[anti-abuse-wg] anti-abuse-wg Digest, Vol 88, Issue 72

Sorry off topic.
How Come I subscribed to digest yet getting multiple mails per day?


Cheers/DP

On Sat, Mar 23, 2019, 22:53 <anti-abuse-wg-request at ripe.net> wrote:

> Send anti-abuse-wg mailing list submissions to
>         anti-abuse-wg at ripe.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://mailman.ripe.net/
> or, via email, send a message with subject or body 'help' to
>         anti-abuse-wg-request at ripe.net
>
> You can reach the person managing the list at
>         anti-abuse-wg-owner at ripe.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of anti-abuse-wg digest..."
>
>
> Today's Topics:
>
>    1. Re: 2019-03 New Policy Proposal (BGP Hijacking is a RIPE
>       Policy Violation) (Carlos Fria?as)
>    2. Re: 2019-03 New Policy Proposal (BGP Hijacking is a RIPE
>       Policy Violation) (Sascha Luck [ml])
>    3. Re: 2019-03 New Policy Proposal (BGP Hijacking is a RIPE
>       Policy Violation) (Lu Heng)
>    4. Re: 2019-03 and over-reach (Nick Hilliard)
>    5. Re: 2019-03 and over-reach (Hank Nussbacher)
>    6. Re: 2019-03 and over-reach (Hank Nussbacher)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sat, 23 Mar 2019 13:39:04 +0000 (WET)
> From: Carlos Fria?as <cfriacas at fccn.pt>
> To: T?ma Gavrichenkov <ximaera at gmail.com>
> Cc: anti-abuse-wg at ripe.net
> Subject: Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP
>         Hijacking is a RIPE Policy Violation)
> Message-ID: <alpine.LRH.2.21.1903231315330.9599 at gauntlet.corp.fccn.pt>
> Content-Type: text/plain; charset="iso-8859-15"; Format="flowed"
>
>
> On Sat, 23 Mar 2019, T?ma Gavrichenkov wrote:
>
> > Hi all,
>
> Hi,
> (will try to keep it short)
>
>
> (...)
> > 1. As of now, the draft looks like a nice example of "document
> > designed by a committee".
> >
> > It's too strict where there's no real need to be strict, and at the
> > same time too weak where you don't expect it to be weak. E.g. 4 weeks
> > to report + 4 weeks to investigate + 2 weeks for an appeal give us
> > solid 10 weeks for an attack to stay there, which is, to put it
> > gently, a substantial amount of time.
>
> Just two co-authors. The set will grow for proposals in other RIRs. And
> we'll gladly accept help, as Jordi is doing the most of heavy lifting.
>
> If your issue is timescales they can be adapted in subsequent versions.
> What we tried to design here was "due process" with enough "checks &
> balances" embedded.
>
>
> (...)
> > 2. OTOH the ultimate result (membership cancellation) may be seen as a
> > very heavy punishment.
> >
> > In fact in theory this policy could make things worse.
>
> The scenarios you and others mentioned should be run through the process
> and what you call "the ultimate result" should only happen if there is
> absolutely no doubt about the intent and about the 'who'. If company A
> takes control of company B's router (or hires someone to do it) is already
> doing something which in most jurisdictions could fall onto "crime". If
> company A could be identified, then they could/should be the 'who', and
> not company B.
>
> I won't expect this proposal will stop *all* intentional hijackers.
> Firstly it will depend on a complaint/report, then it must be crystal
> clear (with all the checks & balances in place) that is was intentional,
> and the hijack was made by person/org X. So if you see bogus routes from
> <big company name here>'s ASN coming from somewhere in the world where
> they have no business, that's because someone else is (ab)using their
> ASN...
>
> (I would also like to hear Randy's take on 2019-03, even now before
> version 2)
>
>
> (...)
> > 3. If I were to design that process, I'd put it in a different way, e.g.:
>
> It's not explicitely written down, but yes, the idea was to have a
> (pre-existing) worldwide pool of experts. The timescales were mostly
> designed expecting it would be possible to build that pool on a voluntary
> basis. So 4 weeks was for a set of experts to agree on the report,
> possibly on their own free time... :-)
>
>
> Best Regards,
> Carlos
>
> ------------------------------
>
> Message: 2
> Date: Sat, 23 Mar 2019 13:54:06 +0000
> From: "Sascha Luck [ml]" <aawg at c4inet.net>
> To: JORDI PALET MARTINEZ <jordi.palet at consulintel.es>
> Cc: anti-abuse-wg at ripe.net
> Subject: Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP
>         Hijacking is a RIPE Policy Violation)
> Message-ID: <20190323135406.GO99066 at cilantro.c4inet.net>
> Content-Type: text/plain; charset=us-ascii; format=flowed
>
>
> All,
>
> can I ask every participant in this discussion to PLEASE, PLEASE
> quote properly. It's becoming absolutely impossible to ascertain
> who wrote what and who made a statement and who answered it.
