<div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Mar 19, 2019 at 1:42 PM Marco Schmidt <<a href="mailto:mschmidt@ripe.net">mschmidt@ripe.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Dear colleagues,<br>
<br>
A new RIPE Policy proposal, 2019-03, "BGP Hijacking is a RIPE Policy Violation", is now available for discussion.<br>
<br>
The goal of this proposal is to define that BGP hijacking is not accepted as normal practice within the RIPE NCC service region.<br>
<br>
You can find the full proposal at:<br>
<a href="https://www.ripe.net/participate/policies/proposals/2019-03" rel="noreferrer" target="_blank">https://www.ripe.net/participate/policies/proposals/2019-03</a><br>
<br></blockquote><div><br></div><div><div class="gmail_default" style="font-family:verdana,sans-serif">From the policy:</div><div class="gmail_default" style="font-family:verdana,sans-serif">"The RIPE NCC will define a pool of worldwide experts who can assess whether reported BGP hijacks constitute policy violations. Experts from this pool will provide a judgement regarding each reported case, no later than four weeks from the moment the report was received."</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">This seems like a reasonable approach, but I still worry about the possibility of abuse of the policy.</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">As a hypothetical example: </div><div class="gmail_default" style="font-family:verdana,sans-serif">I'm AS1. I'm in a feud with Job (he called my hat ugly...) who runs AS2, and is a peer of mine. I decide to get even by announcing all sorts of address space, and prepending AS2 to the announcements. I then report Job as a hijacker. </div><br></div><div><div class="gmail_default" style="font-family:verdana,sans-serif">“Networks Affected”: AS1, AS17, AS1234</div><div class="gmail_default" style="font-family:verdana,sans-serif">“Offender ASN”: AS2 </div><div class="gmail_default" style="font-family:verdana,sans-serif">“Hijacked Prefixes”: [ long list of things ]</div><div class="gmail_default" style="font-family:verdana,sans-serif">“Timespan”: last Thursday, 8:00AM.</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">Yes, in this case it won't be too hard to figure out it was me, but I do see that this could be abused in various ways. </div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">Please note, I *really* support the proposal, but care will need to be taken to watch for false-flag operations, and the experts should take care to watch for this possibility.</div><div class="gmail_default" style="font-family:verdana,sans-serif">I'm also a bit concerned about the initial workload for the experts... </div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">W</div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
As per the RIPE Policy Development Process (PDP), the purpose of this four-week Discussion Phase is to discuss the proposal and provide feedback to the proposer.<br>
<br>
At the end of the Discussion Phase, the proposers, with the agreement of the Anti-Abuse WG co-chairs, decide how to proceed with the proposal.<br>
<br>
We encourage you to review this proposal and send your comments to <<a href="mailto:anti-abuse-wg@ripe.net" target="_blank">anti-abuse-wg@ripe.net</a>> before 17 April 2019.<br>
<br>
Kind regards,<br>
<br>
Marco Schmidt<br>
Policy Officer<br>
RIPE NCC <br>
<br>
Sent via RIPE Forum -- <a href="https://www.ripe.net/participate/mail/forum" rel="noreferrer" target="_blank">https://www.ripe.net/participate/mail/forum</a><br>
<br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature">I don't think the execution is relevant when it was obviously a bad idea in the first place.<br>This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants.<br> ---maf</div></div></div></div>