[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation
Joe Provo
ppml at rsuc.gweep.net
Wed May 8 08:40:59 EDT 2019
On Tue, May 07, 2019 at 07:25:49PM +0000, Michel Py wrote:
> Hi Keith,
>
> > Keith W. Hare wrote :
> > I have not yet seen a complete clear consistent definition of BGP/Route
> > hijacking. Such a definition is a prerequisite to defining a meaningful policy.
>
> I agree.
I've always operated with the definition that a hijack
is the purposeful subversion of the registrant's intended
use of the registered prefix. (This proposal and thread
is about BGP hijacks, but we also see registry hijacks
and other forms.)
A key problem in determining intent is that its publication
is not mandatory (and that publication itself can be
subverted, but that's not the flavour of hijack at hand).
We have some organizations who positively assert their
intent as doing so maximizes their relaible reachability,
but there's a great many who do not, out of ignorance or
desire.
As a registrant, if I'm using this or that service which
moves packets to my prefix (be it from my own ASNs,
announcing it by my ISPs ASN, filtering through a DDoS
scrubber, announced by my colo provider, etc) is still
correctly registered to me, not that provider.
If I'm smart, I will publish my intended announcement
sources in
- OriginAS in my whois
- RPKI ROAs
- IRR data
...and then anyone on the 'net can see if a given
announcement (or their changes) is intented and expected
or not.
Cheers,
Joe
--
Posted from my personal account - see X-Disclaimer header.
Joe Provo / Gweep / Earthling
More information about the ARIN-PPML
mailing list