In a message written on Thu, Sep 23, 2004 at 05:56:42PM -0400, Joe Abley wrote:
The proposal (which comes from APNIC members, not from APNIC staff) concerns non-portable addresses assigned to end-users. I don't know about anybody else, but I've never had any luck getting a response from people in that category anyway; it's invariably the upstream ISPs who respond (if anybody does), and there is no suggestion that their contact details will be able to be hidden.
There are several proposals in various stages before ARIN and RIPE about this same issue. APNIC simply beat everyone to the punch, but most of the other groups are going down the same path. The interesting case brought by several providers is that some residential DSL providers are now assigning /29's to end users to support multiple boxes. In some cases these additional boxes are service provider boxes to provide value-add services (think, a voice or video gateway box). This creates the very real situation where "grandma" is now published in whois. "grandma" doesn't like the spam, doesn't want to be listed (she already has an unlisted phone number) and even if her machine is owned and spewing forth spam contacting her is just going to result in confusion. To that end the service provider would like to not list her, protect her privacy, and when people query have only their block and contact show up so they can field the call and either block her port, or have a (hopefully more helpful) customer service person help her clean her infected machine or whatever. Generally the people who actually work abuse all have a similar report: end user assignments in whois are worthless. End users fall into one of two catagories: 1) "grandma", where contacting her is going to get you nowhere because they don't know what you're talking about. 2) An abuser (spammer, ddoser, whatever). These people either won't respond, or will respond but take no action, in both cases hoping to string you along and make you either go away, or at least buy some more time while they tie you up dealing with them. Because of this most of the people dealing with abuse are already ignoring end user contact information and going straight to the upstream ISP anyway. This brings us to why these proposals are getting traction in all the RIR's. Spending thousands of hours maintaining data that many (most? nearly all?) of the users say is useless is silly. Indeed, this is the same thing many of the people who have alredy responded to this thread have said, only turned on it's head. "I treat all APNIC data as worthless" easily translates into "APNIC shouldn't keep the data" when you're one of the people paying the costs to upkeep the data. Chicken and egg, or egg and chicken? I'm not really sure. That said, the current rules basically ensure that at some point in the future, when everyone needs a /29, everyone on the planet will be listed in whois. That to me is the truely absurd part. I don't understand people who think every DSL, and every cable modem user should be listed in whois /purely by the fact that they have a couple of static IP addresses/. I can't imagine how that makes anything better for anyone. Many people will automatically tie this into another issue, but it is a separate issue. Upstreams, or more importantly LIR's (in registry speak) need to have valid contact information and need to act on complaints. I'm not quite sure how we enforce those requirements. However, the lack of being able to enforce those requirements does not make listing everyone any better of a solution. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org