Suresh Ramasubramanian <ops.lists@gmail.com> wrote:
What remains is policy proposals that are effective in getting such allocation requests denied and/or revoked. Which seems to be more of a can of worms here than in any other RIR.
I thank my friend Suresh for bringing to my attention a really more important issue, and one that I should have really considered before I made any of my recent posts imploring all within the Working Group to work on solidifying a firmer and more complete defintion of "abuse". As the Chair has courteously pointed out to me, the charter of this Working Group, such as it is, already is fairly clear that "spam" and "spamming" are most definitely issues within the remit of this Working Group. But that begs the larger question: Assuming for the moment that there existed a case in which all or a majority of this Working Group were convinced that a given particular allocation of number resources was registered for, and was being used exclusively and com- pletely for the production and distribution of spam, then at that point would either the Working Group, or its Chair, have either the authority or the responsibility to (a) direct or (b) request or (c) suggest that RIPE NCC withdraw/cancel/retract said allocation? If neither (a) nor (b) nor even (c) applies, then regardless of the formal or working definition of "abuse", it would seem to me... in- tending no offense to any person here present... that the Working Group could not reasonably be viewed as anything other than a paper tiger, utterly devoid of teeth and/or authority, and thus of no particular value or use or significance to anyone or any thing... but I am more than willing to be convinced otherwise. Regards, rfg
Ronald, I suspect you won't like my answer, but I think there's also a fundamental misunderstanding of the role of Working Groups in the RIPE Community at the heart of your question. Ronald F. Guilmette wrote the following on 19/06/2013 22:47:
Suresh Ramasubramanian <ops.lists@gmail.com> wrote:
What remains is policy proposals that are effective in getting such allocation requests denied and/or revoked. Which seems to be more of a can of worms here than in any other RIR.
I thank my friend Suresh for bringing to my attention a really more important issue, and one that I should have really considered before I made any of my recent posts imploring all within the Working Group to work on solidifying a firmer and more complete defintion of "abuse".
As the Chair has courteously pointed out to me, the charter of this Working Group, such as it is, already is fairly clear that "spam" and "spamming" are most definitely issues within the remit of this Working Group. But that begs the larger question: Assuming for the moment that there existed a case in which all or a majority of this Working Group were convinced that a given particular allocation of number resources was registered for, and was being used exclusively and com- pletely for the production and distribution of spam, then at that point would either the Working Group, or its Chair, have either the authority or the responsibility to (a) direct or (b) request or (c) suggest that RIPE NCC withdraw/cancel/retract said allocation?
This WG has no greater authority to direct or request anything from the NCC than any other member of the community. The WG is not, explicitly, a group within the community that directly deals with abuse. It is a group of people who are interested in the subject, who may well work together to create policies or documents or form a better understanding of the issue, but it is not a created group to deal with abuse. Now, to go a bit further here. The members of the WG can ask the NCC to do a particular thing. Depending on the thing that might be an action item that arises out of the mailing list or a meeting (eg Could the NCC please clarify under exactly what circumstances an LIR could be closed or deregistered). The alternative is a policy (eg Could the NCC please implement the abuse-c). The WG cannot say "we do not like this operator, please shut them down" in the same way the Routing WG cannot say "we require all members of the NCC to abandon BGP". That is not what WGs in the RIPE community are for. The WG can of course make the NCC aware of a bad operator and the WG can certainly give advice on how best to bring such issues to the NCC's attention (or to the attention of LEAs etc), but neither Tobias nor I sit down with the NCC and go through lists of LIRs, pointing out who is naughty or nice.
If neither (a) nor (b) nor even (c) applies, then regardless of the formal or working definition of "abuse", it would seem to me... in- tending no offense to any person here present... that the Working Group could not reasonably be viewed as anything other than a paper tiger, utterly devoid of teeth and/or authority, and thus of no particular value or use or significance to anyone or any thing... but I am more than willing to be convinced otherwise.
