The AFRINIC Board has recently ratified a policy proposal (AFPUB-‐2010-‐GEN-‐006) which specifies a dedicated object to be used by AFRINIC members to publish information about the contacts responsible for addressing abuse inquiries from the number resources which the member is issued. This policy was implemented by AFRINIC on 05 May 2012. Previously, it has not been possible to explicitly declare abuse contacts for AfriNIC Whois resource data.
Although the referral to the IRT object is optional in the resources objects, AFRINIC encourages all members to actively start making use of this policy to publish abuse contact information. This chiefly ensures that complaints from anyone about abuse issues emanating from a given number resource are redirected to the appropriate individual(s).
This document recommends guidelines that concerned organizations could use while making use of this policy to avail contact persons responsible for network abuse related queries pertaining to their IP addresses and other number resources.
The “irt” (Incident Response Team) Whois database object has been introduced for the purposes of availing abuse contact information for any given number resource.
IRT objects provide information about a CSIRT (Computer Security Incident Response Team), which is basically a group of individuals responsible for handling network security incidents and reports for any given organization or entity.
Once created/formed by the members or concerned organization, the following information about an IRT should be available before attempting to create the object:
The IRT Whois database template
“Signature” and “encryption” attributes in the IRT object require PGP keys. PGP key can also be used as authentication scheme in the object. Although PGP use is optional in the IRT object, we strongly recommend its usage when managing IRT data.
PGP is the preferred method of use for secure e-‐mail communication. In order to send secure communication to the IRT and for the IRT to send out secure communication, it is necessary to use PGP by creating “key-‐cert” objects in the Whois database, which are basically public keys to be used for this purpose.
The public key in the “signature” attribute is for authenticating all correspondence from the Incident Response Team (IRT), while the key in the “encryption” attribute is for encrypting correspondence to the IRT.
As associating the IRT object to the resources objects requires the authentication through the authentication scheme of the IRT object, using PGP avoids sharing the IRT password with resources holders/maintainers
Anyone using AFRINIC database to look for abuse contacts for resources allocated by AFRINIC should use contact information from the IRT object associated to the concerned objects before proceeding as described at https://www.afrinic.net/Registration/spam.htm.
Please address any issues or concerns to firstname.lastname@example.org