Colleagues, Two (broad) things to address, while, of course, noting that I would ask you all to assume best intent in all of your fellow working group members. And to post as politely as possible yourself! I have, repeatedly, pointed out that all of the emails are being read by the Co-Chairs and the RIPE PDO. Short messages of support or +1s are noted and considered, but this is not a vote. I think I've said that twice now, hopefully the third time will be enough. We have also read the opinions of people about this, however the original statement remains unchanged. If, at the appropriate points, anyone in the working group feels the Co-Chairs have erred in our decision regarding consensus, then there is an appeals process. RIPE 710 covers the whole PDP and section 4 specifically covers appeals - https://www.ripe.net/publications/docs/ripe-710 On the general awareness of the policy, the announcement on 2019-03 was posted to the Policy Announce list and to Routing-WG in addition to here. It has also been raised in a few other locations. Given where we are right now in the initial Discussion Phase and the plans by the authors to produce a v2.0 of the document, I would strongly suggest (but note that it is not certain) that nothing will have been decided by RIPE 78, when even more people will become aware. If people choose not to join the mailing list nor use the RIPE Forum to participate, then there is little the AA-WG can do. So please, especially given all the nice things people have said about the Co-Chairs, and thank you for that, can you trust that we are both seeing all of the messages and treating them as stated, and if you don't agree, there is a process by which you can express this, rather than all going back and forth again here. You can also always contact the Co-Chairs directly on aa-wg-chair@ripe.net Thanks, Brian Co-Chair, RIPE AA-WG Brian Nisbet Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270
(Please mind, this is my personal opinion. The signature was left for consensus evaluation and background context) Dear RIPE associates, and other longtime participants in this mailing list, While I speak for myself, I might incur the risk of representing a lot of the so-called "Astroturfers?!". While some accuse (please don't take it personally, it's just clarification) the newcomers of being voiceless, I must say that I have been, with great effort, refraining from going into a long discourse on a list where I am new. That should not be understood as a sign of "spamming" a vetting process, but as a sign of respect for all of you, long-standing members of RIPE, guardians of our IP addresses, one of the building blocks of the Internet :-) I have before, stated that you might start to see some newcomers from .PT, and the reason for that being related to a famous post from Ronald Guilmette mentioning a Portuguese bad actor. This particular BGP Hijack was discussed at one of the Portuguese CSIRT Network meetings (www.redecsirt.pt), and draw some attention to all the 30+ members, and to me in particular, on the lack of policy by RIPE regarding this. So, it's just natural, I guess, that when most of my fellow countryman from this security community saw this opportunity of amending this, they subscribed and voted +1. After all, if they agree on the text of the policy, why pollute the mailing-list with repetitive discourse... Having said that, please consider for this discussion, from a (no more) RIPE outsider, it's somewhat weird that RIPE (as in the community), being an association of good people, seems to be somewhat reluctant to take action and approve a policy to self regulate against misuse of these same IP resources... I understand that we must not "sacrifice our freedom for a small feeling of security", but I hope (while I have not read all of RIPE rules on this) that if abused, this policy can, any point in time, be put to discussion for review, and improve whatever article is being abused. As for those who defend BGP Hijacks are to be resolved with a BCP (or any other "technical solution"), mind that BCP regarding hijacks already have some time and little results. As do other BCP, like "source-spoofing" and we still see it at large... why? because it hurts your bottom-line. The sole purpose of a "Company" is to distribute the largest amount possible of dividends to shareholders! (imagine the manpower for transit tear 1's applying BGP filtering). It's in these scenarios that regulation comes to play. And better to self-regulate then wait for state regulation when the next hijack hits your industry 4.0 or your local smart city, or even when some "Einstein" thinks it's ok to hijack networks from another country state agency... As one last thought, again IMHO, I believe BGP Hijacking is one of the most pressing issues, menacing the Internet resiliency, and it must be dealt with. In the same manner, we apply AUP's to our users, it's RIPE responsibility, to clearly state, it is not acceptable, and it will have consequences... Raising the risk for companies is the only way we tip the balance of "Loss vs Earning", and hopefully eradicate bad actors, or hopefully even stopping them right at their business plans. This is why I support "2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)" Best regards, Marco ----------------------------------------------------------------------- CSIRT.UMINHO - Universidade do Minho https://csirt.uminho.pt | report@csirt.uminho.pt | info@csirt.uminho.pt ----------------------------------------------------------------------- ----- Mensagem original -----
De: "Brian Nisbet" <brian.nisbet@heanet.ie> Para: "anti-abuse-wg" <anti-abuse-wg@ripe.net> Enviadas: Quinta-feira, 4 De Abril de 2019 9:42:32 Assunto: [anti-abuse-wg] On +1s and Policy Awareness
Colleagues,
Two (broad) things to address, while, of course, noting that I would ask you all to assume best intent in all of your fellow working group members. And to post as politely as possible yourself!
I have, repeatedly, pointed out that all of the emails are being read by the Co-Chairs and the RIPE PDO. Short messages of support or +1s are noted and considered, but this is not a vote. I think I've said that twice now, hopefully the third time will be enough. We have also read the opinions of people about this, however the original statement remains unchanged. If, at the appropriate points, anyone in the working group feels the Co-Chairs have erred in our decision regarding consensus, then there is an appeals process.
