________________________________________________________________________ Abuse contact information ________________________________________________________________________ Author: Tobias Knecht abusix.org Version: 1 Date: 3 May 2010 RIPE WGs: anti-abuse (database) Proposal Type: new Policy Term: permanent 1. Introduction ---------------- This is a proposal to introduce a mandatory reference to IRT objects in the inetnum, inet6num and aut-num objects in the RIPE Whois Database. It provides a more accurate and efficient way for abuse reports to reach the correct network contact and helps reporting institutions to find the correct abuse contact information more easily. 2. Summary of current problem ------------------------------ Network owners increasingly operate dedicated abuse handling departments, distinct from the basic operations department. More and more network owners and other institutions are also starting to exchange data about abusive behavior with each other, to more quickly allow networks to identify internal abuse, external abuse, and other security problems. Currently within the RIPE region, the biggest problem for network operators is to know the best place to publish abuse contact information. (IRT, abuse-mailbox, remark-fields, and in addition to that, in which object they should publish them?) On the other hand abuse reporting parties having a huge problem by finding a correct abuse contact in the variety of possibilities. Since there is a specialized object (IRT) for abuse contacts, this should be mandatory, to stop the uncontrolled growth. 3. Situation in other RIRs --------------------------- AfriNIC: AfriNIC is also discussing about a similar policy proposal. [1] APNIC: This policy was acknowledged by the APNIC members in Kuala Lumpur in March 2010.[2] Implementation will be finished in November 2010. ARIN: An abuse-POC exists for Organizational ID identifiers.[3] LACNIC: An abuse-c exists for aut-num, inetnum and inet6num objects.[4] 4. Details of the proposal --------------------------- It is proposed that RIPE: 4.1 Institute a mandatory reference to an IRT object in inetnum, inet6num and aut-num objects. In terms of implementing a mandatory IRT reference, it is suggested that this be part of two, established actions: - The next time an organization attempts to update an existing inetnum, inet6num or aut-num object - When new inetnum, inet6num or aut-num objects are added to the database 4.2 Have a mandatory abuse-mailbox field in the IRT object. 4.3 Delete abuse-mailbox fields in all objects that do not define an IRT, and delete the trouble field everywhere until end of 2012. 5. Advantages and disadvantages of the proposal ------------------------------------------------ 5.1 Advantages - Networks will be able to supply their own, direct contact information for abuse departments. - Abuse complaints will not be sent to the "wrong" contact any more. - This permits greater administrative and operational flexibility, and faster abuse handling will be possible. - APNIC and RIPE have the same abuse contact policy in place. Keeps things easier. - Projects like RIPE Abuse Finder will be more easy to implement and could work more efficient. 5.2 Disadvantages - No disadvantages are foreseen. 6. Effect on RIPE members --------------------------- There will be no immediate affect for RIPE members with existing resource registrations already in the RIPE Whois Database. However, members will need to add a reference to the mandatory IRT object in the following situations: - The first time members attempt to update an existing inetnum, inet6num or aut-num object - When members add new inetnum, inet6num or aut-num objects 7. Effect on NIRs ------------------ It would be of benefit to the whole Internet community if NIRs were to implement a similar abuse contact scheme in their whois databases. But this would be another proposal. 8. References -------------- [1] Abuse Contact Information in the AfriNIC service region (Proposal-Draft) http://www.afrinic.net/docs/policies/AFPUB-2010-GEN-002.htm [2] prop-079: Abuse contact information http://www.apnic.net/policy/proposals/prop-079 [3] Introduction to ARIN's Database https://www.arin.net/knowledge/database.html#abusepoc [4] There is no formal documentation on abuse-c in inetnum and inet6num objects, but for documentation on the abuse-c in ASN records, see LACNIC Policy Manual (v1.3 - 07/11/2009) http://lacnic.net/en/politicas/manual4.html