First off, no offence is taken. :) However, I think your comments here stem from a fundamental misunderstanding of how the community (of which you are a part, regardless of your earlier comments on the list) works. The WG was not set up to up to do those things. It has been a handy by-product of sharing information and expertise that reports have been passed on to the NCC, but it's not why we're here. There are 9000+ members of the RIPE NCC and countless others in the community. All of those operators will tell you "my network, my rules" albeit they are forced by law or contract to take other views into consideration. They are not beholden to this or any other WG unless a policy is made or a motion passed by the membership. At no point in the Charter for the AA-WG does it suggest we're here to take back resources, so I'm genuinely very interested to know where this all came from? Brian Co-Chair, AA-WG
In message <51C2EEAF.9010907@heanet.ie>, Brian Nisbet <brian.nisbet@heanet.ie> wrote:
This WG has no greater authority to direct or request anything from the NCC than any other member of the community. The WG is not, explicitly, a group within the community that directly deals with abuse. It is a group of people who are interested in the subject, who may well work together to create policies or documents or form a better understanding of the issue, but it is not a created group to deal with abuse.
Now, to go a bit further here. The members of the WG can ask the NCC to do a particular thing. Depending on the thing that might be an action item that arises out of the mailing list or a meeting (eg Could the NCC please clarify under exactly what circumstances an LIR could be closed or deregistered).
So, the WG may, explicitly, send requests to the NCC, yes?
The WG cannot say "we do not like this operator, please shut them down"...
Cannot or will not? I am not just playing with words here. I ernestly would like to know if there is anything... anything at all... codified into any of the written rules or bylaws of either RIPE or this WG, in particular, that explicitly prohibits this or any other WG, as a whole, and as a WG, from _saying_ any bloody thing it likes. I could well and truly understand if you were to tell me that if the WG said `X' or the WG said `Y' then it would only garner a laugh all around and/or general condemnation from a solid majority of the remainder of the RIPE membership. But that would be quite different from the statement that you just made, which, the way I read it, sounds like this WG is _obligated_ to utterly refrain from making certain kinds of public comments and/or certain kinds of requests to NCC. I probably should not try to anticipate your response to the above, but I will anyway... I suspect that you will say that I am corerct that there is nothing _explicit_ that prohibits the WG from saying any bloody thing it likes, but that it would simply be extraordinarily impolitic for this WG to go about making such requests or comments on specific operators or allocations, and that doing so might only be likely to result in the WG meeting its own untimely demise, at the request of the general RIPE membership. Assuming so, I for one might be willing to run that risk, even if others... perhaps many others... might not be so inclined.
in the same way the Routing WG cannot say "we require all members of the NCC to abandon BGP". That is not what WGs in the RIPE community are for.
See above. Even I can well and truly see that it would be extraordinarily impolitic if the Routing WG were to make that specific declaration. They would be laughed and ignored into oblivion. But my question remains... Other than the fact that those consequences would predictably ensue for that WG, I mean if it were to make such a (clearly unworable) declaration, is there anything specific that prohibits that WG from speaking its co- llective mind in any way it chooses?
The WG can of course make the NCC aware of a bad operator
With what effect, exactly? To what end? Do you see what I mean? If such information transmission (to NCC) occurs, and if no allocations ever change as a result, then what was the point? Also, when you say that 'the Anti-Abuse WG" may do so, do you mean only the individual members thereof, acting only as individual members? That seems to me to be what you were implying or intending to say, i.e. that any individual WG member can send over a note to NCC telling then about a "bad operator". Obviously, any individual member may elect to do that, however _individuals_ obviously carry a lot less weight than an entire WG. Has there ever been any instance in the history of the Anti-Abuse WG in which the WG _as a whole_ provided a package of information to NCC regarding, as you put it, a "bad operator"?
First off, no offence is taken. :)
OK, good. Thank you. You are a gentleman.
However, I think your comments here stem from a fundamental misunderstanding of how the community (of which you are a part, regardless of your earlier comments on the list) works. The WG was not set up to up to do those things.
I was arguably not born to do software, but I do anyway. People and organizations and institutions do change and evolve, including even in their goals and missions.
