[anti-abuse-wg] Report & Co-Chair's Decision on Proposal 2019-04

I am disputing your methodology in determining consensus.

If I didn't know that you expected me to offer support for this proposal,
neither did anyone else.



___


On Tue, Sep 8, 2020 at 1:36 AM Brian Nisbet <brian.nisbet at heanet.ie> wrote:

> Thank you for the clarification, albeit I would ask you not to launch into
> attacks when doing so.
>
> Even given that I do not believe it makes any difference to the overall
> decision from the Co-Chairs.
>
> I would suggest that you look at the resources on
> https://www.ripe.net/participate/policies which explain the various
> phases.
>
> Equally, the comments made during the Discussion Phase were taken into
> account.
>
> Brian
> Co-Chair, RIPE AA-WG
>
> Brian Nisbet
>
> Service Operations Manager
>
> HEAnet CLG, Ireland's National Education and Research Network
>
> 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
>
> +35316609040 brian.nisbet at heanet.ie www.heanet.ie
>
> Registered in Ireland, No. 275301. CRA No. 20036270
> ------------------------------
> *From:* anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> on behalf of JJS
> JJS <no0484985 at gmail.com>
> *Sent:* Monday 7 September 2020 16:27
> *To:* anti-abuse-wg at ripe.net <anti-abuse-wg at ripe.net>
> *Subject:* Re: [anti-abuse-wg] Report & Co-Chair's Decision on Proposal
> 2019-04
>
>
> CAUTION[External]: This email originated from outside of the
> organisation. Do not click on links or open the attachments unless you
> recognise the sender and know the content is safe.
>
> That fact that you classify my email as being on the "no" argument, shows
> how misguided you are.
>
> Not for one second was I against this proposal, just the point about
> mandating emails.
>
> There is no consensus "against" this proposal.
>
> Your methodology of surveying views is so warped, it is unbelievable.
>
> ------
>
>
> On Tue, Sep 8, 2020 at 1:19 AM Brian Nisbet <brian.nisbet at heanet.ie>
> wrote:
>
> Colleagues,
>
> A few weeks ago we reached the end of the latest review phase for 2019-04.
> The Co-Chairs have worked closely with the NCC Policy Development Office
> since then to try to make a decision on this policy. This email contains a
> report on the Discussion Phase and Review Phase and then a final decision
> which, we believe, is supported by the activity during those phases.
>
> As always, this is underpinned by the RIPE PDP -
> https://www.ripe.net/publications/docs/ripe-710
> <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ripe.net%2Fpublications%2Fdocs%2Fripe-710&data=02%7C01%7C%7C52743e2d79214186604e08d8534291ff%7Ccd9e8269dfb648e082538b7baf8d3391%7C0%7C0%7C637350892677909839&sdata=5AZsDBvQNpP7S%2Brm07cWbqf2buJv33M%2BRA2HtZwDCgI%3D&reserved=0>
>
> Discussion Phase:
>
> There was some clear support for the policy during the Discussion Phase.
> This came from:
>
> Serge Droz, who felt that it would help in a number of cases and that an
> inability to answer an e-mail every six month probably indicated underlying
> issues. He also felt it would allow the community to understand who was
> doing good work and who wasn't, and it will prevent organisations from
> saying they never received a report. He also pointed out some of the
> difference in reaction between the security and operator communities on
> this policy.
>
> Carlos Friacas, agreed that it would help, but not solve all problems. He
> also flagged that if "deregistration" was not a possible outcome for a
> continuous failure to validate, then the outcome of transparency would
> still be positive, but did say that must be balanced against the NCC Impact
> Analysis.
>
> Jordi Palet Martinez, the proposer, was, of course, in favour, but also
> reacted to a number of voices against the proposal:
> - The job of the RIPE NCC is to implement the policies agreed by the
> community.  I believe is perfectly understandable the need to avoid using
> manual forms which don't follow a single standard, which means extra work
> for *everyone*. (Responding to Nick Hilliard)
> -  The actual policy has a bigger level of micro-management, by setting
> one year and not allowing the NCC to change that. (Responding to Nick