RIPE 710 covers the whole PDP and section 4 specifically covers appeals - https://www.ripe.net/publications/docs/ripe-710
On the general awareness of the policy, the announcement on 2019-03 was posted to the Policy Announce list and to Routing-WG in addition to here. It has also been raised in a few other locations. Given where we are right now in the initial Discussion Phase and the plans by the authors to produce a v2.0 of the document, I would strongly suggest (but note that it is not certain) that nothing will have been decided by RIPE 78, when even more people will become aware. If people choose not to join the mailing list nor use the RIPE Forum to participate, then there is little the AA-WG can do.
So please, especially given all the nice things people have said about the Co-Chairs, and thank you for that, can you trust that we are both seeing all of the messages and treating them as stated, and if you don't agree, there is a process by which you can express this, rather than all going back and forth again here.
You can also always contact the Co-Chairs directly on aa-wg-chair@ripe.net
Thanks,
Brian Co-Chair, RIPE AA-WG
Brian Nisbet Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270
+1. I'm also one of the first "+1" and Yesterday when all this discussion started I wanted to write the email that Marco did but unfortunately no time was left for me to do it. :| So I just want to give me support to what Marco said and off course to 2019-03. Also I would to remind all the community that usually what happens to communities that cannot regulate themselves is that some outsider comes and regulated them... Best regards, Aviso de Confidencialidade/Disclaimer: Este e-mail foi escrito de acordo com o novo acordo ortográfico. Esta mensagem é exclusivamente destinada ao seu destinatário, podendo conter informação CONFIDENCIAL, cuja divulgação está expressamente vedada nos termos da lei. Caso tenha recepcionado indevidamente esta mensagem, solicitamos-lhe que nos comunique esse mesmo facto por esta via devendo apagar o seu conteúdo de imediato. This message is intended exclusively for its addressee. It may contain CONFIDENTIAL information protected by law. If this message has been received by error, please notify us via e-mail and delete it immediately. [ Antes de imprimir esta mensagem pense no ambiente. Before printing this message, think about environment ] Às 16:52 de 04/04/19, CSIRT.UMINHO Marco Teixeira escreveu:
(Please mind, this is my personal opinion. The signature was left for consensus evaluation and background context)
Dear RIPE associates, and other longtime participants in this mailing list,
While I speak for myself, I might incur the risk of representing a lot of the so-called "Astroturfers?!". While some accuse (please don't take it personally, it's just clarification) the newcomers of being voiceless, I must say that I have been, with great effort, refraining from going into a long discourse on a list where I am new. That should not be understood as a sign of "spamming" a vetting process, but as a sign of respect for all of you, long-standing members of RIPE, guardians of our IP addresses, one of the building blocks of the Internet :-)
I have before, stated that you might start to see some newcomers from .PT, and the reason for that being related to a famous post from Ronald Guilmette mentioning a Portuguese bad actor. This particular BGP Hijack was discussed at one of the Portuguese CSIRT Network meetings (www.redecsirt.pt), and draw some attention to all the 30+ members, and to me in particular, on the lack of policy by RIPE regarding this. So, it's just natural, I guess, that when most of my fellow countryman from this security community saw this opportunity of amending this, they subscribed and voted +1. After all, if they agree on the text of the policy, why pollute the mailing-list with repetitive discourse...
Having said that, please consider for this discussion, from a (no more) RIPE outsider, it's somewhat weird that RIPE (as in the community), being an association of good people, seems to be somewhat reluctant to take action and approve a policy to self regulate against misuse of these same IP resources... I understand that we must not "sacrifice our freedom for a small feeling of security", but I hope (while I have not read all of RIPE rules on this) that if abused, this policy can, any point in time, be put to discussion for review, and improve whatever article is being abused.
As for those who defend BGP Hijacks are to be resolved with a BCP (or any other "technical solution"), mind that BCP regarding hijacks already have some time and little results. As do other BCP, like "source-spoofing" and we still see it at large... why? because it hurts your bottom-line. The sole purpose of a "Company" is to distribute the largest amount possible of dividends to shareholders! (imagine the manpower for transit tear 1's applying BGP filtering). It's in these scenarios that regulation comes to play. And better to self-regulate then wait for state regulation when the next hijack hits your industry 4.0 or your local smart city, or even when some "Einstein" thinks it's ok to hijack networks from another country state agency...
As one last thought, again IMHO, I believe BGP Hijacking is one of the most pressing issues, menacing the Internet resiliency, and it must be dealt with. In the same manner, we apply AUP's to our users, it's RIPE responsibility, to clearly state, it is not acceptable, and it will have consequences... Raising the risk for companies is the only way we tip the balance of "Loss vs Earning", and hopefully eradicate bad actors, or hopefully even stopping them right at their business plans.
This is why I support "2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)"
Best regards, Marco ----------------------------------------------------------------------- CSIRT.UMINHO - Universidade do Minho https://csirt.uminho.pt | report@csirt.uminho.pt | info@csirt.uminho.pt -----------------------------------------------------------------------
----- Mensagem original -----
De: "Brian Nisbet" <brian.nisbet@heanet.ie> Para: "anti-abuse-wg" <anti-abuse-wg@ripe.net> Enviadas: Quinta-feira, 4 De Abril de 2019 9:42:32 Assunto: [anti-abuse-wg] On +1s and Policy Awareness Colleagues,
Two (broad) things to address, while, of course, noting that I would ask you all to assume best intent in all of your fellow working group members. And to post as politely as possible yourself!
