Hello,
I understand that there may have been some discussion of the rogue AS201640 at the WG meeting in London. For the benefit of those of us who were not able to attend that, could someone (anyone) please post a brief summary of the WG's discussion of AS201640? (The transcripts do not seem to be available just yet.) Separately and additionally, I have been seeking answers to several questions relating to AS201640, mostly on the anti-abuse WG mailing list, but I have so far been rather spectacularly unsuccessful at obtaining any answers whatsoever to any of these questions. Given that, I hope that no one will mind very much if I put these questions here. (Note: I am sure that some of these questions only occur to me because of my abundant ignorance. I am admittedly not very familiar with RIPE or RIPE NCC operating procedures. I hope that the members of this WG will show me the courtesy of forgiving my ignorance and also attempt to remedy it.) +_+_+_+_+_+_+_+_+_ 1) How was it possible for various IPv4 block WHOIS records to be stored in the RIPE WHOIS DB, even though it is quite apparently the case that, according to IANA WHOIS records, the IP blocks in question do not even belong to the RIPE region? Is there really no pre-checking performed on such records before they are stored in the RIPE data base, e.g. to see if the blocks in question belong either to RIPE or to some other RiR? 2) How was it possible for a particular Bulgarian commercial organization to be granted its own AS number, when all available evidence seems to indicate that it actually had, and has, -zero- IP addresses which are actually and properly registered to it? Is there really no pre-checking performed on AS number allocations, e.g. to see if the organization requesting the AS has at least some IP addresses? 3) Why are some of the clearly bogus WHOIS records (for IPv4 blocks) relating to this incident still present within the RIPE WHOIS DB, even as we speak, in particular, these ones? 41.198.224.0/20 119.227.224.0/19 105.154.248.0/21 210.57.0.0/19 202.39.112.0/20 Is anyone anywhere still harboring *any* lingering doubt about the fact that these are all quite plainly bogus? If not, then why have these records not already been removed from the WHOIS data base? 4) Why is AS201640 still registered, as we speak? 5) Without reference to any specific incident, AS, legal entity, or any other specifics, I have the following very general question: With respect to the contracts that RIPE enters into with those parties for whom RIPE provides registration services of *AS numbers*, specifically, are the terms and conditions of those contracts adequate and sufficient to strongly deter any and all AS registrants from deliberately and willfully announcing routes to IP space to which neither they nor any of their direct or indirect customers have any legitimate claim? +_+_+_+_+_+_ I look forward to the WG's responses to the above questions.
