<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-IN" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Ruediger has a nice full list of all the other ways a prefix can be mis-announced or route leaked. Typos, incompetence in setting up load balancers, so on and forth. However, the number of these
that are malicious and that’d be of interest to the AAWG, is much smaller, wouldn’t you say? <o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal" style="margin-bottom:12.0pt"><b><span style="font-size:12.0pt;color:black">From:
</span></b><span style="font-size:12.0pt;color:black">anti-abuse-wg <anti-abuse-wg-bounces@ripe.net><br>
<b>Date: </b>Tuesday, 17 December 2019 at 3:16 PM<br>
<b>To: </b>Ronald F. Guilmette <rfg@tristatelogic.com>, anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net><br>
<b>Subject: </b>Re: [anti-abuse-wg] FW: [aa-wg-chair] Draft Anti-Abuse WG Minutes from RIPE 79<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Unfortunately as far as I am aware he is not on the list, or at least I have never seen him post here.<br>
<br>
Brian<br>
Co-Chair, RIPE AA-WG<br>
<br>
Brian Nisbet <br>
Service Operations Manager<br>
HEAnet CLG, Ireland's National Education and Research Network<br>
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland<br>
+35316609040 brian.nisbet@heanet.ie <a href="http://www.heanet.ie">www.heanet.ie</a><br>
Registered in Ireland, No. 275301. CRA No. 20036270<br>
<br>
> -----Original Message-----<br>
> From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> On Behalf Of<br>
> Ronald F. Guilmette<br>
> Sent: Monday 16 December 2019 19:11<br>
> To: anti-abuse-wg@ripe.net<br>
> Subject: Re: [anti-abuse-wg] FW: [aa-wg-chair] Draft Anti-Abuse WG<br>
> Minutes from RIPE 79<br>
> <br>
> In message<br>
> <DB7PR06MB5017909EC93E301C76BA47C694510@DB7PR06MB5017.eurprd06<br>
> .prod.<br>
> outlook.com>, Brian Nisbet <brian.nisbet@heanet.ie> wrote:<br>
> <br>
> >Ruediger said that... [when] he looks at routing tables, he sees a lot<br>
> >of odd stuff including faked origin ASes, AS paths that are not<br>
> >technically valid, in RPKI – ROAs for ASNs that should not show up for<br>
> >public routing. Looking at RPKI, reputation does not help because in<br>
> >RPKI there are authorisation forecasts that are completely invalid.<br>
> <br>
> Due to my general ignorance of these matters, I would very much like to be<br>
> shown some real-world and current examples of each of the above three<br>
> alleged problems, i.e.:<br>
> <br>
> *) faked origin ASes<br>
> <br>
> *) AS paths that are not technically valid<br>
> <br>
> *) ROAs for ASNs that should not show up for public routing.<br>
> <br>
> I hope that Ruediger is on this list, and that he will provide me with at least<br>
> one or two examples of each of the above.<br>
> <br>
> My thanks to him in advance for this.<br>
> <br>
> <br>
> Regards,<br>
> rfg<o:p></o:p></p>
</div>
</div>
</body>
</html>