Ronald F. Guilmette wrote: Sounds like a good start ... but I doubt if this should be the job of the anti-abuse-wg or its chair. I would rather prever, if there would be somebody at the RIPE NCC having this job, and setting up another wg maillinglist (like abuse-audit@ripe.net) ... I personally do not like to be flodded with discussions about specific networks, that might or might not be audited again ... If this gets changed, Im +1 Kind regards, Frank
To that end, I have three small proposals:
1) That the charter of the RIPE Anti-Abuse working group be ammended so as to make abundantly clear that whenever any two or more members of the WG bring to the attention of the chair that there may exist some specific allocation of number resources which either is no longer valid, or which may never have been actually valid to begin with, (based upon currently accepted criteria for number resource allocation within the RIPE region) then the WG chair will be obliged to undertake a preliminary informal inquiry, including public discussion on the mailing list, as and when that may be useful, and that following this initial informal inquiry, if, in the opinion of that chair, there exists some reasonable basis for believing that the number resource allocation(s) in question may indeed no longer be valid, then the chair is further obligated to formally report this fact to RIPE NCC, along with a formal request from the WG to RIPE NCC, that RIPE NCC immediately undertake a usual and customary audit of the allocation(s) in question, and the justification thereof.
2) That the charter of RIPE itself be ammended to stipulate, explicitly, that in any case in which the Anti-Abuse Working Group chair has made a formal request, to RIPE NCC, on behalf of the WG, for an audit to determine whether or not a given number resource allocation is or is not currently valid, that RIPE NCC is obliged by such a request to actually conduct the requested audit, and to do so in a timely fashion.
3) That the precise cirteria used by RIPE NCC to justify each possible different kind of number resource allocation, either initially or during any post-allocation audit, be made public in its entirety if it is not so already.
I make the above three proposals with an understanding that what is politically possible at the present time with respect to most forms of what I suspect we would all agree constitutes "network abuse" is at best minimal. There is clearly little appetite to turn either this WG or RIPE NCC into a functioning police force in any sense, and certainly not with respect to matters that are not even universally accepted as "abuse".
Nonetheless, there does exist a massive problem with so-called "snowshoe" spammers getting ahold of really big chunks of IPv4 address space... which they then waste in a truly massive and almost obscene way... and also there is a problem with crooks who either want to lay their hands on vast tracks of IPv4 address space for so-called "black-hat SEO" purposes, or who have already done so. As I understand it, RIPE allocation policies _already_ place most or all of this activity outside of the established RIPE rules and framework for allocations. So to combat at least these few limited forms of "network abuse" it now seems that all we need is an accepted process by which the pre-existing process known as a "RIPE NCC audit" can be triggered, in deserving cases, many of which are already known to, or are likely in future to come to the attention of members of this working group and participants on this mailing list.
Regards, rfg