I am very pleased (and a little proud) to announce that policy 2008-7: Annual WHOIS POC Validation has been adopted by the ARIN Board of Trustees!
If you have been following my blog (or the ARIN PPML) for awhile, you will know that I am one of the four authors of this policy – hence the pride. The pleasure stems from belief that this policy addresses a deceptively important issue. Deceptive because it is easily mistaken for trivial, and overlooked.
The issue addressed is that of ARIN’s WHOIS POC record validity (as you may have guessed from the title). Those of you not familiar with this topic should read on, those versed in these matters may want to jump to the next paragraph. A quick crash course: The American Registry for Internet Numbers (ARIN) is the Regional Internet Registry (RIR) for North America and as such they operate this region’s WHOIS database. This database contains records which track all of the IP (Internet Protocol) and AS (Autonomous System) number resources within the ARIN region. One such record is the POC, or Point Of Contact, record. Just as the name implies, this is the person you should contact if and when you need to communicate regarding a specific IP or AS number resource. This is often necessary in the case of hijacking, spam, ddos, or other abuses on or of the Internet.
So why should we care about POC validity in the ARIN WHOIS database? Glad you asked! There are three primary reasons: The first is the fairly obvious idea that if POC data is valid, it will be much easier for everyone to communicate with the appropriate party regarding number resources. This will in turn help to reduce the amount of abuse on the Internet, which is good for everyone. The second reason that we should pay attention to POC data, perhaps now more than ever, is hijacking and squatting. Address blocks without valid POC information are prime targets for spammers (or worse) to set up shop in. Verifying all POC data annually will insure that good contact info is always on hand for all blocks that are in use by valid organizations. It will also identify blocks of addresses that are not in use or that are not in use by the appropriate party, and this leads us into reason number three; uncovering abandoned number resources. This last one is a combo punch, as I stated in an email on the PPML:
Finally, uncovering number resources that are currently abandoned is of great benefit to the community and leads to the further benefit that if and when anyone ever comes to ARIN with questions about address utilization, ARIN will have better supporting information for their answer. “Yes, we _have_ verified that someone is using all that space…”
Let me be the first to congratulate the other three authors: Heather Schiller, Michael Sinatra, and Ted Mittelstaedt; and to thank the members of the ARIN community, Advisory Council and Board of Trustees who supported, recommended and adopted this policy! A special thanks to Marla Azinger who shepherded this policy and facilitated the merging of the four previous proposals into this one. I think that we have done something great for the Internet community here! I would also like to apologize to the ARIN staffers who will be tasked with this extra work – we’ll call it extra job security instead perhaps ;).