Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] Decisions ... Abuse contact

JORDI PALET MARTINEZ jordi.palet at consulintel.es
Mon Sep 21 10:33:18 UTC 2020


Hi Lucilla,



The policy only needs to state *what the staff should evaluate* and thus, what members should do. The staff don’t need to evaluate the subject line, neither if it is actually an abuse or not.



The staff just need to evaluate the abuse mailbox works.



In fact, there is *no obligation* for the victim to know what should he put in the subject line. You can just put “abuse case”.



In fact, if you operate a network, you will know that this is usually managed by a ticket system and the ticket system will replace the subject with a case number!



Please, let us know how you do in the networks that you operate, so we can understand your perspective.



And last, even if this has been responded several times: The proposal doesn’t tell AFRINIC that they should judge if it is an abuse or not!



And yes, it is in the scope of AFRINIC to have the contacts accurate and to manage correctly the resources. Please read the legal documents!



Regards,

Jordi

@jordipalet







El 21/9/20 12:00, "lucilla fornaro" <lucillafornarosawamoto at gmail.com> escribió:



If you do not define or give an input of what abuse is, then how can you properly manage people's mailbox's subject line?

This is a crucial element, in my opinion.



More importantly, the proposal aims to supply AFRINIC of something that has nothing to do with its scopes. It is not up to AFRINIC to rule like a local court or local policy.

As mentioned several times, asking AFRINIC to act as a central government goes against the main element that identifies the Internet: decentralization. The Internet is controlled by many, no one can own it, control it, or switch it off for everyone.

AFRINIC should not evaluate how I manage MY mailbox.



Lucilla



Il giorno lun 21 set 2020 alle ore 14:33 Frank Habicht <geier at geier.ne.tz> ha scritto:

Dear chairs,

On 21/09/2020 03:04, ABDULKARIM OLOYEDE wrote:

> 6. Abuse Contact Update

>

> The proposal makes it mandatory for AFRINIC to include in each resource

> registration, a contact where network abuse from users of those

> resources will be reported. The proposal whois DB attribute (abuse-c)

> to be used to publish abuse public contact information. There’s also a

> process to ensure that the recipient must receive abuse report and that

> contacts are validated by AFRINIC regularly. However, there some

> opposition to the proposal there are:

>

> a. Staff analysis on how it affects legacy holder not

> conclusive (not sure why this should affect legacy holders)

>

> b. The proposal doesn’t state what will be the

> consequences of one member fails to comply. Why are we creating the

> abuse contact when there is no consequence for not providing the abuse

> contact

>

> c. Abuse contact email and issues with GDPR concerning

> the whois database

>

> d. No proper definition of the term Abuse

>

> e. To force members to reply to their abuse email is

> not in the scope of AFRINIC.

>

> Chairs Decision: No rough consensus


About d. "No proper definition of the term Abuse"
yes, this was mentioned several times by members opposing.
The proposal is about "abuse contacts". it is not about what "abuse" is.
there is no need for a definition of "abuse".
In my humble opinion the request for a definition of abuse is off-topic.

Question: if someone makes a proposal about lame DNS servers in domain
objects for Reverse-DNS, and I object arguing that a definition of RPKI
is needed - what would you do with this argument?
Q2: can arguments about a proposal be irrelevant to this proposal?
Q3: was that the case here? were arguments, that a definition for abuse
is required, irrelevant?

I request chairs' response to Q2 and Q3.


About e. "To force members to reply to their abuse email is not in the
scope of AFRINIC."
Yes, that was mentioned several times.
And also this is something the proposal does not do and does not attempt.
And all the comments about (d.) above apply.


If irrelevant objections are taken as valid arguments, please note that
I foresee that any future proposal can get rejected and the PDP will be
stuck.


About c. "Abuse contact email and issues with GDPR concerning the whois
database"
- I didn't see that on the mailing list, can you remind us, or was that
only during the live session?
- there are other contact information in whois. can staff confirm
whether AfriNIC are GDPR compliant?
- would that status change if abuse contacts would be added?


About b. "The proposal doesn’t state what will be the consequences of
one member fails to comply. Why are we creating the abuse contact when
there is no consequence for not providing the abuse contact"
- I can imagine that AfriNIC would include in their meeting
presentations information regarding how big (in measurable terms) this
problem is.
- from that the WG can discuss and decide if more actions are necessary.


About a. "Staff analysis on how it affects legacy holder not conclusive
(not sure why this should affect legacy holders)"
I didn't see that before, but as is tradition in my part of the world,
let me respond to the question with a question:
Are legacy holders subject to any for the PDWG's policies?


Thanks,
Frank

_______________________________________________
RPD mailing list
RPD at afrinic.net
https://lists.afrinic.net/mailman/listinfo/rpd

_______________________________________________ RPD mailing list RPD at afrinic.net https://lists.afrinic.net/mailman/listinfo/rpd



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20200921/2311818e/attachment.html>


More information about the RPD mailing list