Orbit

Hi Mark and all,

What APNIC secretariat can do and has been doing is to maintain the accuracy of the direct allocation/assignment information through our account relationship with the resource holder. We also ran a continuous campaign for correct whois information through our trainings and other outreach activities.

Any feedback sent to APNIC helpdesk about incorrect contact information will be relayed to the account contacts and corrected based on their input.

The idea proposed in this forum about sending automated reminders to our members to confirm/update their whois data is good and should be easily implementable. This may create some rather bulky emails to members with numerous delegated prefixes, but should be acceptable if sent only annually. Should we do this?

Cheers, ________________________________________________________________________ Sanjaya email: sanjaya@apnic.net Services Area Manager, APNIC sip: sanjaya@voip.apnic.net http://www.apnic.net phone: +61 7 3858 3100 ________________________________________________________________________ * Sent by email to save paper. Print only if necessary.

On 2/02/2010 10:29 AM, Mark Foster wrote:

Thought provoked as a result of the discussion of abuse-c detail...

I'm not sure i've seen anyone pick up the issue of Database Accuracy in more than a passing fashion. I'm not familiar enough with what-goes-on but i'd much rather seen APNIC efforts validate the accuracy of info already in place than focus significant resource on a relatively minor benefit.

My aforementioned scattergun approach didnt work (apparrently the Indian ISP concerned don't believe in abuse@, postmaster@ or noc@ addresses, notwithstanding what's in their whois!) and I am left with the possiblity of simply blocking an entire /15 at my router as the only recourse I have against abuse originating from a compromised /32.

As the administrator of (in this particular example) a very small network with limited means, being able to use whois as an accurate and validated source of 'real person' POC info would at least help us as a community to deal to the spammers, botnets and 'sploited boxen in our midst in a more timely fashion.

So how should APNIC go about ensuring whois accuracy and currency? How to get this issue moving in a productive direction? If nothing else, it will dovetail nicely with the latest proposal re abuse-c.

Mark.

•          sig-policy:  APNIC SIG on resource management policy           *
  

---

sig-policy mailing list sig-policy@lists.apnic.net http://mailman.apnic.net/mailman/listinfo/sig-policy