[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

In message <CAFV686e9aa8xhACUz+ePfbELU74MPcE-2PiC2-kpU-
1xAptxFA at mail.gmail.com>, Jacob Slater <jacob at rezero.org> writes

>While the idea of an a complaint form (with teeth) sounds appealing, I do
>not believe submission should be open to everyone. Only the party holding
>rights (as registered in a RIR) should be able to file a report regarding
>their own IP space.

there are two practical problems with that:

first: historically anyway, large Chinese providers have not seemed to
take much notice if their prefixes are hijacked...  this may be because
they are not using the IP space, or that they consider the class of user
for that space to have no business accessing resources outside of China
(the latter seems a bit unlikely, but the "Great Firewall of China" is a
complex set of devices so there may be a lot of proxying going on)

second: many hijackers have used space (and AS numbers) that was
allocated to entities that almost certainly don't exist any more.
Determining who holds the rights to this space (a question for the
liquidators of the companies involved I expect) is almost certainly
impossible to establish

which taken together mean that quite a number of the hijackers I have
chased down over the years would not be affected by this proposal :(

Also of course the proposed policy does cover unallocated space (large
chunks of which are currently announced as I pointed out earlier, which
still doesn't seem to be worrying many people). Would you expect IANA or
the RIRs to lodge complaints here ?

> If everyone is allowed to do so, we run several risks,
>namely that individuals with no knowledge of the situation (beyond that
>viewed in the public routing table) will file erroneous reports based on
>what they believe to be the situation (which may not be accurate, as some
>forms of permission for announcement are not documented in a way they could
>feasibly see). 

I entirely agree -- this just adds to the list of practical complexities
that I (and a few others) have been pointing out.

Yes hijacks can be simple to understand -- but they can be very complex
and perfectly legitimate activity can look like a hijack until a lot of
detail has been considered.

-- 
richard                                                   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 185 bytes
Desc: not available
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20190321/06c17657/attachment.sig>