This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Gert Doering
gert at space.net
Sun Mar 24 11:52:50 CET 2019
Hi,
On Sun, Mar 24, 2019 at 02:08:53AM +0100, Töma Gavrichenkov wrote:
> E.g. I'm the attacker, I start the hijacking, I continue that for 10
> weeks until I'm denied membership.
> I don't lose any valuable address space at the time because it's just
> IPv6 which is totally disposable.
> I then switch to another LIR account I've obtained before, and start
> doing the same thing, at a cost of a generous sign-up fee.
>
> What's the value of the 2019-03 proposal then?
This is one of the aspects that makes me really sceptic of the value
of this proposal as written.
It will not stop determined miscreants, because the reaction time is
WAY too long, and the sanctions are irrelevant for someone who does this
on purpose. So it does not stop, and does not deter, and as such, does
not achieve the stated purpose.
On the other hand, it brings the RIPE NCC into difficult legal territory,
for all the reasons Nick and Sascha have written.
As such, I have decided that I can not support the policy as written,
and change my stance from "neutral" to "object".
Now, I do share the wish to "do something!!" against BGP hijacking.
So, maybe a more workable way forward would be to change this into a BCP
("the RIPE anti-abuse community states with full backing from the RIPE
community that BGP hijacking, as defined in <reference>, is considered
unwanted behaviour") - and *then* use that on a commercial/peering basis
among transit ISPs to strengthen the message "we want *you* to filter
your customer BGP sessions, because that's the proper way to run a network!".
Sometimes just agreeing on a written-down message already helps on other
fronts.
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20190324/7863c5c3/attachment.sig>
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]