>
>
> To brass tacks:
>
> On Sat, Mar 23, 2019 at 01:44:21PM +0100, JORDI PALET MARTINEZ via
> anti-abuse-wg wrote:
> >    Immediate membership suspension at the end if the experts decide it's
> >    necessary to do so now.
>
> This is not possible under the SSA/ripe-697. Section 1.2.1.1 of
> ripe-697 states clearly the grounds for termination of
> membership. "BGP hijacking" is not one of them. While it is
> presumably possible to add additional reasons, it will be,
> TTBOMK, only by membership vote.
>
> I did at the start decide to give this proposal the benefit of
> the doubt but I am now convinced that its intent is the
> subversion of the RIPE NCC in order to force it to abuse its
> dominant market position to remove from (internet) existence,
> members who exhibit behaviour that, while arguably legal,
> elements of this community don't like.
>
> Moreover, the proposal aims at doing this while largely
> excluding the RIPE NCC itself from the decision-making process,
> instead using some panel of "experts" to decide who should live
> and who should die. Whence the authority of these "experts"
> comes is not explained. The NCC Board  is then, or so I surmise,
> tasked with giving this decision an air of legitimacy by
> ratifying it. Why the (unpaid) Board would even accept such a
> questionable honour, I don't know, especially in light of the
> potential liabilities.
>
> Further, the danger exists that this community is not done yet.
> Once a mechanism to terminate unwelcome behaviour is established,
> it is relatively easy to plug in any other behaviour that this
> community, or elements thereof, would like to see removed from the
> internet.
>
> In conclusio, this proposal has the potential to irredeemably
> damage the relationship the NCC has with its members and I would
> even argue that it has the potential to threaten the very
> existence of the NCC if the powers that be decide that it is
> abusing its power as a monopoly provider.
>
> For the avoidance of doubt, I remain in opposition,
>
> SL
>
>
>
> ------------------------------
>
> Message: 3
> Date: Sat, 23 Mar 2019 22:26:46 +0800
> From: Lu Heng <h.lu at anytimechinese.com>
> To: "Sascha Luck [ml]" <aawg at c4inet.net>
> Cc: JORDI PALET MARTINEZ <jordi.palet at consulintel.es>,
>         anti-abuse-wg at ripe.net
> Subject: Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP
>         Hijacking is a RIPE Policy Violation)
> Message-ID:
>         <CAAvCx3jaLVGJxH-KBfwsTt-gWk7v77ceDAmm=
> DM0yvsO__ioMA at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> On Sat, Mar 23, 2019 at 21:54 Sascha Luck [ml] <aawg at c4inet.net> wrote:
>
> >
> > All,
> >
> > can I ask every participant in this discussion to PLEASE, PLEASE
> > quote properly. It's becoming absolutely impossible to ascertain
> > who wrote what and who made a statement and who answered it.
> >
> >
> > To brass tacks:
> >
> > On Sat, Mar 23, 2019 at 01:44:21PM +0100, JORDI PALET MARTINEZ via
> > anti-abuse-wg wrote:
> > >    Immediate membership suspension at the end if the experts decide
> it's
> > >    necessary to do so now.
> >
> > This is not possible under the SSA/ripe-697. Section 1.2.1.1 of
> > ripe-697 states clearly the grounds for termination of
> > membership. "BGP hijacking" is not one of them. While it is
> > presumably possible to add additional reasons, it will be,
> > TTBOMK, only by membership vote.
> >
> > I did at the start decide to give this proposal the benefit of
> > the doubt but I am now convinced that its intent is the
> > subversion of the RIPE NCC in order to force it to abuse its
> > dominant market position to remove from (internet) existence,
> > members who exhibit behaviour that, while arguably legal,
> > elements of this community don't like.
> >
> > Moreover, the proposal aims at doing this while largely
> > excluding the RIPE NCC itself from the decision-making process,
> > instead using some panel of "experts" to decide who should live
> > and who should die. Whence the authority of these "experts"
> > comes is not explained. The NCC Board  is then, or so I surmise,
> > tasked with giving this decision an air of legitimacy by
> > ratifying it. Why the (unpaid) Board would even accept such a
> > questionable honour, I don't know, especially in light of the
> > potential liabilities.
> >
> > Further, the danger exists that this community is not done yet.
> > Once a mechanism to terminate unwelcome behaviour is established,
> > it is relatively easy to plug in any other behaviour that this
> > community, or elements thereof, would like to see removed from the
> > internet.
