Seeking Input on the Future of the Anti-Abuse Working Group
Dear Anti-Abuse Working Group Members, Thank you for your responses and support for both the WG itself and the current Co-Chairs. We are pleased to see that you prefer to keep this WG active. As Co-Chairs, we see an opportunity to broaden our scope (i.e., re-charter). Our main intention is to bring in fresh energy and perspectives by welcoming new faces. Additionally, there are relevant security topics that don't always neatly fit into other WGs. Regarding the question of what a new charter might entail, we have put together a preliminary, high level, draft that we would love to discuss further at RIPE88. — snip — Objective: The Security Working Group is committed to fostering collaboration, sharing best practices, and addressing security challenges within the RIPE community. The primary objective of the WG is to enhance the security, resilience, and stability of the Internet infrastructure within our region. Tackling abuse of Internet infrastructure and resources would remain a goal of the WG. Scope: - Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. - Collaborating with stakeholders to develop and advocate for best practices, guidelines, and standards for securing Internet resources. - Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. - Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. - Develop policies and best practices to improve security and response to security incidents and abuse issues. — snap — We are looking forward to your input and comments. Best regards, Brian, Tobias, Markus
I'm in favour of a re-charter along these grounds. There is an appetite for the wider issue of security, and a place that a RIPE working group could fill. The scope below looks reasonable for re-chartering the anti-abuse working group. Nick markus@mxdomain.de wrote on 07/05/2024 12:59:
Dear Anti-Abuse Working Group Members,
Thank you for your responses and support for both the WG itself and the current Co-Chairs. We are pleased to see that you prefer to keep this WG active.
As Co-Chairs, we see an opportunity to broaden our scope (i.e., re-charter). Our main intention is to bring in fresh energy and perspectives by welcoming new faces. Additionally, there are relevant security topics that don't always neatly fit into other WGs.
Regarding the question of what a new charter might entail, we have put together a preliminary, high level, draft that we would love to discuss further at RIPE88.
— snip — Objective: The Security Working Group is committed to fostering collaboration, sharing best practices, and addressing security challenges within the RIPE community. The primary objective of the WG is to enhance the security, resilience, and stability of the Internet infrastructure within our region. Tackling abuse of Internet infrastructure and resources would remain a goal of the WG.
Scope: - Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. - Collaborating with stakeholders to develop and advocate for best practices, guidelines, and standards for securing Internet resources. - Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. - Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. - Develop policies and best practices to improve security and response to security incidents and abuse issues. — snap —
We are looking forward to your input and comments.
Best regards, Brian, Tobias, Markus
Dear Markus Thanks for this list. I'd love to see a bit more than best practices though. I'd like to see this group come up with recommendations of what RIPE can/should do to curb malicious behavior. I think there are already a lot of groups that share info, so I'm not sure we need another one, but if members have a need for that, we could liaise with such existing groups. Shadowserver and FIRST come to mind. But again, people that want to do things probably already have this inf. We should figure out what to do with people who don't care. Best Serge On 07.05.24 13:59, markus@mxdomain.de wrote:
Dear Anti-Abuse Working Group Members,
Thank you for your responses and support for both the WG itself and the current Co-Chairs. We are pleased to see that you prefer to keep this WG active.
As Co-Chairs, we see an opportunity to broaden our scope (i.e., re-charter). Our main intention is to bring in fresh energy and perspectives by welcoming new faces. Additionally, there are relevant security topics that don't always neatly fit into other WGs.
Regarding the question of what a new charter might entail, we have put together a preliminary, high level, draft that we would love to discuss further at RIPE88.
— snip — Objective: The Security Working Group is committed to fostering collaboration, sharing best practices, and addressing security challenges within the RIPE community. The primary objective of the WG is to enhance the security, resilience, and stability of the Internet infrastructure within our region. Tackling abuse of Internet infrastructure and resources would remain a goal of the WG.
Scope: - Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. - Collaborating with stakeholders to develop and advocate for best practices, guidelines, and standards for securing Internet resources. - Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. - Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. - Develop policies and best practices to improve security and response to security incidents and abuse issues. — snap —
We are looking forward to your input and comments.
Best regards, Brian, Tobias, Markus
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
Serge, On Thu, 9 May 2024 at 10:23, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:
Dear Markus
Thanks for this list. I'd love to see a bit more than best practices though. I'd like to see this group come up with recommendations of what RIPE can/should do to curb malicious behavior.
Are you referring to RIPE as a community or to the RIPE NCC as a legal entity? Kind regards, Leo
Hi Leo We can only recommend the community, obviously. So these aare the best practices We can recommend that RIPE NCC changes its rules and procedures to address certain issues. As a WG, if I'm correct we have no other power. Best Serge On 09.05.24 20:15, Leo Vegoda wrote:
Serge,
On Thu, 9 May 2024 at 10:23, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:
Dear Markus
Thanks for this list. I'd love to see a bit more than best practices though. I'd like to see this group come up with recommendations of what RIPE can/should do to curb malicious behavior.
Are you referring to RIPE as a community or to the RIPE NCC as a legal entity?
Kind regards,
Leo
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
Hi Serge, On Thu, 9 May 2024 at 11:41, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:
Hi Leo
We can only recommend the community, obviously.
I agree.
So these aare the best practices
We can recommend that RIPE NCC changes its rules and procedures to address certain issues.
As a WG, if I'm correct we have no other power.
Based on thisl, I don't understand what's missing from the draft text. Maybe you could suggest some specific edits? Kind regards, Leo
Hi Leo It's more about sharpening the focus. I colored this red below. I feel eventually the RIPE NCC must adapt stronger policies to punish non-action or disregard of action. I think it would be better if this WG comes up with such policies which the RIPE NCC can then adopt (or not) rather than the RIPE NCC having to react to external pressure, e.g. from policy makers, in particular the EU. I'm sure one can formulate this much better. I firmly believe, that there is no way around stronger regulation, and I'd much rather see this coming from this community than form the outside. The regulators i see and work with are increasingly irritated and react with totally inadequate demands, which I wont reproduce here. 1. Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. 2. Collaborating with stakeholders, in particular the RIPE community, to develop and advocate and implement best practices, guidelines, and standards for securing Internet resources. 3. Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. 4. Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. 5. Develop policies recommendations to the RIPE NCC that help enforcing good behavior and sanction disregard for faccepted security standards. This includes the definition of acceptable minimal standards. Best regards Serge On 09.05.24 21:39, Leo Vegoda wrote:
Hi Serge,
On Thu, 9 May 2024 at 11:41, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:
Hi Leo
We can only recommend the community, obviously. I agree.
So these aare the best practices
We can recommend that RIPE NCC changes its rules and procedures to address certain issues.
As a WG, if I'm correct we have no other power. Based on thisl, I don't understand what's missing from the draft text. Maybe you could suggest some specific edits?
Kind regards,
Leo
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
And includes much more due diligence in IP allocation and membership procedures, hopefully --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> Sent: Friday, May 10, 2024 11:51:13 AM To: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group Hi Leo It's more about sharpening the focus. I colored this red below. I feel eventually the RIPE NCC must adapt stronger policies to punish non-action or disregard of action. I think it would be better if this WG comes up with such policies which the RIPE NCC can then adopt (or not) rather than the RIPE NCC having to react to external pressure, e.g. from policy makers, in particular the EU. I'm sure one can formulate this much better. I firmly believe, that there is no way around stronger regulation, and I'd much rather see this coming from this community than form the outside. The regulators i see and work with are increasingly irritated and react with totally inadequate demands, which I wont reproduce here. 1. Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. 2. Collaborating with stakeholders, in particular the RIPE community, to develop and advocate and implement best practices, guidelines, and standards for securing Internet resources. 3. Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. 4. Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. 5. Develop policies recommendations to the RIPE NCC that help enforcing good behavior and sanction disregard for faccepted security standards. This includes the definition of acceptable minimal standards. Best regards Serge On 09.05.24 21:39, Leo Vegoda wrote: Hi Serge, On Thu, 9 May 2024 at 11:41, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net><mailto:anti-abuse-wg@ripe.net> wrote: Hi Leo We can only recommend the community, obviously. I agree. So these aare the best practices We can recommend that RIPE NCC changes its rules and procedures to address certain issues. As a WG, if I'm correct we have no other power. Based on thisl, I don't understand what's missing from the draft text. Maybe you could suggest some specific edits? Kind regards, Leo -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
Serge, there's been extensive debate on AAWG over the years about the principles behind your additional suggestions below, but very little consensus. If sanctioning is added to the charter of a new security-wg, this lack of consensus is likely to continue, and the only outcome will be that the WG will be distracted from other productive output. I understand why you might want it in there, but punitive action is not within the remit of the RIPE NCC. Similarly on point 2, advocacy is important, but requirement / enforcement is out of scope for both the RIPE Community and RIPE NCC. Nick Serge Droz via anti-abuse-wg wrote on 10/05/2024 07:21:
Hi Leo
It's more about sharpening the focus. I colored this red below. I feel eventually the RIPE NCC must adapt stronger policies to punish non-action or disregard of action. I think it would be better if this WG comes up with such policies which the RIPE NCC can then adopt (or not) rather than the RIPE NCC having to react to external pressure, e.g. from policy makers, in particular the EU. I'm sure one can formulate this much better. I firmly believe, that there is no way around stronger regulation, and I'd much rather see this coming from this community than form the outside. The regulators i see and work with are increasingly irritated and react with totally inadequate demands, which I wont reproduce here.
1. Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. 2. Collaborating with stakeholders, in particular the RIPE community, to develop and advocate and implement best practices, guidelines, and standards for securing Internet resources. 3. Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. 4. Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. 5. Develop policies recommendations to the RIPE NCC that help enforcing good behavior and sanction disregard for faccepted security standards. This includes the definition of acceptable minimal standards.
Best regards Serge
On 09.05.24 21:39, Leo Vegoda wrote:
Hi Serge,
On Thu, 9 May 2024 at 11:41, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:
Hi Leo
We can only recommend the community, obviously. I agree.
So these aare the best practices
We can recommend that RIPE NCC changes its rules and procedures to address certain issues.
As a WG, if I'm correct we have no other power. Based on thisl, I don't understand what's missing from the draft text. Maybe you could suggest some specific edits?
Kind regards,
Leo -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
Of course. Without serge’s point 5 though, I doubt whether the rechartering will have very much use or effect. --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Nick Hilliard <nick@foobar.org> Sent: Friday, May 10, 2024 5:27:44 PM To: Serge Droz <serge.droz@first.org> Cc: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group Serge, there's been extensive debate on AAWG over the years about the principles behind your additional suggestions below, but very little consensus. If sanctioning is added to the charter of a new security-wg, this lack of consensus is likely to continue, and the only outcome will be that the WG will be distracted from other productive output. I understand why you might want it in there, but punitive action is not within the remit of the RIPE NCC. Similarly on point 2, advocacy is important, but requirement / enforcement is out of scope for both the RIPE Community and RIPE NCC. Nick Serge Droz via anti-abuse-wg wrote on 10/05/2024 07:21: Hi Leo It's more about sharpening the focus. I colored this red below. I feel eventually the RIPE NCC must adapt stronger policies to punish non-action or disregard of action. I think it would be better if this WG comes up with such policies which the RIPE NCC can then adopt (or not) rather than the RIPE NCC having to react to external pressure, e.g. from policy makers, in particular the EU. I'm sure one can formulate this much better. I firmly believe, that there is no way around stronger regulation, and I'd much rather see this coming from this community than form the outside. The regulators i see and work with are increasingly irritated and react with totally inadequate demands, which I wont reproduce here. 1. Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. 2. Collaborating with stakeholders, in particular the RIPE community, to develop and advocate and implement best practices, guidelines, and standards for securing Internet resources. 3. Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. 4. Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. 5. Develop policies recommendations to the RIPE NCC that help enforcing good behavior and sanction disregard for faccepted security standards. This includes the definition of acceptable minimal standards. Best regards Serge On 09.05.24 21:39, Leo Vegoda wrote: Hi Serge, On Thu, 9 May 2024 at 11:41, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net><mailto:anti-abuse-wg@ripe.net> wrote: Hi Leo We can only recommend the community, obviously. I agree. So these aare the best practices We can recommend that RIPE NCC changes its rules and procedures to address certain issues. As a WG, if I'm correct we have no other power. Based on thisl, I don't understand what's missing from the draft text. Maybe you could suggest some specific edits? Kind regards, Leo -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
Hi Nick I agree. But what you are saying, is that the WG should continue having no tangible effect, because the status quo is more important than getting out of one's comfort zone. Meanwhile others will, in my opinion, push for policy change. And these others likely lack crucial insight, i.e. will produce policies that have undesirable side effects. The question was if we want to recharter this WG, so I answered what I felt merits the name. I like the training the WG produced in the past, but I don't remember much else. If we want to make a concrete contribution to fighting abuse, we may have to leave our comfort zone. The internet and the world it lies within has changed considerably in the past years. This would suggest we should too. But I think I made my point by now, and I realise it's not a comfortable one. Best Serge On 10 May 2024 11:57:44 UTC, Nick Hilliard <nick@foobar.org> wrote:
Serge,
there's been extensive debate on AAWG over the years about the principles behind your additional suggestions below, but very little consensus. If sanctioning is added to the charter of a new security-wg, this lack of consensus is likely to continue, and the only outcome will be that the WG will be distracted from other productive output. I understand why you might want it in there, but punitive action is not within the remit of the RIPE NCC. Similarly on point 2, advocacy is important, but requirement / enforcement is out of scope for both the RIPE Community and RIPE NCC.
Nick
Serge Droz via anti-abuse-wg wrote on 10/05/2024 07:21:
Hi Leo
It's more about sharpening the focus. I colored this red below. I feel eventually the RIPE NCC must adapt stronger policies to punish non-action or disregard of action. I think it would be better if this WG comes up with such policies which the RIPE NCC can then adopt (or not) rather than the RIPE NCC having to react to external pressure, e.g. from policy makers, in particular the EU. I'm sure one can formulate this much better. I firmly believe, that there is no way around stronger regulation, and I'd much rather see this coming from this community than form the outside. The regulators i see and work with are increasingly irritated and react with totally inadequate demands, which I wont reproduce here.
1. Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. 2. Collaborating with stakeholders, in particular the RIPE community, to develop and advocate and implement best practices, guidelines, and standards for securing Internet resources. 3. Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. 4. Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. 5. Develop policies recommendations to the RIPE NCC that help enforcing good behavior and sanction disregard for faccepted security standards. This includes the definition of acceptable minimal standards.
Best regards Serge
On 09.05.24 21:39, Leo Vegoda wrote:
Hi Serge,
On Thu, 9 May 2024 at 11:41, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:
Hi Leo
We can only recommend the community, obviously. I agree.
So these aare the best practices
We can recommend that RIPE NCC changes its rules and procedures to address certain issues.
As a WG, if I'm correct we have no other power. Based on thisl, I don't understand what's missing from the draft text. Maybe you could suggest some specific edits?
Kind regards,
Leo -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
-- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org
Serge It’s not a matter of “comfort zones” – which Nick explained quite articulately RIPE currently does not have the power to do a lot of things. The WG cannot magically change that. If you look at the current “debate” raging on the main members’ list, people are arguing over a potential 50 euro / year fee for an ASN trying to make out that it could potentially bankrupt them…. Getting the same people to agree to giving RIPE NCC more powers over their actions would be an uphill struggle! Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours. From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> Date: Friday, 10 May 2024 at 13:51 To: Cc: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Hi Nick I agree. But what you are saying, is that the WG should continue having no tangible effect, because the status quo is more important than getting out of one's comfort zone. Meanwhile others will, in my opinion, push for policy change. And these others likely lack crucial insight, i.e. will produce policies that have undesirable side effects. The question was if we want to recharter this WG, so I answered what I felt merits the name. I like the training the WG produced in the past, but I don't remember much else. If we want to make a concrete contribution to fighting abuse, we may have to leave our comfort zone. The internet and the world it lies within has changed considerably in the past years. This would suggest we should too. But I think I made my point by now, and I realise it's not a comfortable one. Best Serge On 10 May 2024 11:57:44 UTC, Nick Hilliard <nick@foobar.org> wrote: Serge, there's been extensive debate on AAWG over the years about the principles behind your additional suggestions below, but very little consensus. If sanctioning is added to the charter of a new security-wg, this lack of consensus is likely to continue, and the only outcome will be that the WG will be distracted from other productive output. I understand why you might want it in there, but punitive action is not within the remit of the RIPE NCC. Similarly on point 2, advocacy is important, but requirement / enforcement is out of scope for both the RIPE Community and RIPE NCC. Nick Serge Droz via anti-abuse-wg wrote on 10/05/2024 07:21: Hi Leo It's more about sharpening the focus. I colored this red below. I feel eventually the RIPE NCC must adapt stronger policies to punish non-action or disregard of action. I think it would be better if this WG comes up with such policies which the RIPE NCC can then adopt (or not) rather than the RIPE NCC having to react to external pressure, e.g. from policy makers, in particular the EU. I'm sure one can formulate this much better. I firmly believe, that there is no way around stronger regulation, and I'd much rather see this coming from this community than form the outside. The regulators i see and work with are increasingly irritated and react with totally inadequate demands, which I wont reproduce here. 1. Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. 2. Collaborating with stakeholders, in particular the RIPE community, to develop and advocate and implement best practices, guidelines, and standards for securing Internet resources. 3. Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. 4. Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. 5. Develop policies recommendations to the RIPE NCC that help enforcing good behavior and sanction disregard for faccepted security standards. This includes the definition of acceptable minimal standards. Best regards Serge On 09.05.24 21:39, Leo Vegoda wrote: Hi Serge, On Thu, 9 May 2024 at 11:41, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net><mailto:anti-abuse-wg@ripe.net> wrote: Hi Leo We can only recommend the community, obviously. I agree. So these aare the best practices We can recommend that RIPE NCC changes its rules and procedures to address certain issues. As a WG, if I'm correct we have no other power. Based on thisl, I don't understand what's missing from the draft text. Maybe you could suggest some specific edits? Kind regards, Leo -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org -- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org
Hi Michele
RIPE currently does not have the power to do a lot of things. The WG cannot magically change that.
This is the old merry go round. Maybe RIPE NCC needs to change certain things, or it will be changed for them. The WG could provide guidance and suggest possible avenues where RIPE needs/should change. RIPE can then still ignore that. Believe it or not: Organizations can change. So if you say you don't want to discuss this, fine. But don't blame it RIPE not being able to change. Best Serge -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
RIPE NCC doesn’t really need member input or consensus to change a lot of this. Certainly not in tightening or enforcing due diligence procedures rather than charging 50 euro an ASN —srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> Sent: Monday, May 13, 2024 7:03:18 PM Cc: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group Hi Michele
RIPE currently does not have the power to do a lot of things. The WG cannot magically change that.
This is the old merry go round. Maybe RIPE NCC needs to change certain things, or it will be changed for them. The WG could provide guidance and suggest possible avenues where RIPE needs/should change. RIPE can then still ignore that. Believe it or not: Organizations can change. So if you say you don't want to discuss this, fine. But don't blame it RIPE not being able to change. Best Serge -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Suresh It might be helpful to discuss this with them. I’m sure there are *some* things that they could do without putting it to the members, but there’s a lot of things that would need member agreement in order to change. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours. From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Suresh Ramasubramanian <ops.lists@gmail.com> Date: Monday, 13 May 2024 at 14:44 To: Serge Droz <serge.droz@first.org> Cc: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. RIPE NCC doesn’t really need member input or consensus to change a lot of this. Certainly not in tightening or enforcing due diligence procedures rather than charging 50 euro an ASN —srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> Sent: Monday, May 13, 2024 7:03:18 PM Cc: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group Hi Michele
RIPE currently does not have the power to do a lot of things. The WG cannot magically change that.
This is the old merry go round. Maybe RIPE NCC needs to change certain things, or it will be changed for them. The WG could provide guidance and suggest possible avenues where RIPE needs/should change. RIPE can then still ignore that. Believe it or not: Organizations can change. So if you say you don't want to discuss this, fine. But don't blame it RIPE not being able to change. Best Serge -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
That's fine. The WG can make suggestions, RIPE NCC considers this, and if necessary asks the members, possibly explaining, or asking the WG to explain why the change makes sense. Most people are sensible. I don't see where there is a problem. Best Serge On 13.05.24 16:11, Michele Neylon - Blacknight wrote:
Suresh
It might be helpful to discuss this with them. I’m sure there are **some** things that they could do without putting it to the members, but there’s a lot of things that would need member agreement in order to change.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/ <https://www.blacknight.com/>
https://blacknight.blog/ <https://blacknight.blog/>
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/ <https://michele.blog/>
Some thoughts: https://ceo.hosting/ <https://ceo.hosting/>
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.
*From: *anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Suresh Ramasubramanian <ops.lists@gmail.com> *Date: *Monday, 13 May 2024 at 14:44 *To: *Serge Droz <serge.droz@first.org> *Cc: *anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> *Subject: *Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group
*[EXTERNAL EMAIL]*Please use caution when opening attachments from unrecognised sources.
RIPE NCC doesn’t really need member input or consensus to change a lot of this. Certainly not in tightening or enforcing due diligence procedures rather than charging 50 euro an ASN
—srs
------------------------------------------------------------------------
*From:*anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> *Sent:* Monday, May 13, 2024 7:03:18 PM *Cc:* anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> *Subject:* Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group
Hi Michele
RIPE currently does not have the power to do a lot of things. The WG cannot magically change that.
This is the old merry go round.
Maybe RIPE NCC needs to change certain things, or it will be changed for them. The WG could provide guidance and suggest possible avenues where RIPE needs/should change. RIPE can then still ignore that. Believe it or not: Organizations can change.
So if you say you don't want to discuss this, fine. But don't blame it RIPE not being able to change.
Best Serge
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org <https://www.first.org>
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg <https://lists.ripe.net/mailman/listinfo/anti-abuse-wg>
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
Serge, The first step is for the WG to reach some consensus about what it ought to recharter to. There's a bunch of topics for a potential new security-wg which seem to be broadly acceptable to people on the WG, and another set of suggestions relating to telling the RIPE NCC to turn itself into an enforcement body, which has never reached consensus over the years. The question for the WG is whether to move forward with rechartering to what it can agree on or - once again - get bogged down on what it can't. This is where the problem is. Nick Serge Droz via anti-abuse-wg wrote on 13/05/2024 17:18:
That's fine. The WG can make suggestions, RIPE NCC considers this, and if necessary asks the members, possibly explaining, or asking the WG to explain why the change makes sense. Most people are sensible.
I don't see where there is a problem.
Best Serge
On 13.05.24 16:11, Michele Neylon - Blacknight wrote:
Suresh
It might be helpful to discuss this with them. I’m sure there are **some** things that they could do without putting it to the members, but there’s a lot of things that would need member agreement in order to change.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/ <https://www.blacknight.com/>
https://blacknight.blog/ <https://blacknight.blog/>
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/ <https://michele.blog/>
Some thoughts: https://ceo.hosting/ <https://ceo.hosting/>
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.
*From: *anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Suresh Ramasubramanian <ops.lists@gmail.com> *Date: *Monday, 13 May 2024 at 14:44 *To: *Serge Droz <serge.droz@first.org> *Cc: *anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> *Subject: *Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group
*[EXTERNAL EMAIL]*Please use caution when opening attachments from unrecognised sources.
RIPE NCC doesn’t really need member input or consensus to change a lot of this. Certainly not in tightening or enforcing due diligence procedures rather than charging 50 euro an ASN
—srs
------------------------------------------------------------------------
*From:*anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> *Sent:* Monday, May 13, 2024 7:03:18 PM *Cc:* anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> *Subject:* Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group
Hi Michele
RIPE currently does not have the power to do a lot of things. The WG cannot magically change that.
This is the old merry go round.
Maybe RIPE NCC needs to change certain things, or it will be changed for them. The WG could provide guidance and suggest possible avenues where RIPE needs/should change. RIPE can then still ignore that. Believe it or not: Organizations can change.
So if you say you don't want to discuss this, fine. But don't blame it RIPE not being able to change.
Best Serge
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org <https://www.first.org>
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg <https://lists.ripe.net/mailman/listinfo/anti-abuse-wg>
I remember the igf being described as a “talking shop” once. This wg is on much the same lines with the added disadvantage that the topics of discussion tend to repeat themselves with monotonous regularity over the decade or more that I’ve been on this list as many of you folks have. Unless the actual issues that keep coming up are identified and suggestions put in place to resolve them, I can’t see this rechartering do much more than expand the scope of what people gripe about here from spam to ddos, malware c2 and such, with much the same results as any hope for something actionable coming up. --srs ________________________________ From: Nick Hilliard <nick@foobar.org> Sent: Tuesday, May 14, 2024 2:26:35 PM To: Serge Droz <serge.droz@first.org> Cc: Michele Neylon - Blacknight <michele@blacknight.com>; Suresh Ramasubramanian <ops.lists@gmail.com>; anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group Serge, The first step is for the WG to reach some consensus about what it ought to recharter to. There's a bunch of topics for a potential new security-wg which seem to be broadly acceptable to people on the WG, and another set of suggestions relating to telling the RIPE NCC to turn itself into an enforcement body, which has never reached consensus over the years. The question for the WG is whether to move forward with rechartering to what it can agree on or - once again - get bogged down on what it can't. This is where the problem is. Nick Serge Droz via anti-abuse-wg wrote on 13/05/2024 17:18: That's fine. The WG can make suggestions, RIPE NCC considers this, and if necessary asks the members, possibly explaining, or asking the WG to explain why the change makes sense. Most people are sensible. I don't see where there is a problem. Best Serge On 13.05.24 16:11, Michele Neylon - Blacknight wrote: Suresh It might be helpful to discuss this with them. I’m sure there are **some** things that they could do without putting it to the members, but there’s a lot of things that would need member agreement in order to change. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ <https://www.blacknight.com/><https://www.blacknight.com/> https://blacknight.blog/ <https://blacknight.blog/><https://blacknight.blog/> Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ <https://michele.blog/><https://michele.blog/> Some thoughts: https://ceo.hosting/ <https://ceo.hosting/><https://ceo.hosting/> ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours. *From: *anti-abuse-wg <anti-abuse-wg-bounces@ripe.net><mailto:anti-abuse-wg-bounces@ripe.net> on behalf of Suresh Ramasubramanian <ops.lists@gmail.com><mailto:ops.lists@gmail.com> *Date: *Monday, 13 May 2024 at 14:44 *To: *Serge Droz <serge.droz@first.org><mailto:serge.droz@first.org> *Cc: *anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net><mailto:anti-abuse-wg@ripe.net> *Subject: *Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group *[EXTERNAL EMAIL]*Please use caution when opening attachments from unrecognised sources. RIPE NCC doesn’t really need member input or consensus to change a lot of this. Certainly not in tightening or enforcing due diligence procedures rather than charging 50 euro an ASN —srs ------------------------------------------------------------------------ *From:*anti-abuse-wg <anti-abuse-wg-bounces@ripe.net><mailto:anti-abuse-wg-bounces@ripe.net> on behalf of Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net><mailto:anti-abuse-wg@ripe.net> *Sent:* Monday, May 13, 2024 7:03:18 PM *Cc:* anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net> <anti-abuse-wg@ripe.net><mailto:anti-abuse-wg@ripe.net> *Subject:* Re: [anti-abuse-wg] Seeking Input on the Future of the Anti-Abuse Working Group Hi Michele RIPE currently does not have the power to do a lot of things. The WG cannot magically change that. This is the old merry go round. Maybe RIPE NCC needs to change certain things, or it will be changed for them. The WG could provide guidance and suggest possible avenues where RIPE needs/should change. RIPE can then still ignore that. Believe it or not: Organizations can change. So if you say you don't want to discuss this, fine. But don't blame it RIPE not being able to change. Best Serge -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org <https://www.first.org><https://www.first.org> -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg <https://lists.ripe.net/mailman/listinfo/anti-abuse-wg><https://lists.ripe.net/mailman/listinfo/anti-abuse-wg>
On Fri 10/May/2024 13:57:44 +0200 Nick Hilliard wrote:
Serge,
there's been extensive debate on AAWG over the years about the principles behind your additional suggestions below, but very little consensus. If sanctioning is added to the charter of a new security-wg, this lack of consensus is likely to continue, and the only outcome will be that the WG will be distracted from other productive output.
Sanctioning has various meanings, from penalties and coercive measures to hinder or discouragement. Before putting that into the charter we should discuss and reach consensus about what meaning we exactly mean, which includes clarifying what leeway is the RIPE NCC allowed. At a minimum, listing proven bad actors must be possible.
I understand why you might want it in there, but punitive action is not within the remit of the RIPE NCC. Similarly on point 2, advocacy is important, but requirement / enforcement is out of scope for both the RIPE Community and RIPE NCC.
Implementing solutions and utilities is certainly in scope. Best Ale
Serge Droz via anti-abuse-wg wrote on 10/05/2024 07:21:
Hi Leo
It's more about sharpening the focus. I colored this red below. I feel eventually the RIPE NCC must adapt stronger policies to punish non-action or disregard of action. I think it would be better if this WG comes up with such policies which the RIPE NCC can then adopt (or not) rather than the RIPE NCC having to react to external pressure, e.g. from policy makers, in particular the EU. I'm sure one can formulate this much better. I firmly believe, that there is no way around stronger regulation, and I'd much rather see this coming from this community than form the outside. The regulators i see and work with are increasingly irritated and react with totally inadequate demands, which I wont reproduce here.
1. Identifying and analyzing emerging security threats and vulnerabilities affecting Internet infrastructure. 2. Collaborating with stakeholders, in particular the RIPE community, to develop and advocate and implement best practices, guidelines, and standards for securing Internet resources. 3. Facilitating information sharing and cooperation among network operators, law enforcement, and relevant entities to mitigate security risks. 4. Providing education, training, and outreach initiatives to raise awareness of security issues and promote best practices adoption. 5. Develop policies recommendations to the RIPE NCC that help enforcing good behavior and sanction disregard for faccepted security standards. This includes the definition of acceptable minimal standards.
Best regards Serge
participants (7)
-
Alessandro Vesely -
Leo Vegoda -
markus@mxdomain.de -
Michele Neylon - Blacknight -
Nick Hilliard -
Serge Droz -
Suresh Ramasubramanian