<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;
font-weight:normal;
font-style:normal;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:12196451;
mso-list-type:hybrid;
mso-list-template-ids:492614782 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Hello List,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The difference between a hijack and a lease is often a valid Letter of Agency.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Maybe it’s time for an explicit lease policy that would be within ARIN’s scope and could chip away at some of the issues here.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Personally, I am against the proposal and agree that it is out of scope.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>And I am philosophically inclined against any mission-creep for ARIN.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>But I think there is a lacuna in policy regarding leasing that should be remedied.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>In the remedy there could at least be definitions of acceptable documentation for leases which would help with some hijacking issues, and spell out plainly in policy when a lease is valid, and when it is a hijack, or lease policy violation.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Regards,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Mike<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> ARIN-PPML <arin-ppml-bounces@arin.net> <b>On Behalf Of </b>Keith W. Hare<br><b>Sent:</b> Friday, May 03, 2019 11:24 AM<br><b>To:</b> Andrew Bagrin <abagrin@omninet.io><br><b>Cc:</b> arin-ppml@arin.net<br><b>Subject:</b> Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Andrew,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>So far, I have seen lots of discussion of the issue but I have not seen a single concise coherent complete definition of the BGP hijacking problem that includes:<o:p></o:p></span></p><ul style='margin-top:0in' type=disc><li class=MsoListParagraph style='color:#1F497D;margin-left:0in;mso-list:l0 level1 lfo2'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>What technical mechanisms are used to create a BGP hijack<o:p></o:p></span></li><li class=MsoListParagraph style='color:#1F497D;margin-left:0in;mso-list:l0 level1 lfo2'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>How BGP hijacking is initiated<o:p></o:p></span></li><li class=MsoListParagraph style='color:#1F497D;margin-left:0in;mso-list:l0 level1 lfo2'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>Why BGP hijacking is possible<o:p></o:p></span></li><li class=MsoListParagraph style='color:#1F497D;margin-left:0in;mso-list:l0 level1 lfo2'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The frequency of BGP hijacking instances<o:p></o:p></span></li><li class=MsoListParagraph style='color:#1F497D;margin-left:0in;mso-list:l0 level1 lfo2'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>How long BGP hijacking instances last<o:p></o:p></span></li><li class=MsoListParagraph style='color:#1F497D;margin-left:0in;mso-list:l0 level1 lfo2'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>The locations of BGP hijacking instances<o:p></o:p></span></li><li class=MsoListParagraph style='color:#1F497D;margin-left:0in;mso-list:l0 level1 lfo2'><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>How information about BGP hijacking instances can be gathered<o:p></o:p></span></li></ul><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Without a really clear definition of the problem, it is hard to evaluate the effectiveness of the proposed process.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>So far, it is not at all clear to me how the process described in proposal 266 will have any effect on the problem, but that may be because I do not fully understand the problem.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'>Keith<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> ARIN-PPML [<a href="mailto:arin-ppml-bounces@arin.net">mailto:arin-ppml-bounces@arin.net</a>] <b>On Behalf Of </b>Andrew Bagrin<br><b>Sent:</b> Friday, May 3, 2019 10:05 AM<br><b>To:</b> Marilson Mapa <<a href="mailto:marilson.mapa@gmail.com">marilson.mapa@gmail.com</a>><br><b>Cc:</b> <a href="mailto:arin-ppml@arin.net">arin-ppml@arin.net</a><br><b>Subject:</b> Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal>I'm curious why do people not want to let ARIN try to start getting involved to help resolve the issue of hijacking?<o:p></o:p></p><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Are you doing hijacking and don't want interference?<o:p></o:p></p></div><div><p class=MsoNormal>Are you running a competitive service that you charge for?<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Does anyone believe there is a valid reason to hijack and advertise IP space that you do not own? (when the owner of that space does not want you to advertise it)<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Why would anyone be against ARIN having a process to help resolve these issues? Sure we can question how effective it will be, but anything will be more effective than nothing, and by actually doing, failing and learning, ARIN will only improve and refine the process. We will all learn from this.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div></div></div></body></html>