> Hilliard)
> - The problem of a form is that is not standard. This is economically
> non-sustainable and means that the cost of the abuse cases is on the back
> of the one actually reporting. (Responding to No No)
> - The actual validation is not working, it is just a technical validation
> (responding to Gert Doering)
> - The community prefers to do things in steps, we initially asked for an
> abuse mailbox, we then added a technical validation, now we are asking for
> a better validation. I am not asking to verify if you handle abuse case or
> not and I am not asking to take any new actions.
>
> Angel Gonzalez Berdasco suuported the proposal, but also made multiple
> comments on a different approach, including an abuse-uri and highlighted
> that standarising the communications was important.
>
> A number of people spoke in clear opposition.
>
> Nick Hilliard stated that it is not the job of the RIPE NCC to tell its
> members how to handle abuse reports. He further said that the is
> self-contradictory, intrusive into NCC membership business processes and
> there is no compelling reason to believe that the proposal will end up
> reducing the amount of abuse on the internet.
>
> Gert Doering said that if people *do not want* to handle abuse reports,
> this proposal will not make them and that cases of misconfiguration are
> already caught today.
>
> No No did not want anyone to be restricted in how they received abuse
> reports.
>
> Michele Neylon opposed the proposal and agreed with the points made by
> Nick.
>
> A number of other people posted either with mixed comments, or in a way
> that did not make it clear where they stood on the proposal:
>
> Job Snijders, Elad Cohen, Alistair Mackenzie, Suresh Ramasubramanian,
> Hans-Martin Mosner, Shane Kerr, Sascha Luck, Arash Naderpur, Richard
> Clayton, Alessandro Vesely, Randy Bush
>
> The Review Phase of the proposal lasted from 20 July 2020 to 18 August
> 2020.
>
> There were 14 messages received during the review phase. Out of which, 3
> were from the PDO, 1 was myself's and 2 were Jordi’s requesting
> clarification on the Impact Analysis.
>
>  - There was no messages of support to the proposal.
>
> There was one message stating that the form is more beneficial than email
> to report abuse because it always reaches the host to which Jordi tried to
> address stating that email can be automated whilst forms can not.
>
>  - There were opposing arguments based on two fronts:
>
> 1) Nick Hilliard and Erik Bais commented that the effort and cost to
> implement this proposal are too great in relations to the benefits that are
> alleged.
>
> 2) Michele Neylon and Arash Naderpour commented that they oppose forcing
> operators to use only email for handling abuse reports and internal
> handling procedures should be solely defined by the operator.
>
> Nick Hilliard and Michele Neylon also requested the proposal to be dropped
> as concerns raised over the last 18 months have not been addressed and
> tweaking this proposal would not add any value.
>
> There was no attempt to address the opposing arguments above during the
> review phase.
>
> With all of this in mind, and with the continued failure of any kind of
> consensus from the working group, the Co-Chairs have decided to withdraw
> this proposal. As always we would welcome proposals on this and other
> matters, however we do not feel that there is any likelihood of 2019-04,
> regardless of possible edits, reaching consensus in the short or medium
> term.
>
> Alireza, Brian, Tobias
> Co-Chairs, RIPE AA-WG
>
> Brian Nisbet
>
> Service Operations Manager
>
> HEAnet CLG, Ireland's National Education and Research Network
>
> 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
>
> +35316609040 brian.nisbet at heanet.ie www.heanet.ie
> <https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.heanet.ie%2F&data=02%7C01%7C%7C52743e2d79214186604e08d8534291ff%7Ccd9e8269dfb648e082538b7baf8d3391%7C0%7C0%7C637350892677909839&sdata=zECAlNSlhfdANfCkiTRmtnJA1zFr3%2F59poSOQm2Fta0%3D&reserved=0>
>
> Registered in Ireland, No. 275301. CRA No. 20036270
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20200908/dce94484/attachment.html>