This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Peter Koch pk at DENIC.DE
Thu Apr 18 12:30:38 CEST 2019

Carlos, all,

On Wed, Apr 17, 2019 at 10:13:56PM +0100, Carlos Friaças via anti-abuse-wg wrote:

> > I also believe that certains occurences of "hijacking" constitute
> > unfriendly action, likely involving violation of crominal codes.
> 
> Yes, however, jurisdictions (and lack of laws in some of it) sometimes work
> against stopping criminal activities (again, dozens of different legal
> systems in the RIPE NCC Service Region, and beyond).

the Rule of Law principle is an achievement even if it appears to make things
complicated at times.

> > > BGP hijacking completely negates the purpose of a (Regional Internet) Registry.
> > 
> > This is unclear to me.  The Registry registers address space, not routes.
> 
> Yes, but one of the main purposes of a Registry is that everyone knows who
> is using a specific resource (or who is the legitimate holder).

Definitely the registry puts on record who the holder is, I'm not
sure that always includes "use".

> Those who are intentionally and continuously hijacking resources are
> removing value from the Registry for the whole community.

Quite to the contrary.  Without the registry you couldn't even tell.

> What's the point in having a Registry if people just decide which numbers to
> use, even if those Internet numbers are attached to another org with
> legitimate holdership and exclusive rights of usage?

That question answers itself.  Even more so, what's the point of removing
the resources registered by those "people" if they allegedly don't care
anyway?

> The rule, as we speak doesn't exist. Maybe using different wording, it could
> mean: "Resource hijacking is not allowed". Period.

While "hijacking" still needs to be defined, the statement in and of
itself is not a policy.

> So, the main/only course of action, as i see it today for an hijacked party
> (if the hijacker is from the RIPE region), is sending a complaint to a dutch
> court... and it's doubtful if the dutch court will not rule itself to be
> "unable to rule" on the matter...

Why would you ask the Dutch court?  Thanks to the Registry DB, the hijacked
party is hopefully able to prove holdership of a resource to take
mitigation to the operational level.

-Peter

Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]