Hi Denis,
The RIPE NCC considers an object "co-maintained" if it has both a user
maintainer and a RIPE NCC maintainer.
This is how we determine whether an object has "managed" attributes, which are
highlighted in blue in the web application query response.
If an ORGANISATION object is co-maint
Hi Jacob
Yes you are right. The RIPE NCC can correct me if I am not entirely correct
here :) I believe, if an ORGANISATION object is referenced by a resource object
(even if it is "org-type: OTHER") then some attributes in the ORGANISATION
object will be locked. These, including the "org-name:"
Hi Ronald
I have followed this whole discussion and it seems to be going round in
circles. You have made a valid point, but the whole discussion seems to be
focusing on the negative. Some people have referred you to a number of
published documents about the due diligence process carried out by
In message
Jacob Slater wrote:
>'OTHER' objects which receive direct assignments from the NCC (PI IP space
>or ASNs) are still subjected to due diligence checks (though only at the
>time of assignment).
Just curious Is that rule written down anyplace where I could look
at it?
Is it in some
In message <1430641036.4536872.1564623019...@mail.yahoo.com>,
ripedenis--- via db-wg wrote:
>If it is type 'OTHER' it was not created by the RIPE NCC and will not
>have been subjected to any due diligence checks by the RIPE NCC...
May "OTHER" organizations ever be issued number resources direct
Hi Ronald
"If ARIN doesn't vet WHOIS -modifications- then I rather doubt that RIPEdoes
so."
I think it is a little presumptuous to think if America doesn't do something
then no one does it :)
Whilst changes to whois records in the RIPE Database are not all monitored
there are some parts of som
>
> it is type 'OTHER' it was not created by the RIPE NCC and will not have
> been subjected to any due diligence checks by the RIPE NCC.
'OTHER' objects which receive direct assignments from the NCC (PI IP space
or ASNs) are still subjected to due diligence checks (though only at the
time of assi
HI Nick
The ORGANISATION object has an "org-type:" attribute. Most ORGANISATION
objects have a value of either 'LIR' or 'OTHER'. If it is 'LIR' that
ORGANISATION object was created by the RIPE NCC for a resource holder and has
been through the due diligence process. If it is type 'OTHER' it wa
Ronald F. Guilmette via db-wg wrote on 30/07/2019 05:11:
Which can easily be forged.
Ron,
Yes, obviously. Everything which can be created can also be forged.
This includes company registration documentation with national legal
authorities. I.e. national registration authorities are well kn
In message ,
Nick Hilliard wrote:
>Ronald F. Guilmette via db-wg wrote on 29/07/2019 18:39:
>> In that document section 1.1 (a) seem to the one one and only section
>> relevant to my question:
>>
>> a. Proof of establishment/registration
>>
>> Normally, proof of establishment of a le
In message ,
Randy Bush via db-wg wrote:
>> Randy Bush via db-wg wrote:
>>> [ off list ]
>> sigh
>> apologies
>
>do note that i replied to a message where the From: header had been
>*illegally* mangled by the mail exploder.
No worries mate! I for one always find it enlightening to read or hear
In message ,
Nick Hilliard via db-wg wrote:
>On 29 Jul 2019, at 12:02, Carlos Fria=C3=A7as wrote:
>>
>> Perhaps excluding jurisdictions *outside* the RIPE NCC service region, where
>> company related data *can't* be verified by the RIPE NCC.
>
>The RIPE NCC doesn't claim verification. It only s
In message ,
Nick Hilliard wrote:
>Would it be feasible for the RIPE NCC to add a read-only record to org:
>objects which provided the date of the last due diligence check? E.g.
>something like
>
>organisation: ORG-FNL99-RIPE
>org-name: Foo Networks Limited
>org-type: LIR
>[...]
Ronald F. Guilmette via db-wg wrote on 29/07/2019 18:39:
In that document section 1.1 (a) seem to the one one and only section
relevant to my question:
a. Proof of establishment/registration
Normally, proof of establishment of a legal person can be registration
with the national
In message <20190729064352.gb31...@hydra.ck.polsl.pl>,
Piotr Strzyzewski wrote:
>In the context of RIPE DB one should not forget about aut-num's with
>either OTHER or LEGACY status or with the RIPE-NONAUTH source. Only
>around 10% of the latter do have organisation object linked. Those ones
>wer
There are ways of flagging whether this process was carried out. One
option would be to use a binary flag. Another would be to implement a
datestamp for the last due diligence process carried out if it's not
been set by the NCC. Lack of data could be flagged by either the
absence of the parameter
In message
Jacob Slater wrote:
>In this context, RIPE's published guidelines on due diligence (
>https://www.ripe.net/publications/docs/ripe-700) cover what exactly is
>checked. From my experience, the guidelines are always enforced as written.
Thank you for the link! I was unware of that.
In
While this is not ideal as it is only available via the web interface
(afaik) it is still somewhat possible to see what the RIPE NCC has looked
at as can be seen here https://i.imgur.com/BUEqB9J.png
I can not edit the RIPE NCC Managed values.