I have, repeatedly, pointed out that all of the emails are being read by the Co-Chairs and the RIPE PDO. Short messages of support or +1s are noted and considered, but this is not a vote. I think I've said that twice now, hopefully the third time will be enough. We have also read the opinions of people about this, however the original statement remains unchanged. If, at the appropriate points, anyone in the working group feels the Co-Chairs have erred in our decision regarding consensus, then there is an appeals process.
RIPE 710 covers the whole PDP and section 4 specifically covers appeals - https://www.ripe.net/publications/docs/ripe-710
On the general awareness of the policy, the announcement on 2019-03 was posted to the Policy Announce list and to Routing-WG in addition to here. It has also been raised in a few other locations. Given where we are right now in the initial Discussion Phase and the plans by the authors to produce a v2.0 of the document, I would strongly suggest (but note that it is not certain) that nothing will have been decided by RIPE 78, when even more people will become aware. If people choose not to join the mailing list nor use the RIPE Forum to participate, then there is little the AA-WG can do.
So please, especially given all the nice things people have said about the Co-Chairs, and thank you for that, can you trust that we are both seeing all of the messages and treating them as stated, and if you don't agree, there is a process by which you can express this, rather than all going back and forth again here.
You can also always contact the Co-Chairs directly on aa-wg-chair@ripe.net
Thanks,
Brian Co-Chair, RIPE AA-WG
Brian Nisbet Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270
On Thu, Apr 04, 2019 at 04:52:32PM +0100, CSIRT.UMINHO Marco Teixeira wrote:
While I speak for myself, I might incur the risk of representing a lot of the so-called "Astroturfers?!". While some accuse (please don't take it personally, it's just clarification) the newcomers of being voiceless, I must say that I have been, with great effort, refraining from going into a long discourse on a list where I am new. That should not be understood as a sign of "spamming" a vetting process, but as a sign of respect for all of you, long-standing members of RIPE, guardians of our IP addresses, one of the building blocks of the Internet :-)
I know of forums where "the n00b" is expected to shut up and listen, but this is not one of them. At least I have never noticed that newcomers weren't welcomed - and as I stated before, I personally would like to see more and different voices here - and no, not just those who agree with me although I hope some will... So don't be afraid to speak up if you've something to say!
As one last thought, again IMHO, I believe BGP Hijacking is one of the most pressing issues, menacing the Internet resiliency, and it must be dealt with. In the same manner, we apply AUP's to our users, it's RIPE responsibility, to clearly state, it is not acceptable, and it will have consequences... Raising the risk for companies is the only way we tip the balance of "Loss vs Earning", and hopefully eradicate bad actors, or hopefully even stopping them right at their business plans.
1) The RIPE NCC is not the provider of "AUP" for the entire Internet or even the Internet of the Service Region. I understand that some would *like* it to be, but that is not what the members are paying it for. 2) If anyone needs to be "eradicated", I'd prefer that to be determined by a judge and, preferably, a jury. NOT some neighbourhood watch curtain-twitcher with the help of a monopoly service provider.
This is why I support "2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)"
and this is why I oppose it :) rgds, SL
Best regards, Marco ----- Mensagem original -----
De: "Brian Nisbet" <brian.nisbet@heanet.ie> Para: "anti-abuse-wg" <anti-abuse-wg@ripe.net> Enviadas: Quinta-feira, 4 De Abril de 2019 9:42:32 Assunto: [anti-abuse-wg] On +1s and Policy Awareness
Colleagues,
Two (broad) things to address, while, of course, noting that I would ask you all to assume best intent in all of your fellow working group members. And to post as politely as possible yourself!
I have, repeatedly, pointed out that all of the emails are being read by the Co-Chairs and the RIPE PDO. Short messages of support or +1s are noted and considered, but this is not a vote. I think I've said that twice now, hopefully the third time will be enough. We have also read the opinions of people about this, however the original statement remains unchanged. If, at the appropriate points, anyone in the working group feels the Co-Chairs have erred in our decision regarding consensus, then there is an appeals process.
RIPE 710 covers the whole PDP and section 4 specifically covers appeals - https://www.ripe.net/publications/docs/ripe-710
On the general awareness of the policy, the announcement on 2019-03 was posted to the Policy Announce list and to Routing-WG in addition to here. It has also been raised in a few other locations. Given where we are right now in the initial Discussion Phase and the plans by the authors to produce a v2.0 of the document, I would strongly suggest (but note that it is not certain) that nothing will have been decided by RIPE 78, when even more people will become aware. If people choose not to join the mailing list nor use the RIPE Forum to participate, then there is little the AA-WG can do.
So please, especially given all the nice things people have said about the Co-Chairs, and thank you for that, can you trust that we are both seeing all of the messages and treating them as stated, and if you don't agree, there is a process by which you can express this, rather than all going back and forth again here.
