This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jacob Slater
jacob at rezero.org
Thu Mar 21 18:35:54 CET 2019
Hello All, While I am in general support of the proposal’s ideas, I have several concerns with regards to the specific implementation. While the idea of an a complaint form (with teeth) sounds appealing, I do not believe submission should be open to everyone. Only the party holding rights (as registered in a RIR) should be able to file a report regarding their own IP space. If everyone is allowed to do so, we run several risks, namely that individuals with no knowledge of the situation (beyond that viewed in the public routing table) will file erroneous reports based on what they believe to be the situation (which may not be accurate, as some forms of permission for announcement are not documented in a way they could feasibly see). Allowing for competent complaints (with teeth) to be filed is a good idea; needlessly permitting internet vigilantes to eat management time based on a flawed view of the situation is not. Additionally, while the policy does define a difference between accidental and intentional hijacking, it does not differentiate between the two with regards to policy violations. While some discretion should be left up to the expert, it seems odd to include this differentiation without simultaneously explicitly stating that accidental hijacking should generally be treated less severely. I am by no means attempting to state that constant, unlearned-from mistakes should be overlooked; I am merely stating that the odd one-off event should be explicitly prohibited from bringing down an entire LIR. Fat fingering happens. Finally, how does the proposed policy apply to sponsored resources (ASNs and PI space)? Is an entire LIR to be held accountable for sponsoring the resources for users who are otherwise supposed to be independent? Jacob Slater On Tue, Mar 19, 2019 at 8:41 AM Marco Schmidt <mschmidt at ripe.net> wrote: > Dear colleagues, > > A new RIPE Policy proposal, 2019-03, "BGP Hijacking is a RIPE Policy > Violation", is now available for discussion. > > The goal of this proposal is to define that BGP hijacking is not accepted > as normal practice within the RIPE NCC service region. > > You can find the full proposal at: > https://www.ripe.net/participate/policies/proposals/2019-03 > > As per the RIPE Policy Development Process (PDP), the purpose of this > four-week Discussion Phase is to discuss the proposal and provide feedback > to the proposer. > > At the end of the Discussion Phase, the proposers, with the agreement of > the Anti-Abuse WG co-chairs, decide how to proceed with the proposal. > > We encourage you to review this proposal and send your comments to < > anti-abuse-wg at ripe.net> before 17 April 2019. > > Kind regards, > > Marco Schmidt > Policy Officer > RIPE NCC > > Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum > > -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/anti-abuse-wg/attachments/20190321/8b4a587c/attachment.html>
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]