From brian.nisbet at heanet.ie Tue Mar 8 11:05:36 2011 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Tue, 08 Mar 2011 10:05:36 +0000 Subject: [acm-tf] ACM-TF Call - Thursday 10th March Message-ID: <4D75FF70.1020506@heanet.ie> Colleagues, Thanks again for signing up to participate in the Task Force. I'd just like to confirm that we will be going ahead with the call on Thursday at 14:00 UTC. Details for the call will be circulated over the next day or so. The main focus of this call will be to introduce ourselves and flesh out the agenda/scope for the TF. Looking forward to talking to you then. Brian. From brian.nisbet at heanet.ie Tue Mar 8 13:22:19 2011 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Tue, 08 Mar 2011 12:22:19 +0000 Subject: [acm-tf] ACM-TF Call - Thursday 10th March In-Reply-To: References: <4D75FF70.1020506@heanet.ie> Message-ID: <4D761F7B.9080400@heanet.ie> "Suresh Ramasubramanian" wrote the following on 08/03/2011 12:14: > On Tue, Mar 8, 2011 at 3:35 PM, Brian Nisbet wrote: >> I'd just like to confirm that we will be going ahead with the call on >> Thursday at 14:00 UTC. Details for the call will be circulated over the next >> day or so. The main focus of this call will be to introduce ourselves and >> flesh out the agenda/scope for the TF. > > Sorry - what are the dialin details etc, again? > Must have missed the original email. They haven't been circulated yet, so you haven't missed anything. :) They will be either today or tomorrow. Brian. From ops.lists at gmail.com Tue Mar 8 13:14:56 2011 From: ops.lists at gmail.com (Suresh Ramasubramanian) Date: Tue, 8 Mar 2011 17:44:56 +0530 Subject: [acm-tf] ACM-TF Call - Thursday 10th March In-Reply-To: <4D75FF70.1020506@heanet.ie> References: <4D75FF70.1020506@heanet.ie> Message-ID: On Tue, Mar 8, 2011 at 3:35 PM, Brian Nisbet wrote: > I'd just like to confirm that we will be going ahead with the call on > Thursday at 14:00 UTC. Details for the call will be circulated over the next > day or so. The main focus of this call will be to introduce ourselves and > flesh out the agenda/scope for the TF. Sorry - what are the dialin details etc, again? Must have missed the original email. -- Suresh Ramasubramanian (ops.lists at gmail.com) From brian.nisbet at heanet.ie Wed Mar 9 11:59:25 2011 From: brian.nisbet at heanet.ie (Brian Nisbet) Date: Wed, 09 Mar 2011 10:59:25 +0000 Subject: [acm-tf] Meeting Thursday 10th March 14:00 UTC - Agenda & Details Message-ID: <4D775D8D.5020406@heanet.ie> Morning, Thanks again for your participation, looking forward to talk to you tomorrow. Proposed agenda: - Introduction of the taskforce members (Everyone) An opportunity for everyone to introduce themselves. - Background of the taskforce (Brian, Wilfried, NCC) How did the taskforce come about, the background and proposals (2010-08, 2010-09 and 2010-10) - Taskforce name (Everyone) - The charter (Everyone) Discuss the charter and fine tune it where necessary: * Data quality in the RIPE Database * Documenting Abuse POC in the RIPE Database - Next meeting RIPE 62, Kraznapolsky Hotel, Amsterdam. Monday 2nd May Webex: Topic: ACM-Taskforce Teleconference Date: Thursday, March 10, 2011 Time: 3:00 pm, Europe Time (Amsterdam, GMT+01:00) Meeting Number: 704 504 122 Meeting Password: acm1 ------------------------------------------------------- To join the online meeting (Now from mobile devices!) ------------------------------------------------------- 1. Go to https://ripencc.webex.com/ripencc/j.php?ED=170125092&UID=1209904107&PW=NZDUyMmJhNzUx&RT=MiMyMg%3D%3D 2. If requested, enter your name and email address. 3. If a password is required, enter the meeting password: acm1 4. Click "Join". To view in other time zones or languages, please click the link: https://ripencc.webex.com/ripencc/j.php?ED=170125092&UID=1209904107&PW=NZDUyMmJhNzUx&ORT=MiMyMg%3D%3D ------------------------------------------------------- To join the audio conference only ------------------------------------------------------- To receive a call back, provide your phone number when you join the meeting, or call the number below and enter the access code. Call-in toll-free number (UK): 0800 028 1181 Call-in toll number (UK): (0)20 700 51000 Global call-in numbers: https://ripencc.webex.com/ripencc/globalcallin.php?serviceType=MC&ED=170125092&tollFree=1 Toll-free dialing restrictions: http://www.webex.com/pdf/tollfree_restrictions.pdf Access code:704 504 122 Thanks, Brian. From ppalse at ripe.net Wed Mar 23 17:21:55 2011 From: ppalse at ripe.net (Paul Palse) Date: Wed, 23 Mar 2011 17:21:55 +0100 Subject: [acm-tf] Minutes of the first ACM Task Force teleconference Message-ID: Dear mailing listees, Herewith I send you the draft minutes of the first ACM Task Force meeting held on the 10th of March 2011 14:00 UTC. Regards, Paul *Participants* Brian Nisbet (Chair) Wilfried Woeber Peter Koch Tobias Knecht Suresh Ramasubramanian Alessandro Vesely Jochem Ruig Paul Palse *Administrative Matters* - Welcome - Select scribe (Paul, Jochem) - Finalise agenda: Agenda accepted. *Introduction of the task force members* There was a round of introductions. Everyone gavprovidede some information about their professional background and their motivation to join the ACM Task Force. *Background of the task force* Brian explained how the task force came about. During RIPE 61 in Rome three proposals were discussed, 2010-08, 2010-09 and 2010-10. It was felt that some of these proposals contained either too much implementation details, were too general or missed a clear problem statement. The most appropriate way forward was to set up a task force as a vehicle to define the problem statements outlined in the proposals and to formalise them into a coherent policy proposal or policy proposals to address them. *Task force name* The name: "Abuse Contact Management Task Force (ACM-TF)" was found to be appropriate. *The charter* The first round about the charter focussed primarily on ?Documenting abuse POC in the RIPE Database? and proposal 2010-08 