Hi, I agree that this kind of policy should be in place. However, I would like to see some repercussion sooner than in one year. -- Pavel On 20. 03. 19 9:16, Hank Nussbacher wrote:
On Wed, 20 Mar 2019, Carlos Friaças wrote:
Hi,
To me, 1 year or even two is way better than "infinite". (i.e. nothing happens. ever.)
True. Agreed.
-Hank
The current lack of policy in this regard is allowing for (intentional) hijackers to remain associated (through the RIPE NCC Association) with other members.
Isn't this something we should try to change?
I honestly don't see "speed" as a critical factor, and i also hope that if this gets in place more networks will be able to export their routing view, so that global routing security improves a bit.
Of course there is RPKI, MANRS and so on, but i do believe something should be in place at policy level.
Best Regards, Carlos
On Wed, 20 Mar 2019, Hank Nussbacher wrote:
On Wed, 20 Mar 2019, Gert Doering wrote:
Hi,
On Wed, Mar 20, 2019 at 09:06:11AM +0200, Hank Nussbacher wrote:
On Tue, 19 Mar 2019, Marco Schmidt wrote:
More or less I agree with the proposal. But what happens after a LIR is found to be violation of the policy? RIPE NCC puts out a statement "LIR X is in violation of Policy nnnn"? So what? How does this policy assist stopping the BGP hijack from taking place, even if it takes 1-2 months to handle the paperwork?
Well, that's a subtle twist of the proposal not actually spelled out - a LIR found to be in violation of RIPE policies is breaking their contract with the NCC (the SSA) and as such can be closed and their resources withdrawn.
So that's a fairly effective way to sanction abusive behaviour.
The amount of time that will transpire from the time of abuse and a LIR closed and their resources withdrawn can well be in excess of a year if not two years.
Is that the end result we are looking for?
-Hank