Chris wrote:
> On 04/11/2012 06:43 PM, Frank Gadegast wrote:
>>> obviously not true. ripe's core task is number resource coordination, the db is a service, if ripe decided not to provide for it - then there simply wouldn't be one.
>>>
>>
>> Sorry, but the above statement IS true indeed.
>> Chris: you are mixing RIPE and RIPE NCC.
>
> no. it is ripe's and ncc's core task. so talking about ripe as a superset

Not a superset, a community.

> or at least including ncc this is absolutely correct.
>
>> The community has a real interest in an up-to-date and working whois db,
>
> first of all it's not up to you (or any single one else) to decide for the community.

I did not "decide" anything (great, if I could), but, as you can see
on the list, at the RIPE meetings and other points where anti abuse
people meet: people that have to deal with abuse every day want
the best systems to direct abuse reports to the responsible people.
Even most admins are very thankful, when they receive abuse reports
quick as possible to prevent more abuse originating from their
own, but abused resources.

So: there is an interest in an up-to-date database from the community
or at least a part of the community.

And there is also a very understandable need to protect private data
as well. Currently its all mixed up and Tobias RFC is still not in
place, that will finally make it possible to protect private data,
whenever the object owner wants it and still publish abuse details.

> and it's e.g. my and probably many others' interest that ncc can coordinate to make ip work.

Sure.

> what you are calling for - no matter what you call it - doesn't affect this coordination task. what you are calling for essentially also isn't a working db (it works, and you are free to talk to people to ask them to change their objects according to your ideas),

Thank you that you allow me to present my opinions and ideas here,
didnt know, that Im allowed to do that on this list until
now ...

> but making ripe some sort of police-substitute,

Not at all, I dont see RIPE NCC following any specific abuse issues
like a detective (well, not yet), they have no call to do this,
probably no legal background or whatever what you need to play policemen.

But: RIPE NCC has a contract wich forces them to store, maintain
and publish this database, as far as I can see.
And the NCC is also urged to do this in the best and most
accurate way, but they simply dont.

The database is mixing private with needed public data,
gives access to this or that data in a strangly controlled
method (objects owner should be allowed to protect there
private data from all access, if they want or need to and
should not have to hope on a maximum-of-3000-queries-per-day
blacklist-stupid-kind-of-protection and
abuse data should be released to the public without any
restriction), the database is incomplete, not following
the own guidelines and contains a lot, I mean, really
a lot of old not updated data.

Funny that google can present us the text of all
webpages easily and up-to-date including all changes
during the last 5 minutes, but the NCC never
managed to clean the database up during the last years ?
And never tried to.

> and forcing everybody to follow your strange ideas which are not ripe-business.

Whats strange about a database with correct data ?
If there is no mandate to have accurate data in this database,
well, then you can shut it down completely (there is nothing
worse than old data).

> but being an enlightened (errm - i mean that french thing, you know, don't mistake this for hybris, please :) ) netizen, data economy btw is a real interest for me (actually it's the law)...
>
> maybe sbdy from ncc has an estimate on introducing a refer attribute in inet*num objects. i guess this should effectively lead to a technically less complex, as more streamlined, db.
>

When is the mandatory abuse-c coming ?

And will the NCC check the email addresses at least with
some minor technical methods (like checking syntax, MX records,
availability of the mailserver).

Its law in Germany (and I think common sense in the world), that
newsletter owner should only mail to users that double-opt-in,
so whats so complicated to test the email addresses with
an email including a link, that needs to be clicked ?
Doing that NCC would have done, whats technical possible and
proudly present a database, they have checked.
Whoever wants to hide, still can hide and ignore mail,
but the NCC would be save from any blame.

Somebody asked me today, if there are whatever entities
that could put some pressure on abuse friendly ISPs and
I said no.
Maybe we should publish the data we collect here (simply
to protect our customers from abuse).

Do you want to know the provider with the most contacts
without any email address ?
Or the ISPs with perfect abuse contacts leading to
a non-responsive mailserver ?
Full mailboxes ?

And finally: whats about the amount of abuse reports
we had to generate for IPs you are responsible for ?
Public available and accessible for everybody ?
Maybe we should invent an AS-based ranking, others
could use via DNS as blacklist based on the amount
of spam we received from any AS ...

But we had this discussion already a few month ago,
we all know where consol.net stands here ...
I dont like to repeat myself.



Kind regards, Frank


> regards,
>
> Chris
>
>


--

Mit freundlichen Gruessen,
--
PHADE Software - PowerWeb                       http://www.powerweb.de
Inh. Dipl.-Inform. Frank Gadegast             mailto:frank@powe...
Schinkelstrasse 17                                fon: +49 33200 52920
14558 Nuthetal OT Rehbruecke, Germany             fax: +49 33200 52921
======================================================================