[members-discuss] Regarding Elad Cohen's nomination and emails

Hi Elad

 

I’m glad you have come back with cogent rebuttals to my pointing out short
comings

I’d like to state that many of the matters I raised are not unsurmountable
but whether they are economically and technically feasible does remain to be
seen. A working POC would better demonstrate this. 

 

I will advise specifically that just thinking BGP anycast alone will solve
all your problems is fairly short sighted. To give an example, Database
replication cannot be simply engineered into being with BGP anycast only.
Once a system is in operation yes maintenance might be relatively low but
the level of expertise to implement such a complex system should not be
under-estimated. It would need one extremely well co-ordinated team for
initial project and it would still need a reasonably well resourced team to
maintain going forward because again database replication for one is not
something you can set and forget, its health needs to be carefully and
continuously monitored. I can’t speak in much more depth because there isn’t
a detailed technical architecture to comment on at this stage. These are
just some of the things you would need to consider and architect around

 

The main problems of your proposal are still fundamentally trust based and
the need to get the entire ecosystem using it for it to actually work, and
you can refer to the whole IPv6 rollout as a good example of the
difficulties of getting worldwide adoption – it will take years even if you
get the RIR’s and ccTLD’s on board! I still don’t see a sensible way of
gaining trust in a centralised management model and I unfortunately don’t
have any better suggestions at this time for the specific use case

 

From: Elad Cohen <elad at netstyle.io> 
Sent: Monday, April 27, 2020 2:09 PM
To: anthony.somerset at cloudunboxed.net; 'Cynthia Revström' <me at cynthia.re>;
'Sascha Luck [ml]' <ripe-md at c4inet.net>
Cc: members-discuss at ripe.net
Subject: Re: [members-discuss] Regarding Elad Cohen's nomination and emails

 

Anthony,

 

Everything that you wrote here are false and incorrect, I only responded to
a person that was called an antisemitic and a racist, not by me, but by many
other people in the Nanog list.

 

*	There is comments that “could” be considered defamatory – especially
when there is limited to no evidence to prove the comment
*	You continue to harass/bully/attack other members of the list just
because they don’t agree with your opinion
*	You are continuing to throw accusations around again without
material evidence.
*	You are wishing to run for a position of authority which arguably
calls you to a far higher standard with regards to how you put your message
across

 

 

My comments below in green regarding the fallacies that you raised:

 

*	The required infrastructure globally would be phenomenal - Spamhaus
already have such infrastructure in place and they are being sponsored (they
don't sell a service at spamhaus.org), so it is feasible
*	It would also require far more systems level expertise than is
realised (think database replication/caching etc) – especially when you
compare this to say, operating one of the root level nameservers or AS112 or
RPKI - If system are designed well and developed well then maintenance is
low, I don't see this problem as you do
*	It would for many place an unacceptable “single” point of failure in
your proposed system - Bgp anycast deployment will avoid it
*	Who would pay for this service? How? What is the pricing model? -
RIRs + ccTLDs Registries , and after it the many site owners that will want
their newsletters to reach the mailboxes with 100% reliability
*	Centralising the management has issues - for stability issues bgp
anycast will be used, for security and privacy issues - hashing will be
used, currently each newsletter subscribers are also centralized, for
example mailchimp is a centralized service with many 'mailing list' email
addresses. And mailing lists owner will not be obligated to use NoSpam.org -
they will still be able to use MailChimp or to save their newsletter system
locally - in this case they shouldn't send newselleter with
links/images/url's - if their subscribers are using upgraded email clients,
simple mailing lists with simple plain text will reach the inboxes - no
matter if the domain owner will choose to create a mailing list through
NoSpam.org or to implement it on his server with a 3rd party newsletter
software.
*	DATA protection/GPDR compliance – just because its hashed doesn’t
make you any less responsible - There will be a checkbox in the registration
form for the end-user for accepting terms and privacy policy, and any domain
owner that will open an account at NoSpam.org will also have a checkbox that
he read the terms and privacy policy.
*	Risk of hash collisions? – is this an issue to be concerned about?
It's a good point, hashes can be splited - meaning that each email address
will have two hashes - for the two parts before and after @ , in order to
minimize the risk of hash collision, in a rare case of collision the
end-user will see a newsletter that was emailed directly to him but the user
didn't subscribe for it, the user will be able to blacklist.
*	Like Root Certificates – getting mail client vendors to update just
for your system is going to be exceptionally difficult if not impossible) -
once the 5 RIRs and the ccTLDs are ready for this task - I believe that with
all of their power it will be possible to recruit client vendors to update.

 

 

Respectfully,

Elad

  _____  

From: anthony.somerset at cloudunboxed.net
<mailto:anthony.somerset at cloudunboxed.net>
<anthony.somerset at cloudunboxed.net
<mailto:anthony.somerset at cloudunboxed.net> >
Sent: Monday, April 27, 2020 2:35 PM
To: Elad Cohen <elad at netstyle.io <mailto:elad at netstyle.io> >; 'Cynthia
Revström' <me at cynthia.re <mailto:me at cynthia.re> >; 'Sascha Luck [ml]'
<ripe-md at c4inet.net <mailto:ripe-md at c4inet.net> >
Cc: members-discuss at ripe.net <mailto:members-discuss at ripe.net>
<members-discuss at ripe.net <mailto:members-discuss at ripe.net> >
Subject: RE: [members-discuss] Regarding Elad Cohen's nomination and emails 

 

Wow well over 100 emails over the weekend on this topic


 

For the record – I have no ties to the Spamhaus project, I don’t personally
use it and I can’t say I knowingly know anyone connected to the project in
any material way

 

Elad – your behaviour and your responses continue to be inflammatory in
nature (among other things) despite a good many people saying enough now.
Please just stop.

 

Its one thing to have an opinion and air it – I would not want to prevent
this from happening but its another thing entirely when

 

*	There is comments that “could” be considered defamatory – especially
when there is limited to no evidence to prove the comment
*	You continue to harass/bully/attack other members of the list just
because they don’t agree with your opinion
*	You are continuing to throw accusations around again without
material evidence.
*	You are wishing to run for a position of authority which arguably
calls you to a far higher standard with regards to how you put your message
across

 

Remember you have a right to your opinion, just like we also respectively
have the right not to listen to it and/or pick it apart as long as we all
keep things civilised and follow the relevant good conduct guidelines in
effect.

 

This behaviour would quite frankly get you fired at many companies so why do
you consider it acceptable here? You ultimately only are making yourself
look worse

 

To the Ripe NCC Moderators/Admin team – if there is some formal channel that
I can now make my complaint known or to request at the very least an
immediate moderation of Elad Cohen’s submissions to this mailing list please
urgently advise. I would like to formally agree with Cynthia and others’
complaints on this matter

 

Back to the “idea” that triggered this particular wave of arguments, there
are a huge number of fallacies with the idea

 

*	The required infrastructure globally would be phenomenal
*	It would also require far more systems level expertise than is
realised (think database replication/caching etc) – especially when you
compare this to say, operating one of the root level nameservers or AS112 or
RPKI
*	It would for many place an unacceptable “single” point of failure in
your proposed system
*	Who would pay for this service? How? What is the pricing model?
*	Centralising the management has issues
*	DATA protection/GPDR compliance – just because its hashed doesn’t
make you any less responsible
*	Risk of hash collisions? – is this an issue to be concerned about?
*	Like Root Certificates – getting mail client vendors to update just
for your system is going to be exceptionally difficult if not impossible)

 

Now on the matter of centralising the running of such a system is
problematic, especially when you consider that this system is fundamentally
a trust based system, you are relying in faith that the responsible
guardians of said systems are to be trusted to act responsibly and not to
the detriment of others. For some operators in the internet space there are
known issues of people doing bad stuff (BGP hijacking, internet shutdowns
etc) and I know of at least one RIR (not RIPE) that has not exactly operated
fully within their own constitutional mandate and processes in recent times.
A good friend of mine and work colleague, Andrew Alston, recently wrote a
related article about trust and centralisation as it relates to RPKI -
https://www.linkedin.com/pulse/rpki-things-being-considered-andrew-alston/ a
lot of the comments made there probably equally apply to any proposed mail
filtering solution.

 

To be totally frank – the only real way to solve the email spam problem is
just to turn off email entirely and replace it with some other better
architected solution, everything else is realistically a band-aid that
people will find ways around.

