<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>The same way the existence of laws stating certain practices are
wrong and forbidden doesn't stop people from committing crimes.</p>
<p>Fernando<br>
</p>
<div class="moz-cite-prefix">On 02/05/2019 12:33, Nicolas Antoniello
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CADHEbK9i8Rhx-4nx_VkimxS-bmh+RYbseB2jr0cSw-SBNkgegg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">Jordi,
<div><br>
</div>
<div>As I´ve mentioned @ LACNIC discussions regarding this
policy: the existence of a statement in ARIN policy manual
saying that something like this is "bad" is not going to make
anyone go to do it in another place. And so, it's not going to
prevent any BGP bad practice (not the ones made on purpose
neither the accidental ones).</div>
<div><br>
</div>
<div>Regards,</div>
<div>Nicolas</div>
<div><br>
</div>
<div><br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">El jue., 2 de may. de 2019 a
la(s) 09:03, JORDI PALET MARTINEZ via ARIN-PPML (<a
href="mailto:arin-ppml@arin.net" moz-do-not-send="true">arin-ppml@arin.net</a>)
escribió:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
<br>
El 2/5/19 15:50, "<a href="mailto:hostmaster@uneedus.com"
target="_blank" moz-do-not-send="true">hostmaster@uneedus.com</a>"
<<a href="mailto:hostmaster@uneedus.com" target="_blank"
moz-do-not-send="true">hostmaster@uneedus.com</a>>
escribió:<br>
<br>
<br>
<br>
On Thu, 2 May 2019, JORDI PALET MARTINEZ via ARIN-PPML
wrote:<br>
<br>
> Hi Albert,<br>
><br>
> El 2/5/19 15:02, "<a
href="mailto:arin-ppml-bounces@arin.net" target="_blank"
moz-do-not-send="true">arin-ppml-bounces@arin.net</a> en
nombre de <a href="mailto:hostmaster@uneedus.com"
target="_blank" moz-do-not-send="true">hostmaster@uneedus.com</a>"
<<a href="mailto:arin-ppml-bounces@arin.net"
target="_blank" moz-do-not-send="true">arin-ppml-bounces@arin.net</a>
en nombre de <a href="mailto:hostmaster@uneedus.com"
target="_blank" moz-do-not-send="true">hostmaster@uneedus.com</a>>
escribió:<br>
><br>
> On Thu, 2 May 2019, JORDI PALET MARTINEZ via
ARIN-PPML wrote:<br>
><br>
> >2. CONDITIONS OF SERVICE<br>
> ><br>
> >(1) The exclusive right to be the registrant
of the Included Number<br>
> >Resources within the ARIN database;<br>
> >(2) The right to use the Included Number
Resources within the ARIN<br>
> >database;<br>
><br>
><br>
> This above kinda sums up the issue. My
understanding is this language<br>
> comes from the RSA.<br>
><br>
> While the document grants the right to be the
registrant and use the<br>
> "Included Number Resources", other language
stating that you cannot use<br>
> someone elses number resources without the
permission of the registrant of<br>
> those OTHER resources is missing from the RSA.
That is what needs fixing.<br>
><br>
> Of course, it is not easy to amend the RSA.
Therefore it is being<br>
> advanced to add the BGP hijacking language to the
NRPM, which each ARIN<br>
> RSA signer has also agreed to follow.<br>
><br>
> If the language is added to the NRPM and the
hijacker is an ARIN RSA<br>
> signer, enforcement could be up to and including
the revoke of all ARIN<br>
> resources. However, all the worldwide resources
are NOT assigned to ARIN,<br>
> therefore nothing can really be done by ARIN in
these cases where the<br>
> hijacker is NOT an ARIN member.<br>
><br>
> As a result, the Advisory Committee declared it
totally out of scope, even<br>
> though it does appear in scope if the hijacking is
being done by an ARIN<br>
> RSA signer.<br>
><br>
> Unless this conflict can be solved, it is out of
scope, at least when it<br>
> would be applied to non ARIN RSA signers.
