Final call for comments: [prop-018-v001]
"Protecting historical resource records in the APNIC Whois
Database"
____________________
This is the final call for comments on policy proposal [prop-018-v001]
"Protecting historical resource records in the APNIC Whois
Database"
This proposal was presented at APNIC 17 and consensus was
reached:
"to protect historical records in the APNIC whois
Database with an APNIC maintainer"
This proposal is now submitted to the sig-policy mailing list for an
eight week discussion period. At the end of that period, if consensus
appears to have been achieved, the Chair of the Database SIG will
ask the Executive Council to endorse the proposal for implementation.
* Send all comments and questions to: <sig-db@apnic.net>
* Deadline for comments: 3 May 2004
This is a proposal to protect historical resource objects (inetnum and
aut-num) in the APNIC Whois database, in order to prevent unverified
transfer of resources. This will not prevent the current custodians
from using the resource, but it will not allow them to change the whois
information without verification of the update by the APNIC Secretariat
nder an appropriate services agreement.
Definition:
A historical resource object is defined as an object in the whois
database for which APNIC does not have a formal membership/service
agreement. The majority of such objects were created before the
membership structure of APNIC was established.
Background
----------
Historical ASN and IPv4 address ranges are increasingly becoming a
source of abusive activities in the Internet. A good summary of how
this is done can be found at:
One common way for an abuser to take over an unused old resource is to
change the whois record in such a way that the upstream provider
believes that the resource is delegated to the abuser's organisation.
This method becomes easier if the whois record has not been maintained
properly, as no suspicious activities can be detected due to inactive
maintainer contacts.
APNIC secretariat is continuously looking for ways to increase the
information quality of the Whois Database. Protection of data is one of
the high priority areas due to the high amount of reports/complaints
received that are related to this issue. This is demonstrated by the
following list of action items that have received consensus in the
member's meeting and approved by APNIC Executive Council:
db-14-001 Proposal to deprecate MAIL-FROM
db-14-003 Mandatory maintainers for inetnum objects
db-16-003 Secretariat to implement proposal "Protecting resource
records in APNIC Whois Database". This will involve
changing the maintainer of objects protected by
MAINT-NULL to the maintainer of the parent object as
well as deprecating NONE in the maintainer's auth
attribute.
This proposal is a natural follow-up to these projects. It will further
improve the data quality and security of APNIC Whois Database.
Statistics
----------
APNIC secretariat has surveyed the historical ASN and IPv4 address
ranges and the following results were obtained for 27 January 2004:
Total size of historical IPv4 address: 15,873 x /24
Total number of historical ASN: 56
Whois statistics are being collected, and will be presented in APNIC 17
meeting.
Proposal
--------
To improve the protection of internet resource records in APNIC Whois
Database, it is proposed that ALL historical inetnums and aut-nums be
protected with APNIC-HM maintainer. Based on experience from previous
projects, impact to APNIC members would be minimal, and any subsequent
request to change the maintainer will be dealt with within 2 business
days (as long as there is enough evidence and authority to support the
request).
Existing custodians who wish to modify and maintain their record will
need to contact APNIC secretariat, and enter a service agreement to
ensure a clear responsibility and accountability will be undertaken by
the custodian.
The current non-member service agreement and fee structure involves a
maintenance fee of $0.10 per address per year. It is proposed that
these fees be capped at a level of USD$100.00 per year per maintainer
object, for historical resource records only.
Impact on NIRs
--------------
None
Impact on other RIRs
--------------------
None
Implementation
--------------
Implementation will be started within 30 days after approval by APNIC
Executive Council.
The following schedule is proposed:
- Develop automated script to change the maintainer to
APNIC-HM
(30 days)
- Public announcement (web, mailing list) to be sent 30 days
before executing the change
- Compile the latest list of historical whois objects (1 day)
- All historical objects maintainer changed to APNIC-HM (1 day)
- Perform data correction as needed, and announce the final
result to public (web, mailing list, newsletter) (28 days)
Estimated completion time for all of the above activities: 90 days.
APNIC Secretariat will present the implementation project report in
APNIC 18.
APNIC Secretariat <secretariat@apnic.net>
Asia Pacific Network Information Centre (APNIC) Tel: +61-7-3858-3100
PO Box 2131 Milton, QLD 4064 Australia Fax: +61-7-3858-3199
Level 1, 33 Park Road, Milton, QLD http://www.apnic.net
______________________________________________________________________
