[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation
cfriacas at fccn.pt
Sat Apr 27 15:54:43 EDT 2019
On Sat, 27 Apr 2019, Michel Py wrote:
>> JORDI PALET MARTINEZ wrote :
>> This proposal is being discussed already in RIPE and LACNIC and we are working
>> in the relevant changes for versions to be submitted in AFRINIC and APNIC.
> Hi Jordi,
> How are the other RIRs reacting to it ?
Anyone can follow the discussions within both RIPE and LACNIC communities.
The threads are, however, rather long :-)))
> For the sake of the argument, let's say that this petition goes forward, and that somehow BGP Hijacking becomes an ARIN Policy Violation.
Then, the current procedures regarding ARIN Policy Violations should
apply... (same as in RIPE, same as in LACNIC).
> Let's assume that with all due process, ARIN actually finds that an ARIN member has intentionally hijacked BGP prefixes and therefore is in violation of Policy.
Well, it's not exactly ARIN staff who is tasked about any finding...
> What is ARIN going to do about it ? a fine ? invalidating their ARIN membership and reclaiming legit prefixes that the member may have ? Taking their ASN back ?
Whatever is already specified regarding Policy Violations...
> I have said recently that I thought ARIN was a little too careful with potential legal liabilities (about the TAL thing)
Luckly the other four RIRs didn't choose the same path, imho :-)
I personnally hope (as a RPKI user) ARIN can at some point align with the
> but this does not strike me as something we want ARIN to do.
One of the main reasons for bringing this up for discussion is the
registry (i.e. the all RIRs) data needs to mean something. Resources are
allocated/distributed, and everyone needs to respect it. Having
absolutely nothing in place that states disrespecting the registry's work
just seems wrong...
It is not about saying that network A can't connect to network B, or that
network A can't announce prefix X to network B, if both parties are in
agreement. It is about delivering the message that anyone needs to respect
numbering resources that are allocated/distributed to third parties.
Unfortunately this is needed because RPKI/MANRS/... will not reach
critical mass soon, and because some bad actors have infiltrated RIR
memberships to strenghten/boost their operations, exploring the evident
gap in policies -- that implies that a party caught performing hijacks
doesn't get any kind of impact...
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML