[arin-ppml] prop266 - re-framing the discussion

William Herrin bill at herrin.us
Thu May 2 14:45:48 EDT 2019 

On Thu, May 2, 2019 at 7:18 AM Adam Thompson <athompson at merlin.mb.ca> wrote:
> Instead of focusing on whether the current proposal is or isn’t in scope,
I suggest we re-cast the discussion as follows:
>
> So far, we have unanimous community agreement that BGP hijacking is bad.
> So far, we have broad agreement that “something ought to be done” about
BGP hijacking, although detailed opinions vary significantly.
> So what (else) can ARIN do about it?  (Caveat: the answer “nothing” is
unacceptable to a significant proportion of PPML participants.)

Hi Adam,

Without restructuring the legal basis on which the organization operates,
the answer is: not much.

No statute supports ARIN's existence. Its civil-law existence is based
entirely on contract between it and the registrants. Its common law
existence is somewhat stronger if less well defined, based on two decades
of action which has not been challenged and reversed in court. Where they
exist at all (they don't for legacy registrations), the contracts don't
well support ARIN taking adverse action against a registrant for their
behavior with respect to Internet routing. The common law case is even
weaker where they've literally never attempted an adverse action based on
routing.

Short of directly penalizing bad routing behavior ARIN could, I suppose,
create a "bad actors" list of some sort where service providers could
enforce additional validation on routing changes which appear containing
the bad actor's AS number. That's a bit like the joke "evil bit" proposal
though. A true bad actor could forge the AS path while folks making honest
mistakes get caught up in the blacklist.

ARIN could make it easier to participate in RPKI so that hijack attempts
become less effective. The contractual impediments currently put a lot of
people off. The problem is, ARIN is super afraid that they'll get sued over
it if they don't demand those contractual impediments from their
participants. Considering what happened to MAPS, it's not an unfounded fear.

Regards,
Bill Herrin


-- 
William Herrin ................ herrin at dirtside.com  bill at herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20190502/3aba385e/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 2381 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20190502/3aba385e/attachment.png>

More information about the ARIN-PPML mailing list