It has been a handy by-product of sharing information and expertise that reports have been passed on to the NCC, but it's not why we're here. There are 9000+ members of the RIPE NCC and countless others in the community. All of those operators will tell you "my network, my rules" albeit they are forced by law or contract to take other views into consideration. They are not beholden to this or any other WG unless a policy is made or a motion passed by the membership.
Right. And that is all as it should be. I am not asking about any hypothetical new policies that might be enacted. What about policies that exist that are simply not being enforced? And what about open questions like the one that I think Furio put, i.e. if a new or existing RIPE member came to RIPE NCC with a request for, say, a /19 with their explicitly stated intended use being "snowshoe spamming", then what would happen?
At no point in the Charter for the AA-WG does it suggest we're here to take back resources, so I'm genuinely very interested to know where this all came from?
It came from the fact that there _do_ exist problems, and with respect to the specific problems that exist (both within the RIPE region and most certainly elsewhere as well) _everyone_ seems to constantly be running as far and as fast away from actually dealing with those problems as it is humanly possible to do. In short, to paraphrase an old saying that we have here on this side of the pond, "It's a tough job, but _somebody_ ought to be doing it." The problems are problems of network abuse, and of instances where, arguably, fraud had been perpetrated against RIPE in order to obtain resources. RIPE NCC clearly does not want to actually have to deal with any of this, and I understand that. For them, it is all just a potential political hornet's nest, so the absolutely politically safest thing for them to do is to turn a blind eye and do nothing. This is to be expected, and I think that there exists a vast UNDER-appreciation, here and elswhere, of the really substantial DE-motivating factors that are in play with respect to RIPE NCC and the problem of dealing with abuse issues. NCC has real and clear incentives to try to bury all of these issues and questions and problems, as deeply as possible. So, um, let me see... we have instances of network abuse... instances that arguably go against policies that already exist and that have already been ratified by the RIPE membership as a whole. But there is little or no enforcement of said rules on the part of RIPE NCC, which, quite naturally, finds it politically safest not to rock the boat in any way, ever. But then we have this thing called the "Anti- Abuse Working Group" which, as you have been kind enough to clarify for me, has no authority to do anything in particular about any actual instances of acutal abuse, and which rather must content itself with occasionally making recommendations for specific _new_ policies to the RIPE membership as a whole, an activity which, I gather it does with a relatively high degree of infrequency. Meanwhile the problems continue, even as everyone and his brother seems to be out buying ten foot poles with which they may avoid touching any of the real, current, and press- ing problems. So anyway, yes, if you wish to assert that I might in some ways be en- couraging a more expansive view of the charter, mission, and goals of this WG, then I plead guilty as charged, however I throw myself upon the mercy of the court and ask for clemency on the basis of that fact that it is perhaps a natual mistake for an outsider to make to assume... apparently improperly... that a working group going by the name "Anti-Abuse" might actually wish to get its hands dirty from time to time, you know, by actually taking actual actions with respect to actual and ongoing instances of abuse, including instances which are already well and truly defined as such. Regards, rfg
Ronald F. Guilmette wrote, On 20/06/2013 21:11:
In message <51C2EEAF.9010907@heanet.ie>, Brian Nisbet <brian.nisbet@heanet.ie> wrote:
This WG has no greater authority to direct or request anything from the NCC than any other member of the community. The WG is not, explicitly, a group within the community that directly deals with abuse. It is a group of people who are interested in the subject, who may well work together to create policies or documents or form a better understanding of the issue, but it is not a created group to deal with abuse.
Now, to go a bit further here. The members of the WG can ask the NCC to do a particular thing. Depending on the thing that might be an action item that arises out of the mailing list or a meeting (eg Could the NCC please clarify under exactly what circumstances an LIR could be closed or deregistered).
So, the WG may, explicitly, send requests to the NCC, yes?
For certain things, yes.
The WG cannot say "we do not like this operator, please shut them down"...
Cannot or will not?
Ah, yes, ok...
