Re: Big List of network owners?

[Tom Vest <tvest () pch net>]

On Oct 28, 2004, at 2:56 PM, Valdis.Kletnieks () vt edu wrote:

> On Thu, 28 Oct 2004 14:17:14 EDT, Tom Vest said:
>
> > operators. For those 3000+/- you can be reasonably confident that 
> > their
> > whois data is correct; the other 15.5k actively routed ASNs (much less
> > the routed netblocks, and less still the idled ASNs and netblocks) are
> > anyone's guess...
>
> Certainly matches up with what my gut feeling was telling me....
>
> And of course, the irony is that those 3K ASNs will probably exchange 
> billions
> of packets with us on total autopilot, and I'll almost never need to 
> find the
> owner, but the fact that I'm unable to identify who's *really* 
> responsible for
> a given specific /24 makes an address in that /24 all the more 
> desirable to the
> sort of people who will end up making me look for the /24's owner, 
> when I'd
> much rather never have had any conscious knowledge of that particular 
> /24 being
> routable at all...

That irony may disappear soon, but perhaps not in a good way. Observing 
the general policy trend across the registries, it seems that all are 
moving toward a system where publicly available contact information for 
any/all assigned numbers is optimized for resource management, while 
preserving maximum flexibility for anonymous operation.  That is to 
say, operators may eventually provide visible whois entries that 
include only a workable email address (e.g., 
ASN54321 () genericemailservice com) and a cell phone number. So long as 
these contacts are sufficient to request/remit annual registry renewal 
fees, the whois requirement will be satisfied.

Opinions vary as to whether this is a good thing or a bad thing. Some 
advocates suggest that anonymity will help mitigate some security 
issues, although it seems to me a little incongruous that security 
through obscurity is advocated in this sphere at the same time that it 
is ridiculed in other contexts. Anyway, during the ARIN public forum 
last week there were repeated suggestions that the "scope and purpose" 
of whois database be clarified once and for all, at least at the 
institutional (ARIN) level. I for one would hate to see operator 
identity (i.e., as you say "who's *really* responsible" for a given 
number) disappear from that that "scope and purpose," especially 
without considering that change and all of its implications very very 
carefully.

Tom