This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2019-03 and over-reach
- Previous message (by thread): [anti-abuse-wg] 2019-03 and over-reach
- Next message (by thread): [anti-abuse-wg] 2019-03 and over-reach
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Sat Mar 23 22:13:58 CET 2019
In message <b178ce96-b36f-b04f-ad9f-666fad9e8acb at foobar.org>, Nick Hilliard <nick at foobar.org> wrote: >1. it's not the job of the RIPE NCC to make up for a short-fall of civil >legislation in this area, no matter how distasteful we might find the >consequences of this; OK. I'll bite! Whose job is it then? It would appear, based on your statement, that EVEN IF everyone on planet earth... or at least everyone in the european part of it... were to agree tomorrow that BGP hijacks are a massively serious problem requiring a speedy and stern response in all cases, your "solution" would be to have each and every legislative body in each and every country in europe set aside any and all of the other important work that they are doing so that each and every one of them can debate and pass legislation which would impose penalties for BGP hijacking. Is that really your proposed "solution"? To say that this "solution" is no solution at all would be a gigantic understatement. Are you, Nick, going to be the one who goes around to all of the legislatures of each and every one of the countries of europe and in each case demands that they immediately stop whatever elese they were doing and instead immediately take up legislation to make BGP hijacking an offense under law? I would like it noted for the record, that regardless of who among us would or could do this job... trying to convince all european national legislatures that they should each make BGP hijacking illegal... the actual likelihood of that actually happening, in practice, *even if* BGP hijacking were resulting in *deaths* every day, is virtually nill. Hell! There is a proven and well-known connection between money laundering and terrorist financing, and there are EU regulations already on the books that positively REQUIRE national legislatures to adopt anti-money-laundering legislation, AND YET THAT STILL HASN'T HAPPENED IN SEVERAL OF EU THE COUNTRIES THAT ARE COVERED BY THE DIRECTIVE! Reference: http://europa.eu/rapid/press-release_IP-18-4491_en.htm So, have I understood you correctly? Is it really your contention that even though european legislatures... or even just EU legislatures... still can't even get their acts together to outlaw money laundering and terrorist financing, nontheless, it is your position that we should leave it to them to outlaw BGP hijacking? Really?? Even if we set aside the total and self-evident absurdity of waiting around and hoping that all european national legislatures will step in and fix the problems that we, the technologists, have created for ourselves, I would still come back to the point I made earlier about self-reliance. Why should we be going, cap in hand, to national legislatures, begging them to fix a problem that *we* have created? Why shouldn't *we* take some responsibility for cleaning up our own dogpiles? I would argue that we have not only the moral, ethical, and legal right to do so, but also that we have the moral, ethical, and legal *responsibility* to so. Render therefore unto Caesar the things which are Caesar's, and unto God the things that are God's. We made the mess, and we can unmake it for ourselves. And we should. Trying to foist off the responsibility for solving problems of our own making onto national legislatures, is both improper and unseemly. Not only will it simply not work, as explained above, but worse, even the attempt will encourage various national legislatures to become more active and agressive in attempting to pass various bits of stupid "Internet" legislation, as they attempt to control the very thing that they, the politicians, least understand. >2. you can throw anything into a contract, but that doesn't mean it's >enforceable or even lawful. That is quite so. In my own country, any contractual provision which makes reference to a person's race would likely to tossed out. But if it is your contention that RIPE cannot make contractual stipulations about the use of IP addresses, then you are going to have to justify that entirely surprising claim. >In this particular case, the suggestion is for the RIPE NCC to start >making judgements about potentially legal actions between second or >third parties, potentially involving non-related resources and to deny >and/or withdraw number registration services on that basis. This does >not sound legally enforceable. I agree. The party that should be held responsible for a hijack *must* only be the party that engineered it. Anything beyond that strays into very dangerous waters indeed. >What complicates things further is that the RIPE NCC has an effective >monopoly for internet number registration services in this part of the >world. If withdrawal of these monopoly services were found to be >unlawful, this would be taken extremely seriously by any court or >regulatory authority. The withdrawal of resources granted under the terms of a contract BY DEFINITION cannot be unlawful if such withdrawal is done in accordance with, and under the explicit terms of the contract. If I rent you a car and there is a "no smoking" clause in the contract that allows for termination of the contract if you smoke in the car, and if I catch you smoking in the car, then I have the right to terminate the contract FOR CAUSE and in accordance with the contract. None of this is either new or unique or novel. In fact, exactly such contractual provisions are enforced every day, all around the world. Regards, rfg
- Previous message (by thread): [anti-abuse-wg] 2019-03 and over-reach
- Next message (by thread): [anti-abuse-wg] 2019-03 and over-reach
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]