You can also always contact the Co-Chairs directly on aa-wg-chair@ripe.net
Thanks,
Brian Co-Chair, RIPE AA-WG
Brian Nisbet Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270
Please. You keep trying to speak for the entire community and/or the ncc while all the time it is about your personal preference. —srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Sascha Luck [ml] <aawg@c4inet.net> Sent: Friday, April 5, 2019 4:03 AM To: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] On +1s and Policy Awareness AND Astro... something... On Thu, Apr 04, 2019 at 04:52:32PM +0100, CSIRT.UMINHO Marco Teixeira wrote:
While I speak for myself, I might incur the risk of representing a lot of the so-called "Astroturfers?!". While some accuse (please don't take it personally, it's just clarification) the newcomers of being voiceless, I must say that I have been, with great effort, refraining from going into a long discourse on a list where I am new. That should not be understood as a sign of "spamming" a vetting process, but as a sign of respect for all of you, long-standing members of RIPE, guardians of our IP addresses, one of the building blocks of the Internet :-)
I know of forums where "the n00b" is expected to shut up and listen, but this is not one of them. At least I have never noticed that newcomers weren't welcomed - and as I stated before, I personally would like to see more and different voices here - and no, not just those who agree with me although I hope some will... So don't be afraid to speak up if you've something to say!
As one last thought, again IMHO, I believe BGP Hijacking is one of the most pressing issues, menacing the Internet resiliency, and it must be dealt with. In the same manner, we apply AUP's to our users, it's RIPE responsibility, to clearly state, it is not acceptable, and it will have consequences... Raising the risk for companies is the only way we tip the balance of "Loss vs Earning", and hopefully eradicate bad actors, or hopefully even stopping them right at their business plans.
1) The RIPE NCC is not the provider of "AUP" for the entire Internet or even the Internet of the Service Region. I understand that some would *like* it to be, but that is not what the members are paying it for. 2) If anyone needs to be "eradicated", I'd prefer that to be determined by a judge and, preferably, a jury. NOT some neighbourhood watch curtain-twitcher with the help of a monopoly service provider.
This is why I support "2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)"
and this is why I oppose it :) rgds, SL
Best regards, Marco ----- Mensagem original -----
De: "Brian Nisbet" <brian.nisbet@heanet.ie> Para: "anti-abuse-wg" <anti-abuse-wg@ripe.net> Enviadas: Quinta-feira, 4 De Abril de 2019 9:42:32 Assunto: [anti-abuse-wg] On +1s and Policy Awareness
Colleagues,
Two (broad) things to address, while, of course, noting that I would ask you all to assume best intent in all of your fellow working group members. And to post as politely as possible yourself!
I have, repeatedly, pointed out that all of the emails are being read by the Co-Chairs and the RIPE PDO. Short messages of support or +1s are noted and considered, but this is not a vote. I think I've said that twice now, hopefully the third time will be enough. We have also read the opinions of people about this, however the original statement remains unchanged. If, at the appropriate points, anyone in the working group feels the Co-Chairs have erred in our decision regarding consensus, then there is an appeals process.
RIPE 710 covers the whole PDP and section 4 specifically covers appeals - https://www.ripe.net/publications/docs/ripe-710
On the general awareness of the policy, the announcement on 2019-03 was posted to the Policy Announce list and to Routing-WG in addition to here. It has also been raised in a few other locations. Given where we are right now in the initial Discussion Phase and the plans by the authors to produce a v2.0 of the document, I would strongly suggest (but note that it is not certain) that nothing will have been decided by RIPE 78, when even more people will become aware. If people choose not to join the mailing list nor use the RIPE Forum to participate, then there is little the AA-WG can do.
So please, especially given all the nice things people have said about the Co-Chairs, and thank you for that, can you trust that we are both seeing all of the messages and treating them as stated, and if you don't agree, there is a process by which you can express this, rather than all going back and forth again here.
You can also always contact the Co-Chairs directly on aa-wg-chair@ripe.net
Thanks,
Brian Co-Chair, RIPE AA-WG
Brian Nisbet Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270
In message <20190404223345.GX99066@cilantro.c4inet.net>, "Sascha Luck [ml]" <aawg@c4inet.net> wrote:
1) The RIPE NCC is not the provider of "AUP" for the entire Internet or even the Internet of the Service Region. I understand that some would *like* it to be, but that is not what the members are paying it for.
I agree 100% with Sascha Luck. RIPE is quite clearly not the enforcer of an AUP for the Internet.... and shouldn't be. It can however be the enforcer of an AUP for just that minimal set of services that it does provide, and I would argue that it should be. And indeed, that is perhaps the most clear and succinct distilation of what this entire discussion on 2019-03 has been about: Shall RIPE have an AUP, like virtually -every- other online service does? RIPE can't tell anyone either what to announce (over BGP) much less what the individual IP addresses that people do announce are used for, which could include, and which often *does* include, the distribution of malware and also innumerable other unsavory and illegal activities. None of that is, or rightly should be any of RIPE's concern. On that I think we all agree. As regards to what RIPE members are paying for, unless I have totally misunderstood, the members are paying for the -orderly- distribution and registration of number resources. Hijacking quite clearly flies in the face of that desired order, and if left unchecked, results in the very opposite of order, i.e. chaos. Such activity therefore cannot be either condoned nor even tolerated by the dues paying members if they are in fact to get the very thing that they are paying for, order over chaos. Even such online services as Twitter, which charges people nothing, and which consciously and deliberately permits the creation of fake "parody" accounts, has an AUP. You wll get booted from Twitter if you go around threatening people directly with physical violence or if you encourage others in that direction. The penalty for such sins is simply and only the removal of the services that Twitter provides. You don't go to prison, you don't have to pay a monetary fine, and you aren't banned from the Internet as a whole. You just don't get to play on Twitter anymore. Based on that example, and on countless others that I could also easily cite, it does not seem to me to be all that radical of an idea that RIPE should likewise have an AUP... one whose very limited goal is to promote respect for its own allocations, and those of its brethren RIRs, thus promoting order over chaos, and with the sum total of the possible penality for deliberately breaking the AUP being strictly and only the mere withdrawal of just those few small services that RIPE provides. No death penality. No monetary fines. No global bans from the Internet... which could not be effectively enforced in any event. If you break the RIPE AUP you just don't get any services from RIPE anymore, just as if you break the AUP of any other online service, and get caught doing it, you will be disallowed the privileges of those other services. When viewed in this light, the question must be asked: Why is RIPE essentially alone among all online services, both paid and free, in not having -any- kind of AUP? Why should it not have at least an AUP which is itself minimal, and which is also consistant with RIPE's own fundamental goal of promoting order over chaos when it comes to Internet number resources? Quite obviously RIPE is out of step with essentially every other online service in having no AUP whatsoever. Thus, it is not so much for the supporters of 2019-03 to justify why thre should, at long last, be an AUP for RIPE. Rather, it is for the opponents of 2019-03 to justify, I think, why RIPE should continue to be such an inconsistant outlier among the whole universe of online services.
2) If anyone needs to be "eradicated", I'd prefer that to be determined by a judge and, preferably, a jury. NOT some neighbourhood watch curtain-twitcher with the help of a monopoly service provider.
Extending my analogy above even a bit further, this is like saying that each and every time Twitter catches one of its users threatening another user with physical violence, Sasha Luck would have Twitter, Inc. be *required* to go to a judge and pay for a lengthy and costly civil court trial before Twitter, Inc. would be allowed to just simply terminate that user's Twitter account. (I must assume that Sasha Luck would have this rule extended also to the customers of Internet hosting companies, i.e. if any of THEM got caught hacking or spamming, then *only* a civil court case could be used to get any such customer accounts terminated. This is the obvious and logical endpoint of the philosophy and policy that Sasha Luck is advocating.) To say that this is both an impractical and unworakable solution would be an understatement. In fact, it is quite obviously a ludicrously over-the-top "solution" to what is, after all, a rather simple problem involving private parties and the interpretation of a private commercial contract. So it is for Twitter, Inc. and so it is also for RIPE, Inc. Certainly, if anyone who has been kicked off Twitter for AUP violations, ever felt that this action had been in some way grossly unfair, then he/she would have a perfect right to avail themselves fully of the civil courts, and to sue Twitter, Inc. after the fact, for reinstatement. And so it would be also if RIPE had a (contractual) AUP and if RIPE ever elected to enforce that. I would hasten to add however that IN PRACTICE the number of such lawsuits that have even been -filed- against Twitter, Inc., let alone the number of such suits that have been seriously pursued, has asymptotically approached zero. (And I personally am aware of precisely -zero- such "reinstatement" lawsuits.) Oh! And by the way, it could also be argued that Twitter, Inc. is a "monopoly provider". It you want to tweet, there really aren't a whole lot of other services out there which you can sign up for and that allow you to tweet. This fact however, does not, by itself, constitute a persuasive argument against Twitter having at least some minimal AUP. And the company most certainly does have one. I say again that it is only RIPE that is the radical outlier when it comes to online services that have no AUP whatsoever. RIPE is, in this one sense at least, a bizzare and twisted historical anomaly, a leftover from a prior century, and a member-based service organization that is quite clearly entirely out of step with essentially -all- current practice on the entire rest of the Internet. In fact, now that I think of it, I think I can go even further than that and say that RIPE is alone among the entire universe of member-based organizations, both online and offline, in having no AUP whatsoever. As I understand it, even at Mr. Trump's Florida resort hotel, Mar-a-Lago, members are summarily ejected and their memberships revoked if they steadfastly refuse to wear shoes in in the main ballroom, or if they insist on using the tennis courts to relieve themselves. RIPE members please take note: It should be disconcerting to you, just as it is for me, to realize that even Mr. Trump's commercial properties maintain what are arguably higher standards for member behavior than RIPE does at the present time. Regards, rfg P.S. My apologies in advance to anyone who is a Donald Trump admirer and who may thus feel that my reference to him, in this context, is cause for a formal complaint to the WG Chair. I confess that I am not at all a fan of the man myself, but I do believe that a careful reading of my comments above will reveal that I have done him no disrespect, and quite the opposite, that I have been compelled to compare him and his commercial properties in rather favorable terms, at least when contrasted with the odd present circumstances within RIPE.
