This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] On +1s and Policy Awareness AND Astro... something...
- Previous message (by thread): [anti-abuse-wg] On +1s and Policy Awareness AND Astro... something...
- Next message (by thread): [anti-abuse-wg] On +1s and Policy Awareness AND Astro... something...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Eduardo Duarte
eduardo.duarte at dns.pt
Thu Apr 4 20:19:14 CEST 2019
+1. I'm also one of the first "+1" and Yesterday when all this discussion started I wanted to write the email that Marco did but unfortunately no time was left for me to do it. :| So I just want to give me support to what Marco said and off course to 2019-03. Also I would to remind all the community that usually what happens to communities that cannot regulate themselves is that some outsider comes and regulated them... Best regards, Aviso de Confidencialidade/Disclaimer: Este e-mail foi escrito de acordo com o novo acordo ortográfico. Esta mensagem é exclusivamente destinada ao seu destinatário, podendo conter informação CONFIDENCIAL, cuja divulgação está expressamente vedada nos termos da lei. Caso tenha recepcionado indevidamente esta mensagem, solicitamos-lhe que nos comunique esse mesmo facto por esta via devendo apagar o seu conteúdo de imediato. This message is intended exclusively for its addressee. It may contain CONFIDENTIAL information protected by law. If this message has been received by error, please notify us via e-mail and delete it immediately. [ Antes de imprimir esta mensagem pense no ambiente. Before printing this message, think about environment ] Às 16:52 de 04/04/19, CSIRT.UMINHO Marco Teixeira escreveu: > (Please mind, this is my personal opinion. The signature was left for consensus evaluation and background context) > > Dear RIPE associates, and other longtime participants in this mailing list, > > While I speak for myself, I might incur the risk of representing a lot of the so-called "Astroturfers?!". While some accuse (please don't take it personally, it's just clarification) the newcomers of being voiceless, I must say that I have been, with great effort, refraining from going into a long discourse on a list where I am new. That should not be understood as a sign of "spamming" a vetting process, but as a sign of respect for all of you, long-standing members of RIPE, guardians of our IP addresses, one of the building blocks of the Internet :-) > > I have before, stated that you might start to see some newcomers from .PT, and the reason for that being related to a famous post from Ronald Guilmette mentioning a Portuguese bad actor. This particular BGP Hijack was discussed at one of the Portuguese CSIRT Network meetings (www.redecsirt.pt), and draw some attention to all the 30+ members, and to me in particular, on the lack of policy by RIPE regarding this. So, it's just natural, I guess, that when most of my fellow countryman from this security community saw this opportunity of amending this, they subscribed and voted +1. After all, if they agree on the text of the policy, why pollute the mailing-list with repetitive discourse... > > Having said that, please consider for this discussion, from a (no more) RIPE outsider, it's somewhat weird that RIPE (as in the community), being an association of good people, seems to be somewhat reluctant to take action and approve a policy to self regulate against misuse of these same IP resources... I understand that we must not "sacrifice our freedom for a small feeling of security", but I hope (while I have not read all of RIPE rules on this) that if abused, this policy can, any point in time, be put to discussion for review, and improve whatever article is being abused. > > As for those who defend BGP Hijacks are to be resolved with a BCP (or any other "technical solution"), mind that BCP regarding hijacks already have some time and little results. As do other BCP, like "source-spoofing" and we still see it at large... why? because it hurts your bottom-line. The sole purpose of a "Company" is to distribute the largest amount possible of dividends to shareholders! (imagine the manpower for transit tear 1's applying BGP filtering). It's in these scenarios that regulation comes to play. And better to self-regulate then wait for state regulation when the next hijack hits your industry 4.0 or your local smart city, or even when some "Einstein" thinks it's ok to hijack networks from another country state agency... > > As one last thought, again IMHO, I believe BGP Hijacking is one of the most pressing issues, menacing the Internet resiliency, and it must be dealt with. In the same manner, we apply AUP's to our users, it's RIPE responsibility, to clearly state, it is not acceptable, and it will have consequences... Raising the risk for companies is the only way we tip the balance of "Loss vs Earning", and hopefully eradicate bad actors, or hopefully even stopping them right at their business plans. > > This is why I support "2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)" > > Best regards, > Marco > ----------------------------------------------------------------------- > CSIRT.UMINHO - Universidade do Minho > https://csirt.uminho.pt | report at csirt.uminho.pt | info at csirt.uminho.pt > ----------------------------------------------------------------------- > > ----- Mensagem original ----- >> De: "Brian Nisbet" <brian.nisbet at heanet.ie> >> Para: "anti-abuse-wg" <anti-abuse-wg at ripe.net> >> Enviadas: Quinta-feira, 4 De Abril de 2019 9:42:32 >> Assunto: [anti-abuse-wg] On +1s and Policy Awareness >> Colleagues, >> >> Two (broad) things to address, while, of course, noting that I would ask you all >> to assume best intent in all of your fellow working group members. And to post >> as politely as possible yourself! >> >> I have, repeatedly, pointed out that all of the emails are being read by the >> Co-Chairs and the RIPE PDO. Short messages of support or +1s are noted and >> considered, but this is not a vote. I think I've said that twice now, hopefully >> the third time will be enough. We have also read the opinions of people about >> this, however the original statement remains unchanged. If, at the appropriate >> points, anyone in the working group feels the Co-Chairs have erred in our >> decision regarding consensus, then there is an appeals process. >> >> RIPE 710 covers the whole PDP and section 4 specifically covers appeals - >> https://www.ripe.net/publications/docs/ripe-710 >> >> On the general awareness of the policy, the announcement on 2019-03 was posted >> to the Policy Announce list and to Routing-WG in addition to here. It has also >> been raised in a few other locations. Given where we are right now in the >> initial Discussion Phase and the plans by the authors to produce a v2.0 of the >> document, I would strongly suggest (but note that it is not certain) that >> nothing will have been decided by RIPE 78, when even more people will become >> aware. If people choose not to join the mailing list nor use the RIPE Forum to >> participate, then there is little the AA-WG can do. >> >> So please, especially given all the nice things people have said about the >> Co-Chairs, and thank you for that, can you trust that we are both seeing all of >> the messages and treating them as stated, and if you don't agree, there is a >> process by which you can express this, rather than all going back and forth >> again here. >> >> You can also always contact the Co-Chairs directly on aa-wg-chair at ripe.net >> >> Thanks, >> >> Brian >> Co-Chair, RIPE AA-WG >> >> >> >> Brian Nisbet >> Service Operations Manager >> HEAnet CLG, Ireland's National Education and Research Network >> 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland >> +35316609040 brian.nisbet at heanet.ie www.heanet.ie >> Registered in Ireland, No. 275301. CRA No. 20036270 -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/anti-abuse-wg/attachments/20190404/84c5ac0e/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4634 bytes Desc: Assinatura criptogr��fica S/MIME URL: </ripe/mail/archives/anti-abuse-wg/attachments/20190404/84c5ac0e/attachment.p7s>
- Previous message (by thread): [anti-abuse-wg] On +1s and Policy Awareness AND Astro... something...
- Next message (by thread): [anti-abuse-wg] On +1s and Policy Awareness AND Astro... something...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]