This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Carlos Friaças cfriacas at fccn.pt
Sun Mar 24 14:28:24 CET 2019

Hi Töma, All,

Again i think i understand the need to describe each and every detail in 
the next version.

I'm not going to deeply discuss "2021 & IPv6" -- it's something i would 
personnally love to see (i think Jordi might even prefer 2020 & IPv6), but 
unfortunately that is almost impossible... :/

About the "another LIR account I've obtained before" bit:

Again, i think a clarification is needed on the proposal -- the 
complaint/report filing mechanism should enable the person filing the 
report to state the actor and all it's identifiable "under control" 
companies and resources, meaning:

[LIR list]
<country_code_1>.<company_name_z>
<country_code_2>.<company_name_y>
<country_code_3>.<company_name_x1>
<country_code_3>.<company_name_x2>
<country_code_3>.<company_name_x3>

...could all be referenced within a single report.

This, logically, is easier to spot when the actor uses the same name in 
several companies' registrations (even if in different countries' 
registries). Then, if such actors prefer to use registrations in offshore 
places, spotting anything becomes obviously quite difficult. :-(

Regards,
Carlos

On Sun, 24 Mar 2019, Töma Gavrichenkov wrote:

> Peace,
>
>> A new RIPE Policy proposal, 2019-03, "BGP Hijacking is
>> a RIPE Policy Violation", is now available for discussion.
>
> Alright, folks, what I'm trying to do now is to stress the conditions.
>
> Let's say it's 2021 and IPv6 is fully deployed, and IPv4 is no more.
> [now no one could say I'm pessimistic, right?]
>
> How's that policy supposed to work then?
>
> E.g. I'm the attacker, I start the hijacking, I continue that for 10
> weeks until I'm denied membership.
> I don't lose any valuable address space at the time because it's just
> IPv6 which is totally disposable.
> I then switch to another LIR account I've obtained before, and start
> doing the same thing, at a cost of a generous sign-up fee.
>
> What's the value of the 2019-03 proposal then?
>
> --
> Töma
>

Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]