- Cynthia
On Mon, Jul 29, 2019 at 5:32 PM Randy Bush
> the idea is that some org objects are created by users and inserted
> into the ripe database while others are subject to due diligence by
> the ripe ncc. I.e. there's a qualitative difference in data quality
> between the two, but there is no way of distinguishing between them.
aha! ok. i buy
Randy Bush via db-wg wrote on 29/07/2019 14:40:
i am not speaking for or against, as i do not understand what the threat
model is.
the idea is that some org objects are created by users and inserted into
the ripe database while others are subject to due diligence by the ripe
ncc. I.e. there's
> Randy Bush via db-wg wrote:
>> [ off list ]
> sigh
> apologies
do note that i replied to a message where the From: header had been
*illegally* mangled by the mail exploder.
> From: Nick Hilliard via db-wg
randy
On Mon, 29 Jul 2019, Nick Hilliard wrote:
On 29 Jul 2019, at 12:02, Carlos Friaças wrote:
Perhaps excluding jurisdictions *outside* the RIPE NCC service region, where
company related data *can't* be verified by the RIPE NCC.
The RIPE NCC doesn?t claim verification. It only states due dil
Randy Bush via db-wg wrote:
>
> [ off list ]
sigh
apologies
[ off list ]
first, we are chasing an arin troll down a rabbit hole
> organisation: ORG-FNL99-RIPE
> org-name: Foo Networks Limited
> org-type: LIR
> [...]
> mnt-ref:RIPE-NCC-HM-MNT
> mnt-by: RIPE-NCC-HM-MNT
> abuse-c:FOO2000-RIPE
> created:2019-01-01
On 29 Jul 2019, at 12:02, Carlos Friaças wrote:
>
> Perhaps excluding jurisdictions *outside* the RIPE NCC service region, where
> company related data *can't* be verified by the RIPE NCC.
The RIPE NCC doesn’t claim verification. It only states due diligence.
Nick
Hi
(please see inline)
On Mon, 29 Jul 2019, Nick Hilliard via db-wg wrote:
Jacob Slater via db-wg wrote on 29/07/2019 06:25:
(...)
Do you have a suggestion for how the process could be improved?
Perhaps excluding jurisdictions *outside* the RIPE NCC service region,
where company relate
Jacob Slater via db-wg wrote on 29/07/2019 06:25:
In this context, RIPE's published guidelines on due diligence
(https://www.ripe.net/publications/docs/ripe-700) cover what exactly is
checked. From my experience, the guidelines are always enforced as written.
As you mention, due to a variety of
On Mon, Jul 29, 2019 at 07:39:05AM +0200, Gert Doering via db-wg wrote:
> > In the context of your response, would one or more ASNs count as "resources"
> > which would trigger manditory vetting of the associated ORG?
> >
> > Or is it only the association of some IP address block that causes NCC t
Hi,
On Sun, Jul 28, 2019 at 04:27:04PM -0700, Ronald F. Guilmette via db-wg wrote:
> >I think this depends on the context that you want to *use* said org
> >object. If you put it in as a standalone and unreferenced database
> >object, I think no vetting takes place.
> >
> >If you want to tie reso
In this context, RIPE's published guidelines on due diligence (
https://www.ripe.net/publications/docs/ripe-700) cover what exactly is
checked. From my experience, the guidelines are always enforced as written.
As you mention, due to a variety of factors (based primarily on differences
in jurisdict
In message
Jacob Slater wrote:
>Prior to an ASN or PI space being assigned by the NCC, the NCC goes through
>and checks the organization info.
Right. Got it. For some value of "checks".
What would be the best way for a mere mortal, such as myself, to obtain
some elaboration on the meaning of
Prior to an ASN or PI space being assigned by the NCC, the NCC goes through
and checks the organization info.
The only time an ORG ID can have resources registered to it without being
vetted is in the case of PA IP space being sub allocated or assigned by a
LIR, where the LIR is responsible for ens
In message <20190728211022.gk60...@space.net>,
Gert Doering wrote:
>On Sat, Jul 27, 2019 at 10:53:28PM -0700, Ronald F. Guilmette via db-wg wro=te:
>> Just a point of curiosity...
>>
>> For each newly created ORG record that is put into the data base, if
>> the ORG record represents something ot
Hi,
On Sat, Jul 27, 2019 at 10:53:28PM -0700, Ronald F. Guilmette via db-wg wrote:
> Just a point of curiosity...
>
> For each newly created ORG record that is put into the data base, if
> the ORG record represents something other than a natural person, does
> NCC staff make any effort to check t
> For each newly created ORG record that is put into the data base, if
> the ORG record represents something other than a natural person, does
> NCC staff make any effort to check to make sure that the alleged
> non-person entity actually exists, I mean, you know, as a legal entity,
> somewhere on
Just a point of curiosity...
For each newly created ORG record that is put into the data base, if
the ORG record represents something other than a natural person, does
NCC staff make any effort to check to make sure that the alleged
non-person entity actually exists, I mean, you know, as a legal e
36 matches
Mail list logo
