognise that while the ARIN
region is fairly consistent in its general use and interpretation
of law, there are known varients \- based on soveriegn region\.
Yup, you don't like my business how about I move to the caymans where
it's no longer illegal? The Internet brings with it some
interesting judicial/jurisdictional baggage.
this whole debate/discussion seems based on the premise that there are well
known, consistent, legally defendable choices for defining offensive behaviours.
and pretty much all of history shows us this is not the case.
There are really two discussions, I think somewhere along the path
they were conflated:
1) newly allocated from IANA netblocks show up to end customers and
reachability problems ensue. (route-filters and/or firewall filters)
2) newly re-allocated netblocks show up with RBL baggage (rbls and
smtp blocks at the application layer)
For #1 there was some work (rbush and prior to that Jon Lewis
69block.org?) showing that folks 'never' alter their 'bogon route
filters' or 'bogon access-list entries'.
For #2 ARIN may have a solution in place, if it were more publicly
known (rss feed of allocations, care of RS and marty hannigan
pointers) that RBL operators could use to clean out entries in their
lists providing a better service to their 'users' even, perish the
\(is or is not a mother nursing her child in public pornographic?\)
or SI Swinsuit edition depending on the part of the world you are in,
yes, or even YouTube videos, weee!
So - I suspect that in the end, a registry (ARIN) or an ISP (COMCAST) is only
going to be able to tell you a few things about the prefix you have been handed.
a\) its virginal \- never been used \(that we know of\)
b\) its been used once\.
c\) it has a checkered past
I actually don't think it's a help for ARIN to say anything here,
since they can never know all the RBL's and history for a netblock,
and they can't help in the virginal case since they don't run
A FAQ that says some of the above with some pointers to testing
harnesses to use may be useful. Some tools for network operators to
use in updating things in a timely fashion may be useful.
Better/wider/louder notification 'services' for new block allocations
from IANA -> RIR's may be useful.
Not everyone who runs a router reads their local 'nog' list... Leo
Vegoda does a great job tell us about RIPE allocations, Someone does
the same for ARIN (drc maybe??) and I'm not certain I recall who's
last announced APNIC block yahtzee. Where else is this data
available? In a form that your avg enterprise network op may notice?
and it will be up to the receipient to trust/accept the resource for what it
currently is or chose to reject it and find soliace elsewhere.
'solace elsewhere'... dude there is no 'elsewhere'.
(and yes, I'm yanking your chain about the shirts...)