The same way the existence of laws stating certain practices are wrong
and forbidden doesn't stop people from committing crimes.
Fernando
On 02/05/2019 12:33, Nicolas Antoniello wrote:
Jordi,
As I´ve mentioned @ LACNIC discussions regarding this policy: the
existence of a statement in ARIN policy manual saying that something
like this is "bad" is not going to make anyone go to do it in another
place. And so, it's not going to prevent any BGP bad practice (not the
ones made on purpose neither the accidental ones).
Regards,
Nicolas
El jue., 2 de may. de 2019 a la(s) 09:03, JORDI PALET MARTINEZ via
ARIN-PPML ([email protected] <mailto:[email protected]>) escribió:
El 2/5/19 15:50, "[email protected]
<mailto:[email protected]>" <[email protected]
<mailto:[email protected]>> escribió:
On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote:
> Hi Albert,
>
> El 2/5/19 15:02, "[email protected]
<mailto:[email protected]> en nombre de
[email protected] <mailto:[email protected]>"
<[email protected] <mailto:[email protected]> en
nombre de [email protected] <mailto:[email protected]>>
escribió:
>
> On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote:
>
> >2. CONDITIONS OF SERVICE
> >
> >(1) The exclusive right to be the registrant of the
Included Number
> >Resources within the ARIN database;
> >(2) The right to use the Included Number Resources
within the ARIN
> >database;
>
>
> This above kinda sums up the issue. My understanding is
this language
> comes from the RSA.
>
> While the document grants the right to be the registrant
and use the
> "Included Number Resources", other language stating that
you cannot use
> someone elses number resources without the permission of
the registrant of
> those OTHER resources is missing from the RSA. That is
what needs fixing.
>
> Of course, it is not easy to amend the RSA. Therefore it
is being
> advanced to add the BGP hijacking language to the NRPM,
which each ARIN
> RSA signer has also agreed to follow.
>
> If the language is added to the NRPM and the hijacker is
an ARIN RSA
> signer, enforcement could be up to and including the
revoke of all ARIN
> resources. However, all the worldwide resources are NOT
assigned to ARIN,
> therefore nothing can really be done by ARIN in these
cases where the
> hijacker is NOT an ARIN member.
>
> As a result, the Advisory Committee declared it totally
out of scope, even
> though it does appear in scope if the hijacking is being
done by an ARIN
> RSA signer.
>
> Unless this conflict can be solved, it is out of scope,
at least when it
> would be applied to non ARIN RSA signers. However, I
think it is in scope
> when hijacking of ARIN assigned resources occur by an
ARIN RSA signer.
>
> When a policy proposal is sent to a specific RIR, I
understand that if finally, that results, thru the PDP, in a
policy, will be only in scope of the members of that RIR.
>
> That's why, we have two ways of doing it:
> 1) A global policy, which requires same text reach consensus
in all the 5 RIRs (and it may be more difficult and slower to
achieve), or
> 2) An equivalent policy in each of the 5 RIRs, which is the
path we decided for this specific policy proposal.
>
> So, I don't see a "conflict" in that aspect, just part of
the process, and as you say, a proposal can't be declared
out-of-scope because "it will only apply" to this or that region.
>
> When I've observed similar problems in the policy manuals of
different regions, I always tried to follow the same path, and
most of the time, it works, because even having different
"cultures", we all work in the same Internet.
>
> Regards,
> Jordi
>
The only potential issue is that the policy adopted in each
region must
apply to ALL BGP Hijacking, not just the region involved.
Otherwise the
bad actors will simply choose to hijack numbers in a different
region to
avoid the policy.
And that's probably a good thing. If one region doesn't adopt this
policy, versus others adopting it, then hijackers will try to
operate under that region, and I guess that means the "quality" of
service of the regions that don't adopt it decreases, and that may
turn the community into a different view of it.
Also, I assume we are mostly discussing hijacking of IPv4
resources, much
of which are clearly related to their short supply. I am
unaware of any
real effort currently being made to hijack IPv6 resources.
The proposal covers "any" resource hijacking (IPv4, IPv6 and ASN).
The fact that IPv6 is not being hijacked know, doesn't means that
we can't prevent it to be covered by a policy proposal.
Albert Erdmann
Network Administrator
Paradise On Line Inc.
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
This electronic message contains information which may be
privileged or confidential. The information is intended to be for
the exclusive use of the individual(s) named above and further
non-explicilty authorized disclosure, copying, distribution or use
of the contents of this information, even if partially, including
attached files, is strictly prohibited and will be considered a
criminal offense. If you are not the intended recipient be aware
that any disclosure, copying, distribution or use of the contents
of this information, even if partially, including attached files,
is strictly prohibited, will be considered a criminal offense, so
you must reply to the original sender to inform about this
communication and delete it.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]
<mailto:[email protected]>).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] <mailto:[email protected]> if you
experience any issues.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
