[arin-ppml] Hijackings

Ronald F. Guilmette rfg at tristatelogic.com
Tue Apr 26 20:48:41 EDT 2011 

In message <4DB7006C.1020609 at office.tcsn.net>, 
Charles O'Hern <charles at office.tcsn.net> wrote:

>> Admittedly, my proposal lacked fancy numbered headings, sub-headings,
>> Chapter titles, a table of figures (with circles & arrows on the back)
>> and all that fancy stuff, but it's still a proposal.
>
>All that fancy stuff exist for good reasons,

Oh I never intended to suggest or imply that it doesn't.  I'm sure that
all that formality has usefulness.  I just don't happen to personally
know my way around all of the fine print requirements for formal proposals
in the ARIN system.  And also, I always hate to see otherwise good ideas
get too awfully bogged down, early in the process, by required formalities.
Formality is something that can always be added in later, when and if
there is general support of the basic idea.  (And of course, if there is
none, then putting the proposal into a formalized form is a useless waste
of time and energy anyway.)

>but the people here are pretty good at helping proposals shape up.

So I have been led to believe.  And that's another reason why I thought
that it would be OK to float the basic idea first, and get to the formalisms
afterward.

>Under what sections of the NRPM should your proposed text be included?

Well, the best one, of course!

>Will it replace existing text?

I rather doubt it.  Was there something in particular about it that makes
you think it would?  (I am not aware of anything even remotely like this
that is part of current policy.)

>While it seems obvious, what is the rationale for the proposal?

The guilty should be punished.  Such punishment act as a deterrent, thereby
preventing future crime.

>> "Caught hijacking" for IP address blocks means that the legal entity in
>> question is itself demonstratably announcing route(s) to the IP address
>> block in question AND that no evidence is proffered or forthcoming, within
>> a reasonably time frame (e.g. 1 week) which would reasonably support a
>> claim that either:
>> 
>>     (a) the IP block in question is currently assigned to the legal entity i
>n
>> 	question, or else
>> 
>>     (b) that the legal entity to which the block(s) were actually assigned h
>ad
>>         given its explicit consent to the legal entity that is actually
>> 	announcing routes to the block(s) in question to make or perform
>> 	such announcement(s).
>
>There is a wording problem there with "explicit consent" in (b).  It could be 
>argued that my network has an explicit agreement of consent with my BGP peers,
> but that argument can
>not be made for my peers' peers, who need to announce my routes for my network
> to function properly.  That text needs revision, imo.

What would you suggest?

>> "Caught hijacking" for an ASNs means that the legal entity in question is
>> itself demonstratably announcing one or more routes via the ASN in question
>> AND that no evidence is proffered or forthcoming, within a reasonably time
>> frame (e.g. 1 week) which would reasonably support a claim that either
>> 
>>     (a) the ASN in question is currently assigned to the legal entity in
>> 	question, or else
>> 
>>     (b) that the legal entity to which the ASN was actually assigned had
>> 	given its explicit consent to the legal entity that is actually
>> 	announcing routes via the ASN in question to make or perform such
>> 	announcement(s).
>
>The same argument about peers' peers might apply here as well.

And likewise, the same question... What would you suggest?

>I think in the long run, this kind of proposal will be a non-op.  I'm under th
>e impression that the only 'legal entities' who this might affect would be tho
>se who aren't coming to
>ARIN for services anyways or will be operating under a separate 'legal entity'
> from their legitimate operations.

As of twelve days ago, I can already think of not one but TWO candidates
which would be affected by this new rule, i.e. if it were in effect at the
present time.

>Still I'm not opposed, just not advising a whole lot of work be directed this 
>way.

Work is not work when it is enjoyable.

Am I the only one who would find it enjoyable to work on insuring that in
future, people and entities who, with malice aforethought, are caught flouting
the rules and screwing up the Internet might have to pay at least some
small price for that?


Regards,
rfg

More information about the ARIN-PPML mailing list