This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carlos Friaças
cfriacas at fccn.pt
Thu Mar 21 15:16:43 CET 2019
Hi, please see inline, On Thu, 21 Mar 2019, Sascha Luck [ml] wrote: > What I really, really want to know is what do you envision the > consequences for such a breach of compliance to be... > Say, a member advertises ASnnnnn which they are are not assigned. > After a day or so its neighbours stop accepting that, possibly > due to complaints. 6 months later a report issues stating that the member has > violated RIPE policy. The member goes: "yeah, whatever, this was 6 months ago > and is > long 'fixed'" > What happens? It's somewhat more difficult to be get your own ASN wrong (the other party must accept your ASN..). If it was fixed (and there should be some documented proof about the fix) then i would say it could be accidental. (...) > I can see how advertising resources which are rightfully > allocated/assigned to someone else infringes on the rights of the > rightful "owner", I can not see how it is abuse against the > registry. Abuse against the registry's usefulness. (...) > No, it is a conflict resolution procedure to prevent a dispute > over land escalating into violence. To extend the analogy to the > internet resource realm, the "owner" of a resource is of course > free to procure a court order demanding that the "hijacker" stop > using it. The owner is not (at least here) entitled to take an > armed mob to the 'hijacker's' NOC and disconnect their routers. But the owner can broadcast to everyone who is the hijacker and which resources are being hijacked as a way of warning to everyone. The registry seems to me to be an excellent place to get the message through... (...) > If a 'hijacker' refuses to stop advertising hijacked resources or > refuses to cooperate and the ripe-697 procedure has run its > course, yes. How realistic is this? Are there any actual cases > where someone is long-term camping resources that are not theirs > and refuses to relinquish them even after being contacted? Yes, there are. But obviously the resources are not always the same. You can easily see this through stat.ripe.net and the routing tab, knowing who has done this...... The point here is that RIPE NCC doesn't even has any mandate to ask. And 2019-03 doesn't try to change that, but it tries to provide a way so anyone can complain about the situation, without the need to go to courts. (...) > Staff, Board, whatever. My point is that the *NCC* -AND ONLY THE > NCC- gets to make a determination that a breach has occurred and, > more importantly, whether it still pertains. It sounds to me as if you > propose to simply use the NCC as the > enforcement arm of the "Will Of The Community". Staff and Board are not the same. As i said, it is reasonable to me to replace "RIPE Board" for "RIPE Chair" (Hans-Peter please feel free to comment). The RIPE Chair (and if it comes to that a Vice-Chair too) represents the community, not the association. (...) > Same question as above: Is a persistent hijacker who refuses to > cooperate a valid threat? Yes, it is. Clearly. The hijack is a tool, it's not the endgame. (...) >> 2019-03 doesn't aim to stop intentional hijacks while they are happenning. >> The proposal is intended to show everyone that consequences might happen if >> they engage in these practices, and also reduce the amounts of hijacks from >> the same source. > > And this is where you contradict yourself. The SSA and ripe-697 > contain procedures to deal with and repair policy violations and > termination of membership only in case of refusal or > non-cooperation. A "resource hijack" that has ended means that > compliance is restored, so what are the "consequences"? You mean, until the next hijack starts from the same source? Because if the hijacker is the same, and events (with different prefixes) are repeated, the problem is still there... (...) > Please provide evidence for the claim that "RIPE and RIPE NCC's reputation > going down the drain". I've not heard that. Just to state one: Google for "Criminal Abuse in RIPE IP Space". It was presented at RIPE 77, on the anti-abuse WG. While the presentation is not about hijacks, it shows how someone from outside the region sees where a significant amount of rubbish is coming from. (...) >> Understood. You will not support 2019-03, regardless of the "speed" or the >> "cost" axis, or depending on any other variable. > > Correct. I disagree with the fundamental concept of turning the > RIPE NCC from a registry into a regulator. Industry self-regulation, yes. Turning RIPE NCC in a regulator, no, that's not really 2019-03's aim. (...) >>> But that is a discussion for another day. >> >> If so, i really don't understand why do you spend your time participating >> :-) > > There are times when I ask myself the same question. I guess > someone has to provide the adult view... I will decline answering this one. :-) Regards, Carlos > rgds, > SL >
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]