[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

On Sun, 31 Mar 2019, Richard Clayton wrote:

(...)
> I meant that the experts cannot ever be absolutely certain that their
> evaluation is correct -- though of course they can be correct in their
> nuanced assessment.

I've been thinking about Cynthia Revstrom's argument, and now i'm thinking 
if unanimity between all experts in every case is a needed "feature".



>> In the summer of last year, 2018, I took steps to point out, in a very public
>> way, on the NANOG mailing list, two notable hijacking situations that came
>> to my attention *and* also to identify, by name, the actors that were quite
>> apparently behind each of those.  In neither of those instances was there
>> ever even any serious attempt, by either of the relevant parties, to refute
>> -any- of my very public allegations.
>
> If they had refuted the allegations then it would have become rather
> complicated and it would have come down to one entities word against
> another and perhaps the examination of documentary evidence of what
> arrangements had been authorised (and then perhaps forensic assessment
> of the authenticity of those documents).

Afaik, some allegations were made in response to Mr.Krebs questions, 
however, as far as i've seen ASNs sourcing hijacks and the direct transit 
ASN kind of vanished some days later.


> Some BGP hijacking cases have been prosecuted on the basis of the
> forging of documents rather than on the hijack per se.

Really? in courts? i'll be very interested to know in which jurisdictions.

I don't have any doubt that if someone hijacks a prefix or sub-prefix from 
a mobile operator, consequences in justice should be unavoidable... But 
regarding Internet prefixes (or ASN) i'm really unaware of any case.


> I agree that it can be pretty clear what has gone on and the accused
> then helpfully acts in such a way as to make it clear to everyone that
> they were "guilty" (or individual peers assess the situation from their
> own standpoint and decide that they do not have an obligation to carry
> the traffic).

If peers share their routing view publicly (i.e. peering with RIS) then 
anyone should be able to assess :-)



> However, it is not necessarily clear at all and writing a policy which
> assumes that it will always be clear is in my view unwise.

I don't think this is the case of 2019-03.

Cases/reports where there is unsufficient evidence or where there is any 
kind of doubts should be dismissed.

2019-03 aims to create an inexistent rule, that could lead to 
consequences, but it isn't trying to define those consequences are 
mandatory to be implemented in a 1st instance, 2nd instance, 3rd instance 
and so on. That should be left to the already existing concept of 
"repeateadly policy violations"



> Assuming that experts will always be able to determine who is at fault
> (along with deciding whether an event they know little of is accidental
> or deliberate) is to live in a world that I do not recognise.

If they are not able, then a case should be dismissed. Simple as that.


> If the policy stopped at the statement that unauthorised BGP hijacking
> was unacceptable behaviour then I would be happy with it. Adding all the
> procedural stuff about how BGP hijacking will be (easily of course)

We can rephrase/review it in version 2.0.


> detected and exotic details about experts and report forms and time
> periods is (a) irrelevant to establishing the principle and (b)
> cluttered with false assumptions and unhelpful caveats and (c) way too
> formalised to survive dealing with some real examples.

Some people seem to want the exact some opposite, a process to be detailed 
in its every aspect.


Thanks.

Best Regards,
Carlos


>
> -- 
> richard                                                   Richard Clayton
>
> Those who would give up essential Liberty, to purchase a little temporary
> Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
>