Good evening! I fully understand that why RIPE abuse policy is a subject of community agreement. It dates back to the history of internet and back when it was mainly academic with few services and dependencies to the functioning of the society and state. Every day we in CERT-EE send out a number of notifications on infected devices that can on the best of days are used to attack other members of our community. Yet, there is no requirement for a LIRs to do anything other than receive our complaints. We know that quite a few LIRs simply ignore such notifications! This is just one example of how todays' approach is not really working. And the community seems not to agree anything else. That is perfectly understandable. When once there was just academia, now the community has grown encompassing legitimate business but also abusers who have become part of that community. We can always find reasons (justified or not) on why not to do anything or change anything but we have to understand that impact of not doing anything will continue to grow. At some point, once another attack comes where we can show that for large number of bots we've warned and nothing was done, our political masters will also realise that the time of self-regulation should come to an end. Some countries have already started advocating for stronger control and perhaps not all for the same good reason. Kind regards, -- Tõnu Tammer CERT-EE juht / Executive Director of CERT-EE Riigi Infosüsteemi Amet / Estonian Information System Authority Email: tonu@cert.ee Mobile: +372 53 284 054 Web: https://cert.ee PGP:0x77A8997 / 9477 6B86 6A1E 849B C456 46D6 9CA8 9E41 77A8 997B On 16.01.2020 16:28, JORDI PALET MARTINEZ via anti-abuse-wg wrote:
El 16/1/20 15:25, "anti-abuse-wg en nombre de Ronald F. Guilmette" <anti-abuse-wg-bounces@ripe.net en nombre de rfg@tristatelogic.com> escribió:
In message <FE63ED86-8823-4F7D-81BD-DD08AA130FA9@consulintel.es>, JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:
>I'm sure that this is the same in every EU country. Can we agree on that?
Quite certainly not! Doing so would break ALL established precedent!
I used EU on purpose here. I didn't want to say every RIPE NCC country.
I really think the electricity case I've described works that way in EU countries. Anyone believes not?
Any lawyer in the list can provides hints why yes or why not?
When was the last time this working group agreed on *anything*?
Regards, rfg
P.S. And anyway, as I myself have just been reminded, RIPE != EU.
********************************************** IPv4 is over Are you ready for the new Internet ? http://www.theipv6company.com The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
-- Tõnu Tammer CERT-EE juht / Executive Director of CERT-EE Riigi Infosüsteemi Amet / Estonian Information System Authority Email: tonu@cert.ee Mobile: +372 53 284 054 Web: https://cert.ee PGP:0x77A8997 / 9477 6B86 6A1E 849B C456 46D6 9CA8 9E41 77A8 997B