[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

On Thu, 18 Apr 2019, Richard Clayton wrote:

>
> Hard to tell in some cases whether the people running the hosting
> company were merely in league with the hijackers or the hijackers
> themselves. Only a court would care about the difference -- the
> practical view is that it just means that action needs to be taken by
> peers or by an IXP (or both)
>

Even harder is having a court decision about such a matter.


>
> and rightly so ... and in my experience (you really should note the
> people here with experience) they want to gather their own evidence and
> form their own judgment before doing something so significant. That's
> why your proposal for RIPE NCC being forced to act by a semi-detached
> panel of experts is so deeply flawed.
>

Why "semi-detached"? They must be impartial to start with.


>> I agree IXPs are important. However the RIRs can be useful at a larger scale...
>
> you have no evidence for that -- you are just hoping that they will be

One IXP can show a bad actor the door.
The RIR, by revoking an ASN number (if it gets to that) can make the bad 
actor lose the main technical requirement to be part of most IXPs.

That said, *if* this happens, it's not a company shutdown, but the company 
will need a new ASN number, at least to keep its operation in several 
IXPs.
Again, without an ASN, company operation would still be possible (outside 
IXP environment), resorting even to a single upstream.


Carlos