in particular. In general the following points were brought forward: - Should be a single logical path to document abuse POC - The current abuse POC data in the RIPE Database should be deprecated and/or migrated. - The target audience needs to be defined - Should it be mandatory? - Should include a best-practises document - Should there be a consequence attached for non-compliance? - It should be done in a way that it doesn?t fall under the ?Personal Data? restrictions Regarding ?Data quality in the RIPE Database? the following points were brought forward: - RIPE NCC mentioned that they found it was hard to find the right approach to find useful ?Abuse Contact? details, when they implemented the ?Abuse Finder? tool. - APNIC implemented the IRT object in the way as specified in proposal 2010-08, but also have a procedure to make sure that all other references to abuse related data in the form of abuse mailbox attributes on various other objects etc are cleaned up? *The charter for the task force* 1. Come up with a policy to describe how to document abuse related POC information in the RIPE Database that is both easy to maintain by resource holders, and easy to retrieve by different target audiences. 2. Put in place procedures and technology to ensure that anti abuse related data is and remains accurate. The RIPE NCC will work on the draft Charter and will send an updated version in April. *Other topics/remarks* - Task force membership is public by default. The RIPE Website will have a page dedicated to the taskforce and its participants including a short profile. If anyone feels uncomfortable with that please let the RIPE NCC know. - Tobias indicated his preference to address the ?Documenting abuse POC in the RIPE Database? issues first and then continue with the other aspects. This way we can see results much sooner. - Suresh raised the question if we need more involvement from other groups from the Internet security and anti abuse fields by inviting more participants to the Taskforce. In general it was felt that there is a fair representation of the different groups in the existing task force membership, also to contain the task force group the aim is to limit additional members. We can always invite others for specific topic if we feel we need input for missing expertise ( for instance a Legal Counsel ) *Next meeting* Set during RIPE 62, Krasnapolsky Hotel, Amsterdam. Monday 2nd May 10:30 Exact room details will be circulated to the participants as soon as they have been fixed. Remote participation will be facilitated. -- Paul Palse Database Group Manager at RIPE NCC http://www.ripe.net/info/ncc/contact.html From vesely at tana.it Mon Mar 28 18:48:05 2011 From: vesely at tana.it (Alessandro Vesely) Date: Mon, 28 Mar 2011 18:48:05 +0200 Subject: [acm-tf] Should we seek any LEA's advice? Message-ID: <4D90BBC5.10607@tana.it> Googling for "Lee Miles" "RIPE NCC" London one finds multiple copies of a story about cooperation between RIPE NCC and an agency of the UK Home Office. Anyone heard about it? Possibly, an international agency would better suit our needs. The Interpol comes to mind. (They have a "European Working Party on Information Technology Crime" that seems to match the RIPE region.) GovCERT.nl was also mentioned as a possible party to cooperate with. We might seek advice by posing a question along the lines of "if anything else fails, what body can decide to resort to force?" It would be a sort of termination record in the abuse management rules. (I'm not implying that abuse contacts should be mandatory: If they exist they are to be tried as part of "anything else".) Properly formulating such question will probably help clarifying various issues, even if we later decide not to actually involve any LEA. From jochem at ripe.net Mon Mar 28 19:46:07 2011 From: jochem at ripe.net (Jochem de Ruig) Date: Mon, 28 Mar 2011 19:46:07 +0200 Subject: [acm-tf] Should we seek any LEA's advice? In-Reply-To: <4D90BBC5.10607@tana.it> References: <4D90BBC5.10607@tana.it> Message-ID: <4D90C95F.3060609@ripe.net> Dear Allesandro and all, We jointly organised this event with SOCA (Serious Organised Crime Agency, UK). Several staff from the RIPE NCC attended, ARIN and Brian Nisbet. There were a lot of LEAs including Europol, we have presented on several issues including RIPE policies and on this task force. There was quite a bit of interest in the task force but at this point in time non of the LEAs will directly participate but when needed when issues arise that are crucial to LEAs we can invite them to join us for that topic. I will make sure that several LEAs will be informed on the progress and on issues popping up in this task force. Regarding particpation from other government institutions like Certs, Kauto Huopio from FI-CERT has joined the acm-tf in the last weeks. Looking at the size of the tf and representation of different areas we have a good set. If needed in the future we can invite the ones that are relevant to the topic. Regards, Jochem de Ruig RIPE NCC On 3/28/11 6:48 PM, Alessandro Vesely wrote: > Googling for > > "Lee Miles" "RIPE NCC" London > > one finds multiple copies of a story about cooperation between RIPE > NCC and an agency of the UK Home Office. Anyone heard about it? > Possibly, an international agency would better suit our needs. The > Interpol comes to mind. (They have a "European Working Party on > Information Technology Crime" that seems to match the RIPE region.) > > GovCERT.nl was also mentioned as a possible party to cooperate with. > > We might seek advice by posing a question along the lines of "if > anything else fails, what body can decide to resort to force?" It > would be a sort of termination record in the abuse management rules. > (I'm not implying that abuse contacts should be mandatory: If they > exist they are to be tried as part of "anything else".) Properly > formulating such question will probably help clarifying various > issues, even if we later decide not to actually involve any LEA. > >