If our engineers mistype an IP in the BGP advertisement, I would want a mechanism to notify me right away. Coming from ARIN would validate it's a real issue and not some random email that we all ignore. I personally do not see lynch mob. Punishment should only come with reluctant to comply.
On Fri, May 3, 2019 at 1:22 PM David Farmer <[email protected]> wrote: > Simply getting involved in hijacking is not what is proposed. And, by the > way, ARIN and the other RIRs already are involved, heard of RPKI, IRR, > etc... You can't say the problem is being ignored. Are these responses > truly effective? Maybe not. Do we need to do more? Probably. Is this the > answer? Maybe, but it really scares me. > > This proposal wants ARIN and the other RIRs to penalize hijacking. To do > this someone has to judge the intent behind these events. From the other > side of the Internet, it is difficult with any certainty to tell the > difference between a typo and malicious activity in many of these events. > > Have you ever been on a jury in a murder trial? I have. The difference > between the various counts of murder and manslaughter basically comes down > to determining the intent involved in the actions causing the death of > another human being. If you are involved in the death of someone and even > if there is no culpable negligence or intent on your part, such an event is > important enough for society to scrutinize your actions. > > So, I have some questions back to you; > Have you ever mistyped an IP address or an ASN? > Across the Internet, how many mistyped IP addresses and ASNs occur on a > daily basis? > > This proposal asks ARIN and the other RIRs to create a system to > scrutinize the actions of network operators and also impose penalties for > those actions. This is not something that should be taken lightly. It is > possible anyone on this mailing list will have to have their actions judged > by this system. The proponents of this proposal want you to think this > proposal only affects hijackers. That is not the case, this proposal > affects anyone who operates a router. It puts anyone who operates a router > in jeopardy of losing their Internet resources, for possibly something as > innocent as making a typo in their router config. > > Do we really need and want to go there? I'm not saying no, but let's be > really sure. And we have to make sure we get the system right, because any > one of us may have to be judged by this system. When I look at this > proposal, I don't see enough due process or safeguards involved that I feel > comfortable subjecting myself to it. > > To be honest, I see more of a lynch mob mentality then true justice in > this proposal. > > When evaluating this proposal, don't envision a hijacker being judged, > envision yourself being judged by this system, because you just might be. > > > Thanks > > On Fri, May 3, 2019 at 9:05 AM Andrew Bagrin <[email protected]> wrote: > >> I'm curious why do people not want to let ARIN try to start getting >> involved to help resolve the issue of hijacking? >> >> Are you doing hijacking and don't want interference? >> Are you running a competitive service that you charge for? >> >> Does anyone believe there is a valid reason to hijack and advertise IP >> space that you do not own? (when the owner of that space does not want you >> to advertise it) >> >> Why would anyone be against ARIN having a process to help resolve these >> issues? Sure we can question how effective it will be, but anything will >> be more effective than nothing, and by actually doing, failing and >> learning, ARIN will only improve and refine the process. We will all learn >> from this. >> >> >> >> On Thu, May 2, 2019 at 10:08 PM Marilson Mapa <[email protected]> >> wrote: >> >>> The president of ARIN describes his institution as an RIR with >>> appropriate and functional policies. This is what we can deduce from his >>> speech whenever he describes the performance of his institution. This same >>> attitude can be seen in RIPE. >>> >>> "Violation can have consequence". >>> >>> It seems that the expression "can have" should be understood as "almost >>> never", after all how to explain the rot that permeates the global >>> Internet? The complaints, the lawsuits, the fines are becoming more and >>> more frequent. >>> I have today received as a member of BPF Cybersecurity the document ***UN >>> 1st Committee Processes on Responsible State Behaviour in Cyberspace >>> explainer**. *This 25-page document, addressed to ICANN, reports what >>> they call disastrous behavior. It was drafted by Rubin International Law >>> Firm and Notary of Israel for a Jewish religious institution. >>> >>> Basically they are demanding: >>> "We require ICANN to terminate immediately the activities fostering >>> Internet addiction, including the performance of relevant IANA functions, >>> relevant gTLD activities, relevant Registry Operators' activities, relevant >>> ICANN-accredited registrars' activities, including through RESP and >>> amendments of registry and registrar agreements and to refrain from >>> renewing the .info registry agreement with Afilias unless Afilias and its >>> related companies terminate immediately activities fostering Internet >>> addiction and the .info registry agreement is amended to prohibit Internet >>> addiction activities." >>> >>> It's just one of the thousands of complaints popping up around the >>> globe. And ARIN does not move a finger... It's out of the scope... >>> >>> Marilson >>> >>> >>> Em qui, 2 de mai de 2019 às 17:01, John Curran <[email protected]> >>> escreveu: >>> >>>> > On May 2, 2019, at 2:12 PM, Carlos Friaças via ARIN-PPML < >>>> [email protected]> wrote: >>>> > ... >>>> > It seems evident that a RIR can't revoke legacy space. Ever. >>>> >>>> Carlos - >>>> >>>> In the case of ARIN that would be incorrect, as ARIN has revoked legacy >>>> address space from parties that have violated registry policies. >>>> >>>> ARIN registry policies are applicable to all parties in the registry - >>>> those legacy holders under RSA do have specific terms and conditions (and a >>>> reduced fee schedule), but ARIN registry policies are applicable regardless >>>> and violation can have consequence. >>>> >>>> Thanks! >>>> /John >>>> >>>> John Curran >>>> President and CEO >>>> American Registry for Internet Numbers >>>> >>>> _______________________________________________ >>>> ARIN-PPML >>>> You are receiving this message because you are subscribed to >>>> the ARIN Public Policy Mailing List ([email protected]). >>>> Unsubscribe or manage your mailing list subscription at: >>>> https://lists.arin.net/mailman/listinfo/arin-ppml >>>> Please contact [email protected] if you experience any issues. >>>> >>> _______________________________________________ >>> ARIN-PPML >>> You are receiving this message because you are subscribed to >>> the ARIN Public Policy Mailing List ([email protected]). >>> Unsubscribe or manage your mailing list subscription at: >>> https://lists.arin.net/mailman/listinfo/arin-ppml >>> Please contact [email protected] if you experience any issues. >>> >> _______________________________________________ >> ARIN-PPML >> You are receiving this message because you are subscribed to >> the ARIN Public Policy Mailing List ([email protected]). >> Unsubscribe or manage your mailing list subscription at: >> https://lists.arin.net/mailman/listinfo/arin-ppml >> Please contact [email protected] if you experience any issues. >> > > > -- > =============================================== > David Farmer Email:[email protected] > Networking & Telecommunication Services > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 612-626-0815 > Minneapolis, MN 55414-3029 Cell: 612-812-9952 > =============================================== >
_______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
