A good friend who is a former regulator told me exactly this. I’ll share that bottle with you, Serge :) --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> Sent: Thursday, November 30, 2023 3:20:29 PM To: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next? As I said I disagree. Gmail says what you can do with their accounts, that doesn't make them a regulator. But it doesn't matter: At the end of the day it's excuses to not do anything about a growing problem. And what typically happens in such cases is that states get upset and start dictating the rules, i.e. the real regulators come out. At this point the community has pretty much lost the ability to shape the rules. I bet a good bottle of you favorite drink, that this is what will happen. Best Serge On 30.11.23 09:58, Matthias Merkel wrote:
Hi Serge,
The difference is the scope of the rules.
All organizations, including the RIPE NCC, enforce rules as part of their own business, for example with customers, etc.
What is being proposed here is imposing rules on unrelated things. Abuse isn't inherently of the resources provided by RIPE, but rather of the services addressed by them. It's like the postal service making rules on what you can do at your house because it has an address assigned by them.
This is the difference between regulator or not. The definition I cited is from the dictionary.
— Maria Merkel
This email was sent by [company]. Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated.
Novecore and Staclar are collective trading names of Novecore Ltd., registered in England and Wales under company number 11748197, Novecore Licensing Ltd., registered in England and Wales under company number 11544982, Staclar Carrier Ltd., registered in England and Wales under company number 12219686, Staclar Financial Services Ltd., registered in England and Wales under company number 13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in England and Wales under company number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file number 4030866, and Staclar, Inc., registered in Delaware under file number 7413401 (registered agents The Corporation Trust Company, Corporation Trust Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in the United Kingdom under VAT registration number 347 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT registration number EE102518979. Novecore Professional Services Ltd. is a trust or company service provider registered with and supervised by HM Revenue & Customs under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (registration number XMML00000178208). Staclar Financial Services Ltd. is an Annex 1 financial institution registered with and supervised by the Financial Conduct Authority under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (firm reference number 989521). Registration is not equivalent to authorisation and is not an endorsement to do business with a firm. Staclar Financial Services Ltd. is not an authorised person within the meaning of the Financial Services and Markets Act 2000 and does not review, approve, or endorse financial promotions for securities issues it is involved in or provide any form of investment advice. Sent from Front
On November 30, 2023 at 9:54 AM GMT+1 anti-abuse-wg@ripe.net <mailto:anti-abuse-wg@ripe.net> wrote:
I do not agree
Every organization has rules it enforces. That doesn't make it a regulator. The public transport here, where I live enforces that you have a valid ticket. That doesn't make it the transport regulator.
In fact RIPE NCC will probably enforce that you pay your fees.
The issue here is, that we have two subgroups:
One that thinks we should try go a bit further to ensure that people do what can be expected they should be doing, and another fractions that feels every little bit of additional load is too much and will not solve the problem 100%. It's like saying we give up on speed limits because it doesn't prevent speeding.
And as long as this group cannot come up with a compromise nothing will change, in essence the anti-abuse wg is taken hostage by the nay sayers. These discussions have been going on for years. Nothing new has come out.
We don't even try. We could, and then see if it makes a difference. If not we go back. But nope.
Best Serge
On 30.11.23 09:39, Matthias Merkel wrote:
Hi Leo,
The definition of a regulator is an entity that sets and enforces rules on the persons it supervises.
If the RIPE NCC goes further than just providing numbers, and instead enforces rules on usage associated with them (note that this doesn't even concern the use of the numbers themselves, but rather services addressed by them), it will, by definition, be a regulator.
I'm not sure that there will be consensus on wanting the NCC to become a regulator.
— Maria Merkel
This email was sent by Staclar, Inc. Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated.
Novecore and Staclar are collective trading names of Novecore Ltd., registered in England and Wales under company number 11748197, Novecore Licensing Ltd., registered in England and Wales under company number 11544982, Staclar Carrier Ltd., registered in England and Wales under company number 12219686, Staclar Financial Services Ltd., registered in England and Wales under company number 13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in England and Wales under company number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file number 4030866, and Staclar, Inc., registered in Delaware under file number 7413401 (registered agents The Corporation Trust Company, Corporation Trust Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in the United Kingdom under VAT registration number 347 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT registration number EE102518979. Novecore Professional Services Ltd. is a trust or company service provider registered with and supervised by HM Revenue & Customs under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (registration number XMML00000178208). Staclar Financial Services Ltd. is an Annex 1 financial institution registered with and supervised by the Financial Conduct Authority under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (firm reference number 989521). Registration is not equivalent to authorisation and is not an endorsement to do business with a firm. Staclar Financial Services Ltd. is not an authorised person within the meaning of the Financial Services and Markets Act 2000 and does not review, approve, or endorse financial promotions for securities issues it is involved in or provide any form of investment advice. Sent from Front
On November 30, 2023 at 9:36 AM GMT+1 anti-abuse-wg@ripe.net <mailto:anti-abuse-wg@ripe.net> <mailto:anti-abuse-wg@ripe.net <mailto:anti-abuse-wg@ripe.net>> wrote:
Hi Leo,
I don’t see it as a regulator, I see it as one of the functions of a RIR. Not just provide numbers, but also ensure that they are being used fairly and according community agreed policies. Otherwise we could also say that other reasons for recovery are invalid because we become a regulator, right?
Each RIR has measured the “level of adoption” as they progressed with the initial verification (and this was presented at least a couple of times in every RIR), so there are slides in each of them, showing the progress. I can try to find them for you in the previous year's events if you can’t find them. Also my personal experience reporting over 1.500 abuse cases, average per day, shows that I get more “happy-ending” responses from those regions than before and keeps going better and better, which is not the case from RIPE unfortunately.
Regards, Jordi
@jordipalet
> El 29 nov 2023, a las 16:09, Leo Vegoda <leo@vegoda.org
<mailto:leo@vegoda.org>
<mailto:leo@vegoda.org <mailto:leo@vegoda.org>>> escribió: > > Hi Jordi, > > > On Nov 29, 2023, at 11:29, jordi.palet--- via anti-abuse-wg <anti-abuse-wg@ripe.net <mailto:anti-abuse-wg@ripe.net> <mailto:anti-abuse-wg@ripe.net <mailto:anti-abuse-wg@ripe.net>>> wrote: >> >> I agree that the carrot is better than the stick, but if the carrot doesn’t work, we need to use the stick. >> >> My original proposal was basically enforcing the NCC to reclaim the resources when there is a persistent violation of resolving abuse cases. This can be progressive, such as not allowing to update objects in the database, etc. No need to go with “a single failure means you lose your resources”. > > How could we do this without the RIPE NCC becoming some kind of regulator? Or is the proposal to make the RIPE NCC a private sector regulator? > >> As said, this is working in other 2 regions, one more coming (pending of the AFRINIC board ratification). Why should not work in this region the same? Also the PoC in ARIN works in a similar way, and being non-responsive means you get some “members” rights restricted. > > Who has been measuring the reduction is abuse? How tightly is that drop in abuse linked to this policy action rather than other factors? > > Kind regards, > > Leo >
********************************************** IPv4 is over Are you ready for the new Internet ? http://www.theipv6company.com <http://www.theipv6company.com/> <http://www.theipv6company.com/ <http://www.theipv6company.com/>> The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg <https://lists.ripe.net/mailman/listinfo/anti-abuse-wg> <https://lists.ripe.net/mailman/listinfo/anti-abuse-wg <https://lists.ripe.net/mailman/listinfo/anti-abuse-wg>>
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org <https://www.first.org/>
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg <https://lists.ripe.net/mailman/listinfo/anti-abuse-wg>
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg