Hi Sara, isn't making the world (and the internet) first and foremost a job of law enforcement agencies like the police and Europol? While I agree that everyone has a role to play, crime prevention and protection of the public is part of the LEA job description, right? Civil society entities certainly have a role to play, but it does not help trying to deputize them into a role they do not carry. I disagree that the contract language you quote puts any duty of care regarding the abuse of any networks by third parties on the parties to the agreement. That duty may arise from other sources, but this language is directed at its own information the party provides to RIPE NCC and the cooperation with any audits. Just because it includes the word security does not mean it refers to all thinkable security issues. The ability of any part of the internet infrastructure to curtail abuse that somehow touches services it providers is usually severely curtailed and its ability to review abuse complaints is usually limited to the resources it provides. In many cases, that is simply not enough information to go on when dealing with many common forms of abuse. Best, Volker Am 16.01.2020 um 14:23 schrieb Marcolla, Sara Veronica:
Very well put, Sérgio. Thank you for voicing clearly the concern of (at least a part of) the community.
We should not forget that, according to the provisions of RIPE NCC audits, “e/very party that has entered into an agreement with the RIPE NCC is contractually obliged to provide the RIPE NCC with complete, updated and accurate information necessary for the provision of the RIPE NCC services and to assist the RIPE NCC with audits and security checks”. /Complete, accurate information goes hand in hand with a duty of care, of promptly taking actions against abuse, and should be accompanied by a social responsibility of trying to make the Internet a safe and secure place for everyone, thus not enabling actively DDoS, spammers, and criminals in general.
If the community does not agree that everyone has the right to a safe, spam free, crime free Internet, maybe we have some issue to solve here first.
Kind regards,
**
*Sara *
*Europol - *O3 European Cyber Crime Centre (EC3)
Eisenhowerlaan 73, 2517 KK
The Hague, The Netherlands
www.europol.europa.eu <http://www.europol.europa.eu>
*From:*anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> *On Behalf Of *Sérgio Rocha *Sent:* 16 January 2020 13:38 *To:* anti-abuse-wg@ripe.net *Subject:* Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
Hi,
Agree, This anti-abuse list seems the blocking group to any anit-abuse response measure.
It's amazing that nobody cant propose anything without receiving a shower of all sorts of arguments against
There is an idea that everyone has to hold, if as a community we cannot organize a policy, one of these days there will be a problem that will make governments take the opportunity to legislate and we will no longer have the free and open internet.
There are a feew ideas that is simple to understand:
1 - If you have been assigned a network you have responsibilities, paying should not be the only one.
2 - There is no problem with email, since ever are made solutions to integrate with emails. There is no need to invent a new protocol. Who has a lot of abuse, invests in integrating these emails.
3 - If you have no ability to manage abuse should not have addressing, leave it to professionals.
The internet is critical for everyone, the ability for actors to communicate with each other to respond to abuse must exist and RIPE must ensure that it exists.
It’s like the relation with local governments, there is a set of information that has to be kept up to date to avoid problems, in RIPE it must be the same.
Sergio
*From:*anti-abuse-wg [mailto:anti-abuse-wg-bounces@ripe.net] *On Behalf Of *Fi Shing *Sent:* 16 de janeiro de 2020 04:55 *To:* anti-abuse-wg@ripe.net <mailto:anti-abuse-wg@ripe.net> *Subject:* Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
Best not to judge the race until it has been fully run.
I just do not understand how anyone on this list (other than a criminal or a business owner that wants to reduce over heads by abolishing an employee who has to sit and monitor an abuse desk) could be talking about making it easier for abuse to flourish.
It is idiotic and is not ad hominem.
This list is filled with people who argue for weeks, perhaps months, about the catastrophic world ending dangers of making an admin verify an abuse address ONCE a year .... and then someone says "let's abolish abuse desk all together" and these idiots emerge from the wood work like the termites that they are and there's no resistance?
The good news is that nothing talked about on this list is ever implemented, so .. talk away you criminals.
--------- Original Message ---------
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox") From: "Ronald F. Guilmette" <rfg@tristatelogic.com <mailto:rfg@tristatelogic.com>> Date: 1/16/20 11:47 am To: "anti-abuse-wg@ripe.net <mailto:anti-abuse-wg@ripe.net>" <anti-abuse-wg@ripe.net <mailto:anti-abuse-wg@ripe.net>>
In message <20200115155949.af7f9f79718891d8e76b551cf73e1563.e548b98006.mailapi@ email19.asia.godaddy.com <mailto:20200115155949.af7f9f79718891d8e76b551cf73e1563.e548b98006.mailapi@%0bemail19.asia.godaddy.com>>, "Fi Shing" <phishing@storey.xxx <mailto:phishing@storey.xxx>> wrote:
>That is the most stupid thing i've read on this list.
Well, I think you shouldn't be quite so harsh in your judgement. It is not immediately apparent that you have been on the list for all that long. So perhaps you should stick around for awhile longer before making such comments. If you do, I feel sure that there will be any number of stupider things that may come to your attention, including even a few from your's truly.
Best not to judge the race until it has been fully run.
>Which criminal is paying you to say this nonsense, because no ordinary person >that has ever received a spam email would ever say such crap.
I would also offer the suggestion that such inartful commentary, being as it is, ad hominem, is not at all likely to advance your agenda. It may have felt good, but I doubt that you have changed a single mind, other than perhaps one or two who will now be persuaded to take the opposing position, relative to whatever it was that you had hoped to achieve.
Regards, rfg
*******************
DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it. Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated.
*******************
-- Volker A. Greimann