[arin-ppml] prop266 - re-framing the discussion

Martin Hannigan hannigan at gmail.com
Thu May 2 18:43:44 EDT 2019


On Thu, May 2, 2019 at 6:38 PM Scott Leibrand <scottleibrand at gmail.com>
wrote:

>
> On Thu, May 2, 2019 at 3:06 PM Carlos Friaças <cfriacas at fccn.pt> wrote:
>
>>
>> On Thu, 2 May 2019, Scott Leibrand wrote:
>>
>> > Do you have any reason to believe that ARIN getting involved in
>> real-time notification of BGP hijacking, with or without firmly worded
>> language and with or without an implied threat, will be any more effective
>> than current methods of
>> > shutting down hijacks once they've started?  My impression is that
>> nearly all hijacks are quickly filtered by transit providers once they're
>> contacted by the legitimate holder of the addresses.
>>
>> Hi,
>>
>> However, some hijackers decide to use unallocated space or space which is
>> likely to be held by closed companies -- so a contact by the legitimate
>> owner becomes highly unlikely.
>>
>
> In that case, who is the party who is harmed by someone announcing
> unallocated or unannounced space?
>
>

[ clip ]


> If ARIN overreaches in their attempt to penalize a large non-cooperative
> well-lawyered transit provider for not filtering their customers well
> enough by revoking their registrations, and that transit provider sues ARIN
> for interfering with its business, it's likely that ARIN would lose a
> lawsuit and either lose control over the registry and/or have to pay
> damages that might bankrupt the organization.  Those are the kinds of legal
> concerns that will prevent ARIN from doing something that the community
> might otherwise want.
>

 [ clip ]

Even if there isn't a law explicitly disallowing BGP hijacking (I don't
know if/where there is), the legal system is still an option for going
after bad actors.  IANAL, but if nothing else, you can sue them in civil
courts for the damages caused by tortious interference with your business,
or whatever the proper legal term is for that.  In the US, you can always
sue someone.  ;-)

If someone announced a prefix that caused damage to your business _and you
could find them, prosecute a case etc._ you probably could build a damage
model to litigate. However, good luck with the former.

On your points, I went to find data to understand. With three threads and
now hundred(s) of messages, it is confusing. I scraped this from bgpstream
(thank you Andree) and hope it may help.

https://docs.google.com/spreadsheets/d/1Mlt_oRd0ttz5qoHZ_gvsybsqRG4Pf8XnyxLspD3GSfU/edit?usp=sharing

I am not sure where an RIR adds value here other than continuing with RPKI
efforts and not spending money on distractions.

Thanks,

-M<
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20190502/c4e8dc22/attachment-0002.html>


More information about the ARIN-PPML mailing list