On Thu, Apr 04, 2019 at 06:41:52PM -0700, Ronald F. Guilmette wrote:
RIPE can't tell anyone either what to announce (over BGP) much less what the individual IP addresses that people do announce are used for, which could include, and which often *does* include, the distribution of malware and also innumerable other unsavory and illegal activities. None of that is, or rightly should be any of RIPE's concern. On that I think we all agree.
This argument actually deserves a rebuttal. 1) I'm not convinced "we all agree" on that. At least where content is concerned, that discussion has already been had, in this very place. With much similar arguments. While it ultimately led to nothing, i don't remember any universal agreement. 2) Why *not*? It is precisely what 2019-03 attempts to do: it empowers the NCC to regulate in an area where it has no mandate (Routing) with the argument that RIPE-"regulated" resources are involved. It follows logically that this extends to any other use of RIPE-"regulated" resources. Including who can advertise what to whom by which means and to which end. All it takes is another bright idea once that door is open.
As regards to what RIPE members are paying for, unless I have totally misunderstood, the members are paying for the -orderly- distribution and registration of number resources. Hijacking quite clearly flies in the face of that desired order, and if left unchecked, results in the very opposite of order, i.e. chaos. Such activity therefore cannot be either condoned nor even tolerated by the dues paying members if they are in fact to get the very thing that they are paying for, order over chaos.
The debate as to what function the NCC should have can and should be had. However, not here. This is something that I firmly believe the paying membership AND NOBODY ELSE should decide. As for comparing RIPE NCC with Twitter, that 'argument, is so blatantly ridiculous that I don't think it even deserves a response. rgds, SL
Right. You don't agree with it. So "we all" don't agree with it. Excellent reasoning there. On 05/04/19, 5:44 PM, "anti-abuse-wg on behalf of Sascha Luck [ml]" <anti-abuse-wg-bounces@ripe.net on behalf of aawg@c4inet.net> wrote: On Thu, Apr 04, 2019 at 06:41:52PM -0700, Ronald F. Guilmette wrote: >RIPE can't tell anyone either what to announce (over BGP) much less what >the individual IP addresses that people do announce are used for, which >could include, and which often *does* include, the distribution of malware >and also innumerable other unsavory and illegal activities. None of that >is, or rightly should be any of RIPE's concern. On that I think we all >agree. This argument actually deserves a rebuttal. 1) I'm not convinced "we all agree" on that. At least where content is concerned, that discussion has already been had, in this very place. With much similar arguments. While it ultimately led to nothing, i don't remember any universal agreement. 2) Why *not*? It is precisely what 2019-03 attempts to do: it empowers the NCC to regulate in an area where it has no mandate (Routing) with the argument that RIPE-"regulated" resources are involved. It follows logically that this extends to any other use of RIPE-"regulated" resources. Including who can advertise what to whom by which means and to which end. All it takes is another bright idea once that door is open. >As regards to what RIPE members are paying for, unless I have totally >misunderstood, the members are paying for the -orderly- distribution and >registration of number resources. Hijacking quite clearly flies in the >face of that desired order, and if left unchecked, results in the very >opposite of order, i.e. chaos. Such activity therefore cannot be either >condoned nor even tolerated by the dues paying members if they are in >fact to get the very thing that they are paying for, order over chaos. The debate as to what function the NCC should have can and should be had. However, not here. This is something that I firmly believe the paying membership AND NOBODY ELSE should decide. As for comparing RIPE NCC with Twitter, that 'argument, is so blatantly ridiculous that I don't think it even deserves a response. rgds, SL
On Fri, Apr 05, 2019 at 06:07:48PM +0530, Suresh Ramasubramanian wrote:
Right. You don't agree with it. So "we all" don't agree with it. Excellent reasoning there.
I *do* agree that the NCC should not get involved in routing or content matters. I dispute the statement that *everyone* agrees with that. I apologise if I didn't make this clear enough. I will endeavour to use even shorter words next time. rgds, SL
On 05/04/19, 5:44 PM, "anti-abuse-wg on behalf of Sascha Luck [ml]" <anti-abuse-wg-bounces@ripe.net on behalf of aawg@c4inet.net> wrote:
On Thu, Apr 04, 2019 at 06:41:52PM -0700, Ronald F. Guilmette wrote:
RIPE can't tell anyone either what to announce (over BGP) much less what the individual IP addresses that people do announce are used for, which could include, and which often *does* include, the distribution of malware and also innumerable other unsavory and illegal activities. None of that is, or rightly should be any of RIPE's concern. On that I think we all agree.
This argument actually deserves a rebuttal.
1) I'm not convinced "we all agree" on that. At least where content is concerned, that discussion has already been had, in this very place. With much similar arguments. While it ultimately led to nothing, i don't remember any universal agreement.
2) Why *not*? It is precisely what 2019-03 attempts to do: it empowers the NCC to regulate in an area where it has no mandate (Routing) with the argument that RIPE-"regulated" resources are involved. It follows logically that this extends to any other use of RIPE-"regulated" resources. Including who can advertise what to whom by which means and to which end. All it takes is another bright idea once that door is open.
As regards to what RIPE members are paying for, unless I have totally misunderstood, the members are paying for the -orderly- distribution and registration of number resources. Hijacking quite clearly flies in the face of that desired order, and if left unchecked, results in the very opposite of order, i.e. chaos. Such activity therefore cannot be either condoned nor even tolerated by the dues paying members if they are in fact to get the very thing that they are paying for, order over chaos.
