LEA stakeholders enter the whois discussion

By on 27 Sep 2016

Category: Policy

Tags: , , , , ,

Blog home

At APNIC 41 in Auckland, New Zealand, the APNIC Policy Special Interest Group hosted a community discussion about the APNIC Whois Database and began investigating ways the quality of the data could be improved for the benefit of network operators, end users, and law enforcement agencies (LEAs).

Among the initiatives reported by the APNIC Secretariat at the meeting were software and system development projects to make it easier for resource holders to make updates and maintain the accuracy of their data. Also discussed was how the Secretariat currently works to validate records reported as invalid by the community, and the work program planned to directly assist individual Members with reviewing and correcting their data.

The discussion that followed focused on identifying where the Secretariat is most able to create improvements in data quality.

The whois comprises data from two distinct sources. There is the authoritative delegation data entered by APNIC staff and then the assignment data entered by Members. The latter is entered by ISPs and other LIRs, who must enter information about their customer assignments as a requirement of policy to demonstrate their usage rate. Under APNIC policy this assignment detail may be kept private, but it is a requirement of the Member Agreement and APNIC policy that this information is kept accurate and up-to-date.

There is a tendency for this data to become stale as assignments to customers change over time and once assigned it is considered used, even if the whois data is not kept updated. There are significant challenges even for conscientious Members who may have such significant address holdings and customer churn that even regular, large-scale updates are not able to keep the data current.

A proposal to separate this data, or tag it differently so users of the data have realistic expectations of the data, was discussed, but not resolved. Other ideas such as punitive action against those who fail to maintain their data, or a requirement to regularly respond to verification emails, were also discussed.

At the end of the Policy SIG session, the community committed to continue the discussion following the conference and there were some follow-up posts to the mailing list. No proposals have reached the point of serious discussion or momentum for agreement.

LEAs to discuss alternative view at APNIC 42

Now another stakeholder group is entering the discussion. This change may both accelerate the process and complicate matters at the same time.

As part of a global initiative involving representatives of several national and international law enforcement agencies forming a coalition of LEA communities in all five regions, the Deputy Director of Sri Lanka’s Criminal Investigation Department, Mr Dhammika Priyantha, will present an informational to the Policy SIG. Titled Public Safety and Accuracy of IP Address Whois, the presentation will provide an alternative point of view than that of the network operators normally presenting at the SIG.

The Secretariat understands that this presentation is intended to be the first of a series delivered through all five regions. The long-term objective of these presentations is to introduce the LEA point of view before a proposal to author a Globally Coordinated Policy on whois.

A Globally Coordinated Policy is when the same policy is passed in all five regions. It isn’t clear what that policy might entail, but the history of policy development is checkered. Coordinated policies are difficult to agree due to the differences between regional communities.

The involvement of law enforcement into the discussion is welcome. Like the other regions’ processes, the APNIC Policy Development Process is a multistakeholder model where all interested participants can author proposals to change policy and participate in the consensus process.

It may take significant time and effort from the LEA community, the network operator community, and perhaps the CERT community, to find a solution that all can agree on.

Hopefully, members of the CERT community will take the time to engage with the Policy SIG. Participants in the FIRST Technical Colloquia (TC) are co-locating at the APNIC 42 conference. Although their main sessions coincide with Policy SIG 2 and 3, the whois discussion is in the first Policy SIG session on Tuesday at 16:00 (UTC +5:30), when hopefully they will be able to participate in the discussion.

Want to know more?

Join our Facebook Live Q&A session this Wednesday, 28 September from 13:00 (UTC+10) as we discuss this and two other policy proposals to be discussed at APNIC 42.

Join the event and post your questions now!

If you won’t be at APNIC 42, be sure to tune into our YouTube Live and Adobe Connect broadcasts of Policy SIG sessions, starting at  (UTC +05:30) Tuesday, 4 October.

Rate this article

The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.

Leave a Reply

Your email address will not be published. Required fields are marked *