<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<div>
<div>
<div>
<div style="direction: ltr;">But if a policy asking ripe ncc to investigate fraud and withdraw resources were to be proposed we would again hear the "we are not the internet police" trope :(</div>
</div>
<div><br>
</div>
<div class="ms-outlook-ios-signature">
<div style="direction: ltr;">--srs</div>
</div>
</div>
<div> </div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="dir="ltr""><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Alex de Joode <alex@idgara.nl><br>
<b>Sent:</b> Friday, May 17, 2019 11:32 AM<br>
<b>To:</b> Suresh Ramasubramanian<br>
<b>Cc:</b> anti-abuse-wg@ripe.net<br>
<b>Subject:</b> Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
<div> </div>
</font></div>
<meta content="text/html; charset=utf-8">
<style id="axi-htmleditor-style" type="text/css">
<!--
p
{margin:0px}
-->
</style>"<span style="font-size:13.3333px">a case where the resources are withdrawn based only on the fact there was no reply to the abuse-mailbox validation email"</span><br>
<div class="x-axi-signature"><br>
</div>
<div class="x-axi-signature">You should high light the word 'only'. </div>
<div class="x-axi-signature"><br>
</div>
<div class="x-axi-signature">The ARIN case has nothing to do with -only- not answering the validation mail. It actually attacks a business model build on providing a cybercrime infrastructure. The proposed policy will not be able to accomplish this.</div>
<div class="x-axi-signature"><br>
<div class="x-axi-signature" style="font-size:10pt; font-family:">--
<div>IDGARA | Alex de Joode | +31651108221</div>
</div>
</div>
<br>
On Fri, 17-05-2019 7h 47min, Suresh Ramasubramanian <ops.lists@gmail.com> wrote:<br>
<blockquote style="margin-left:10px; padding-left:10px; border-left:1px solid #ccc">
<div style="">
<meta content="text/html; charset=utf-8">
<div>
<div>
<div>
<div style="direction:ltr">How was ARIN able to reclaim 750k IPs showing fraud including shell company setup then? The USA is if anything even more litigious than Europe is.</div>
<div><br>
</div>
<div style="direction:ltr">You also go to court with "clean hands", so if the invalid abuse contact is also accompanied by a proliferation of malware etc a judge may not react the same way they would when faced with a situation where the ripe contact was sick,
on vacation or just plain negligent.</div>
<div><br>
</div>
</div>
<div><br>
</div>
<div class="ms-outlook-ios-signature">
<div style="direction:ltr">--srs</div>
</div>
</div>
<div> </div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="dir="ltr""><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Alex de Joode <alex@idgara.nl><br>
<b>Sent:</b> Friday, May 17, 2019 11:02 AM<br>
<b>To:</b> anti-abuse-wg@ripe.net<br>
<b>Subject:</b> Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
<div> </div>
</font></div>
<meta content="text/html; charset=utf-8">
<style id="axi-htmleditor-style" type="text/css">
<!--
p
{margin:0px}
-->
</style><span style="font-size:13.3333px">I beg to differ.</span>
<div style="font-size:13.3333px"><br>
</div>
<div style="font-size:13.3333px">The ripe membership set's the policy;</div>
<div style="font-size:13.3333px">Ripe enforces the policy;</div>
<div style="font-size:13.3333px">If a ripe member has it's resources withdrawn due the policy and the enforcement of the policy, the ripe member can go to court in The Netherlands (see contact between member and ripe);</div>
<div style="font-size:13.3333px">The Amsterdam court will apply the proportionality test to a case where the resources are withdrawn based only on the fact there was no reply to the abuse-mailbox validation email;</div>
<div style="font-size:13.3333px">The Amsterdam court will find this action is unreasonable;</div>
<div style="font-size:13.3333px">The Amsterdam court will force ripe to re-instate the resources;</div>
<div style="font-size:13.3333px">The Amsterdam court will be liable for any and all damages the ripe member suffered.</div>
<div style="font-size:13.3333px"></div>
<div class="x-axi-signature"><br>
<div class="x-axi-signature" style="font-size:10pt; font-family:">--
<div>IDGARA | Alex de Joode | +31651108221</div>
</div>
</div>
<br>
On Fri, 17-05-2019 4h 49min, Fi Shing <phishing@storey.xxx> wrote:<br>
<blockquote style="margin-left:10px; padding-left:10px; border-left:1px solid #ccc">
<div>This "proportionality" test you speak of,</div>
<div> </div>
<div>has as much relevance to the regulating of internet resources, as "freedom of speech" does to regulating internet forum membership</div>
<div> </div>
<div> </div>
<div>(no relevance at all).</div>
<div> </div>
<div> </div>
<div> </div>
<div> </div>
<div> </div>
<div> </div>
<div> </div>
<blockquote class="threadBlockQuote" style="border-left:2px solid #C2C2C2; padding-left:3px; margin-left:4px">
--------- Original Message ---------
<div>Subject: Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")<br>
From: "Alex de Joode" <alex@idgara.nl><br>
Date: 5/16/19 4:56 pm<br>
To: "JORDI PALET MARTINEZ" <jordi.palet@consulintel.es><br>
Cc: anti-abuse-wg@ripe.net<br>
<br>
On Fri, 17-05-2019 1h 45min, JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:<br>
<blockquote style="border-left:1px solid #cccccc; margin-left:10px; padding-left:10px">
<div>Hi Nick,<br>
<br>
[..]<br>
<br>
Anyone failing in repetitive ocassions to comply with policies is subjected to further NCC scrutiny, including account closure. This is a different policy already in place. If we don't like that, we should change that policy, but then we don't need policies
anymore. Policies are the rules for the community to be respected by all, and not having an administrative enforcement by the NCC is the wilde west.</div>
</blockquote>
<div>It is an illusion to think ripe can suspend/withdraw resources if an organisation does not reply to a abuse validation request. That simply will not pass the proportionality test needed under Dutch law. So you will have no recourse. (Only if you can prove
the entity has registered with false creditials (Due Diligence by new members takes care of this) -and- the entity is active in a criminal enterprise, you might have a case) </div>
<div> </div>
<div>Cheers,</div>
<div>Alex</div>
</div>
</blockquote>
</blockquote>
</div>
</div>
</blockquote>
</div>
</body>
</html>