Hijacked route announcements can be carefully targeted to just a victim AS for any attack. If that victim AS holder complains to their national CERT the language here precludes the CERT from reporting into RIPE. That is a technicality as I can't imagine RIPE would refuse reports from a CERT, but it is worth fixing. On 05/09/19, 8:26 PM, "anti-abuse-wg on behalf of Carlos Friaças via anti-abuse-wg" <anti-abuse-wg-bounces@ripe.net on behalf of anti-abuse-wg@ripe.net> wrote: On Thu, 5 Sep 2019, Hank Nussbacher wrote: > On 05/09/2019 16:23, Marco Schmidt wrote: > > "A.3.1. Reporting > Only persons directly affected by a suspected hijack can report to the RIPE > NCC that another party has announced resources registered to or used by the > reporter without their consent. " > > This thereby precludes any national CERT from reporting to the RIPE NCC any > suspected hijacks since they are not directly affected. Can this text be > modified? Hi Hank, All, If a national CERT receives an hijacked route, it *is* affected -- in the sense their packets will go towards a wrongful destination. Not sure if the issue is with "person" vs. "organization", but a person should be able to report it on behalf of an affected organization... Regards, Carlos > Regards, > Hank > >> Dear colleagues, >> >> Policy proposal 2019-03, "Resource Hijacking is a RIPE Policy Violation" is >> now in the Review Phase. >> >> The goal of this proposal is to define that BGP hijacking is not accepted >> as normal practice within the RIPE NCC service region. >> >> The proposal has been updated following the last round of discussion and is >> now at version v2.0. Some of the changes made to version v1.0 include: >> - Includes procedural steps for reporting and evaluation of potential >> hijacks >> - Provides guidelines for external experts >> - Adjusted title >> >> The RIPE NCC has prepared an impact analysis on this latest proposal >> version to support the community?s discussion. You can find the full >> proposal and impact analysis at: >> https://www.ripe.net/participate/policies/proposals/2019-03 >> https://www.ripe.net/participate/policies/proposals/2019-03#impact-analysis >> >> And the draft documents at: >> https://www.ripe.net/participate/policies/proposals/2019-03/draft >> >> As per the RIPE Policy Development Process (PDP), the purpose of this four >> week Review Phase is to continue discussion of the proposal, taking the >> impact analysis into consideration, and to review the full draft RIPE >> Policy Document. >> >> At the end of the Review Phase, the Working Group (WG) Chairs will >> determine whether the WG has reached rough consensus. It is therefore >> important to provide your opinion, even if it is simply a restatement of >> your input from the previous phase. >> >> We encourage you to read the proposal, impact analysis and draft document >> and send any comments to <anti-abuse-wg@ripe.net> before 4 October 2019. >> >> >> Kind regards, >> >> Marco Schmidt >> Policy Officer >> RIPE NCC >> >> > >