[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Fernando Frediani fhfrediani at gmail.com
Sat May 4 12:38:30 EDT 2019


RPKI, BGPSec and other related stuff if a different thing from what this 
proposal suggests. While the first ones are operational stuff, therefore 
how each one operates and although advised and good practice is always 
completely optional and discretionary to each network the second is not 
necessarily an operational thing and is an obligation to follow (not 
pretend you are someone else). Some people may never implement RPKI, 
BGPSec and other related stuff in any reasonable time.

Even when these practices are well deployed in most places there may 
still be where they will not (or never). And on those cases there may 
still be intentional hijacking cases and they must be addressed and 
people must be held responsible.
This proposal intends to make is very clear that using someone's 
resources publicly and causing damage not only to an individual but to a 
whole ecosystem depending on the case, is a violation of the policy 
which they all agreed to respect and follow (think about people not 
being able to access their online Banking because someone hijacked their 
prefixes for example, is not just a damage to the bank itself).

Those technical practices and this proposal are different things, 
complementary and that works towards a common go in benefit to a whole 
ecosystem.

Regards
Fernando

On 04/05/2019 10:09, Töma Gavrichenkov wrote:
> On Sat, May 4, 2019, 4:28 AM Marilson Mapa <marilson.mapa at gmail.com 
> <mailto:marilson.mapa at gmail.com>> wrote:
>
>     I'm curious why do you not want to let ARIN try to start getting
>     involved to help resolve the issue of hijacking?
>
>
> Let's be honest here.  RPKI, BGPSec and BGP roles could help resolving 
> the issue of hijacking.  This initiative would tame it a bit at best, 
> but must not be seen as anything close to a silver bullet.
>
> Actually, one of the strongest concerns of mine with this proposal is 
> that this may slow down the proper solution (routing security) 
> deployment due to a false sense of security it provides.
>
> --
> Töma
>
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20190504/5817b305/attachment-0002.html>


More information about the ARIN-PPML mailing list