[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

On Fri, 22 Mar 2019, Sascha Luck [ml] wrote:

> On Fri, Mar 22, 2019 at 12:21:43PM +0100, JORDI PALET MARTINEZ via 
> anti-abuse-wg wrote:
>> I don't think I've said that if it is really a victim. I know my English is 
>> bad, but not so terrible!
>
> not you, that was Carlos and he has since clarified what he
> meant.
>
>> A direct peer I mean here is the provider of the hijacker. Should you 
>> verify and filter anything that doesn't belong to your customer?
>
> I do because my customers are small-ish and mostly personally
> known to me and I can use manual prefix filters. I don't want
> to presume as to what is possible or scalable for other networks, nor even 
> what they should do.

Please let me add this:

Someone filing a report must identify the source of an hijack.

Sometimes hijackers "simulate" customers, to be able to shake-off any 
queries.

If you can prove you and "your customer" are not the one and the same 
party, the consequence should be zero, because you as a transit provider 
are also being a victim.

And here i would explicitely exclude any "warnings". 3rd parties can't be 
minimially liable for others' wrongdoings -- and currently to some people, 
hijacking is not even part of "wrongdoings".


Regards,
Carlos


> rgds,
> SL
>
>