The debate as to what function the NCC should have can and should be had. However, not here. This is something that I firmly believe the paying membership AND NOBODY ELSE should decide.
As for comparing RIPE NCC with Twitter, that 'argument, is so blatantly ridiculous that I don't think it even deserves a response.
rgds, SL
In message <20190405125144.GA99066@cilantro.c4inet.net>, "Sascha Luck [ml]" <aawg@c4inet.net> wrote:
I *do* agree that the NCC should not get involved in routing or content matters. I dispute the statement that *everyone* agrees with that.
I do not agree with that. With respect to "content", yes, that is *not* RIPE's concen. But you have repeatedly tried to lump these two very different concerns together, content and routing, and you have done so inappropriately, in my estimation. The distinction between the two is clear enough, I think. It is not for RIPE to decide what does or doesn't constitute "pornography", e.g. in Russia, much less in Saudi Arabia. That's the part that I think essentially everyone agrees on. In contrast, with respect to routing, I have to ask "What is the purpose of RIPE?" Is it not to make allocations of numbers, to various parties, in the hope and belief that this will cause all of those parties to "stay in their own lanes", so to speak? Is the point of all of RIPE's abundant bookeeping simply as an end, in and of itself, and totally without reference to what actually happens out the Real World, with people's actual routers? I think not. The whole point of RIPE is to try to foster cooperation, and more specifically to prevent counterproductive squabbles about who should be using which numbers. If I am right about that, then 2019-03 is simply a codification of that pre-existing goal and that pre-existing mandate. To say that RIPE should have nothing to do with routing is like saying that the traffic cop who stands in the middle of busy intersection, motioning at various cars to tell them when it is their turn to move, should have no effect at all on which cars actually do move, and when. If that's true, then why bother having him there at all? Regards, rfg
Hi, On Fri, Apr 05, 2019 at 06:07:48PM +0530, Suresh Ramasubramanian wrote:
Right. You don't agree with it. So "we all" don't agree with it. Excellent reasoning there.
If a single person disagrees, the claim "all agree" is obviously false. Very basic math. And please follow accepted quoting style of the forum you're participating. Single top posts in a civilized debate are so highly unconsiderate that it should be sanctioned in itself. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Using mutt and elm and conventions on what you call TOFU sort of faded into the past with mutt and tin but anyway once I get in front of a laptop with a reasonable mail client I will certainly follow that charmingly old fashioned style. I do have mutt available for use. Yes. We won't get unanimous agreement on this. Hence rough consensus. --srs ________________________________ From: Gert Doering <gert@space.net> Sent: Friday, April 5, 2019 6:35 PM To: Suresh Ramasubramanian Cc: Sascha Luck [ml]; anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] On +1s and Policy Awareness AND Astro... something... Hi, On Fri, Apr 05, 2019 at 06:07:48PM +0530, Suresh Ramasubramanian wrote:
Right. You don't agree with it. So "we all" don't agree with it. Excellent reasoning there.
If a single person disagrees, the claim "all agree" is obviously false. Very basic math. And please follow accepted quoting style of the forum you're participating. Single top posts in a civilized debate are so highly unconsiderate that it should be sanctioned in itself. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
In message <20190405121330.GY99066@cilantro.c4inet.net>, Sascha Luck [ml]" <aawg@c4inet.net> wrote:
1) I'm not convinced "we all agree" on that. At least where content is concerned, that discussion has already been had, in this very place. With much similar arguments. While it ultimately led to nothing, i don't remember any universal agreement.
I cannot speak to every historical posting that might have ever been made to the AAWG mailing list. I can only say that, for my part, I personally have no recollection of having ever spoken in favor of the proposition that RIPE should get into the content regulation business. Nor do I have any personal recollection of anyone else having ever done so, either here or anywhere else. That having been said, I understand that you have a reasonable concern that, at some future point, RIPE may be motivated or enticed into attempting to regulate some specific forms of content. If and when that day ever comes, I will be standing right beside you, denouncing and objecting to any such attempts to make RIPE into the Content Police. But that day is not today, and that is clearly not what 2019-03 does.
2) Why *not*? It is precisely what 2019-03 attempts to do: it empowers the NCC to regulate in an area where it has no mandate (Routing) with the argument that RIPE-"regulated" resources are involved. It follows logically that this extends to any other use of RIPE-"regulated" resources. Including who can advertise what to whom by which means and to which end. All it takes is another bright idea once that door is open.
This is, again, the "slippery slope" argument, i.e. the notion that once RIPE has at least -one- "behavioral" rule, many others, including many that may have nothing at all to do with RIPE's fundamental goals, will inevitably follow. I have already addressed this "slippery slope" argument. I think that the fear, while reasonable, is overblown, and that as long as RIPE remains exclusively concerned with issues relating directly and only to the orderly management of the address space this fear is misplaced. Nobody has asked, and nobody is at all likely to ask RIPE to address the issue of childhood truancy, or any of a million other social ills that clearly have nothing at all to do with Internet number resources. To repeat, I and others see there as being a bright line that can easily be used to clearly distinguish betwen abuse "on" the Internet and abuse "of" the Internet. Hijacking is clearly in the latter category.
