On Thu, Mar 29, 2012 at 2:23 PM, Shane Kerr
<shane@time-travellers.org> wrote:
Some people want someone to force ISP's to take responsibility for
fixing abuse originating in their networks. The natural place for this
enforcement appears to them to be the RIPE NCC (*).
The issue isn't forcing ISPs to fix abuse at all - lots of blocklists and whatever else for that.
The issue is making sure that the bad guys are simply not able to get themselves a /15 whenever they like simply because the paperwork verification is close enough to nonexistent.
As for "picking on RIPE NCC", do please let me know if another RIR with an LIR model AND a bunch of criminals who have got the idea of setting themselves up as LIRs
Contrariwise, the RIPE NCC is unable to unwilling to change its role
from a fundamentally administrative to one that involves setting
network usage policies. This involves risks in terms of anti-trust
regulators, need to carefully define the limits of control, and setting
This is an entirely strawman set of arguments. Can you please explain to me what part of SOCA's proposals about crosschecking ID / email address etc triggers a single antitrust regulation? Or a privacy regulation for that matter?
On the 3rd hand, some people in the RIPE community (including me)
also feel that it is very, very difficult to define what the required
actions would be in the case of reported abuse. This reporting
mechanism itself might indeed be a source of abuse (rivalries between
companies could be fought by each accusing the other of hosting
criminal activity).
You might actually know if there's criiminal activity actually hosted there? As in some random guy asking "do you beat your wife" versus a lot of people coming up and saying that there's often scenes like loud arguments, screams, the sounds of blows / slaps etc being dealt, your wife turning up in public crying and with a black eye etc? ["generic you" of course], followed by a quick check that simply says you're a bigamist and so the marriage just wasn't valid, obtained under false pretences.
Yes the analogy is stupid. Thank you in advance for pointing that out.
about it. So, you might see that ISP ShaNet has working e-mail for
abuse, but nobody ever sees any action beyond automated response. Such
reports could be useful for people who *can* investigate and do
something, such as law enforcement or regulators.
Various blocklists and antispam forums / security lists do discuss that. However the point here is entirely different.
Let us put it this way - provider X has lax security policies, hosts a bunch of spammers and has a ton of blocklist listings. But it also has legitimate customers and does provide what it says it provides - colo services.
Provider Y in Eastern Europe is a front for a botmaster, hosts nothing but bot traffic and got itself an assigned-PA or PI /20 from RIPE NCC, after telling RIPE NCC its going to host whatever .. say some guy's family dog's homepage.
The point here is not crowdsourcing opinion about a CIDR. The point is getting hostmasters to see the difference between provider X and provider Y, and see if they can't give X a /20 and deny Y his /20.
SOCA appears to have a workable and standards based, complaint with european law, model there, as it happens.
--srs