With respect to updating Whois, it is true that many ISPs do not
update their sub-delegations until applying for their next IPv4
block. Whether this is also the case with IPV6 or not remains
to be seen, but given IPv6 allocation size, it would not be good.
In article <20120616160738.EEE097C4@resin05.mta.everyone.net>, Scott Weeks <surfer@mauigateway.com> writes
What is going to make folks change their behavior?
If all else fails, perhaps a regulator fining the ISP $1000 for every allocation (I agree that whether it's IPv4 or IPv6 isn't relevant) where the WHOIS information is shown to be false or significantly out of date.
They could send compliance teams in to check, just like the IRS does for the accounts.
Internet Regulator?
/bill
One would hope that industry self-regulation and the small amount
of self-interest would suffice here, but it's hard to be optimistic.
Even if keeping this information up to date is commonly recognized
as a best practice, our collectively track record in community
pressure for compliance to best practices is uneven at best; i.e.
I can imagine someone saying "Um, can we at least use MD5 on this
session" or "You're giving us a lot of needless deaggregates with
the same path info" but can't quite believe that "We happened to
review all your address blocks and noticed you don't have a lot of
the subassignments listed" is going to be a frequent phrase heard
in peering discussions...
Net result is that we may just have to live with lax practices by
some, since many other potential solutions have real potential for
consequences worse than the problem itself.
FYI,
/John
John Curran
President and CEO
ARIN
But whois info is really the linchpin for LEAs trying to find criminals?
I find that very hard to believe.
CB
It's about time and cost. If it's an emergency situation, trying to guess who might own the address waste time to get confirmation, if it is a complete guessing game. Then a warrant has to be gotten. You need to know who to put on the warrant to make a request.
Exactly.
If you start with an IP address and you're trying to get to some
real-world entity, then you can check routing of the block or the
Whois entry... this will get your to an ISP, but then you get to
repeat the process by contacting that ISP and repeating the query
(and potentially again if their customer is an even smaller ISP
or hosting firm, etc.)
With reasonable Whois update practices, Whois will get you to the
ultimate non-residential organization much faster (which can make
a difference in many situations.) The entire process can be pursued
via contacting ISPs serially and asking them to check their routing
and customer records, but that approach is definitely slower and far
most costly for both government and industry.
FYI,
/John
John Curran
President and CEO
ARIN
In article <20120617095906.GA32028@vacation.karoshi.com.?>, bmanning@vacation.karoshi.com top-posts:
Why not. Lots of aspects of the Internet are regulated.