Sorry off topic.
How Come I subscribed to digest yet getting multiple mails per day?
Cheers/DP
Send anti-abuse-wg mailing list submissions to
anti-abuse-wg@ripe.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
or, via email, send a message with subject or body 'help' to
anti-abuse-wg-request@ripe.net
You can reach the person managing the list at
anti-abuse-wg-owner@ripe.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of anti-abuse-wg digest..."
Today's Topics:
1. Re: 2019-03 New Policy Proposal (BGP Hijacking is a RIPE
Policy Violation) (Carlos Fria?as)
2. Re: 2019-03 New Policy Proposal (BGP Hijacking is a RIPE
Policy Violation) (Sascha Luck [ml])
3. Re: 2019-03 New Policy Proposal (BGP Hijacking is a RIPE
Policy Violation) (Lu Heng)
4. Re: 2019-03 and over-reach (Nick Hilliard)
5. Re: 2019-03 and over-reach (Hank Nussbacher)
6. Re: 2019-03 and over-reach (Hank Nussbacher)
----------------------------------------------------------------------
Message: 1
Date: Sat, 23 Mar 2019 13:39:04 +0000 (WET)
From: Carlos Fria?as <cfriacas@fccn.pt>
To: T?ma Gavrichenkov <ximaera@gmail.com>
Cc: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP
Hijacking is a RIPE Policy Violation)
Message-ID: <alpine.LRH.2.21.1903231315330.9599@gauntlet.corp.fccn.pt>
Content-Type: text/plain; charset="iso-8859-15"; Format="flowed"
On Sat, 23 Mar 2019, T?ma Gavrichenkov wrote:
> Hi all,
Hi,
(will try to keep it short)
(...)
> 1. As of now, the draft looks like a nice example of "document
> designed by a committee".
>
> It's too strict where there's no real need to be strict, and at the
> same time too weak where you don't expect it to be weak. E.g. 4 weeks
> to report + 4 weeks to investigate + 2 weeks for an appeal give us
> solid 10 weeks for an attack to stay there, which is, to put it
> gently, a substantial amount of time.
Just two co-authors. The set will grow for proposals in other RIRs. And
we'll gladly accept help, as Jordi is doing the most of heavy lifting.
If your issue is timescales they can be adapted in subsequent versions.
What we tried to design here was "due process" with enough "checks &
balances" embedded.
(...)
> 2. OTOH the ultimate result (membership cancellation) may be seen as a
> very heavy punishment.
>
> In fact in theory this policy could make things worse.
The scenarios you and others mentioned should be run through the process
and what you call "the ultimate result" should only happen if there is
absolutely no doubt about the intent and about the 'who'. If company A
takes control of company B's router (or hires someone to do it) is already
doing something which in most jurisdictions could fall onto "crime". If
company A could be identified, then they could/should be the 'who', and
not company B.
I won't expect this proposal will stop *all* intentional hijackers.
Firstly it will depend on a complaint/report, then it must be crystal
clear (with all the checks & balances in place) that is was intentional,
and the hijack was made by person/org X. So if you see bogus routes from
<big company name here>'s ASN coming from somewhere in the world where
they have no business, that's because someone else is (ab)using their
ASN...
(I would also like to hear Randy's take on 2019-03, even now before
version 2)
(...)
> 3. If I were to design that process, I'd put it in a different way, e.g.:
It's not explicitely written down, but yes, the idea was to have a
(pre-existing) worldwide pool of experts. The timescales were mostly
designed expecting it would be possible to build that pool on a voluntary
basis. So 4 weeks was for a set of experts to agree on the report,
possibly on their own free time... :-)
Best Regards,
Carlos
------------------------------
Message: 2
Date: Sat, 23 Mar 2019 13:54:06 +0000
From: "Sascha Luck [ml]" <aawg@c4inet.net>
To: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
Cc: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP
Hijacking is a RIPE Policy Violation)
Message-ID: <20190323135406.GO99066@cilantro.c4inet.net>
Content-Type: text/plain; charset=us-ascii; format=flowed
All,
can I ask every participant in this discussion to PLEASE, PLEASE
quote properly. It's becoming absolutely impossible to ascertain
who wrote what and who made a statement and who answered it.
