[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Fernando Frediani fhfrediani at gmail.com
Thu May 2 11:36:58 EDT 2019


The same way the existence of laws stating certain practices are wrong 
and forbidden doesn't stop people from committing crimes.

Fernando

On 02/05/2019 12:33, Nicolas Antoniello wrote:
> Jordi,
>
> As I´ve mentioned @ LACNIC discussions regarding this policy: the 
> existence of a statement in ARIN policy manual saying that something 
> like this is "bad" is not going to make anyone go to do it in another 
> place. And so, it's not going to prevent any BGP bad practice (not the 
> ones made on purpose neither the accidental ones).
>
> Regards,
> Nicolas
>
>
>
> El jue., 2 de may. de 2019 a la(s) 09:03, JORDI PALET MARTINEZ via 
> ARIN-PPML (arin-ppml at arin.net <mailto:arin-ppml at arin.net>) escribió:
>
>
>
>     El 2/5/19 15:50, "hostmaster at uneedus.com
>     <mailto:hostmaster at uneedus.com>" <hostmaster at uneedus.com
>     <mailto:hostmaster at uneedus.com>> escribió:
>
>
>
>         On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote:
>
>         > Hi Albert,
>         >
>         > El 2/5/19 15:02, "arin-ppml-bounces at arin.net
>     <mailto:arin-ppml-bounces at arin.net> en nombre de
>     hostmaster at uneedus.com <mailto:hostmaster at uneedus.com>"
>     <arin-ppml-bounces at arin.net <mailto:arin-ppml-bounces at arin.net> en
>     nombre de hostmaster at uneedus.com <mailto:hostmaster at uneedus.com>>
>     escribió:
>         >
>         >    On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML wrote:
>         >
>         >    >2. CONDITIONS OF SERVICE
>         >    >
>         >    >(1) The exclusive right to be the registrant of the
>     Included Number
>         >    >Resources within the ARIN database;
>         >    >(2) The right to use the Included Number Resources
>     within the ARIN
>         >    >database;
>         >
>         >
>         >    This above kinda sums up the issue.  My understanding is
>     this language
>         >    comes from the RSA.
>         >
>         >    While the document grants the right to be the registrant
>     and use the
>         >    "Included Number Resources", other language stating that
>     you cannot use
>         >    someone elses number resources without the permission of
>     the registrant of
>         >    those OTHER resources is missing from the RSA. That is
>     what needs fixing.
>         >
>         >    Of course, it is not easy to amend the RSA. Therefore it
>     is being
>         >    advanced to add the BGP hijacking language to the NRPM,
>     which each ARIN
>         >    RSA signer has also agreed to follow.
>         >
>         >    If the language is added to the NRPM and the hijacker is
>     an ARIN RSA
>         >    signer, enforcement could be up to and including the
>     revoke of all ARIN
>         >    resources.  However, all the worldwide resources are NOT
>     assigned to ARIN,
>         >    therefore nothing can really be done by ARIN in these
>     cases where the
>         >    hijacker is NOT an ARIN member.
>         >
>         >    As a result, the Advisory Committee declared it totally
>     out of scope, even
>         >    though it does appear in scope if the hijacking is being
>     done by an ARIN
>         >    RSA signer.
>         >
>         >    Unless this conflict can be solved, it is out of scope,
>     at least when it
>         >    would be applied to non ARIN RSA signers. However, I
>     think it is in scope
>         >    when hijacking of ARIN assigned resources occur by an
>     ARIN RSA signer.
>         >
>         > When a policy proposal is sent to a specific RIR, I
>     understand that if finally, that results, thru the PDP, in a
>     policy, will be only in scope of the members of that RIR.
>         >
>         > That's why, we have two ways of doing it:
>         > 1) A global policy, which requires same text reach consensus
>     in all the 5 RIRs (and it may be more difficult and slower to
>     achieve), or
>         > 2) An equivalent policy in each of the 5 RIRs, which is the
>     path we decided for this specific policy proposal.
>         >
>         > So, I don't see a "conflict" in that aspect, just part of
>     the process, and as you say, a proposal can't be declared
>     out-of-scope because "it will only apply" to this or that region.
>         >
>         > When I've observed similar problems in the policy manuals of
>     different regions, I always tried to follow the same path, and
>     most of the time, it works, because even having different
>     "cultures", we all work in the same Internet.
>         >
>         > Regards,
>         > Jordi
>         >
>         The only potential issue is that the policy adopted in each
>     region must
>         apply to ALL BGP Hijacking, not just the region involved.
>     Otherwise the
>         bad actors will simply choose to hijack numbers in a different
>     region to
>         avoid the policy.
>
>     And that's probably a good thing. If one region doesn't adopt this
>     policy, versus others adopting it, then hijackers will try to
>     operate under that region, and I guess that means the "quality" of
>     service of the regions that don't adopt it decreases, and that may
>     turn the community into a different view of it.
>
>         Also, I assume we are mostly discussing hijacking of IPv4
>     resources, much
>         of which are clearly related to their short supply.  I am
>     unaware of any
>         real effort currently being made to hijack IPv6 resources.
>
>     The proposal covers "any" resource hijacking (IPv4, IPv6 and ASN).
>     The fact that IPv6 is not being hijacked know, doesn't means that
>     we can't prevent it to be covered by a policy proposal.
>
>         Albert Erdmann
>         Network Administrator
>         Paradise On Line Inc.
>
>
>
>
>     **********************************************
>     IPv4 is over
>     Are you ready for the new Internet ?
>     http://www.theipv6company.com
>     The IPv6 Company
>
>     This electronic message contains information which may be
>     privileged or confidential. The information is intended to be for
>     the exclusive use of the individual(s) named above and further
>     non-explicilty authorized disclosure, copying, distribution or use
>     of the contents of this information, even if partially, including
>     attached files, is strictly prohibited and will be considered a
>     criminal offense. If you are not the intended recipient be aware
>     that any disclosure, copying, distribution or use of the contents
>     of this information, even if partially, including attached files,
>     is strictly prohibited, will be considered a criminal offense, so
>     you must reply to the original sender to inform about this
>     communication and delete it.
>
>
>
>     _______________________________________________
>     ARIN-PPML
>     You are receiving this message because you are subscribed to
>     the ARIN Public Policy Mailing List (ARIN-PPML at arin.net
>     <mailto:ARIN-PPML at arin.net>).
>     Unsubscribe or manage your mailing list subscription at:
>     https://lists.arin.net/mailman/listinfo/arin-ppml
>     Please contact info at arin.net <mailto:info at arin.net> if you
>     experience any issues.
>
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20190502/63127cfe/attachment-0002.html>


More information about the ARIN-PPML mailing list