[arin-ppml] prop266 - re-framing the discussion

Carlos Friaças cfriacas at fccn.pt
Thu May 2 16:01:59 EDT 2019 

On Thu, 2 May 2019, Michel Py wrote:

> I think that some of the participants in this thread have little idea of what could happen if we open Pandora's box.
>
> Let's start with an easy one : what do we do with ARIN members who hijack DoD space ?
> It is no secret that 30.0.0.0/8 has become RFC1918 bis.
> They don't announce it, but they use it. I shows up in traceroutes.
> https://blog.erratasec.com/2013/12/dod-address-space-its-not-conspiracy.html#.XMsp8DBKhdg

That's really news to me.

As long as you don't announce it to other networks i don't see an issue.

As long as nobody complains, i don't see an issue.


> If we set-up ARIN to be the cop of the Internet, what happens if a 
> general in the Pentagon decides that people should not be using address 
> space that has been allocated do DoD at all, and decides that ARIN is 
> responsible for fixing it ? Perfectly good military strategy, it's 
> called a proxy war.

Or simply trying to defend the legitimate exclusive rights of usage?


> What if the DoD has that interpretation of what "hijacking" means ? 
> Could be argued that these addresses are unique and should not be used 
> at all.

OK, so it's OK that someone announces slices from 50/8, 60/8, 70/8 towards 
other networks......?



> If we go down the road that some are suggesting, some people are going 
> to feel that they have been selectively targeted, then other people are 
> going to feel that ARIN has not taken action when needed, the list of 
> potential grievances is endless.

I think what the proposal contains is the ability so anyone who feels a 
victim from an hijacking event can file a report. The proposal also 
proposes any finding come from the community, not from the RIR.



> My view is that ARIN is a registry, not a law enforcement agency and I 
> think it should stay that way.

Nobody is trying to create that department :-)
ARIN is a registry with 1/5 of the global responsibility.
Which law enforcement agencies are able to act against hijacks/hijackers?
ARIN at least has the ability to do something, given proper independent, 
multiple-viewpoint advice.


Regards,
Carlos



> Michel.
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>

More information about the ARIN-PPML mailing list