<div dir="ltr">

<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">1) With a lot of words about improving trust and safety in Proposal's summary, there is no evidence about issues with trust and safety with uncheked "abuse-c:"</span><div>I've seen plenty of evidence and ramifications from first hand experience when abuse notifications go ignored/unanswered.</div><div><br></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">2) In my experience, real abusers have all their contacts valid (and responsive).</span></div><div>Please share more of your experiences. I've never heard of this claim nor understand what a "real abuser" is.</div><div><br style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">3) Why only abuse-c have to be checked? There are a lot of different contacts or information, that could be verified.</span>

<br></div><div>Because that's where you send abuse notifications. In many cases, these will be critical messages regarding ongoing threats, such as a denial of service attack or malware distribution.</div><div><br></div><div>

<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Also, RIPE NCC executive just got extraordinary powers to revoke resource</span>

<br></div><div>False - no new powers are granted to RIPE NCC by this proposal.</div><div><br></div><div><br></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><p style="font-size:small"><font face="Arial, sans-serif"><span style="font-size:13.3333px">__</span></font></p><p style="font-size:small"><b><span style="font-size:10pt;font-family:Arial,sans-serif">Troy Mursch</span></b><br></p><p style="font-size:small"><font face="Arial, sans-serif"><span style="font-size:13.3333px"><b><i>Security Researcher</i></b></span></font><br></p><p style="font-size:small"><a href="https://badpackets.net/" style="color:rgb(17,85,204)" target="_blank"><span style="font-size:10pt;font-family:Arial,sans-serif;color:blue">Bad Packets Report</span></a><span style="font-size:10pt;font-family:Arial,sans-serif"></span></p><p style="font-size:small"><font face="Arial, sans-serif"><span style="font-size:13.3333px"><a href="https://twitter.com/bad_packets" style="color:rgb(17,85,204)" target="_blank">@bad_packets</a></span></font></p><p style="font-size:small"><span style="font-size:10pt;font-family:Arial,sans-serif">(702) 509-1248</span></p></div></div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Fri, Feb 16, 2018 at 11:47 AM, Alexander Isavnin <span dir="ltr"><<a href="mailto:isavnin@gmail.com" target="_blank">isavnin@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Thanks for the reminder!<br>
<br>
Better late than never.<br>
<br>
I strongly oppose to this proposal.<br>
<br>
1) With a lot of words about improving trust and safety in Proposal's summary, there is no evidence about issues with trust and safety with uncheked "abuse-c:"<br>
2) In my experience, real abusers have all their contacts valid (and responsive).<br>
3) Why only abuse-c have to be checked? There are a lot of different contacts or information, that could be verified.<br>
<br>
Also, RIPE NCC executive just got extraordinary powers to revoke resources. So we have to be very carefull with policies, which may lead to resource revocation just because of e-mail issues (i had such issues with RIPE NCC mail servers).<br>
<br>
Plus all other arguments against or concerning about this proposal, raised in discussion previously.<br>
<br>
Kind regards,<br>
Alexander Isavnin<br>
<br>
<br>
<br>
Sent via RIPE Forum -- <a href="https://www.ripe.net/participate/mail/forum" rel="noreferrer" target="_blank">https://www.ripe.net/<wbr>participate/mail/forum</a><br>
<br>
</blockquote></div><br></div>