To brass tacks:
On Sat, Mar 23, 2019 at 01:44:21PM +0100, JORDI PALET MARTINEZ via anti-abuse-wg wrote:
> Immediate membership suspension at the end if the experts decide it's
> necessary to do so now.
This is not possible under the SSA/ripe-697. Section 1.2.1.1 of
ripe-697 states clearly the grounds for termination of
membership. "BGP hijacking" is not one of them. While it is
presumably possible to add additional reasons, it will be,
TTBOMK, only by membership vote.
I did at the start decide to give this proposal the benefit of
the doubt but I am now convinced that its intent is the
subversion of the RIPE NCC in order to force it to abuse its
dominant market position to remove from (internet) existence,
members who exhibit behaviour that, while arguably legal,
elements of this community don't like.
Moreover, the proposal aims at doing this while largely
excluding the RIPE NCC itself from the decision-making process,
instead using some panel of "experts" to decide who should live
and who should die. Whence the authority of these "experts"
comes is not explained. The NCC Board is then, or so I surmise,
tasked with giving this decision an air of legitimacy by
ratifying it. Why the (unpaid) Board would even accept such a
questionable honour, I don't know, especially in light of the
potential liabilities.
Further, the danger exists that this community is not done yet.
Once a mechanism to terminate unwelcome behaviour is established,
it is relatively easy to plug in any other behaviour that this
community, or elements thereof, would like to see removed from the
internet.
In conclusio, this proposal has the potential to irredeemably
damage the relationship the NCC has with its members and I would
even argue that it has the potential to threaten the very
existence of the NCC if the powers that be decide that it is
abusing its power as a monopoly provider.
For the avoidance of doubt, I remain in opposition,
SL
------------------------------
Message: 3
Date: Sat, 23 Mar 2019 22:26:46 +0800
From: Lu Heng <h.lu@anytimechinese.com>
To: "Sascha Luck [ml]" <aawg@c4inet.net>
Cc: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>,
anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] 2019-03 New Policy Proposal (BGP
Hijacking is a RIPE Policy Violation)
Message-ID:
<CAAvCx3jaLVGJxH-KBfwsTt-gWk7v77ceDAmm=DM0yvsO__ioMA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
On Sat, Mar 23, 2019 at 21:54 Sascha Luck [ml] <aawg@c4inet.net> wrote:
>
> All,
>
> can I ask every participant in this discussion to PLEASE, PLEASE
> quote properly. It's becoming absolutely impossible to ascertain
> who wrote what and who made a statement and who answered it.
>
>
> To brass tacks:
>
> On Sat, Mar 23, 2019 at 01:44:21PM +0100, JORDI PALET MARTINEZ via
> anti-abuse-wg wrote:
> > Immediate membership suspension at the end if the experts decide it's
> > necessary to do so now.
>
> This is not possible under the SSA/ripe-697. Section 1.2.1.1 of
> ripe-697 states clearly the grounds for termination of
> membership. "BGP hijacking" is not one of them. While it is
> presumably possible to add additional reasons, it will be,
> TTBOMK, only by membership vote.
>
> I did at the start decide to give this proposal the benefit of
> the doubt but I am now convinced that its intent is the
> subversion of the RIPE NCC in order to force it to abuse its
> dominant market position to remove from (internet) existence,
> members who exhibit behaviour that, while arguably legal,
> elements of this community don't like.
>
> Moreover, the proposal aims at doing this while largely
> excluding the RIPE NCC itself from the decision-making process,
> instead using some panel of "experts" to decide who should live
> and who should die. Whence the authority of these "experts"
> comes is not explained. The NCC Board is then, or so I surmise,
> tasked with giving this decision an air of legitimacy by
> ratifying it. Why the (unpaid) Board would even accept such a
> questionable honour, I don't know, especially in light of the
> potential liabilities.
>
> Further, the danger exists that this community is not done yet.
> Once a mechanism to terminate unwelcome behaviour is established,
> it is relatively easy to plug in any other behaviour that this
> community, or elements thereof, would like to see removed from the
> internet.
>
> In conclusio, this proposal has the potential to irredeemably
> damage the relationship the NCC has with its members and I would
> even argue that it has the potential to threaten the very
> existence of the NCC if the powers that be decide that it is
> abusing its power as a monopoly provider.