I am not just playing with words here. I ernestly would like to know if there is anything... anything at all... codified into any of the written rules or bylaws of either RIPE or this WG, in particular, that explicitly prohibits this or any other WG, as a whole, and as a WG, from _saying_ any bloody thing it likes. I could well and truly understand if you were to tell me that if the WG said `X' or the WG said `Y' then it would only garner a laugh all around and/or general condemnation from a solid majority of the remainder of the RIPE membership. But that would be quite different from the statement that you just made, which, the way I read it, sounds like this WG is _obligated_ to utterly refrain from making certain kinds of public comments and/or certain kinds of requests to NCC.
You are right, there is nothing prohibiting anyone saying it, but saying it would have no effect as there is no policy or document there to enforce it or for the NCC to react. I think the interpretations here are in use of language. There is no such obligation.
I probably should not try to anticipate your response to the above, but I will anyway...
Well, it saves me having to type so much. :)
I suspect that you will say that I am corerct that there is nothing _explicit_ that prohibits the WG from saying any bloody thing it likes, but that it would simply be extraordinarily impolitic for this WG to go about making such requests or comments on specific operators or allocations, and that doing so might only be likely to result in the WG meeting its own untimely demise, at the request of the general RIPE membership. Assuming so, I for one might be willing to run that risk, even if others... perhaps many others... might not be so inclined.
I'm not sure about an untimely demise, per se. The NCC, nor the members of the NCC, have no power over the WGs, but it would certainly change the nature of the relationship between the WG and the NCC. It is conceivable that the community might think we've gone off the rails, certainly, so yeah, there would be a danger. But if those who are involved in the WG mandated the WG to actually take this action, even knowing the above, well I suppose the WG would have to do it.
in the same way the Routing WG cannot say "we require all members of the NCC to abandon BGP". That is not what WGs in the RIPE community are for.
See above. Even I can well and truly see that it would be extraordinarily impolitic if the Routing WG were to make that specific declaration. They would be laughed and ignored into oblivion. But my question remains... Other than the fact that those consequences would predictably ensue for that WG, I mean if it were to make such a (clearly unworable) declaration, is there anything specific that prohibits that WG from speaking its co- llective mind in any way it chooses?
Again, not of which I am aware.
The WG can of course make the NCC aware of a bad operator
With what effect, exactly? To what end? Do you see what I mean? If such information transmission (to NCC) occurs, and if no allocations ever change as a result, then what was the point?
I do see what you mean, but I was answering the questions you asked. Without a policy change, likely agreed to by the NCC membership (which opens up a whole different can of stakeholder interaction worms) there would be no automatic action. However such a notification may trigger an audit and the NCC's only processes, which may in turn lead to action under the procedures as currently documented.
Also, when you say that 'the Anti-Abuse WG" may do so, do you mean only the individual members thereof, acting only as individual members? That seems to me to be what you were implying or intending to say, i.e. that any individual WG member can send over a note to NCC telling then about a "bad operator".
Obviously, any individual member may elect to do that, however _individuals_ obviously carry a lot less weight than an entire WG. Has there ever been any instance in the history of the Anti-Abuse WG in which the WG _as a whole_ provided a package of information to NCC regarding, as you put it, a "bad operator"?
An individual could always do this. The WG could, but the members would have to direct it to do so. This can be done on the mailing list or in a meeting. Whether that would carry more weight is honestly debatable, if they came with evidence, but no, I mean that the WG could, if so directed by its members. The specific action here would likely be Tobias and I speaking to the NCC about it, but I wouldn't like to speculate on what would happen or if that would be actually any more effective than you or any other member of this WG doing it.
First off, no offence is taken. :)
OK, good. Thank you. You are a gentleman.
And you are too kind. Debate on these topics can often descend very quickly into badness (and has on this list in the past), I'm very glad this isn't. Indeed, it is proving very useful, to me at least.
However, I think your comments here stem from a fundamental misunderstanding of how the community (of which you are a part, regardless of your earlier comments on the list) works. The WG was not set up to up to do those things.
I was arguably not born to do software, but I do anyway. People and organizations and institutions do change and evolve, including even in their goals and missions.
Absolutely and the WG may well (and indeed did very obviously but a few years ago), but I can only answer on the current circumstances.
