[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Ronald F. Guilmette rfg at tristatelogic.com
Mon Apr 29 23:21:52 EDT 2019

In message <F04ED1585899D842B482E7ADCA581B8472A6EF63 at newserver.arneill-py.local>Michel Py <michel at arneill-py.sacramento.ca.us> wrote:

>>> Michel Py wrote:
>>> I'll try to be original : let's look at BGP Hijacking as a pest problem.
>>> ...  What we need is Terminix. Let them do the dirty work, handle the
>>> nasty chemicals and clean up the corpses.
>> Ronald F. Guilmette wrote :
>> Is there a supporting stipend available for that? If so, sign me up.
>That would be convenient, wouldn't it ?
>> that separating out the authority to draw the lines on the pavement, and
>>putting it in the
>> hands of one authority, and separately, putting the authority for
>>enforcing those same lines
>Maybe Terminix was not the best example for your taste.
>What about an international coalition ? Think Somali pirates.
>No single nation can tackle the problem. But these are our sailors and
>seals out there. This is a rather grizzly job at times; sometimes it's
>better if it's not recorded. In that case we can't handle this job out to
>"security contractors" because they flat out lack the resources. However,
>for BGP hijacking I would rather have it handled by some subcontractor that
>does not mind doing the dirty job, as opposed as ARIN not doing much.
>Political correctness, cost, actual results. Pick any two.

It's an interesting idea, but the legal authority to carry our operations
against, say, Somali pirates, in your example, still devolves from
governmental authorities.  Othewise, it's just a rogue operation that
could find itself facing a tribunal in The Hague at some point.

In the case of the IP address space, ARIN, RIPE, APNIC, LACNIC, AFRINIC,
IANA, and ICANN are unambiguously what constitutes "Internet governance",
so any authority to act has to devolve from them, not just for the above
reason, but also, pragmatically and procedurally.  If someone is caught
red handed quite deliberately coloring outside the lines... which is what
this is all about, i.e. -deliberate- screwing around... then who is in a
position to yank their assignnments and their reverse DNS delegation?
Outsourced subcontractors can't do that.

Anyway, it's not clear that trying to get "soldiers of fortune" involved
in this battle is really the Right Way To Go.  Some such efforts have been
known to go entirely sideways, much to the chagrin of all concerned.



More information about the ARIN-PPML mailing list