Brian Nisbet
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270
Hi Brian,
I understand that the people can change their mind, for example, after other comments or the IA, etc.
This is the same across different proposal versions, even editorial text changes. People can change their mind.
However not stating a “mind change”, should be taken as having changed their position. I understand that you agree on all that and your decision is based on that perspective?
(I want to make sure that language differences between English and Spanish are not an interpretation problem here)
Regards,
Jordi
@jordipalet
El 8/9/20 10:07, "Brian Nisbet" <brian.nisbet@heanet.ie> escribió:
Jordi,
Under the PDP, given potential changes to the policy and inputs such as the Impact Analysis it is very difficult for the Co-Chairs to make assumptions about points of view as we move into the Review Phase, hence people will often restate their support or opposition to the policy, and indeed will often hark back to comments they have previously made.
Again, this is why we listed the comments from the Discussion Phase and the Co-Chairs feel, even if everyone had made those same comments, the Co-Chairs feel there was no clear consensus for change.
Brian
Co-Chair, RIPE AA-WG
Brian Nisbet
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
Sent: Tuesday 8 September 2020 08:58
To: Brian Nisbet <brian.nisbet@heanet.ie>; anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net>
Subject: Re: [anti-abuse-wg] Report & Co-Chair's Decision on Proposal 2019-04
CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Hi Brian, all,
First of all, tks for this detailed report. I’m still processing it.
However, I’ve a open question for you, which I think it has been also clear from other emails, that it is not clear for the community.
People in favor (or against) the proposal has not (including myself), re-stated their position or repeated the same arguments. Is not that an indication that they keep their previous position?
Regards,
Jordi
@jordipalet
El 7/9/20 17:19, "anti-abuse-wg en nombre de Brian Nisbet" <anti-abuse-wg-bounces@ripe.net en nombre de brian.nisbet@heanet.ie> escribió:
Colleagues,
A few weeks ago we reached the end of the latest review phase for 2019-04. The Co-Chairs have worked closely with the NCC Policy Development Office since then to try to make a decision on this policy. This email contains a report on the Discussion Phase and Review Phase and then a final decision which, we believe, is supported by the activity during those phases.
As always, this is underpinned by the RIPE PDP - https://www.ripe.net/publications/docs/ripe-710
Discussion Phase:
There was some clear support for the policy during the Discussion Phase. This came from:
Serge Droz, who felt that it would help in a number of cases and that an inability to answer an e-mail every six month probably indicated underlying issues. He also felt it would allow the community to understand who was doing good work and who wasn't, and it will prevent organisations from saying they never received a report. He also pointed out some of the difference in reaction between the security and operator communities on this policy.
Carlos Friacas, agreed that it would help, but not solve all problems. He also flagged that if "deregistration" was not a possible outcome for a continuous failure to validate, then the outcome of transparency would still be positive, but did say that must be balanced against the NCC Impact Analysis.
Jordi Palet Martinez, the proposer, was, of course, in favour, but also reacted to a number of voices against the proposal:
- The job of the RIPE NCC is to implement the policies agreed by the community. I believe is perfectly understandable the need to avoid using manual forms which don't follow a single standard, which means extra work for *everyone*. (Responding to Nick Hilliard)
- The actual policy has a bigger level of micro-management, by setting one year and not allowing the NCC to change that. (Responding to Nick Hilliard)
- The problem of a form is that is not standard. This is economically non-sustainable and means that the cost of the abuse cases is on the back of the one actually reporting. (Responding to No No)
- The actual validation is not working, it is just a technical validation (responding to Gert Doering)
- The community prefers to do things in steps, we initially asked for an abuse mailbox, we then added a technical validation, now we are asking for a better validation. I am not asking to verify if you handle abuse case or not and I am not asking to take any new actions.
Angel Gonzalez Berdasco suuported the proposal, but also made multiple comments on a different approach, including an abuse-uri and highlighted that standarising the communications was important.
A number of people spoke in clear opposition.
Nick Hilliard stated that it is not the job of the RIPE NCC to tell its members how to handle abuse reports. He further said that the is self-contradictory, intrusive into NCC membership business processes and there is no compelling reason to believe that the proposal will end up reducing the amount of abuse on the internet.
Gert Doering said that if people *do not want* to handle abuse reports, this proposal will not make them and that cases of misconfiguration are already caught today.
No No did not want anyone to be restricted in how they received abuse reports.
Michele Neylon opposed the proposal and agreed with the points made by Nick.
A number of other people posted either with mixed comments, or in a way that did not make it clear where they stood on the proposal:
Job Snijders, Elad Cohen, Alistair Mackenzie, Suresh Ramasubramanian, Hans-Martin Mosner, Shane Kerr, Sascha Luck, Arash Naderpur, Richard Clayton, Alessandro Vesely, Randy Bush
The Review Phase of the proposal lasted from 20 July 2020 to 18 August 2020.
There were 14 messages received during the review phase. Out of which, 3 were from the PDO, 1 was myself's and 2 were Jordi’s requesting clarification on the Impact Analysis.
- There was no messages of support to the proposal.
There was one message stating that the form is more beneficial than email to report abuse because it always reaches the host to which Jordi tried to address stating that email can be automated whilst forms can not.
- There were opposing arguments based on two fronts:
1) Nick Hilliard and Erik Bais commented that the effort and cost to implement this proposal are too great in relations to the benefits that are alleged.
2) Michele Neylon and Arash Naderpour commented that they oppose forcing operators to use only email for handling abuse reports and internal handling procedures should be solely defined by the operator.
Nick Hilliard and Michele Neylon also requested the proposal to be dropped as concerns raised over the last 18 months have not been addressed and tweaking this proposal would not add any value.
There was no attempt to address the opposing arguments above during the review phase.
With all of this in mind, and with the continued failure of any kind of consensus from the working group, the Co-Chairs have decided to withdraw this proposal. As always we would welcome proposals on this and other matters, however we do not feel that there is any likelihood of 2019-04, regardless of possible edits, reaching consensus in the short or medium term.
Alireza, Brian, Tobias
Co-Chairs, RIPE AA-WG
Brian Nisbet
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of
the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents
of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.