However, I think it is in scope<br>
> when hijacking of ARIN assigned resources occur by
an ARIN RSA signer.<br>
><br>
> When a policy proposal is sent to a specific RIR, I
understand that if finally, that results, thru the PDP, in a
policy, will be only in scope of the members of that RIR.<br>
><br>
> That's why, we have two ways of doing it:<br>
> 1) A global policy, which requires same text reach
consensus in all the 5 RIRs (and it may be more difficult and
slower to achieve), or<br>
> 2) An equivalent policy in each of the 5 RIRs, which
is the path we decided for this specific policy proposal.<br>
><br>
> So, I don't see a "conflict" in that aspect, just
part of the process, and as you say, a proposal can't be
declared out-of-scope because "it will only apply" to this or
that region.<br>
><br>
> When I've observed similar problems in the policy
manuals of different regions, I always tried to follow the
same path, and most of the time, it works, because even having
different "cultures", we all work in the same Internet.<br>
><br>
> Regards,<br>
> Jordi<br>
><br>
The only potential issue is that the policy adopted in
each region must <br>
apply to ALL BGP Hijacking, not just the region involved.
Otherwise the <br>
bad actors will simply choose to hijack numbers in a
different region to <br>
avoid the policy.<br>
<br>
And that's probably a good thing. If one region doesn't adopt
this policy, versus others adopting it, then hijackers will
try to operate under that region, and I guess that means the
"quality" of service of the regions that don't adopt it
decreases, and that may turn the community into a different
view of it.<br>
<br>
Also, I assume we are mostly discussing hijacking of IPv4
resources, much <br>
of which are clearly related to their short supply. I am
unaware of any <br>
real effort currently being made to hijack IPv6 resources.<br>
<br>
The proposal covers "any" resource hijacking (IPv4, IPv6 and
ASN). The fact that IPv6 is not being hijacked know, doesn't
means that we can't prevent it to be covered by a policy
proposal.<br>
<br>
Albert Erdmann<br>
Network Administrator<br>
Paradise On Line Inc.<br>
<br>
<br>
<br>
<br>
**********************************************<br>
IPv4 is over<br>
Are you ready for the new Internet ?<br>
<a href="http://www.theipv6company.com" rel="noreferrer"
target="_blank" moz-do-not-send="true">http://www.theipv6company.com</a><br>
The IPv6 Company<br>
<br>
This electronic message contains information which may be
privileged or confidential. The information is intended to be
for the exclusive use of the individual(s) named above and
further non-explicilty authorized disclosure, copying,
distribution or use of the contents of this information, even
if partially, including attached files, is strictly prohibited
and will be considered a criminal offense. If you are not the
intended recipient be aware that any disclosure, copying,
distribution or use of the contents of this information, even
if partially, including attached files, is strictly
prohibited, will be considered a criminal offense, so you must
reply to the original sender to inform about this
communication and delete it.<br>
<br>
<br>
<br>
_______________________________________________<br>
ARIN-PPML<br>
You are receiving this message because you are subscribed to<br>
the ARIN Public Policy Mailing List (<a
href="mailto:ARIN-PPML@arin.net" target="_blank"
moz-do-not-send="true">ARIN-PPML@arin.net</a>).<br>
Unsubscribe or manage your mailing list subscription at:<br>
<a href="https://lists.arin.net/mailman/listinfo/arin-ppml"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://lists.arin.net/mailman/listinfo/arin-ppml</a><br>
Please contact <a href="mailto:info@arin.net" target="_blank"
moz-do-not-send="true">info@arin.net</a> if you experience
any issues.<br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (<a class="moz-txt-link-abbreviated" href="mailto:ARIN-PPML@arin.net">ARIN-PPML@arin.net</a>).
Unsubscribe or manage your mailing list subscription at:
<a class="moz-txt-link-freetext" href="https://lists.arin.net/mailman/listinfo/arin-ppml">https://lists.arin.net/mailman/listinfo/arin-ppml</a>
Please contact <a class="moz-txt-link-abbreviated" href="mailto:info@arin.net">info@arin.net</a> if you experience any issues.
</pre>
</blockquote>
</body>
</html>