It has been a handy by-product of sharing information and expertise that reports have been passed on to the NCC, but it's not why we're here. There are 9000+ members of the RIPE NCC and countless others in the community. All of those operators will tell you "my network, my rules" albeit they are forced by law or contract to take other views into consideration. They are not beholden to this or any other WG unless a policy is made or a motion passed by the membership.
Right. And that is all as it should be. I am not asking about any hypothetical new policies that might be enacted. What about policies that exist that are simply not being enforced? And what about open questions like the one that I think Furio put, i.e. if a new or existing RIPE member came to RIPE NCC with a request for, say, a /19 with their explicitly stated intended use being "snowshoe spamming", then what would happen?
This is something that I will specifically bring to the attention of the NCC (although I know a number of the staff read this list) and ask for someone to address these points.
At no point in the Charter for the AA-WG does it suggest we're here to take back resources, so I'm genuinely very interested to know where this all came from?
It came from the fact that there _do_ exist problems, and with respect to the specific problems that exist (both within the RIPE region and most certainly elsewhere as well) _everyone_ seems to constantly be running as far and as fast away from actually dealing with those problems as it is humanly possible to do. In short, to paraphrase an old saying that we have here on this side of the pond, "It's a tough job, but _somebody_ ought to be doing it."
Arguably yes, it's easier to do nothing, but I don't think people are doing nothing, at all. I'm still worried you are asking the wrong people to do this job.
So, um, let me see... we have instances of network abuse... instances that arguably go against policies that already exist and that have already been ratified by the RIPE membership as a whole. But there is little or no enforcement of said rules on the part of RIPE NCC, which, quite naturally, finds it politically safest not to rock the boat in any way, ever. But then we have this thing called the "Anti- Abuse Working Group" which, as you have been kind enough to clarify for me, has no authority to do anything in particular about any actual instances of acutal abuse, and which rather must content itself with occasionally making recommendations for specific _new_ policies to the RIPE membership as a whole, an activity which, I gather it does with a relatively high degree of infrequency. Meanwhile the problems continue, even as everyone and his brother seems to be out buying ten foot poles with which they may avoid touching any of the real, current, and press- ing problems.
It has no authority, nor was there ever any notion that it would, as an entity, have authority. It really is that straight forward. Also, the WG has been increasingly active in recent years. The situation is far from perfect, in regards to abuse in general, again, it's about the right people/groups for the right jobs.
So anyway, yes, if you wish to assert that I might in some ways be en- couraging a more expansive view of the charter, mission, and goals of this WG, then I plead guilty as charged, however I throw myself upon the mercy of the court and ask for clemency on the basis of that fact that it is perhaps a natual mistake for an outsider to make to assume... apparently improperly... that a working group going by the name "Anti-Abuse" might actually wish to get its hands dirty from time to time, you know, by actually taking actual actions with respect to actual and ongoing instances of abuse, including instances which are already well and truly defined as such.
I think we might get quite circular at some point, but I do now certainly have a greater understanding of what you're talking about, which is most useful. I also don't think I'm going to have any answer in the short term that's going to please you. Tobias and I will be working to produce an updated Charter for the WG's consideration soon, although I honestly doubt it will include the kind of activity you are specifically looking for. Brian Co-Chair, AA-WG
Hi Brian, On Fri, Jun 21, 2013 at 03:56:35PM +0100, Brian Nisbet wrote:
I'm not sure about an untimely demise, per se. The NCC, nor the members of the NCC, have no power over the WGs, but it would
Strictly speaking, the membership can, in Plenary, disband the WG. Also, ISTR a WG chair being "fired" in Plenary a few years ago... rgds, Sascha Luck
Sascha
I'm not sure about an untimely demise, per se. The NCC, nor the members of the NCC, have no power over the WGs, but it would
Strictly speaking, the membership can, in Plenary, disband the WG. Also, ISTR a WG chair being "fired" in Plenary a few years ago...
