[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

On Fri, 29 Mar 2019, Sergey Myasoedov via anti-abuse-wg wrote:

> Hello community,

Hi Sergey, All,


> I strongly oppose to this proposal. The proposal gives a power for
> misuse to the RIR

I fail to understand how. The main concept of 2019-03 is that it isn't the 
RIR's role to evaluate if an intentional hijack was performed -- that 
should be the role of external, independent experts.

Btw, a similar policy proposal was published yesterday in LACNIC.


> and does not protect members against setup.

We aim to refine the proposal, so can you please specify exactly where 
the members might become "unprotected"?

The proposal was built with checks & balances in mind. If they are not 
enough, let's work towards solving that, so noone will feel "unprotected".


> I believe this policy have nothing to do in RIPE.

Quoting:
=========
> -----Original Message-----
> From: Sascha Luck [ml] <aawg at c4inet.net>
> Sent: Monday 25 March 2019 12:24
>
> I therefore argue that it is maybe time to have a discussion on what 
> exactly RIPE and the NCC should be and what, if any, limits on their 
> administrative power there should be.
> I hope, though, that everyone can at least agree that *this* is
> *not* the forum for that discussion.

To confirm, the Anti-Abuse WG is absolutely not the right forum for that 
discussion.

Thanks,

Brian
Co-Chair, RIPE AA-WG
=========

I understood this as "the Anti-Abuse WG is not the right forum to discuss 
the RIPE NCC's charter, the PDP or if any given proposal is admissible or 
not".



> It's better to issue it as a BCP document or an informational RFC.

I agree a BCP document can also be useful, so we'll start that as soon as 
possible.
However, having a clear statement within RIPE policies sends a much 
stronger message to anyone thinking about engaging in such practices.

Again, i want to point out the detail that anyone performing intentional 
hijacks _today_ (or last month or the previous year) is *not* within the 
proposal's scope -- if it happens to get accepted.

There are absolutely no rules *today* against (IP address space/ASN) 
hijacks, and this is precisely the gap 2019-03 aims to fix.


Best Regards,
Carlos Friaças



> --
> Sergey
>
> Tuesday, March 19, 2019, 1:41:22 PM, you wrote:
>
> MS> Dear colleagues,
>
> MS> A new RIPE Policy proposal, 2019-03, "BGP Hijacking is a RIPE
> MS> Policy Violation", is now available for discussion.
>
> MS> The goal of this proposal is to define that BGP hijacking is not
> MS> accepted as normal practice within the RIPE NCC service region.
>
> MS> You can find the full proposal at:
> MS> https://www.ripe.net/participate/policies/proposals/2019-03
>
> MS> As per the RIPE Policy Development Process (PDP), the purpose of
> MS> this four-week Discussion Phase is to discuss the proposal and
> MS> provide feedback to the proposer.
>
> MS> At the end of the Discussion Phase, the proposers, with the
> MS> agreement of the Anti-Abuse WG co-chairs, decide how to proceed with the proposal.
>
> MS> We encourage you to review this proposal and send your comments
> MS> to <anti-abuse-wg at ripe.net> before 17 April 2019.
>
> MS> Kind regards,
>
> MS> Marco Schmidt
> MS> Policy Officer
> MS> RIPE NCC
>
> MS> Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum
>
>
>
>