Home / Blogs

Mandatory Provision of Abuse Contact Information in WHOIS

An industry professional at Abusix is the backbone behind a proposal to improve and create better mitigation of abuse across different global internet networks. Basically, this introduces a mandatory “abuse contact” field for objects in global Whois databases. This provides a more efficient way for abuse reports to reach the correct network contact. Personally—as a Postmaster for a leading, white-label ISP, I applaud this with great happiness for multiple reasons. I also feel people who handle abuse desks, anti-abuse roles, etc. should closely follow this.

Let’s take a look across the internet: we can review various RIRs (Regional Internet Registries) where a proposal has either already been approved, or in progress. Below,

AfriNIC (Africa Region): Proposal draft submitted April 7, 2010. Read more here

here.

ARIN (North America Region): An abuse-POC already exists for Organizational ID identifiers. Read more here.

LACNIC (Latin America and some Caribbean Islands): An “abuse-c:” exists for aut-num, inetnum and inet6num objects. Understand and note that there’s no formal documentation on “abuse-c:” in inetnum and inet6num objects, but for documentation on the “abuse-c” in ASN records, see LACNIC Policy Manual (v1.3 - 07/11/2009). Read more here.

RIPE NCC (Europe, the Middle East, and Central Asia): Draft submitted November 8, 2010, which is open for discussion in the hands of RIPE’s anti-abuse working group. Read more here.

APNIC (Asia/Pacific Region): “Prop-079” proposal implemented November 8, 2010. Read more here.

This brings me to the main reason for my post: APNIC just recently implemented their proposal about a fortnight ago. Above all, ensuring there’s a dedicated abuse contact/department that specifically resolves abuse and security issues will go a long way to limit potential damage and enhance recovery.

MAAWG submitted comments in August 2010 supporting this proposal as well.

By Udeme Ukutt, Postmaster at Wish

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign