If I take your position at face value, it implies that anyone, no matter how often they ignore the rules or breach the obligations they agreed to, should still have uninterrupted access to registry services simply because the registry is administrative.
That is not realistic.
RIPE NCC, like every RIR, operates under policies and contractual terms the community itself created. These rules govern how resources are requested, registered, maintained and transferred. They exist for a reason and they only work if they can be enforced.
If a registry cannot act when members repeatedly disregard those obligations, then the policies become optional. A system where rules are optional is not neutral or stable. It is unworkable.
Neutrality does not mean the registry has no authority. It means the registry applies the established framework consistently and without bias.
That is not punishment. It is basic operational responsibility.
The idea that a registry must continue providing services even when a member openly refuses to follow the agreed rules would undermine trust far more than any action taken within the policy and contractual framework.
From: Lu Heng <h.lu@anytimechinese.com>
Date: Thursday, 11 December 2025 at 10:48
To: Peering <peering@all-for-one.com>
Cc: Michele Neylon - Blacknight <michele@blacknight.com>, Sergey Myasoedov via members-discuss <members-discuss@ripe.net>
Subject: Re: [members-discuss] Re: Systematic RIPE DB abuse
[EXTERNAL EMAIL]
Please use caution when opening attachments from unrecognised sources.
You are mixing two fundamentally different things:
1. Community-platform rules (like mailing lists)
2. Number-resource administration (the registry function)
A registry absolutely may moderate its mailing list or remove someone from a community forum.
That is not the issue.
That is not resource governance.
That is not number administration.
The problem arises when you conflate the mailing list with the registry function and assume the same “ban power” applies to number resources. It does not.
A registry’s authority over number resources is
administrative, not discretionary:
• It has no sovereign power.
• It cannot impose penalties outside the law.
• It cannot “ban” someone from holding number resources because it dislikes their actions.
• It cannot create new enforcement powers through internal rules.
Mailing-list rules are internal community guidelines.
Number-resource allocation is part of global critical infrastructure.
These are not equivalent domains.
The fact that a registry can enforce behavior on a mailing list does
not grant it the authority to punish a member by altering or revoking their number resources. The two functions exist on different legal, operational, and governance layers.
If you do not separate these layers, you end up with exactly the instability we see today: registries treating essential resource administration as if it were a social-media moderation problem.
A registry is allowed to moderate conversations.
A registry is not allowed to weaponize the address book.
That is the distinction you must not blur.
This is not about punishing or violating laws but violating the rules of usage of the registry. While doing so, it should be normal to get banned from that registry and
the usage of the abused resources like the Mailing list. So far fully fits in your position, as the rules of usage are given by the registry it’s also the only given authority that can enforce them.
Michele,
Let me clarify, because this is not a question of “no rules.”
My position is straightforward:
A registry is a registry.
Its mandate is to maintain accurate records—nothing more.
You do not use an address book as an instrument of punishment.
When a registry begins using essential administrative functions to reward or punish individuals, the system becomes unpredictable and open to abuse. This is, in fact, a major reason the RIR environment has struggled
with instability and governance issues: registries have, at times, stepped outside their neutral role and attempted to use resource administration as leverage.
Rules absolutely must exist, and compliance is essential.
But those rules are defined and enforced by sovereign law—courts, regulators, and proper authorities—not by a voluntary address book. A registry cannot impose its own rules above nations, nor can it act as police,
prosecutor, and judge.
Punishment, when warranted, must come through established legal channels. A registry that assumes enforcement powers beyond its mandate ultimately undermines its own legitimacy and the trust of the global community.
That is the core of my position.
Regards,
Lu
On Wed, Dec 10, 2025 at 16:19 Michele Neylon - Blacknight <michele@blacknight.com>
wrote:
Lu
Sorry but I cannot agree with your position on this.
By your logic RIPE NCC would have zero right to take action against a member who was in breach of the policies, rules etc.,
Trust in the system is only possible when the system is stable and predictable, which you seem to agree with, however if there are no rules then any system will be abused by somebody at some point.
Regards
Michele
[EXTERNAL EMAIL]
Please use caution when opening attachments from unrecognised sources.
Hi
I agree entirely NCC should not do anything. A registry’s role is administrative, not enforcement. Asking a bookkeeping-type institution to police behavior is simply outside its mandate and purpose.
There are countless legitimate ways to address concerns or resolve disputes. But withholding a fundamental registry service—such as assigning an address—because someone “did or did not do X” is irrational and unprecedented. It is the equivalent of a government
refusing to give a home an address instead of contacting law enforcement or using proper legal channels. No responsible system operates that way, and no credible governance framework treats essential registry functions as a tool for punishment or leverage.
A registry should remain neutral, predictable, and strictly procedural. Using it as an enforcement mechanism undermines trust in the entire system.
--
Kind regards.
Lu
On Wed, Dec 10, 2025 at 14:38 Brett Sheffield <ripe@gladserv.com> wrote:
On 2025-12-08 12:57, Sergey Myasoedov via members-discuss wrote:
> Dear RIPE NCC members,
>
> I’d like to raise the topic of introducing and applying administrative anti-spam measures against RIPE NCC members who deliberately violate Article 4 of the RIPE Database Terms and Conditions.
>
> RIPE NCC requires members to publish up-to-date contact email addresses in the RIPE DB. However, these publicly listed addresses are actively harvested and used for spam by IPv4 brokers and address traders, while RIPE NCC does not take any measures to protect
members from this type of abuse.
>
> This issue has been around since the IPv4 market appeared, and although it’s well known, at some point the RIPE NCC staff chose not to act against members who don’t follow the RIPE Database T&C.
>
> My proposal is to freeze transfer operations for members who are repeatedly abusing the RIPE Database.
>
> I’d be glad to hear your thoughts and discuss this further.
Compared to other sources, our RIPE contact address gets a tiny amount of spam,
and all of it from IPv4 brokers.
I've now received more emails in this single thread in the past 24 hours than I
have spam to our RIPE contact address in the past 5 years. No action from RIPE
is required here.
Tighten your spam controls if this is a problem for you, and lets move on.
Cheers,
Brett
--
Brett Sheffield (he/him)
Gladserv
To unsubscribe or manage your subscription, log in to the LIR Portal with your
RIPE NCC Access account and go to the LIR Account page:
https://my.ripe.net/#/account-details.
Scroll down to Membership Mailing Lists to update your 'members-discuss' subscription.
Having issues unsubscribing? More information about managing your subscription
can be found at:
https://www.ripe.net/s/members-discuss-subscription-options/
--
--
Kind regards.
Lu