This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Peter Koch pk at DENIC.DE
Wed Apr 17 15:38:32 CEST 2019

On Tue, Mar 19, 2019 at 01:41:22PM +0100, Marco Schmidt wrote:

> A new RIPE Policy proposal, 2019-03, "BGP Hijacking is a RIPE Policy Violation", is now available for discussion.

I have read the proposal version 1.0 as published on 13 March.

I believe that the proposers try to act with the best of intentions.

I also believe that certains occurences of "hijacking" constitute
unfriendly action, likely involving violation of crominal codes.

Looking at the supporting arguments however, I fail to see merit in any of them:

> BGP hijacking completely negates the purpose of a (Regional Internet) Registry.

This is unclear to me. The Registry registers address space, not routes.

> This community needs to explicitly express that BGP hijacking violates RIPE policies.

This is self referential - it remains unclear how and why "BGP hijacking" would violate
RIPE policies. It is also unclear that other courses of action are either unavailable
or unworkable.

> If nothing changes in this field, the reputation of the RIPE NCC service region will continue to be affected from a cybersecurity perspective due to BGP hijacking events.

Sorry, this is pure handwaving.

Looking at the proposal text itself, I fail to see what policy it actually proposes.
Instead of defining policy it suggest to instantiate a court like system that will,
without having either appropriate competence nor investigatory power, issue a finding of
whether or not a "policy violation" has happened. The only purpose is to construct
a compliance case for the NCC to terminate membership and/or withdraw ressource allocations
(or maybe assignments).
The topic of attribution is heavily discussed in a variety of fora and the approach
chosen in 2019-03 is, at best, overly optimistic.
At the same time it is unclear why the RIPE NCC should even consider this "policy"
in their compliance assessment.

That said, I wonder why this non-proposal met the threshold for being accepted in the
first place. Upholding my previous assessment, I do object to 2019-03.

The discussion phase has shown enough lack of clarity both in terms of defining what should
be considered "hijacking" as well as questions of proper jurisdiction. Therefore, I would
be highly surprised if this work of art would be declared ready for the review phase.

best regards,
Peter

Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]