Sorry to be pedantic, but the "membership" (usually understood to be the members of the RIPE NCC) have no power over a WG. I think you may mean the "community", which does. And the WG chair who was fired (in Rome if I recall correctly) was actually fired by his own WG, not the plenary. As always, I stand ready to be corrected Nigel
Sasha/Nigel, Nigel Titley wrote the following on 21/06/2013 17:03:
Sascha
I'm not sure about an untimely demise, per se. The NCC, nor the members of the NCC, have no power over the WGs, but it would
Strictly speaking, the membership can, in Plenary, disband the WG. Also, ISTR a WG chair being "fired" in Plenary a few years ago...
Sorry to be pedantic, but the "membership" (usually understood to be the members of the RIPE NCC) have no power over a WG. I think you may mean the "community", which does.
YEs, this is why I explicitly stated the members of the NCC. The community is a whole different matter.
And the WG chair who was fired (in Rome if I recall correctly) was actually fired by his own WG, not the plenary.
I believe that is a fair retelling of the incident. Brian
Hi Nigel, On Fri, Jun 21, 2013 at 04:03:58PM +0000, Nigel Titley wrote:
Sorry to be pedantic, but the "membership" (usually understood to be the members of the RIPE NCC) have no power over a WG. I think you may mean the "community", which does.
You're right of course, it's the community in Plenary.
And the WG chair who was fired (in Rome if I recall correctly) was actually fired by his own WG, not the plenary.
I wasn't at the meeting, just watching the stream. I thought it was taken to the Plenary, but ICBW. rgds, Sascha Luck
If that is the same case I am thinking of, it was quite strange that 1. The chair himself was not present at the meeting 2. The discussion to remove the co chair was raised during AOB, in overtime 3.. Several prominent members normally active in various other wgs just happened (by pure chance, i take it) to be present, to quickly reach consensus that the chair be removed. Seeing all of them in the same room .. Well, I am not surprised that Sascha thought it was a plenary session. Hopefully the wg has moved on from that, but I see the discussion has come full circle right back to that painful episode. --srs On Friday, June 21, 2013, Sascha Luck wrote:
Hi Nigel, On Fri, Jun 21, 2013 at 04:03:58PM +0000, Nigel Titley wrote:
Sorry to be pedantic, but the "membership" (usually understood to be
the members of the RIPE NCC) have no power over a WG. I think you may mean the "community", which does.
You're right of course, it's the community in Plenary.
And the WG chair who was fired (in Rome if I recall correctly) was
actually fired by his own WG, not the plenary.
I wasn't at the meeting, just watching the stream. I thought it was taken to the Plenary, but ICBW.
rgds, Sascha Luck
-- --srs (iPad)
In message <51C469A3.5020404@heanet.ie>, Brian Nisbet <brian.nisbet@heanet.ie> wrote:
The WG can of course make the NCC aware of a bad operator
With what effect, exactly? To what end? Do you see what I mean? If such information transmission (to NCC) occurs, and if no allocations ever change as a result, then what was the point?
I do see what you mean, but I was answering the questions you asked. Without a policy change, likely agreed to by the NCC membership (which opens up a whole different can of stakeholder interaction worms) there would be no automatic action. However such a notification may trigger an audit and the NCC's only processes, which may in turn lead to action under the procedures as currently documented.
In case anyone missed it, it was exactly the above snippet from the discussion that Brian and I have been having here on the list that prompted my set of three proposals. I am forced to agree that it appears, even to me, that it is rather unlikely that the RIPE membership would vote _anybody_ the authority to simply kick a given person or company out of RIPE altogether, EVEN IF all available evidence points to said party being the absolute scum of the earth (and guilty of hacking, cracking, spamming, running botnets and generally being a menace to all of mankind). I wish this were not true, but at present it appears that it is. So consider _that_ idea tabled (please). But just as Brian said, there is the established NCC audit process. Presumably, within that process any party undergoing an audit receives a full and fair review, and an opportunity to be heard... or what we here in the states call "due process". It does not seem unreasonable to begin such a process in cases where there exists probable cause to believe that some party has broken the already established rules relating to allocations and their justifications. Regards, rfg
participants (4)
-
Brian Nisbet -
Nigel Titley -
Ronald F. Guilmette -
Sascha Luck -
Suresh Ramasubramanian