[anti-abuse-wg] Attempting to provide some transparency to RIPE NCC abuse handling (was Notice: Fradulent RIPE ASNs)

Sorry for the late reply. I have been off working on other things.


In message <20130122100335.443507cf at shane-desktop>, 
Shane Kerr <shane at time-travellers.org> wrote:

>The idea is to create a system which allows continued confidentiality,
>but makes public possible abuses. It prevents the RIPE NCC from getting
>50 reports about an abusive LIR and ignoring them... which is what you
>are concerned about, right?

No, not actually.

I am concerned about RIPE NCC getting _one_ highly _accurate_ report, like
the one I posted here recently, and then sweeping it under the rug (aka
"hushing it up"), in one way or another.  That could be by just ignoring
it, and letting the thief keep what he stole, or it could be by taking
back what was stolen, and possibly imposing some sort of penalty/sanction
against the thief, but all done quietly, behind the scenes, without any
public notice which would take the general form "So-and-so was determined
by RIPE NCC staff to have comitted a fraud, thereby obtaining thus-and-such
number resource in a manner inconsistant with current RIPE policy."

The number of reports shouldn't matter.  As far as I know, I am the only
one who either found or reported that big mess/fraud in Romania,  so
RIPE NCC now has in hand exactly and only _one_ report about that.  That's
not the issue.  The issue is, what happens when RIPE NCC verifies what I've
said, i.e. that all those ASNs.... and, not coincidently, all of the IPv4
space they have been allocated and/or that they are routing... was all
obtained via fraud, deceit, or artifice?  Will the perpetrators *and* those
who aided and abetted them be publically outted?  Or will the results of
RIPE NCCs investigation all just be hushed up, you know, so that the exact
same crooks can just come back and do it all over again in a month or two?

>If you think that improving transparency is a reasonable goal...

I do.

>but that
>the check box idea is silly... excellent! Please propose an alternate
>way to improve things!

Well, in the first place, the specific "transparency" that I would like
to see improved... or rather that I would like to see come into existance
(because right now, it seems, there isn't _any_ of it) is RIPE NCC's
transparency... not _my_ transparency.  I'm not the one keeping secrets.

Secondarily however, let me say that I _am_ mulling over an idea that I
have had which may perhaps be useful in getting more eyes focused on at
least the externally provided _reports_ of these kinds of issues, if not
also RIPE NCC's (secretive) response(s) to same.

>If you think that the goal is unreasonable, because the RIPE NCC will
>never, ever provide any transparency to its operations...

If??

I have been informed that RIPE NCC works under the same sorts of confi-
dentiality arrangement as ARIN.  I have some experience with ARIN's
handling of these sorts of things, and I can assure you that they behave
entirely like the proverbial "black box", "brick wall", name your metaphor.

So, um, yes.  I believe that "RIPE NCC will never, ever provide any
transparency to its operations" with respect to these sorts of incidents.
In fact I have been point blank told as much by a RIPE NCC staff member.

>then your
>objection is of the sort, "it won't help". In that case, perhaps you
>should at least let us try?

Try what, exactly?

I'm sorry.  I'm not following.

Could you please elaborate?


Regards,
rfg