<br><br><div class="gmail_quote">On Thu, Mar 29, 2012 at 2:23 PM, Shane Kerr <span dir="ltr"><<a href="mailto:shane@time-travellers.org">shane@time-travellers.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Some people want someone to force ISP's to take responsibility for<br>
fixing abuse originating in their networks. The natural place for this<br>
enforcement appears to them to be the RIPE NCC (*).<br></blockquote><div><br>The issue isn't forcing ISPs to fix abuse at all - lots of blocklists and whatever else for that.<br><br>The issue is making sure that the bad guys are simply not able to get themselves a /15 whenever they like simply because the paperwork verification is close enough to nonexistent.<br>
<br>As for "picking on RIPE NCC", do please let me know if another RIR with an LIR model AND a bunch of criminals who have got the idea of setting themselves up as LIRs <br><br><br></div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Contrariwise, the RIPE NCC is unable to unwilling to change its role<br>
from a fundamentally administrative to one that involves setting<br>
network usage policies. This involves risks in terms of anti-trust<br>
regulators, need to carefully define the limits of control, and setting<br></blockquote><div><br>This is an entirely strawman set of arguments. Can you please explain to me what part of SOCA's proposals about crosschecking ID / email address etc triggers a single antitrust regulation? Or a privacy regulation for that matter?<br>
<br></div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
On the 3rd hand, some people in the RIPE community (including me)<br>
also feel that it is very, very difficult to define what the required<br>
actions would be in the case of reported abuse. This reporting<br>
mechanism itself might indeed be a source of abuse (rivalries between<br>
companies could be fought by each accusing the other of hosting<br>
criminal activity).<br></blockquote><div><br>You might actually know if there's criiminal activity actually hosted there? As in some random guy asking "do you beat your wife" versus a lot of people coming up and saying that there's often scenes like loud arguments, screams, the sounds of blows / slaps etc being dealt, your wife turning up in public crying and with a black eye etc? ["generic you" of course], followed by a quick check that simply says you're a bigamist and so the marriage just wasn't valid, obtained under false pretences.<br>
<br>Yes the analogy is stupid. Thank you in advance for pointing that out.<br><br></div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
about it. So, you might see that ISP ShaNet has working e-mail for<br>
abuse, but nobody ever sees any action beyond automated response. Such<br>
reports could be useful for people who *can* investigate and do<br>
something, such as law enforcement or regulators.<br></blockquote><div><br>Various blocklists and antispam forums / security lists do discuss that. However the point here is entirely different.<br><br>Let us put it this way - provider X has lax security policies, hosts a bunch of spammers and has a ton of blocklist listings. But it also has legitimate customers and does provide what it says it provides - colo services.<br>
<br>Provider Y in Eastern Europe is a front for a botmaster, hosts nothing but bot traffic and got itself an assigned-PA or PI /20 from RIPE NCC, after telling RIPE NCC its going to host whatever .. say some guy's family dog's homepage.<br>
<br>The point here is not crowdsourcing opinion about a CIDR. The point is getting hostmasters to see the difference between provider X and provider Y, and see if they can't give X a /20 and deny Y his /20.<br><br></div>
SOCA appears to have a workable and standards based, complaint with european law, model there, as it happens.<br><br>--srs<br>
</div>