[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

In message <20190322230602.GJ99066 at cilantro.c4inet.net>, 
"Sascha Luck [ml]" <aawg at c4inet.net> wrote:

>On Fri, Mar 22, 2019 at 02:43:14PM -0700, Ronald F. Guilmette wrote:
>>Yet Erik Bais is arguing that RIPE policy decisions should be driven by
>>a desire to accomodate the needs of exactly such Bad Actors.  That is
>...
>... Erik is in no way arguing Hacking Team's case...

You could have fooled me!  If he didn't want to use that case to try
to make a point -against- the proposal, then why did he even bring
up this old case in that kind of a context?

In any case, as the -full- posting that you snipped from made clear,
it doesn't really make any difference, one way or the other, to the
point that -I- tried to make.

I will try this again...

EVEN IF we accept, even just for the sake of argument, the highly
dubious and totally unsubstantiated allegation that the proprietors
of the Italian ISP Aruba were forced, threatened, cajoled, browbeat,
bribed, or tortured into doing the bidding of the Italian Police,
and specifically to perform a BGP hijack, then what lesson or message
should we all take from that?

The qustion is this:  Does the RIPE community want to continue to
effectively endorse... as it is now doing, by default, by failing to
condemn... the "rights" of the Italian Police, the British Police, the
German Police, the French Police, the Polish Police, the Serbian Police,
the Macedonian Ministry of Public Affairs, and maybe even the entire
Estonian Royal Navy Marching Band to perform BGP hijacks whenever it
suits the perceived purposes of each and every one of these organizations
or any of their constituent parts or departments?

If so, then I'd just like to point out that this is a VERY slippery
slope, and one that is quite likely to come back to haunt this
organization in the years ahead.  Is there a government anywhere
in all of europe that would NOT like to exercise more control over
what its own people and/or those of other nations hear, see, read, 
or think about?  Did the people of Spain have any say whatsoever in
the election of the Italian Police?  Given that they did not, does
this community really want to continue endorsing the notion that
various parts and pieces of individual national, regional, or local
governments have some sort of a soverign "right" to engineer BGP
hijacks, as the Italian Police are alleged to have done, at their
own unilateral whim?  Or should this body instead take arms against
this brewing sea of troubles and by opposing end them?

It cannot be both ways.  Either RIPE turns a deliberately blind eye
to hijacks or else it formally denounces them as being against policy.

I, for one, would be -glad- if indeed it was or could be proven that
the Italian Police were responsible for the hijacking incident in
question, because that fact, once proven, would hopefully make
everyone here wake up and smell the coffee.

It is fine for all of us here to sit around in our comfortable arm-
chairs and debate the finer points of the philosophical pros and cons
of the separation of church and state, or the separation of RIPE from
"enforcement", but while we are all sitting around having our high-
minded philosophical debates, out there in the real world, things
are happening, and not always good things.  If an Italian Police
Lieutenant can order the hijacking of a block of IP addreses today,
and if there are -zero- repercussions from that, then what is there
to prevent a Belarusian Minister of Information from doing the same
thing tomorrow, but with significantly more sinister intent?

Is this REALLY the future that the RIPE community wants?  A future
where every junior-league despot sitting in some cramped and dimly-lit
ministerial office in any country in europe can order a hijack, and
then no matter what the reasons or context, everyone will just shrug
and say "Oh, well, that's OK then", because it was done "under color
of law" in that specific country?

I am honestly flummoxed that I even need to point out how insane this
is.  And yet this is the exact indefensible status quo favored by
the conservatives who insist that RIPE must remain NOT the master in
its own house.


Regards,
rfg