The proposal is to send verification emails to abuse mailboxes and have a link in them clicked, right? I would have no objection to that.

Is there more that is being proposed in this proposal specifically?

Maria Merkel

This email was sent by [company]. Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered in England and Wales under company number 11748197, Novecore Licensing Ltd., registered in England and Wales under company number 11544982, Staclar Carrier Ltd., registered in England and Wales under company number 12219686, Staclar Financial Services Ltd., registered in England and Wales under company number 13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in England and Wales under company number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file number 4030866, and Staclar, Inc., registered in Delaware under file number 7413401 (registered agents The Corporation Trust Company, Corporation Trust Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in the United Kingdom under VAT registration number 347 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT registration number EE102518979. Novecore Professional Services Ltd. is a trust or company service provider registered with and supervised by HM Revenue & Customs under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (registration number XMML00000178208). Staclar Financial Services Ltd. is an Annex 1 financial institution registered with and supervised by the Financial Conduct Authority under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (firm reference number 989521). Registration is not equivalent to authorisation and is not an endorsement to do business with a firm. Staclar Financial Services Ltd. is not an authorised person within the meaning of the Financial Services and Markets Act 2000 and does not review, approve, or endorse financial promotions for securities issues it is involved in or provide any form of investment advice.

On November 30, 2023 at 11:45 AM GMT+1 ops.lists@gmail.com wrote:

There is somewhat more being proposed than that bare minimum of due diligence but none of this makes ripe ncc a regulator any more than a pharmacist verifying a prescription becomes the FDA

--srs

From: Matthias Merkel <matthias.merkel@staclar.com>
Sent: Thursday, November 30, 2023 4:03:07 PM
To: Suresh Ramasubramanian <ops.lists@gmail.com>; Leo Vegoda <leo@vegoda.org>
Cc: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net>
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?
 
I have already noted that I have no objections to a proposal solely to verify abuse mailbox functionality, but that we should be careful adding anything further. Perhaps I wasn't clear enough in this:
Arguably a proposal to simply require verification of the abuse mailbox does not make the NCC a regulator (and, in fact, I think the NCC already does this with ASNs), but I do not see how this would be an effective measure. 

Making further requirements would make the NCC a regulator, and this may be dangerous precedent. 

Regarding the potential that government regulators will put rules in place if we don't, I don't think this is a big concern here. Many governments already do have those rules and already supervise network operators in their countries. The issue in this specific case is that some countries simply don't care, and do not have laws or regulations around the issue.

Maria Merkel

This email was sent by [company]. Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered in England and Wales under company number 11748197, Novecore Licensing Ltd., registered in England and Wales under company number 11544982, Staclar Carrier Ltd., registered in England and Wales under company number 12219686, Staclar Financial Services Ltd., registered in England and Wales under company number 13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in England and Wales under company number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file number 4030866, and Staclar, Inc., registered in Delaware under file number 7413401 (registered agents The Corporation Trust Company, Corporation Trust Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in the United Kingdom under VAT registration number 347 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT registration number EE102518979. Novecore Professional Services Ltd. is a trust or company service provider registered with and supervised by HM Revenue & Customs under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (registration number XMML00000178208). Staclar Financial Services Ltd. is an Annex 1 financial institution registered with and supervised by the Financial Conduct Authority under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (firm reference number 989521). Registration is not equivalent to authorisation and is not an endorsement to do business with a firm. Staclar Financial Services Ltd. is not an authorised person within the meaning of the Financial Services and Markets Act 2000 and does not review, approve, or endorse financial promotions for securities issues it is involved in or provide any form of investment advice.
Sent from Front
On November 30, 2023 at 11:25 AM GMT+1 ops.lists@gmail.com wrote:

This is simply an ongoing verification that the justification and other paperwork which were used to allocate the numbers are reasonable and correct 

Consensus tends to work in strange ways - and room packing isn’t unknown if you see the example I cited 

--srs

From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Matthias Merkel <matthias.merkel@staclar.com>
Sent: Thursday, November 30, 2023 3:24:02 PM
To: Leo Vegoda <leo@vegoda.org>; Suresh Ramasubramanian <ops.lists@gmail.com>
Cc: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net>
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?
 
Of course, this is not how consensus works. 

I also think you're misunderstanding my argument. I'm all for fighting abuse. A lot of my work is in abuse and fraud prevention and in the prevention of financial crime. I'm not arguing against preventing abuse, only against adding even more regulators where they aren't needed. 

The Gmail example still does not address my concern. They say what you can do with Gmail, which is the service. An IP address itself is not an abusable service, the systems addressed by them are. Gmail doesn't tell you what to do on third party services you sign up to with your gmail.com address. Google is responsible for Gmail. The RIPE NCC is responsible for the IP addresses. The network operator is responsible for the systems. 

Maria Merkel

This email was sent by [company]. Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered in England and Wales under company number 11748197, Novecore Licensing Ltd., registered in England and Wales under company number 11544982, Staclar Carrier Ltd., registered in England and Wales under company number 12219686, Staclar Financial Services Ltd., registered in England and Wales under company number 13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in England and Wales under company number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file number 4030866, and Staclar, Inc., registered in Delaware under file number 7413401 (registered agents The Corporation Trust Company, Corporation Trust Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in the United Kingdom under VAT registration number 347 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT registration number EE102518979. Novecore Professional Services Ltd. is a trust or company service provider registered with and supervised by HM Revenue & Customs under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (registration number XMML00000178208). Staclar Financial Services Ltd. is an Annex 1 financial institution registered with and supervised by the Financial Conduct Authority under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (firm reference number 989521). Registration is not equivalent to authorisation and is not an endorsement to do business with a firm. Staclar Financial Services Ltd. is not an authorised person within the meaning of the Financial Services and Markets Act 2000 and does not review, approve, or endorse financial promotions for securities issues it is involved in or provide any form of investment advice.
Sent from Front
On November 30, 2023 at 10:48 AM GMT+1 leo@vegoda.org wrote:

On Thu, 30 Nov 2023 at 10:44, Suresh Ramasubramanian
<ops.lists@gmail.com> wrote:

>
> The funny part is that the abuse teams of the very same companies will be out there in other conferences working earnestly and well on best practices. If they were to turn up at a ripe meeting and provide consensus ..
>
> And before you accuse me of packing the room to generate artificial consensus

Consensus isn't a numbers thing. I think you've misunderstood the process.

Regards,

Leo

--

To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg