Re: [anti-abuse-wg] WHOIS (AS204224)

Dear Denis, > On 04 Nov 2015, at 01:05, ripede...@yahoo.co.uk wrote: > > It could be up and running in a month and we could now have more trusted > ROUTE objects. Please refrain from making estimates about the amount of work it would take for the RIPE NCC to implement things. We are happy to

Re: [anti-abuse-wg] WHOIS (AS204224)

In message , "Niall O'Reilly" wrote: >On Mon, 09 Nov 2015 00:40:52 +, >Ronald F. Guilmette wrote: >> >> While I do feel that the tripartite nature of the contracts in question >> is in fact self-evident, I can only agree that my

Re: [anti-abuse-wg] WHOIS (AS204224)

On Sat, 07 Nov 2015 23:24:48 +, Ronald F. Guilmette wrote: > > However in lieu of that, I feel compelled to (re-)assert that > which seems self-evident, i.e. that RIPE is indeed a third-party > beneficiary within all LIR/end-user contracts, and that it is > explicitly named as such therein.

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <563eb931.9030...@yahoo.co.uk>, denis wrote: >... {lengthy discussion of contractual issues snipped} ... I think we may be getting lost in the weeds here, so I'd like to back up and just briefly summarise the view from 30,000 feet, and then make a rather

Re: [anti-abuse-wg] WHOIS (AS204224)

In message , "Niall O'Reilly" wrote: >On Sat, 07 Nov 2015 23:24:48 +, >Ronald F. Guilmette wrote: >>=20 >> However in lieu of that, I feel compelled to (re-)assert that >> which seems self-evident, i.e. that RIPE is indeed a

Re: [anti-abuse-wg] WHOIS (AS204224)

Hi Ronald On 06/11/2015 22:44, Ronald F. Guilmette wrote: In message <563c8773.7000...@yahoo.co.uk>, denis wrote: It may seem like I am quibbling over a minor semantic point here, and perhaps I am, but I think that it is somewhat inaccurate to say that there's no

Re: [anti-abuse-wg] WHOIS (AS204224)

On Fri, Nov 06, 2015 at 11:38:52PM +0100, Sander Steffann wrote: But the RIPE NCC isn't an official party in that contract. The contract is between end user and LIR. Well... Considering that such a contract must be submitted to, and approved by, the RIPE NCC (or it will not result in the

Re: [anti-abuse-wg] WHOIS (AS204224)

As sascha says and for once I agree with him, It can be argued that the LIR is a mere intermediary in this transaction, and executing contracts with the end user while standing in for ripe ncc. Like, say, a VW car dealer - who sells you a Passat TDI diesel car and their name is on all the

Re: [anti-abuse-wg] WHOIS (AS204224)

On 06/11/2015 05:09, Ronald F. Guilmette wrote: In message <20151106003148.gx47...@cilantro.c4inet.net>, "Sascha Luck [ml]" wrote: On Thu, Nov 05, 2015 at 03:48:43PM -0800, Ronald F. Guilmette wrote: Laugh now... while you can. Threats again, is it? I call on the chairs

Re: [anti-abuse-wg] WHOIS (AS204224)

Hi, On Thu, Nov 05, 2015 at 03:58:26PM -0800, Ronald F. Guilmette wrote: [..] > >This really does matter. Even with a valid RIPE ASN they cannot 'steal' > >RIPE address space. > > Really??? > > If so, that's great news! > > Did everyone finally agree to use only fully authenticated route >

Re: [anti-abuse-wg] WHOIS (AS204224)

>From a systems perspective the discussion below is exactly backwards. A millions-user system dependent for correct operation (e.g. one not promoting abuse [the subject of this list]) must be [re]designed to place the onus on the user not the registrar. Rule: if your data are not correct, you

Re: [anti-abuse-wg] WHOIS (AS204224)

On 06/11/2015 15:22, Sascha Luck [ml] wrote: On Fri, Nov 06, 2015 at 10:01:33AM -0500, Jeffrey Race wrote: The matter of the "defining discussion goal" will have to be taken up in order to make progress on this list's putative purpose of "anti-abuse." Had you read the charter of this WG,

Re: [anti-abuse-wg] WHOIS (AS204224)

On Fri, 6 Nov 2015 15:22:30 +, Sascha Luck [ml] wrote: >>though this makes inevitable the criminal nature of the >>mechanism they are charged with managing. > >The internet resource management mechanism as managed by RIRs and >LIRS is "of a criminal nature", do I understand you correctly?

Re: [anti-abuse-wg] WHOIS (AS204224)

On Fri, Nov 06, 2015 at 11:57:18AM -0500, Jeffrey Race wrote: The internet resource management mechanism as managed by RIRs and LIRS is "of a criminal nature", do I understand you correctly? The mechanism is the internet Uhuh. I guess it's just as well that barely any operators seem to read

Re: [anti-abuse-wg] WHOIS (AS204224)

On Fri, Nov 06, 2015 at 07:23:39PM +0530, Suresh Ramasubramanian wrote: That is what floating this in the db wg will establish - whether it is actually a member revolt or one individual???s opinion Consensus is a wonderful thing when it is achieved You're touching on a very sore point for me.

Re: [anti-abuse-wg] WHOIS (AS204224)

You have misunderstood the English words. I said that the mechanism by which the internet operates was slackly designed and is slackly operated so has become a cesspool of criminality. Jeffrey Race On Fri, 6 Nov 2015 17:14:22 +, Sascha Luck [ml] wrote: >On Fri, Nov 06, 2015 at

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <563c8773.7000...@yahoo.co.uk>, denis wrote: >> It may seem like I am quibbling over a minor semantic point here, and >> perhaps I am, but I think that it is somewhat inaccurate to say that >> there's no relationship at all between RIPE / RIPE NCC and the

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, Nov 04, 2015 at 03:41:39PM -0800, Ronald F. Guilmette wrote: > If a formal proposal was put forward to the entire RIPE membership > which proposed that all mailing addresses and phone numbers be > completely removed from the WHOIS data base, would you personally > vote "yea" or "nay" on

Re: [anti-abuse-wg] WHOIS (AS204224)

On Mon, Nov 02, 2015 at 07:06:09PM -0800, Ronald F. Guilmette wrote: > I've been to Europe only one time, in 2010. I had to buy a cell phone > there to communicate, and when I did I was entirely surprised to learn > that one cannot do so without presenting some form of identification, > passport,

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <20151105214840.gu47...@cilantro.c4inet.net>, "Sascha Luck [ml]" wrote: >On Thu, Nov 05, 2015 at 01:31:31PM -0800, Ronald F. Guilmette wrote: >>>1) All resource holders are presumed to be bad actors and all of >>>their data must be kept in a database, their

Re: [anti-abuse-wg] WHOIS (AS204224)

HI Ronald On 05/11/2015 23:44, Ronald F. Guilmette wrote: In message <563a6462.7080...@yahoo.co.uk>, denis wrote: You{r} talk about privacy and this whole thread is about making lots of personal data public and how many over engineered processes can be put in place to

Re: [anti-abuse-wg] WHOIS (AS204224)

Hi Ronald On 06/11/2015 00:48, Ronald F. Guilmette wrote: In message <20151105220739.gw47...@cilantro.c4inet.net>, "Sascha Luck [ml]" wrote: ... All the mntner object does is grant access to change a ripedb object. It says nothing about who operates a resource or what

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <563a6462.7080...@yahoo.co.uk>, denis wrote: >You{r} talk about privacy and this whole thread is about making lots of >personal data public and how many over engineered processes can be put >in place to the detriment of all the good folk to trip up a few of

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <563bdb1c.4020...@yahoo.co.uk>, denis wrote: >On 05/11/2015 21:33, Ronald F. Guilmette wrote: >> In message <637758753.2826426.1446595528880.javamail.ya...@mail.yahoo.com>, >> ripede...@yahoo.co.uk wrote: >> >> With regards to this specific incident (and this

Re: [anti-abuse-wg] WHOIS (AS204224)

Hi Ronald On 06/11/2015 00:58, Ronald F. Guilmette wrote: In message <563bdb1c.4020...@yahoo.co.uk>, denis wrote: On 05/11/2015 21:33, Ronald F. Guilmette wrote: In message <637758753.2826426.1446595528880.javamail.ya...@mail.yahoo.com>, ripede...@yahoo.co.uk wrote:

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <20151104184211.gm47...@cilantro.c4inet.net>, "Sascha Luck [ml]" wrote: >A few people or companies who act in bad faith do not change this >fact and there is no reason to put the entire membership under >general suspicion and waste its time and fees with elaborate

Re: [anti-abuse-wg] WHOIS (AS204224)

On Thu, Nov 05, 2015 at 01:31:31PM -0800, Ronald F. Guilmette wrote: In message <20151104143230.gk47...@cilantro.c4inet.net>, I really would like to be there with a video camera the next time you find yourself having to go through airport security. YouTube stardom awaits us. Yeah, but not

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <20151105220739.gw47...@cilantro.c4inet.net>, "Sascha Luck [ml]" wrote: >On Thu, Nov 05, 2015 at 01:50:37PM -0800, Ronald F. Guilmette wrote: >>It has been well more than just one or two cases, and I suspect >>that you know that. Only one or two GLARING cases per

Re: [anti-abuse-wg] WHOIS (AS204224)

HI Ronald On 05/11/2015 21:33, Ronald F. Guilmette wrote: In message <637758753.2826426.1446595528880.javamail.ya...@mail.yahoo.com>, ripede...@yahoo.co.uk wrote: With regards to this specific incident (and this specific set of what looks to be 3 inter-related rogue ASNs) I myself don't really

Re: [anti-abuse-wg] WHOIS (AS204224)

On Thu, Nov 05, 2015 at 03:48:43PM -0800, Ronald F. Guilmette wrote: Laugh now... while you can. Threats again, is it? I call on the chairs to point out to this individual that n.a.n.a.e tactics are not welcome on this list. I also end my participation in this discussion here. Given that you

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <20151104143230.gk47...@cilantro.c4inet.net>, "Sascha Luck [ml]" wrote: >No. Just NO. I am, frankly, flabbergasted at this mindset: > >1) All resource holders are presumed to be bad actors and all of >their data must be kept in a database, their correctness to be

Re: [anti-abuse-wg] WHOIS (AS204224)

On Thu, Nov 05, 2015 at 01:50:37PM -0800, Ronald F. Guilmette wrote: It has been well more than just one or two cases, and I suspect that you know that. Only one or two GLARING cases per month perhaps, but over time it has added up. so what? the NCC has 14,000 members (or thereabouts) and

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <637758753.2826426.1446595528880.javamail.ya...@mail.yahoo.com>, ripede...@yahoo.co.uk wrote: >Ronald >"I neither mentioned nor asked about out-of-region objects." >"then proceeded to announce a bunch of self-evidently bogus routes to relat= >ively large swaths of APNIC address

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <563bf1e0.3090...@yahoo.co.uk>, denis wrote: >First of all I apologise if I have mixed up some of your views, some of >Sacha's views and some of my own views. If I have I did so with good >intentions. I was not trying to derail anything, but I disagree that

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <563bf492.2020...@yahoo.co.uk>, denis wrote: >On 06/11/2015 00:58, Ronald F. Guilmette wrote: >> In message <563bdb1c.4020...@yahoo.co.uk>, >> denis wrote: >>> This really does matter. Even with a valid RIPE ASN they cannot 'steal' >>>

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <563bf7a2.7090...@yahoo.co.uk>, denis wrote: >Hi Ronald > >On 06/11/2015 00:48, Ronald F. Guilmette wrote: >> In message <20151105220739.gw47...@cilantro.c4inet.net>, >> "Sascha Luck [ml]" wrote: >>> Please, Ron, RTFM for *once* before

Re: [anti-abuse-wg] WHOIS (AS204224)

On Thu, Nov 05, 2015 at 11:41:32PM +0100, denis wrote: When it comes to getting an ASN the AUT-NUM does require reference to a PERSON/ROLE object. But you can pick any PERSON or ROLE object in the database and reference them. Technically there is no cross checking. The 'owner' of those objects

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <20151106003148.gx47...@cilantro.c4inet.net>, "Sascha Luck [ml]" wrote: >On Thu, Nov 05, 2015 at 03:48:43PM -0800, Ronald F. Guilmette wrote: >> >>Laugh now... while you can. > >Threats again, is it? I call on the chairs to point out to this >individual that

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <7780cec5-e3ef-444b-a734-8de4dfb57...@steffann.nl>, Sander Steffann wrote: >I now understand your ideas better, and understand that you are looking >for a first step in improving the database accuracy. Not looking for a >complete solution as I was :) I think we

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <20151103134248.ge47...@cilantro.c4inet.net>, "Sascha Luck [ml]" wrote: >On Tue, Nov 03, 2015 at 02:28:03PM +0100, David Hofstee wrote: >>In that line of thought: I would like email validation on a >>regular basis. There are so many email addresses that do not

Re: [anti-abuse-wg] WHOIS (AS204224)

Brian, My apologies for not responding yesterday. I've been working on what I think is a REALLY important project... one that even relates to some of what's been discussed here... and I just got totally caught up in that yesterday (and probably will again today). In message

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <0f2494d8-d060-4496-807a-abbe30d26...@gmail.com>, (in response to Sascha Luck) Suresh Ramasubramanian wrote: >I doubt - > >1. You are being asked to code this for RIPE NCC >... For the record, I agree completely with Sascha Luck on this one. CAPTCHAs are an

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <78C35D6C1A82D243B830523B4193CF5F9F4EF1D606@SBS1.blinker.local>, David Hofstee wrote: >Neither do I. But what I do think is that RIPE should do the work that it >is set out to do, namely registration of data. It should do that very well. >Make sure that the data is

Re: [anti-abuse-wg] WHOIS (AS204224)

In message , Suresh Ramasubramanian wrote: >Right now, most other lists that I see this thread start up on, there >are a few people who defend RIPE NCC - and a lot of people who dump on >it for this kind of thing. I like to

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, Nov 04, 2015 at 01:10:01PM -0800, Ronald F. Guilmette wrote: I'm just putting myself in their shoes. If I were them, and I was asked my opinion about something that, in the short run at least. would, increase my workload, I would scream, holler, tear my hair out, pound my fist on the

Re: [anti-abuse-wg] WHOIS (AS204224)

I don't think it can be done without turning the NCC into something like the NSA and even then I doubt it would be 100% effective. Many governments throughout history have tried to have all the data they can on their citizens... I am not persuaded that this is at all a valid or fair comparison.

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, Nov 04, 2015 at 09:02:42PM +0100, denis wrote: It has served very well over the years but it does have limitations now. This is a database. You put stuff in and get stuff out. When you need a full day course to learn the basics of putting stuff in, it shouts there is a problem. I

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, Nov 04, 2015 at 02:44:15PM -0800, Ronald F. Guilmette wrote: That having been said it might still be either necessary or advisable to put a CAPTCHA in front of the RIPE account creation process, e.g. if there isn't one there already, just to stop some mindless automaton from trying to

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, Nov 04, 2015 at 02:57:21PM -0800, Ronald F. Guilmette wrote: Just curious... How would automated verification of snail-mail addresses and/or positive automated verification of contact phone numbers implicate any contractual issues? This particular mechanism may or may not. That's for

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, Nov 04, 2015 at 12:49:34PM -0800, Ronald F. Guilmette wrote: Police have guns. They have handcuffs. They can arrest people. As long as RIPE's only power is to kick certain bogus and/or poorly maintained records out of the data base, there seems little danger that RIPE will

Re: [anti-abuse-wg] WHOIS (AS204224)

Hi Ronald On Wed, Nov 04, 2015 at 01:10:01PM -0800, Ronald F. Guilmette wrote: I'm just putting myself in their shoes. If I were them, and I was asked my opinion about something that, in the short run at least. would, increase my workload, I would scream, holler, tear my hair out, pound my

Re: [anti-abuse-wg] WHOIS (AS204224)

Do you feel that the numbers community comparing notes with the ICANN whois EWG would help? https://www.icann.org/news/announcement-3-2015-09-25-en > On 05-Nov-2015, at 1:32 AM, denis wrote: > > Seriously, with a review of the data model we can end up with: > -a lot

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, Nov 04, 2015 at 12:05:28AM +, ripede...@yahoo.co.uk wrote: the sponsoring LIR should be restricted to an LIR in the same geographical/political/language area as the end user resource holder. Otherwise it could render the whole notion of an LIR validating their sponsored user's data

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, 4 Nov 2015 14:32:30 +, Sascha Luck [ml] wrote: >There is a need to be able to reach a resource holder to notify >them of abuse coming from their network (the abuse-c) or >technical problems (the tech-c). There is NO need to have the >street address and phone number of every *person*

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, Nov 04, 2015 at 11:30:50AM -0500, Jeffrey Race wrote: From an engineering standpoint you absolutely must have at least one redundant channel, with an acknowledgement mechanism (e.g. registered mail). But fax is also possible for this because the receipt is stamped with date/time of

Re: [anti-abuse-wg] WHOIS (AS204224)

Hi Sascha On 04/11/2015 15:32, Sascha Luck [ml] wrote: On Wed, Nov 04, 2015 at 12:05:28AM +, ripede...@yahoo.co.uk wrote: the sponsoring LIR should be restricted to an LIR in the same geographical/political/language area as the end user resource holder. Otherwise it could render the whole

Re: [anti-abuse-wg] WHOIS (AS204224)

On Wed, Nov 04, 2015 at 06:17:10PM +0100, denis wrote: That may well be right, but if the sponsor cannot understand the language of the resource holder the validation may not be very effective. The price you pay for a globalised society. I can see your point but this isn't something you can

[anti-abuse-wg] WHOIS (AS204224)

...@ripe.net] Namens Brian Nisbet Verzonden: dinsdag 3 november 2015 11:20 Aan: anti-abuse-wg@ripe.net Onderwerp: Re: [anti-abuse-wg] WHOIS (AS204224) ... I do not believe the RIPE NCC are or should become the Internet police, for many reasons, ...

Re: [anti-abuse-wg] WHOIS (AS204224)

Ronald, I'm not finding a great place to ask these questions in your conversation with Sander, so I'm going to ask them here. You said, at one point, that you did not see the point in reporting these issues, or even just specifically the AS204224 issue to the NCC. Given the investigations

Re: [anti-abuse-wg] WHOIS (AS204224)

Hi Roland, > The old saying is "The best is the enemy of the good". Validation and/or > verification of RIPE WHOIS data can be improved, even though any system > which attempts to do so most probably cannot be made foolproof. Ok > No. You're still thinking in terms of constructing an

Re: [anti-abuse-wg] WHOIS (AS204224)

Hi all Interesting conversation. It took me a while to read it all. I would like to add a few of my own thoughts based on my experiences. Although I will target my comments in response to specific points raised by many of the contributors to the discussion, I offer all my comments with the

Re: [anti-abuse-wg] WHOIS (AS204224)

Thanks - I've hung around apricot and apnic long enough to know how that works (though these past few years I can't travel so I'm simply on the apricot / Sanog fellowship and program committees) I haven't ever attended a ripe meeting though and wasn't aware of this wg - in my circles

Re: [anti-abuse-wg] WHOIS (AS204224)

On 03/11/2015 14:14, Gert Doering wrote: Hi, On Tue, Nov 03, 2015 at 01:49:18PM +, Sascha Luck [ml] wrote: On Tue, Nov 03, 2015 at 07:13:17PM +0530, Suresh Ramasubramanian wrote: I would actually prefer any such proposal to come from within the regular RIPE community, rather than from one

Re: [anti-abuse-wg] WHOIS (AS204224)

If someone regular is willing to set a direction that I see a chance of achieving consensus with - I will contribute as much as I can when participating remotely. I do believe in putting my effort where my mouth is :) --srs > On 03-Nov-2015, at 8:07 PM, Brian Nisbet

Re: [anti-abuse-wg] WHOIS (AS204224)

: dinsdag 3 november 2015 16:53 Aan: David Hofstee CC: anti-abuse-wg@ripe.net Onderwerp: Re: [anti-abuse-wg] WHOIS (AS204224) Hi, On Tue, Nov 03, 2015 at 04:17:19PM +0100, David Hofstee wrote: > Every email address in the RIPE database should work. There is a > reason to register an email a

Re: [anti-abuse-wg] WHOIS (AS204224)

If you can tell me just how a consensus at APWG and MAAWG, say, or on various actually security focused lists, that the RIPE community needs policy changes is going to make an iota of difference to what policies get implemented by RIPE NCC Right now, most other lists that I see this thread

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <3e9d317c-f715-4208-ac13-9f874439e...@steffann.nl>, Sander Steffann wrote: >How do you propose to distinguish people/companies with bad intentions >(for some value of bad, let's assume "planning to send spam") from >normal companies? It is certainly not

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <31d31283-06bf-40d7-afdf-6bed4b119...@steffann.nl>, Sander Steffann wrote: >> Someone needs to CALL the phone number listed there and simply ask if >> Mr. Soloviev is available. Once he is on the line, someone needs to ask >> if he even works for Mashzavod

Re: [anti-abuse-wg] WHOIS (AS204224)

Caveat - “we are not the [xyz] police” .. in this case, “the document police” .. a fine old trope, that. —srs > On 02-Nov-2015, at 9:14 AM, Sascha Luck [ml] wrote: > > While I can't speak for the accuracy of the AS204224 record, I > can say that the procedures used by the

Re: [anti-abuse-wg] WHOIS (AS204224)

In message <20151102034438.gb47...@cilantro.c4inet.net>, "Sascha Luck [ml]" wrote: >While I can't speak for the accuracy of the AS204224 record.. Who can? Who does? Anybody? >I can say that the procedures used by the RIPE NCC to verify the >identity of its members are