Hi Carlos, On 2019-03-24 15:16, Carlos Friaças via anti-abuse-wg wrote:
"It will not stop determined miscreants" -- even if it stops some, it's already something positive, anti-abuse-wise. :-))
The thing is that, if you look at it from another direction, if it just does one "false positive", I would argue that it outweighs 100 small hijacks. And then we have the other co-author, On Sat, Mar 23, 2019 at 10:42 PM JORDI PALET MARTINEZ via anti-abuse-wg<anti-abuse-wg@ripe.net> wrote:
I think is very obvious that the experts [..] will make sure that when a warning is sufficient
How is that obvious? Answer: it is not obvious, you are just making assumptions. After looking at this in a bit more detail, my stance on this proposal has to be that I strongly object to it. I do feel like the better way to go about this is on a technical level, with more things like RPKI and IRR, not this stuff. On another note, unless all RIRs have a similar policy, then a hijacker wouldn't have to be from RIPE, or what if they have gotten hold of a legacy ASN. My point is that, no matter what the authors intended, I think this policy, would stop close to no determined hijackers, and probably cause a few "false positives". - Cynthia