Guardian for ARIN

william at elan.net william at elan.net
Fri May 2 04:01:30 UTC 2003


> The most simplest, quickest, and easiest fix for this would be for ARIN to
> strip or mark as unusuable the email address of any contact in their
> database with an expired domain.
Technically this is not so easy. The only way to implement it for sure is 
to get whois dump from verisign-grs and this they do not allow. A way 
around is getting .com, .net, .org zone files and look for any domains 
that are deleted or changed to list no dns servers (this happens before 
being deleted), but some registrars do not do this (i.e. delete dns 
servers from domain) and may even retain the domain for themselve putting 
it on special buy list for their other customers.

I'll try to do this myself as described above for domains that are possibly
being deleted in .com, .net, .org and that have any associated arin whois 
contacts as sidetrack of larger project, you'll probably hear about it in 
6 months. I'll also try a different way by just doing individual whois 
checks for all arin contacts for old blocks and then periodically checking 
on those domains with whois (this I maybe able to implement sooner actually).
I'm not sure what to do with this data though (i.e. when I found contacts 
with deleted domains). I doubt if ARIN would accept or do anything about 
it it even if I send it to them.

But this is part of larger issue and leaves too many open doors - i.e. how 
would you deal about domains that change hands and not through being 
"expired"? Or about non .com/.net/.org domains?

BTW: For those who do not know - ARIN is planning to do more about
authentication, first will come S/MIME X.509 email authentication, other
types of authentication are also planned. I'v no idea when they will get 
it done, but I doubt it authentication would be seriously 2 years from 
now, so this is generally for very long-term future.

-- 
William Leibzon
Elan Communications Inc. 
william at elan.net




More information about the NANOG mailing list