[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation
Fernando Frediani
fhfrediani at gmail.com
Thu May 2 11:36:58 EDT 2019
The same way the existence of laws stating certain practices are wrong
and forbidden doesn't stop people from committing crimes.
Fernando
On 02/05/2019 12:33, Nicolas Antoniello wrote:
> Jordi,
>
> As I´ve mentioned @ LACNIC discussions regarding this policy: the
> existence of a statement in ARIN policy manual saying that something
> like this is "bad" is not going to make anyone go to do it in another
> place. And so, it's not going to prevent any BGP bad practice (not the
> ones made on purpose neither the accidental ones).
>
> Regards,
> Nicolas
>
>
>
> El jue., 2 de may. de 2019 a la(s) 09:03, JORDI PALET MARTINEZ via
> ARIN-PPML (arin-ppml at arin.net <mailto:arin-ppml at arin.net>) escribió:
>
>
>
> El 2/5/19 15:50, "hostmaster at uneedus.com
> <mailto:hostmaster at uneedus.com>" <hostmaster at uneedus.com
> <mailto:hostmaster at uneedus.com>> escribió:
>
>
>
> On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote:
>
> > Hi Albert,
> >
> > El 2/5/19 15:02, "arin-ppml-bounces at arin.net
> <mailto:arin-ppml-bounces at arin.net> en nombre de
> hostmaster at uneedus.com <mailto:hostmaster at uneedus.com>"
> <arin-ppml-bounces at arin.net <mailto:arin-ppml-bounces at arin.net> en
> nombre de hostmaster at uneedus.com <mailto:hostmaster at uneedus.com>>
> escribió:
> >
> > On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote:
> >
> > >2. CONDITIONS OF SERVICE
> > >
> > >(1) The exclusive right to be the registrant of the
> Included Number
> > >Resources within the ARIN database;
> > >(2) The right to use the Included Number Resources
> within the ARIN
> > >database;
> >
> >
> > This above kinda sums up the issue. My understanding is
> this language
> > comes from the RSA.
> >
> > While the document grants the right to be the registrant
> and use the
> > "Included Number Resources", other language stating that
> you cannot use
> > someone elses number resources without the permission of
> the registrant of
> > those OTHER resources is missing from the RSA. That is
> what needs fixing.
> >
> > Of course, it is not easy to amend the RSA. Therefore it
> is being
> > advanced to add the BGP hijacking language to the NRPM,
> which each ARIN
> > RSA signer has also agreed to follow.
> >
> > If the language is added to the NRPM and the hijacker is
> an ARIN RSA
> > signer, enforcement could be up to and including the
> revoke of all ARIN
> > resources. However, all the worldwide resources are NOT
> assigned to ARIN,
> > therefore nothing can really be done by ARIN in these
> cases where the
> > hijacker is NOT an ARIN member.
> >
> > As a result, the Advisory Committee declared it totally
> out of scope, even
> > though it does appear in scope if the hijacking is being
> done by an ARIN
> > RSA signer.
> >
> > Unless this conflict can be solved, it is out of scope,
> at least when it
> > would be applied to non ARIN RSA signers. However, I
> think it is in scope
> > when hijacking of ARIN assigned resources occur by an
> ARIN RSA signer.
> >
> > When a policy proposal is sent to a specific RIR, I
> understand that if finally, that results, thru the PDP, in a
> policy, will be only in scope of the members of that RIR.
> >
> > That's why, we have two ways of doing it:
> > 1) A global policy, which requires same text reach consensus
> in all the 5 RIRs (and it may be more difficult and slower to
> achieve), or
> > 2) An equivalent policy in each of the 5 RIRs, which is the
> path we decided for this specific policy proposal.
> >
> > So, I don't see a "conflict" in that aspect, just part of
> the process, and as you say, a proposal can't be declared
> out-of-scope because "it will only apply" to this or that region.
> >
> > When I've observed similar problems in the policy manuals of
> different regions, I always tried to follow the same path, and
> most of the time, it works, because even having different
> "cultures", we all work in the same Internet.
> >
> > Regards,
> > Jordi
> >
> The only potential issue is that the policy adopted in each
> region must
> apply to ALL BGP Hijacking, not just the region involved.
> Otherwise the
> bad actors will simply choose to hijack numbers in a different
> region to
> avoid the policy.
>
> And that's probably a good thing. If one region doesn't adopt this
> policy, versus others adopting it, then hijackers will try to
> operate under that region, and I guess that means the "quality" of
> service of the regions that don't adopt it decreases, and that may
> turn the community into a different view of it.
>
> Also, I assume we are mostly discussing hijacking of IPv4
> resources, much
> of which are clearly related to their short supply. I am
> unaware of any
> real effort currently being made to hijack IPv6 resources.
>
> The proposal covers "any" resource hijacking (IPv4, IPv6 and ASN).
> The fact that IPv6 is not being hijacked know, doesn't means that
> we can't prevent it to be covered by a policy proposal.
>
> Albert Erdmann
> Network Administrator
> Paradise On Line Inc.
>
>
>
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
>
> This electronic message contains information which may be
> privileged or confidential. The information is intended to be for
> the exclusive use of the individual(s) named above and further
> non-explicilty authorized disclosure, copying, distribution or use
> of the contents of this information, even if partially, including
> attached files, is strictly prohibited and will be considered a
> criminal offense. If you are not the intended recipient be aware
> that any disclosure, copying, distribution or use of the contents
> of this information, even if partially, including attached files,
> is strictly prohibited, will be considered a criminal offense, so
> you must reply to the original sender to inform about this
> communication and delete it.
>
>
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net
> <mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net <mailto:info at arin.net> if you
> experience any issues.
>
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20190502/63127cfe/attachment.htm>
More information about the ARIN-PPML
mailing list