This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group
- Previous message (by thread): [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group
- Next message (by thread): [anti-abuse-wg] Agenda Update: AA-WG Session @ RIPE88
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alessandro Vesely
vesely at tana.it
Mon May 13 11:28:50 CEST 2024
On Fri 10/May/2024 13:57:44 +0200 Nick Hilliard wrote: > Serge, > > there's been extensive debate on AAWG over the years about the principles > behind your additional suggestions below, but very little consensus. If > sanctioning is added to the charter of a new security-wg, this lack of > consensus is likely to continue, and the only outcome will be that the WG will > be distracted from other productive output. Sanctioning has various meanings, from penalties and coercive measures to hinder or discouragement. Before putting that into the charter we should discuss and reach consensus about what meaning we exactly mean, which includes clarifying what leeway is the RIPE NCC allowed. At a minimum, listing proven bad actors must be possible. > I understand why you might want it in there, but punitive action is not > within the remit of the RIPE NCC. Similarly on point 2, advocacy is > important, but requirement / enforcement is out of scope for both the RIPE > Community and RIPE NCC. Implementing solutions and utilities is certainly in scope. Best Ale > Serge Droz via anti-abuse-wg wrote on 10/05/2024 07:21: >> >> Hi Leo >> >> It's more about sharpening the focus. I colored this red below. I feel >> eventually the RIPE NCC must adapt stronger policies to punish non-action or >> disregard of action. I think it would be better if this WG comes up with such >> policies which the RIPE NCC can then adopt (or not) rather than the RIPE NCC >> having to react to external pressure, e.g. from policy makers, in particular >> the EU. I'm sure one can formulate this much better. I firmly believe, that >> there is no way around stronger regulation, and I'd much rather see this >> coming from this community than form the outside. The regulators i see and >> work with are increasingly irritated and react with totally inadequate >> demands, which I wont reproduce here. >> >> 1. Identifying and analyzing emerging security threats and vulnerabilities >> affecting Internet infrastructure. >> 2. Collaborating with stakeholders, in particular the RIPE community, to >> develop and advocate and implement best practices, guidelines, and >> standards for securing Internet resources. >> 3. Facilitating information sharing and cooperation among network operators, >> law enforcement, and relevant entities to mitigate security risks. >> 4. Providing education, training, and outreach initiatives to raise >> awareness of security issues and promote best practices adoption. >> 5. Develop policies recommendations to the RIPE NCC that help enforcing good >> behavior and sanction disregard for faccepted security standards. This >> includes the definition of acceptable minimal standards. >> >> Best regards >> Serge
- Previous message (by thread): [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group
- Next message (by thread): [anti-abuse-wg] Agenda Update: AA-WG Session @ RIPE88
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]