On Fri, Mar 22, 2019 at 05:13:20PM +0000, Nick Hilliard wrote:
The aim of the 2019-03 proposal, as far as I understand it, is to grant the RIPE NCC the authority to make formal judgements about alleged abuse of network resources with the implicit intention that unless the party involved ends the alleged abuse, the RIPE NCC would enforce the judgement by LIR shutdown if the alleged infringer were a member, or refusal to provide service if the alleged infringer were not.
It is actually worse than this, as I understand it. Based on recent contributions in this discussion, I now understand that it is proposed to make the determination of "network abuse" entirely outside the NCC and then to give this determination to the NCC Board to rubber-stamp and enforce it (and, implicitly assume the legal liability, one would presume)
There are other pile of other considerations here, not least whether the RIPE NCC would have any legal jurisdiction to deregister resources where it had determined "abuse", and what the legal liability of the company would be if it were determined that they didn't have jurisdiction to act.
I am also somewhat worried about the possible fall-out for the members if the NCC were to be found to have acted incorrectly and be liable for the damages to the business of a member that was shut down... I would be very interested in NCC Legal's opinion on this.
But, this is not how to handle the problem of BGP hijacking. Even if it had the slightest possibility of making any difference at a technical level (which it won't), the proposal would set the RIPE Community and the RIPE NCC down a road which I believe would be extremely unwise to take from a legal and political point of view, and which would be difficult, if not impossible to manoeuver out of.
Much better put than I could hope to do, I fully endorse this statement. rgds, SL
Nick