Brian, My apologies for not responding yesterday. I've been working on what I think is a REALLY important project... one that even relates to some of what's been discussed here... and I just got totally caught up in that yesterday (and probably will again today). In message <56388A61.7040209@heanet.ie>, Brian Nisbet <brian.nisbet@heanet.ie> wrote:
You said, at one point, that you did not see the point in reporting these issues, or even just specifically the AS204224 issue to the NCC. Given the investigations you've done, I amn't sure why not?
Well, to be fair here, the "investigation" I've done here wasn't, like, you know, very deep or anything. I just looked at a few pages on bgp.he.net (one each for three ASNs) which show all the bogon announcements, a page or two on RIPE's excellent routing history tool, fetched about three RIPE WHOIS records, and that's about it.
I accept that the goal should be to improve the process, but surely reporting on, and potentially dealing with, bad actors is still worth it if you've gathered all the data anyway?
Sigh. Yes. OK. You're right, of course, and I should not have been quite so flippant when responding to the suggestion that I should file formal reports. But there's only so much of me to go around, and at the moment I am hunting even bigger game. It may be a week or more, but I'll file a formal report... or three, if that is actually more appropriate. But I *must* get some other stuff done first. Please understand however that I will be doing so only totally reluctantly. I hate formality generally, and I still have a VERY bad taste in my mouth over my past efforts to file formal reports (it makes me REALLY mad when people call them "complaints") with that other entity that I've promised not to talk about here anymore. Filing formal reports with them has, in the past, proved to be an utter waste of my time.
However the core point here is I will, once again, extend an invite to you, to Suresh, to Sascha, to Jeffrey, to Aftab, to everyone on this list who is interested in this issue, to work on a policy that might help?
It's an entirely reasonable request. However formality gets in the way, and slows things down. I'll have to go and read and think about those documents (describing the formal proposal process) that people have been kind enough to point me at. I am willing, but time is my enemy at the moment. Perhaps I can draft something in the proper format and put it in the proper place next week. I will try, if nobody else beats me to it.
As Sander said earlier, the community works on policy. The NCC, whether they are technically able or not, will not put any such verification in place unless the community asks them to. This is the way this system works, from the bottom up.
Agreed and accepted.
I do not believe the RIPE NCC are or should become the Internet police,
Police have guns. They have handcuffs. They can arrest people. As long as RIPE's only power is to kick certain bogus and/or poorly maintained records out of the data base, there seems little danger that RIPE will functionally qualify as being the police of anything.
but change is made incrementally in this community and maybe movement is possible in a direction that would be useful? And if we make a policy and it's wrong, we can make a different, better, policy. That's the beauty of it.
You have eloquently made the case for the democratic process. I can only agree. Regards, rfg