[anti-abuse-wg] 2019-03 and over-reach

On Sat, 23 Mar 2019, Lu Heng wrote:

(...)
> And for the record, it?s in my short term interest to have that policy 
> as we do suffer from time to time hijackings, and I made presentation in 
> this working group how more half million of our IP get hijacked for half 
> a year. But for the long term stability of the registry, or the internet 
> as a whole, in which in all my interest to protect, I really like to see 
> community avoid policy like that.

Dear Lu Heng, All,

I suppose you have customers.

What you wrote above makes me wonder about:

1) The hijackings you mentioned also affect your customers, right?

2) Do you or your customers report these hijackings (and their impact) to 
somebody?

3) Is it in your customers' best interest to do nothing?

4) Is it in your customers' best interest to "protect" the lack of rules 
about hijacking at registry level?

As i understand it, if someone provides the RIR with falsified data, they 
expose themselves to have a LIR closure (i.e. RIPE-716). Imho, having 
this rule in place is protecting the RIR's long term stability -- the 
point about 2019-03 is that someone doing persistent intentional hijacks 
should be subject to the same "risk".


I've looked for your presentation, and found it (at RIPE 72). I especially 
like your slide which has: "Hijacker ARE NOT HIDING, THEY ARE RUNNING IT 
LIKE REAL BUSINESS" -- this is an exact quote, uppercase included :-)

At the time you wrote/presented this, did you identify the hijacker(s), 
and were they also operating one or more LIRs?

I understand your point about partial visibility. With 2019-03 in place, i 
think the incentive for anyone to share their routing view will increase, 
as a way of protection -- i see it as "community protection".

Thanks for your input. I hope you can help fine tune the proposal, in a 
way that your concerns about registry (in)stability and Internet as a 
whole (in)stability can be solved.


Best Regards,
Carlos Friaças