On Tue, Feb 1, 2011 at 10:32 PM, Sander Steffann <sander@steffann.nl> wrote:
Exactly. I am sure that any RIPE working group would accept a policy proposal that defines a policy to prevent abuse while taking these dangers into account. Many people have asked for policy to prevent abuse, but none have come up with a workable proposal.
this is what I'm waiting for, among others http://ripe.net/ripe/wg/ncc-services/r59-minutes.html And nick hilliard's comment below was what I was remembering when I talked about the "internet police" meme. --srs ----------------------- H. Recovering resources assigned to non-existing entities http://www.ripe.net/ripe/meetings/ripe-59/presentations/rasmussen-recovering... Uwe Manuel Rasmussen, Microsoft Ruediger pointed out the importance of distinguishing between actual criminal activity on the net and the ways to fight this from the administrative procedures. It is not related to the RIPE administration processes. Uwe agreed with this, but mentioned that this didn't lead to the entity with the real responsibility. Ruediger stated again that the registration is not the point, and that you must get to the "box" and that this may be a botnet. The administrative data in the RIPE Database is irrelevant to this. Uwe stated that there should be a check that organisations requesting resources actually exist before assigning to them. Nick Hilliard (INEX) pointed out that this check is already done by the RIPE NCC. However, there is little the RIPE NCC can do if documents are fake. The RIPE NCC is not the routing police. Uwe agreed but would still like a way to be able to challenge an assignment. Carsten Schiefner (DENIC) commented that there is a similarity with TLDs. There is still no solution to guarantee WHOIS accuracy. Uwe explained that he was not looking for WHOIS accuracy, but for a solution to remove the people that don't exist. John Curran (ARIN) explained how this is done in the ARIN region. He said that ARIN does verification, but when a fraud is uncovered, ARIN does act to revoke resources. This is not related directly to the criminal activities, but due to a violation of the policy. Uwe agreed that it is not the RIPE NCC's job to determine what is legal or not, but pointed out that allowing somebody that obtained resources to use these resources for illegal purposes leaves him outside the law. He said that he will present propositions to the mailing list to reformulate the text in RIPE Document ripe-452 to revoke resources if an organisation if found not to actually exist. -- Suresh Ramasubramanian (ops.lists@gmail.com)