[arin-ppml] Hijackings

Owen DeLong owen at delong.com
Wed Apr 27 01:41:18 EDT 2011


Ron, the formal process isn't all that complicated.

1.	Download template from ARIN website. (Let me know if you
	need an exact link).

2.	Put your proposal into the template.

3.	Fill out the rest of the template, including the rationale.

4.	Email completed template to policy at arin.net

Staff will develop a clarity and understanding of the policy which will
be sent to the AC. Staff may work with the author to make sure that they
fully understand the author's intent and have a clear understanding of
the proposal. They may help the author align their proposal with their
expressed intent in that process.

After that, it becomes the AC's job to conduct the proposal through
the policy development process until its final disposition (either
abandonment or forwarding to the board for adoption). The AC
will usually try to work with the author on any modifications that are
needed either from community input or from the judgment of the
AC or input from other sources such as advice of counsel, etc.

Any member of the AC should be willing to help you put your policy
into a format where it can make its way into the process and be
understood by staff and the community.

Owen

On Apr 26, 2011, at 5:48 PM, Ronald F. Guilmette wrote:

> 
> In message <4DB7006C.1020609 at office.tcsn.net>, 
> Charles O'Hern <charles at office.tcsn.net> wrote:
> 
>>> Admittedly, my proposal lacked fancy numbered headings, sub-headings,
>>> Chapter titles, a table of figures (with circles & arrows on the back)
>>> and all that fancy stuff, but it's still a proposal.
>> 
>> All that fancy stuff exist for good reasons,
> 
> Oh I never intended to suggest or imply that it doesn't.  I'm sure that
> all that formality has usefulness.  I just don't happen to personally
> know my way around all of the fine print requirements for formal proposals
> in the ARIN system.  And also, I always hate to see otherwise good ideas
> get too awfully bogged down, early in the process, by required formalities.
> Formality is something that can always be added in later, when and if
> there is general support of the basic idea.  (And of course, if there is
> none, then putting the proposal into a formalized form is a useless waste
> of time and energy anyway.)
> 
>> but the people here are pretty good at helping proposals shape up.
> 
> So I have been led to believe.  And that's another reason why I thought
> that it would be OK to float the basic idea first, and get to the formalisms
> afterward.
> 
>> Under what sections of the NRPM should your proposed text be included?
> 
> Well, the best one, of course!
> 
>> Will it replace existing text?
> 
> I rather doubt it.  Was there something in particular about it that makes
> you think it would?  (I am not aware of anything even remotely like this
> that is part of current policy.)
> 
>> While it seems obvious, what is the rationale for the proposal?
> 
> The guilty should be punished.  Such punishment act as a deterrent, thereby
> preventing future crime.
> 
>>> "Caught hijacking" for IP address blocks means that the legal entity in
>>> question is itself demonstratably announcing route(s) to the IP address
>>> block in question AND that no evidence is proffered or forthcoming, within
>>> a reasonably time frame (e.g. 1 week) which would reasonably support a
>>> claim that either:
>>> 
>>>    (a) the IP block in question is currently assigned to the legal entity i
>> n
>>> 	question, or else
>>> 
>>>    (b) that the legal entity to which the block(s) were actually assigned h
>> ad
>>>        given its explicit consent to the legal entity that is actually
>>> 	announcing routes to the block(s) in question to make or perform
>>> 	such announcement(s).
>> 
>> There is a wording problem there with "explicit consent" in (b).  It could be 
>> argued that my network has an explicit agreement of consent with my BGP peers,
>> but that argument can
>> not be made for my peers' peers, who need to announce my routes for my network
>> to function properly.  That text needs revision, imo.
> 
> What would you suggest?
> 
>>> "Caught hijacking" for an ASNs means that the legal entity in question is
>>> itself demonstratably announcing one or more routes via the ASN in question
>>> AND that no evidence is proffered or forthcoming, within a reasonably time
>>> frame (e.g. 1 week) which would reasonably support a claim that either
>>> 
>>>    (a) the ASN in question is currently assigned to the legal entity in
>>> 	question, or else
>>> 
>>>    (b) that the legal entity to which the ASN was actually assigned had
>>> 	given its explicit consent to the legal entity that is actually
>>> 	announcing routes via the ASN in question to make or perform such
>>> 	announcement(s).
>> 
>> The same argument about peers' peers might apply here as well.
> 
> And likewise, the same question... What would you suggest?
> 
>> I think in the long run, this kind of proposal will be a non-op.  I'm under th
>> e impression that the only 'legal entities' who this might affect would be tho
>> se who aren't coming to
>> ARIN for services anyways or will be operating under a separate 'legal entity'
>> from their legitimate operations.
> 
> As of twelve days ago, I can already think of not one but TWO candidates
> which would be affected by this new rule, i.e. if it were in effect at the
> present time.
> 
>> Still I'm not opposed, just not advising a whole lot of work be directed this 
>> way.
> 
> Work is not work when it is enjoyable.
> 
> Am I the only one who would find it enjoyable to work on insuring that in
> future, people and entities who, with malice aforethought, are caught flouting
> the rules and screwing up the Internet might have to pay at least some
> small price for that?
> 
> 
> Regards,
> rfg
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.




More information about the ARIN-PPML mailing list