Hi,
On Tue 15/Feb/2022 14:28:17 +0100 Hollenbeck, Scott wrote:
From: regext <regext-boun...@ietf.org> On Behalf Of Alessandro Vesely
I wrote a small utility to get abuse address(es) via RDAP.[*] Today someone
told me that APNIC only has one abuse address, the other address in the
same vcardArray is not supposed to be used for abuse reporting. The
addresses can be discriminated by one having pref=1 and the other no pref.
AFAIK, pref is described in Section 5.3 of RFC 6530. However, it is still
not
very clear how to use it in this particular case. Which of the following is
better for abuse
reporting:
* When email addresses are ordered by preference use only the most preferred,
* When email addresses are ordered by preference use all except the least
preferred, or
* When email addresses are ordered by preference use the upper half of them.
Note that the result is the same in the APNIC case.
[SAH] Could you show us the JSON data structure that you're referring to?
That'll better help us understand the RDAP response.
The example we were talking about is this:
https://rdap.apnic.net/ip/136.185.8.145
which has:
[
"email",
{},
"text",
"shanka...@airtel.com"
],
[
"email",
{
"pref": "1"
},
"text",
"dsltac2north.u...@airtel.com"
]
Compare that with the whois version:
https://wq.apnic.net/static/search.html?query=136.185.8.145
which has a prominent comment:
% Abuse contact for '136.185.0.0 - 136.185.255.255' is
'dsltac2north.u...@airtel.com'
and afterwards has:
role: ABUSE BHARTITELEMEDIAIN
address: Bharti Airtel Ltd.
country: ZZ
phone: +000000000
e-mail: shanka...@airtel.com
admin-c: NS282-AP
tech-c: NS282-AP
nic-hdl: AB914-AP
remarks: Generated from irt object IRT-BHARTI-TELEMEDIA-IN
abuse-mailbox: dsltac2north.u...@airtel.com
mnt-by: APNIC-ABUSE
last-modified: 2020-05-16T21:36:43Z
source: APNIC
Section 5.3 of RFC 6350 doesn't say anything about using only the
most-preferred address(es). My suggestion with respect to 6350 is
that you should start with the most preferred address, use the next
one if that doesn't work, and so on. That suggestion might change
depending on what we see in the RDAP response.
The program's intention is to provide an email address for automated abuse
reports. It seems clear to me that the intention of APNIC is to provide the
address of the responsible person for human-generated escalated support. Did
they overinterpret RFC 6350? Or maybe they meant further specify PREF t some
point. I know Byron participated to the discussion.
I just saw now a new draft for JSContact. However, it neither says whether
PREF is to be used to discriminate automatic email messages.
Best
Ale
--
_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext
