Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE!
--- jcurran@arin.net wrote: From: John Curran <jcurran@arin.net> With respect to updating Whois, it is true that many ISPs do not update their sub-delegations until applying for their next IPv4 block. Whether this is also the case with IPV6 or not remains to be seen, but given IPv6 allocation size, it would not be good. ---------------------------------------------------- What is going to make folks change their behavior? scott
In article <20120616160738.EEE097C4@resin05.mta.everyone.net>, Scott Weeks <surfer@mauigateway.com> writes
What is going to make folks change their behavior?
If all else fails, perhaps a regulator fining the ISP $1000 for every allocation (I agree that whether it's IPv4 or IPv6 isn't relevant) where the WHOIS information is shown to be false or significantly out of date. They could send compliance teams in to check, just like the IRS does for the accounts. -- Roland Perry
Internet Regulator? /bill On Sun, Jun 17, 2012 at 10:43:26AM +0100, Roland Perry wrote:
In article <20120616160738.EEE097C4@resin05.mta.everyone.net>, Scott Weeks <surfer@mauigateway.com> writes
What is going to make folks change their behavior?
If all else fails, perhaps a regulator fining the ISP $1000 for every allocation (I agree that whether it's IPv4 or IPv6 isn't relevant) where the WHOIS information is shown to be false or significantly out of date.
They could send compliance teams in to check, just like the IRS does for the accounts. -- Roland Perry
On Jun 16, 2012, at 7:07 PM, Scott Weeks wrote:
From: John Curran <jcurran@arin.net>
With respect to updating Whois, it is true that many ISPs do not update their sub-delegations until applying for their next IPv4 block. Whether this is also the case with IPV6 or not remains to be seen, but given IPv6 allocation size, it would not be good.
What is going to make folks change their behavior?
One would hope that industry self-regulation and the small amount of self-interest would suffice here, but it's hard to be optimistic. Even if keeping this information up to date is commonly recognized as a best practice, our collectively track record in community pressure for compliance to best practices is uneven at best; i.e. I can imagine someone saying "Um, can we at least use MD5 on this session" or "You're giving us a lot of needless deaggregates with the same path info" but can't quite believe that "We happened to review all your address blocks and noticed you don't have a lot of the subassignments listed" is going to be a frequent phrase heard in peering discussions... Net result is that we may just have to live with lax practices by some, since many other potential solutions have real potential for consequences worse than the problem itself. FYI, /John John Curran President and CEO ARIN
But whois info is really the linchpin for LEAs trying to find criminals? I find that very hard to believe. CB
It's about time and cost. If it's an emergency situation, trying to guess who might own the address waste time to get confirmation, if it is a complete guessing game. Then a warrant has to be gotten. You need to know who to put on the warrant to make a request. Cameron Byrne <cb.list6@gmail.com> wrote: But whois info is really the linchpin for LEAs trying to find criminals? I find that very hard to believe. CB
On Jun 17, 2012, at 9:39 AM, joseph.snyder@gmail.com wrote:
It's about time and cost. If it's an emergency situation, trying to guess who might own the address waste time to get confirmation, if it is a complete guessing game. Then a warrant has to be gotten. You need to know who to put on the warrant to make a request.
Exactly. If you start with an IP address and you're trying to get to some real-world entity, then you can check routing of the block or the Whois entry... this will get your to an ISP, but then you get to repeat the process by contacting that ISP and repeating the query (and potentially again if their customer is an even smaller ISP or hosting firm, etc.) With reasonable Whois update practices, Whois will get you to the ultimate non-residential organization much faster (which can make a difference in many situations.) The entire process can be pursued via contacting ISPs serially and asking them to check their routing and customer records, but that approach is definitely slower and far most costly for both government and industry. FYI, /John John Curran President and CEO ARIN
participants (6)
-
bmanning@vacation.karoshi.com
-
Cameron Byrne
-
John Curran
-
joseph.snyder@gmail.com
-
Roland Perry
-
Scott Weeks