Very well said, +1
>
>
> For the avoidance of doubt, I remain in opposition,
>
> SL
>
> --
--
Kind regards.
Lu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ripe.net/ripe/mail/archives/anti-abuse-wg/attachments/20190323/579a0fb5/attachment-0001.html>
------------------------------
Message: 4
Date: Sat, 23 Mar 2019 15:49:16 +0000
From: Nick Hilliard <nick@foobar.org>
To: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
Cc: "anti-abuse-wg@ripe.net" <anti-abuse-wg@ripe.net>
Subject: Re: [anti-abuse-wg] 2019-03 and over-reach
Message-ID: <6179dc11-f299-c076-0ae1-2f2d22eb6115@foobar.org>
Content-Type: text/plain; charset=utf-8; format=flowed
JORDI PALET MARTINEZ via anti-abuse-wg wrote on 23/03/2019 11:52:
> ?El 23/3/19 12:32, "Nick Hilliard" <nick@foobar.org> escribi?:
> 1. it's not the job of the RIPE NCC to make up for a short-fall of civil
> legislation in this area, no matter how distasteful we might find the
> consequences of this;
>
> And we aren't doing that.
If there were legislation and enforcement in this area, we wouldn't be
having this conversation.
> 2. you can throw anything into a contract, but that doesn't mean it's
> enforceable or even lawful. > [...]
> In this particular case, the suggestion is for the RIPE NCC to start
> making judgements about potentially legal actions between second or
> third parties, potentially involving non-related resources and to deny
> and/or withdraw number registration services on that basis. This does
> not sound legally enforceable.
>
> No, it is not a matter of parties. It is a matter of the membership rules.
Jordi, you need to take legal advice on this before proceeding further.
Nick
------------------------------
Message: 5
Date: Sat, 23 Mar 2019 19:17:06 +0200
From: Hank Nussbacher <hank@efes.iucc.ac.il>
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] 2019-03 and over-reach
Message-ID: <cd9860db-d5d4-da6d-d07b-902affd1474c@efes.iucc.ac.il>
Content-Type: text/plain; charset=utf-8; format=flowed
On 23/03/2019 00:19, Sander Steffann wrote:
>> But, this is not how to handle the problem of BGP hijacking. Even if it had the slightest possibility of making any difference at a technical level (which it won't), the proposal would set the RIPE Community and the RIPE NCC down a road which I believe would be extremely unwise to take from a legal and political point of view, and which would be difficult, if not impossible to manoeuver out of.
> I fully agree with Nick. BGP hijacking has to be fought, but this is not the way?
Exactly how successful has been MANRS - our attempt at self-regulation?
Regards,
-Hank
>
> Cheers,
> Sander
>
------------------------------
Message: 6
Date: Sat, 23 Mar 2019 19:23:20 +0200
From: Hank Nussbacher <hank@efes.iucc.ac.il>
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] 2019-03 and over-reach
Message-ID: <e72ebef7-2ebc-be2e-c75c-ba203d0d3dd8@efes.iucc.ac.il>
Content-Type: text/plain; charset=utf-8; format=flowed
On 23/03/2019 13:31, Nick Hilliard wrote:
> JORDI PALET MARTINEZ via anti-abuse-wg wrote on 22/03/2019 22:55:
>> The legal bindings of the NCC already have that for those that don?t
>> follow existing policies, don?t pay bills, etc. So, the proposal is
>> adding in the table a policy for confirming what is a hijack
>> according to the community consensus. Same way we did for how we
>> distribute resources, do transfers, etc.
>
> Hi Jordi,
>
> couple of things:
>
> 1. it's not the job of the RIPE NCC to make up for a short-fall of
> civil legislation in this area, no matter how distasteful we might
> find the consequences of this;
Purity of concept will result in massive gov't intervention since we
will have shown that we don't know how to self-regulate.
The voices are already there:
https://hackernoon.com/why-the-internet-must-be-regulated-9d65031e7491
If you have an alternative solution, not even a better one, please
suggest it.
Regards,
Hank
End of anti-abuse-wg Digest, Vol 88, Issue 72
*********************************************