They either find out for themselves or someone else points it out to them. In either case their responsibility continues if what you say holds good
From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of ac <ac@main.me>
Sent: Saturday, March 23, 2019 1:44 PM
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] 2019-03 and over-reach
some of what the wg discusses are opinions and some things are
scientific facts.
scientific facts may change as environments and other variables change,
but currently it is so that;
there is NO TLD registry that will allow the ongoing random hijacking
of domain names (under that TLD of course)
as, this would mean that the TLD does not need to exist at all and/or
it will not have any trust/value.
RIPE NCC though, is factually a resource administrative authority.
As such, it does need to administer resources and an integral part of
that resource administration is the core responsibility implied by such
administration itself and the balance of exercising such authority with
the implied and direct responsibility of any such administration.
Factually, the authority to allocate (or not) is administrative.
I think (my opinion) is that the confusion arises due to whether a
resource (whether it be a domain name, ip number, etc) is allocated,
or not. When resources are allocated the administrative responsibility
is not degraded, in fact a very strong argument could be made that the
inverse is true: Allocated resources increases the level of
administrative authority, responsibility and all of the administration
aspects themselves.
Now, TLD (or RIPE NCC) managing **"external"** complaints about direct
abuse, is, imho, outside the scope of an administrative authority and
would be the scenario Nick Hilliard refers to. Then again, this is my
opinion, so I may be completely wrong (or not) :)
On Sat, 23 Mar 2019 07:27:40 +0000
Suresh Ramasubramanian <ops.lists@gmail.com> wrote:
> There's also the interesting comparison of how some TLD registries -
> many of them - act on canceling spam and phish domains while others
> go to every extreme not to do so.
>
> --srs
>
> ________________________________
> From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of ac
> <ac@main.me> Sent: Saturday, March 23, 2019 11:16 AM
> To: anti-abuse-wg@ripe.net
> Subject: Re: [anti-abuse-wg] 2019-03 and over-reach
>
> On Fri, 22 Mar 2019 17:13:20 +0000
> Nick Hilliard <nick@foobar.org> wrote:
> > Regarding over-reach, the RIPE NCC was instituted as a numbering
> > registry and as a supporting organisation for the RIPE Community,
> > whose terms of reference are described in the RIPE-1 document. The
> > terms of reference make it clear that the purpose of the RIPE
> > Community and the RIPE NCC is internet co-ordination and - pointedly
> > - not enforcement. Proposal 2019-03 goes well outside the scope of
> > what the RIPE Community and the RIPE NCC were constituted to do, and
> > I do not believe that the Anti Abuse working group has the authority
> > to override this.
> >
> the wg is not overriding anything. 2019-03 is about removing
> resources, in much the same way as same resources would have been
> removed for payment. (RIPE NCC accounts person would "judge" that
> there was no payment and resources would be affected)
>
> Just because there is a decision it does not mean that such a decision
>
> is "law enforcement" or judicial.
>
> 2019-03 is administrative
>
> and not legal/law/judicial
>
> > The second point relates to the long term consequences of the
> > proposal. If the RIPE Community were to pass this policy, then it
> > would direct the RIPE NCC to act as both a judiciary and policing
> > agency for internet abuse. Judgement and enforcement of behaviour
> > are the competence of national governments, courts and law
>
> No. You are saying the same thing, though eloquently, in a different
> way and trying to link it to some future potential hijacking by gov
> of RIR.
>
> It is not much of a decision that RIPE NCC has to make either as:
>
> 1. There was hijacking
>
> OR
>
> 2. There was no hijacking
>
> Whether it was accidental, ongoing for long period of time and all the
> other technical and scientific facts, this may require some sort of
> interpretation of facts.
>
> But, not whether it actually happened or not.
>
> >
> > But, this is not how to handle the problem of BGP hijacking. Even
> > if it had the slightest possibility of making any difference at a
> > technical level (which it won't), the proposal would set the RIPE
> > Community and the RIPE NCC down a road which I believe would be
> > extremely unwise to take from a legal and political point of view,
> > and which would be difficult, if not impossible to manoeuver out of.
> >
> ianal, NCC legal will surely evaluate the legal aspects, but
> practically every new shell company that has to deal with compliance
> and other issues is just another layer in the onion.
>
>
>
>
>