 

Kind Regards

Anthony Somerset

 

From: members-discuss < <mailto:members-discuss-bounces at ripe.net>
members-discuss-bounces at ripe.net> On Behalf Of Elad Cohen
Sent: Monday, April 27, 2020 12:59 PM
To: Cynthia Revström < <mailto:me at cynthia.re> me at cynthia.re>; Sascha Luck
[ml] < <mailto:ripe-md at c4inet.net> ripe-md at c4inet.net>
Cc:  <mailto:members-discuss at ripe.net> members-discuss at ripe.net
Subject: Re: [members-discuss] Regarding Elad Cohen's nomination and emails

 

Cynthia,

 

The sick person which you are referring to and is your colleague from "The
Spamhaus Project", defamed me for many many months, here in Ripe and in
Nanog, he called me by many names without a single proof. He was called an
antisemitic and a  racist not by me - but by people which are not related to
me in Nanog. After many months I provided an official response in Ripe. I
didn't hear your voice when he defamed me for many many months with him
calling me by many names. So obviously your interests are hidden.

 

In the other working groups - I only replied to him, and I didn't hear your
voice regarding your sick colleague initial message with name callings
towards me when I only replied to his attack on me. And his personal attack
on me is exactly like your personal attack on me now - you are afraid that
an alternative solution to "The Spamhaus Project" will be implemented if I
will be elected.

 

Respectfully,

Elad

  _____  

From: members-discuss <members-discuss-bounces at ripe.net
<mailto:members-discuss-bounces at ripe.net> > on behalf of Cynthia Revström
<me at cynthia.re <mailto:me at cynthia.re> >
Sent: Monday, April 27, 2020 1:50 PM
To: Sascha Luck [ml] <ripe-md at c4inet.net <mailto:ripe-md at c4inet.net> >
Cc: members-discuss at ripe.net <mailto:members-discuss at ripe.net>
<members-discuss at ripe.net <mailto:members-discuss at ripe.net> >
Subject: Re: [members-discuss] Regarding Elad Cohen's nomination and emails 

 

> The RIPE *NCC* has no business either enforcing "professionality"
on the *community* mailing lists - this is the WG chairs'
responsibility. 

 

AFAIK there are no WG chairs of members-discuss and members-discuss is a
mailing list that the RIPE NCC hosts to let RIPE NCC members discuss RIPE
NCC membership related topics, so I think they certainly have business
enforcing people to be professional on this mailing list.

 

I would also like to add that Elad has multiple times on different mailing
lists ignored the WG chairs.

Also this is happening across a variety of RIPE/RIPE NCC mailing lists that
are all hosted by the RIPE NCC and as such I think it is their business to
keep them to a professional standard.

 

> If I'm wrong, where do

I submit the list of people I'd like to see excluded from the
community? 

 

There should not be a long list of people, but when someone is behaving
unprofessionally, calling people "coconut", being defamatory towards the
RIPE NCC, ignoring WG chairs, I do think that they have gone too far and
everything has a limit.

Like we wouldn't allow someone to send sales emails to the mailing list as
an example, aka limits on what is allowed.

 

- Cynthia

 

On Mon, Apr 27, 2020 at 12:43 PM Sascha Luck [ml] <ripe-md at c4inet.net
<mailto:ripe-md at c4inet.net> > wrote:

On Mon, Apr 27, 2020 at 12:02:59AM +0200, Cynthia Revstrm wrote:
>I would like to propose that the RIPE NCC ban Elad Cohen from interacting
>with the RIPE Community (via Meetings or mailing lists) due to his blatant
>disregard for the Code of Conduct and for being hostile towards others in
>the community. As the RIPE NCC hosts and manages these lists I think the
>RIPE NCC has a responsibility to keep the lists professional and to remove
>those who repeatedly ignore what the WG chairs are saying.

The RIPE *NCC* has no business either enforcing "professionality"
on the *community* mailing lists - this is the WG chairs'
responsibility. Nor do I think the NCC should determine who can
be a member of the RIPE community or not. If I'm wrong, where do
I submit the list of people I'd like to see excluded from the
community? 
I think this proposal is the most out-of-order thing I've yet
seen in this thread.

rgds,
Sascha Luck 

>
>- Cynthia

>_______________________________________________
>members-discuss mailing list
>members-discuss at ripe.net <mailto:members-discuss at ripe.net> 
>https://mailman.ripe.net/
>Unsubscribe:
https://lists.ripe.net/mailman/options/members-discuss/ripe-md%40c4inet.net


_______________________________________________
members-discuss mailing list
members-discuss at ripe.net <mailto:members-discuss at ripe.net> 
https://mailman.ripe.net/
Unsubscribe:
https://lists.ripe.net/mailman/options/members-discuss/me%40cynthia.re

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.ripe.net/ripe/mail/archives/members-discuss/attachments/20200427/9f4e1b8a/attachment.html>