Regards,
Jordi
El 2/5/19 18:27, "ARIN-PPML en nombre de Nicolas Antoniello"
<[email protected] <mailto:[email protected]> en
nombre de [email protected] <mailto:[email protected]>> escribió:
The missing link in your assertion is that for the former you have
police (and other bodies) to enforce them... and for BGP you have only
good will :)
El jue., 2 de may. de 2019 a la(s) 10:37, Fernando Frediani
([email protected] <mailto:[email protected]>) escribió:
The same way the existence of laws stating certain practices are
wrong and forbidden doesn't stop people from committing crimes.
Fernando
On 02/05/2019 12:33, Nicolas Antoniello wrote:
Jordi,
As I´ve mentioned @ LACNIC discussions regarding this policy:
the existence of a statement in ARIN policy manual saying that
something like this is "bad" is not going to make anyone go to
do it in another place. And so, it's not going to prevent any
BGP bad practice (not the ones made on purpose neither the
accidental ones).
Regards,
Nicolas
El jue., 2 de may. de 2019 a la(s) 09:03, JORDI PALET MARTINEZ
via ARIN-PPML ([email protected] <mailto:[email protected]>)
escribió:
El 2/5/19 15:50, "[email protected]
<mailto:[email protected]>" <[email protected]
<mailto:[email protected]>> escribió:
On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML
wrote:
> Hi Albert,
>
> El 2/5/19 15:02, "[email protected]
<mailto:[email protected]> en nombre de
[email protected] <mailto:[email protected]>"
<[email protected]
<mailto:[email protected]> en nombre de
[email protected] <mailto:[email protected]>>
escribió:
>
> On Thu, 2 May 2019, JORDI PALET MARTINEZ via
ARIN-PPML wrote:
>
> >2. CONDITIONS OF SERVICE
> >
> >(1) The exclusive right to be the registrant of
the Included Number
> >Resources within the ARIN database;
> >(2) The right to use the Included Number
Resources within the ARIN
> >database;
>
>
> This above kinda sums up the issue. My
understanding is this language
> comes from the RSA.
>
> While the document grants the right to be the
registrant and use the
> "Included Number Resources", other language
stating that you cannot use
> someone elses number resources without the
permission of the registrant of
> those OTHER resources is missing from the RSA.
That is what needs fixing.
>
> Of course, it is not easy to amend the RSA.
Therefore it is being
> advanced to add the BGP hijacking language to the
NRPM, which each ARIN
> RSA signer has also agreed to follow.
>
> If the language is added to the NRPM and the
hijacker is an ARIN RSA
> signer, enforcement could be up to and including
the revoke of all ARIN
> resources. However, all the worldwide resources
are NOT assigned to ARIN,
> therefore nothing can really be done by ARIN in
these cases where the
> hijacker is NOT an ARIN member.
>
> As a result, the Advisory Committee declared it
totally out of scope, even
> though it does appear in scope if the hijacking
is being done by an ARIN
> RSA signer.
>
> Unless this conflict can be solved, it is out of
scope, at least when it
> would be applied to non ARIN RSA signers.
However, I think it is in scope
> when hijacking of ARIN assigned resources occur
by an ARIN RSA signer.
>
> When a policy proposal is sent to a specific RIR, I
understand that if finally, that results, thru the PDP, in
a policy, will be only in scope of the members of that RIR.
>
> That's why, we have two ways of doing it:
> 1) A global policy, which requires same text reach
consensus in all the 5 RIRs (and it may be more difficult
and slower to achieve), or
> 2) An equivalent policy in each of the 5 RIRs, which
is the path we decided for this specific policy proposal.
>
> So, I don't see a "conflict" in that aspect, just
part of the process, and as you say, a proposal can't be
declared out-of-scope because "it will only apply" to this
or that region.
>
> When I've observed similar problems in the policy
manuals of different regions, I always tried to follow the
same path, and most of the time, it works, because even
having different "cultures", we all work in the same Internet.
>
> Regards,
> Jordi
>
The only potential issue is that the policy adopted in
each region must
apply to ALL BGP Hijacking, not just the region
involved. Otherwise the
bad actors will simply choose to hijack numbers in a
different region to
avoid the policy.
And that's probably a good thing. If one region doesn't
adopt this policy, versus others adopting it, then
hijackers will try to operate under that region, and I
guess that means the "quality" of service of the regions
that don't adopt it decreases, and that may turn the
community into a different view of it.
Also, I assume we are mostly discussing hijacking of
IPv4 resources, much
of which are clearly related to their short supply. I
am unaware of any
real effort currently being made to hijack IPv6 resources.
The proposal covers "any" resource hijacking (IPv4, IPv6
and ASN). The fact that IPv6 is not being hijacked know,
doesn't means that we can't prevent it to be covered by a
policy proposal.
Albert Erdmann
Network Administrator
Paradise On Line Inc.
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
This electronic message contains information which may be
privileged or confidential. The information is intended to
be for the exclusive use of the individual(s) named above
and further non-explicilty authorized disclosure, copying,
distribution or use of the contents of this information,
even if partially, including attached files, is strictly
prohibited and will be considered a criminal offense. If
you are not the intended recipient be aware that any
disclosure, copying, distribution or use of the contents
of this information, even if partially, including attached
files, is strictly prohibited, will be considered a
criminal offense, so you must reply to the original sender
to inform about this communication and delete it.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]
<mailto:[email protected]>).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] <mailto:[email protected]> if you
experience any issues.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]
<mailto:[email protected]>).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please [email protected] <mailto:[email protected]> if you experience
any issues.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]
<mailto:[email protected]>).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] <mailto:[email protected]> if you
experience any issues.
_______________________________________________ ARIN-PPML You are
receiving this message because you are subscribed to the ARIN Public
Policy Mailing List ([email protected]). Unsubscribe or manage your
mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml Please contact
[email protected] if you experience any issues.
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
This electronic message contains information which may be privileged
or confidential. The information is intended to be for the exclusive
use of the individual(s) named above and further non-explicilty
authorized disclosure, copying, distribution or use of the contents of
this information, even if partially, including attached files, is
strictly prohibited and will be considered a criminal offense. If you
are not the intended recipient be aware that any disclosure, copying,
distribution or use of the contents of this information, even if
partially, including attached files, is strictly prohibited, will be
considered a criminal offense, so you must reply to the original
sender to inform about this communication and delete it.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
