The missing link in your assertion is that for the former you have police (and other bodies) to enforce them... and for BGP you have only good will :)
El jue., 2 de may. de 2019 a la(s) 10:37, Fernando Frediani ( [email protected]) escribió: > The same way the existence of laws stating certain practices are wrong and > forbidden doesn't stop people from committing crimes. > > Fernando > On 02/05/2019 12:33, Nicolas Antoniello wrote: > > Jordi, > > As I´ve mentioned @ LACNIC discussions regarding this policy: the > existence of a statement in ARIN policy manual saying that something like > this is "bad" is not going to make anyone go to do it in another place. And > so, it's not going to prevent any BGP bad practice (not the ones made on > purpose neither the accidental ones). > > Regards, > Nicolas > > > > El jue., 2 de may. de 2019 a la(s) 09:03, JORDI PALET MARTINEZ via > ARIN-PPML ([email protected]) escribió: > >> >> >> El 2/5/19 15:50, "[email protected]" <[email protected]> >> escribió: >> >> >> >> On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote: >> >> > Hi Albert, >> > >> > El 2/5/19 15:02, "[email protected] en nombre de >> [email protected]" <[email protected] en nombre de >> [email protected]> escribió: >> > >> > On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote: >> > >> > >2. CONDITIONS OF SERVICE >> > > >> > >(1) The exclusive right to be the registrant of the Included >> Number >> > >Resources within the ARIN database; >> > >(2) The right to use the Included Number Resources within the >> ARIN >> > >database; >> > >> > >> > This above kinda sums up the issue. My understanding is this >> language >> > comes from the RSA. >> > >> > While the document grants the right to be the registrant and use >> the >> > "Included Number Resources", other language stating that you >> cannot use >> > someone elses number resources without the permission of the >> registrant of >> > those OTHER resources is missing from the RSA. That is what >> needs fixing. >> > >> > Of course, it is not easy to amend the RSA. Therefore it is >> being >> > advanced to add the BGP hijacking language to the NRPM, which >> each ARIN >> > RSA signer has also agreed to follow. >> > >> > If the language is added to the NRPM and the hijacker is an ARIN >> RSA >> > signer, enforcement could be up to and including the revoke of >> all ARIN >> > resources. However, all the worldwide resources are NOT >> assigned to ARIN, >> > therefore nothing can really be done by ARIN in these cases >> where the >> > hijacker is NOT an ARIN member. >> > >> > As a result, the Advisory Committee declared it totally out of >> scope, even >> > though it does appear in scope if the hijacking is being done by >> an ARIN >> > RSA signer. >> > >> > Unless this conflict can be solved, it is out of scope, at least >> when it >> > would be applied to non ARIN RSA signers. However, I think it >> is in scope >> > when hijacking of ARIN assigned resources occur by an ARIN RSA >> signer. >> > >> > When a policy proposal is sent to a specific RIR, I understand that >> if finally, that results, thru the PDP, in a policy, will be only in scope >> of the members of that RIR. >> > >> > That's why, we have two ways of doing it: >> > 1) A global policy, which requires same text reach consensus in all >> the 5 RIRs (and it may be more difficult and slower to achieve), or >> > 2) An equivalent policy in each of the 5 RIRs, which is the path we >> decided for this specific policy proposal. >> > >> > So, I don't see a "conflict" in that aspect, just part of the >> process, and as you say, a proposal can't be declared out-of-scope because >> "it will only apply" to this or that region. >> > >> > When I've observed similar problems in the policy manuals of >> different regions, I always tried to follow the same path, and most of the >> time, it works, because even having different "cultures", we all work in >> the same Internet. >> > >> > Regards, >> > Jordi >> > >> The only potential issue is that the policy adopted in each region >> must >> apply to ALL BGP Hijacking, not just the region involved. Otherwise >> the >> bad actors will simply choose to hijack numbers in a different region >> to >> avoid the policy. >> >> And that's probably a good thing. If one region doesn't adopt this >> policy, versus others adopting it, then hijackers will try to operate under >> that region, and I guess that means the "quality" of service of the regions >> that don't adopt it decreases, and that may turn the community into a >> different view of it. >> >> Also, I assume we are mostly discussing hijacking of IPv4 resources, >> much >> of which are clearly related to their short supply. I am unaware of >> any >> real effort currently being made to hijack IPv6 resources. >> >> The proposal covers "any" resource hijacking (IPv4, IPv6 and ASN). The >> fact that IPv6 is not being hijacked know, doesn't means that we can't >> prevent it to be covered by a policy proposal. >> >> Albert Erdmann >> Network Administrator >> Paradise On Line Inc. >> >> >> >> >> ********************************************** >> IPv4 is over >> Are you ready for the new Internet ? >> http://www.theipv6company.com >> The IPv6 Company >> >> This electronic message contains information which may be privileged or >> confidential. The information is intended to be for the exclusive use of >> the individual(s) named above and further non-explicilty authorized >> disclosure, copying, distribution or use of the contents of this >> information, even if partially, including attached files, is strictly >> prohibited and will be considered a criminal offense. If you are not the >> intended recipient be aware that any disclosure, copying, distribution or >> use of the contents of this information, even if partially, including >> attached files, is strictly prohibited, will be considered a criminal >> offense, so you must reply to the original sender to inform about this >> communication and delete it. >> >> >> >> _______________________________________________ >> ARIN-PPML >> You are receiving this message because you are subscribed to >> the ARIN Public Policy Mailing List ([email protected]). >> Unsubscribe or manage your mailing list subscription at: >> https://lists.arin.net/mailman/listinfo/arin-ppml >> Please contact [email protected] if you experience any issues. >> > > _______________________________________________ > ARIN-PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List ([email protected]). > Unsubscribe or manage your mailing list subscription > at:https://lists.arin.net/mailman/listinfo/arin-ppml > Please contact [email protected] if you experience any issues. > > _______________________________________________ > ARIN-PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List ([email protected]). > Unsubscribe or manage your mailing list subscription at: > https://lists.arin.net/mailman/listinfo/arin-ppml > Please contact [email protected] if you experience any issues. >
_______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
