This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jacob Slater
jacob at rezero.org
Fri Mar 22 06:46:08 CET 2019
> > First, I'm not sure I either understand or am even aware of these alleged > "forms of permission for announcement {that} are not documented". So > perhaps > Mr. Slater could elaborate upon that, for my benefit, and perhaps also for > that of others who may also be similarly in the dark about what he's > talking > about here. > Route objects are not always required. While route objects are generally preferred and should be used, letters of authorization are still in use today. You certainly wouldn't see them in a public database (though you might see objects which claim to be tied to them). Even if you do, they may well be stale and no longer accurate. and if so, the reasons for that. > Because they have had no valid reason to do so yet. Making it a policy violation doesn't seem like the right way to encourage them to do so. It is not the job of the NCC to tell users how to run their network. As annoying as it is at times, this includes how users choose to authenticate their announcements. I think the proposal moves us closer to a state of civility and > civilization. > You might well claim, as you have, that it permits and carves out some > space still for "vigilantism" in the process, but it does so only with > respect to the submission of reports that would then, by design, be > reviewed and judged by others. I have trouble seeing how this could > be harmful. I do agree that it opens up the possibility of perhaps > having everyone's time wasted, perhaps even frequently, with meritless > and bogus reports, but I think that it is premature to assume that such > an outcome will, in practice, be common enough to merit serious concern. > Time will tell. > I agree that it may be presumptuous to guess at how much time will be wasted without any justification. That said, I have seen a significant number of recent reports on various mailing lists of accused hijackers. While some of them have been accurate, some of them definitively jump to premature conclusions. I, for one, would like to at the very least minimize the impact (in both stress and time) that such users would have on the time of all involved. Given your comments (along with some of the others mentioned), perhaps the best way to approach the issue is with explicitly stated guidelines for how hijacking reports should be processed and treated on the basis of both credibility (i.e. bogon/prefix holder) and bulk in a holistic sense. If done properly, it would minimize the risk for noncredible reports to cause impact for a given entity (based on the beliefs of a particular expert) while allowing groups beyond the specific prefix holder to make complaints (which have the potential to be taken seriously). >Additionally, while the policy does define a difference between accidental > >and intentional hijacking, it does not differentiate between the two... > > If that's true, then it should certainly be fixed. > Reading through the exact text, the only mention of the distinction appears to be a definition. On Thu, Mar 21, 2019 at 9:34 PM Ronald F. Guilmette <rfg at tristatelogic.com> wrote: > > In message < > CAFV686e9aa8xhACUz+ePfbELU74MPcE-2PiC2-kpU-1xAptxFA at mail.gmail.com> > Jacob Slater <jacob at rezero.org> wrote: > > >... If everyone is allowed to {file reports}, we run several risks, > >namely that individuals with no knowledge of the situation (beyond that > >viewed in the public routing table) will file erroneous reports based on > >what they believe to be the situation (which may not be accurate, as some > >forms of permission for announcement are not documented in a way they > could > >feasibly see). Allowing for competent complaints (with teeth) to be filed > >is a good idea; needlessly permitting internet vigilantes to eat > management > >time based on a flawed view of the situation is not. > > I have two issues with the quote above. > > First, I'm not sure I either understand or am even aware of these alleged > "forms of permission for announcement {that} are not documented". So > perhaps > Mr. Slater could elaborate upon that, for my benefit, and perhaps also for > that of others who may also be similarly in the dark about what he's > talking > about here. > > All I know is that the RIPE WHOIS data base contains, among much other > stuff, > route: object which generally document what is generally believed to be > information about properly authorized (by the affected resources holder) > routing permissions. If there exists information about properly authorized > routing permissions that is -not- present in and among those data base > route > objects, then I do have to wonder if some such routing permissions either > cannot be or should not be represented as route object in the official data > base, and if so, the reasons for that. > > Second, although the word "vigilante" has, in the modern era, come to have > much negative connotation, there was quite certainly was a time and place > when and where that was not so. I am speaking specifically of the > American West in the time before it became entirely civilized and in > the time before it had a full compliment of established legislatures, > established laws, established courts, established (and paid) law > enforcement > agents, and all of the other bits, pieces, and accoutrements, of what > we all, in the modern era, think of as a properly functioning system of > justice. In that time and place early settlers did often band together > in order to enforce at least some sense of community-backed justice. > It wasn't always pretty, and it wasn't always fair or just, but in the > absence of officially authorized systems of justice, it was often all > that those early settlers had to defend themselves from the unjust > tyrany of the strong against the weak. > > To say that there are more than a few similarties between the current > Internet and the "Wild West" of ledgend and lore would neither be an > entirely inaccurate observation nor would it even be a particularly novel > one. Many commentators have drawn this exact analogy at various times > over the past couple of decades. A more interesting question is whether > or not the proposal on the table at the moment moves the Internet closer > to or further away from a morden "civilized" state of affairs. > > I think the proposal moves us closer to a state of civility and > civilization. > You might well claim, as you have, that it permits and carves out some > space still for "vigilantism" in the process, but it does so only with > respect to the submission of reports that would then, by design, be > reviewed and judged by others. I have trouble seeing how this could > be harmful. I do agree that it opens up the possibility of perhaps > having everyone's time wasted, perhaps even frequently, with meritless > and bogus reports, but I think that it is premature to assume that such > an outcome will, in practice, be common enough to merit serious concern. > Time will tell. > > In sort, if the policy goes into effect and if it -then- becomes evident > that quite a lot of bogus reports are coming in as a result, I think that > some means of dealing with that problem can be devised and implemented > at that time. I, however, do not anticipate any such troublesome flood > of bogosity. > > >Additionally, while the policy does define a difference between accidental > >and intentional hijacking, it does not differentiate between the two... > > If that's true, then it should certainly be fixed. > > > Regards, > rfg > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/anti-abuse-wg/attachments/20190321/b920bc04/attachment.html>
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]