> >
> > In conclusio, this proposal has the potential to irredeemably
> > damage the relationship the NCC has with its members and I would
> > even argue that it has the potential to threaten the very
> > existence of the NCC if the powers that be decide that it is
> > abusing its power as a monopoly provider.
>
>
> Very well said, +1
>
> >
> >
> > For the avoidance of doubt, I remain in opposition,
> >
> > SL
> >
> > --
> --
> Kind regards.
> Lu
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> /ripe/mail/archives/anti-abuse-wg/attachments/20190323/579a0fb5/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 4
> Date: Sat, 23 Mar 2019 15:49:16 +0000
> From: Nick Hilliard <nick at foobar.org>
> To: JORDI PALET MARTINEZ <jordi.palet at consulintel.es>
> Cc: "anti-abuse-wg at ripe.net" <anti-abuse-wg at ripe.net>
> Subject: Re: [anti-abuse-wg] 2019-03 and over-reach
> Message-ID: <6179dc11-f299-c076-0ae1-2f2d22eb6115 at foobar.org>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> JORDI PALET MARTINEZ via anti-abuse-wg wrote on 23/03/2019 11:52:
> > ?El 23/3/19 12:32, "Nick Hilliard" <nick at foobar.org> escribi?:
> >      1. it's not the job of the RIPE NCC to make up for a short-fall of
> civil
> >      legislation in this area, no matter how distasteful we might find
> the
> >      consequences of this;
> >
> > And we aren't doing that.
>
> If there were legislation and enforcement in this area, we wouldn't be
> having this conversation.
>
> >      2. you can throw anything into a contract, but that doesn't mean
> it's
> >      enforceable or even lawful. > [...]
> >      In this particular case, the suggestion is for the RIPE NCC to start
> >      making judgements about potentially legal actions between second or
> >      third parties, potentially involving non-related resources and to
> deny
> >      and/or withdraw number registration services on that basis.  This
> does
> >      not sound legally enforceable.
> >
> > No, it is not a matter of parties. It is a matter of the membership
> rules.
>
> Jordi, you need to take legal advice on this before proceeding further.
>
> Nick
>
>
>
> ------------------------------
>
> Message: 5
> Date: Sat, 23 Mar 2019 19:17:06 +0200
> From: Hank Nussbacher <hank at efes.iucc.ac.il>
> To: anti-abuse-wg at ripe.net
> Subject: Re: [anti-abuse-wg] 2019-03 and over-reach
> Message-ID: <cd9860db-d5d4-da6d-d07b-902affd1474c at efes.iucc.ac.il>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> On 23/03/2019 00:19, Sander Steffann wrote:
> >> But, this is not how to handle the problem of BGP hijacking.  Even if
> it had the slightest possibility of making any difference at a technical
> level (which it won't), the proposal would set the RIPE Community and the
> RIPE NCC down a road which I believe would be extremely unwise to take from
> a legal and political point of view, and which would be difficult, if not
> impossible to manoeuver out of.
> > I fully agree with Nick. BGP hijacking has to be fought, but this is not
> the way?
> Exactly how successful has been MANRS - our attempt at self-regulation?
>
> Regards,
> -Hank
> >
> > Cheers,
> > Sander
> >
>
>
>
>
> ------------------------------
>
> Message: 6
> Date: Sat, 23 Mar 2019 19:23:20 +0200
> From: Hank Nussbacher <hank at efes.iucc.ac.il>
> To: anti-abuse-wg at ripe.net
> Subject: Re: [anti-abuse-wg] 2019-03 and over-reach
> Message-ID: <e72ebef7-2ebc-be2e-c75c-ba203d0d3dd8 at efes.iucc.ac.il>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> On 23/03/2019 13:31, Nick Hilliard wrote:
> > JORDI PALET MARTINEZ via anti-abuse-wg wrote on 22/03/2019 22:55:
> >> The legal bindings of the NCC already have that for those that don?t
> >> follow existing policies, don?t pay bills, etc. So, the proposal is
> >> adding in the table a policy for confirming what is a hijack
> >> according to the community consensus. Same way we did for how we
> >> distribute resources, do transfers, etc.
> >
> > Hi Jordi,
> >
> > couple of things:
> >
> > 1. it's not the job of the RIPE NCC to make up for a short-fall of
> > civil legislation in this area, no matter how distasteful we might
> > find the consequences of this;
> Purity of concept will result in massive gov't intervention since we
> will have shown that we don't know how to self-regulate.
> The voices are already there:
> https://hackernoon.com/why-the-internet-must-be-regulated-9d65031e7491
> If you have an alternative solution, not even a better one, please
> suggest it.
>
> Regards,
> Hank
>
>
>
>
>
>
>
>
> End of anti-abuse-wg Digest, Vol 88, Issue 72
> *********************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20190323/0ce68721/attachment.html>