Hi, On Tue, Jun 07, 2022 at 11:45:05AM +0200, Max Grobecker wrote: > TL;DR: > Should there be an optional contact for sending security information to (i.e. > about vulnerable services), > which can be different from the abuse contact?
I see the problem, and maybe we need to re-think the definition of
admin-c:, tech-c: and abuse-c:
Reporters seem to only understand two possible approaches - use abuse-c:,
or send to everything whois returns that has an "@" in it. The latter
is something I consider borderline abusive, the former is not that helpful
for security incident reporting (which might warrant a similarily fast
reaction, but from a different team).
So, no clear answer, just seconding that we might need to do a bit of
work here.
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
signature.asc
Description: PGP signature
-- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