The debate as to what function the NCC should have can and should be had. However, not here. This is something that I firmly believe the paying membership AND NOBODY ELSE should decide.
I actually would agree with that last part, i.e. the part about having -only- the dues-paying members decide. I confess that I know virtually nothing about the mechanics of how this whole process is supposed to work, but it has been my assumption throughout that, yes, in fact, a proposal such as this -would- ultimately have to be approved by the dues-paying membership, acting as a whole body. Are you asserting that a new rule such as 2019-03 could be adopted WITHOUT the consent of the dues-paying members, acting as a whole? If so, that's news to me! I confess that I may have been incorrectly assuming that this proposal would be -reviewed- by the AAWG, and that at the end of this process, the -recommendation- of the AAWG would be passed on for final ratification to whatever body represents the whole of the dues-paying members... sort of like a U.S. congressional subcommittee can simply -recommend- something, after which it goes to the full committee, and then if -they- approve it, then it finally gets voted on by the whole body (either the Senate or the House of Representatives). If that's not the way this actually works in the case of the RIPE AAWG, then I ask for either you or the chair to educate me about the mechanics of the actual adoption proccess for RIPE proposals (such as 2019-03) because it sounds like you are saying that -just- the AAWG can act on its own and thus bind the whole of RIPE to some course of action. If that's true, then it certainly would be unfair and un-democratic.
As for comparing RIPE NCC with Twitter, that 'argument, is so blatantly ridiculous that I don't think it even deserves a response.
I fail to see how the comparison/analogy is ridiculous. Both entities have memberships and members. Both provide some kind of service to those members. In both cases, the entities could each arguably be called "monopoly providers" of their respective services. Seems like a good analogy to me! The only real (and striking) difference seems to be that, as I pointed out, one of these organizations has an actual AUP and the other doesn't have any at all. But perhaps that is exactly what you meant to say, i.e. that any comparison between, say, Twitter and RIPE is "ridiculous" because Twitter, at least, is realistic in its minimal "light touch" regulation which is designed and intended to prevent utter chaos. Regards, rfg
Ronald,
-----Original Message----- From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> On Behalf Of Ronald F. Guilmette Sent: Friday 5 April 2019 20:57 To: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] On +1s and Policy Awareness AND Astro... something...
The debate as to what function the NCC should have can and should be had. However, not here. This is something that I firmly believe the paying membership AND NOBODY ELSE should decide.
I actually would agree with that last part, i.e. the part about having -only- the dues-paying members decide. I confess that I know virtually nothing about the mechanics of how this whole process is supposed to work, but it has been my assumption throughout that, yes, in fact, a proposal such as this - would- ultimately have to be approved by the dues-paying membership, acting as a whole body. Are you asserting that a new rule such as 2019-03 could be adopted WITHOUT the consent of the dues-paying members, acting as a whole? If so, that's news to me!
I confess that I may have been incorrectly assuming that this proposal would be -reviewed- by the AAWG, and that at the end of this process, the -recommendation- of the AAWG would be passed on for final ratification to whatever body represents the whole of the dues-paying members... sort of like a U.S. congressional subcommittee can simply -recommend- something, after which it goes to the full committee, and then if -they- approve it, then it finally gets voted on by the whole body (either the Senate or the House of Representatives). If that's not the way this actually works in the case of the RIPE AAWG, then I ask for either you or the chair to educate me about the mechanics of the actual adoption proccess for RIPE proposals (such as 2019- 03) because it sounds like you are saying that -just- the AAWG can act on its own and thus bind the whole of RIPE to some course of action. If that's true, then it certainly would be unfair and un-democratic.
If this proposal reaches consensus after going through the RIPE Policy Development Process - https://www.ripe.net/participate/policies - then it becomes RIPE policy. The RIPE NCC are then tasked with implementing that policy. This is why we try to advertise the policy discussions so broadly (Policy Announce List, discussions at meetings, other forms of communication), because the process is the thing. Now, should there be a dispute between the wishes of the membership and a policy, then that is a whole other thing and it is not my place to speculate on the outcome, but there is no step where the General Meeting is asked to vote on a policy, it's all done by consensus in the Working Groups. It is really wrong to describe this as a democracy, as I've said several times, this is not a vote. Brian Co-Chair, RIPE AA-WG Brian Nisbet Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270
In message <DB7PR06MB564352D2252FFBE9DCCA3DDF942D0@DB7PR06MB5643.eurprd06.prod.outlook.com>, Brian Nisbet <brian.nisbet@heanet.ie> wrote:
... but there is no step where the General Meeting is asked to vote on a policy, it's all done by consensus in the Working Groups.
Well, I honestly didn't know that, and frankly it comes as a bit of a shock to me. Given what you've just said, I don't think that it would be accurate to say that I am an uneuqivocal supporter of the present -process- for adopting RIPE policy proposals. In fact, quite the contrary. My hope would be that if working group `X' endorses some policy which could potentially have far ranging implications for the whole membership then -all- of the parties affected should have some voice in the policy adoption process. And if that is not currently how things work, then it is, in my estimation, sub-optimal. But this is hardly the first or only instance when I have some quibble with how things are done in RIPEland. So please just consider it as one more log on the fire, as far as I personally am concerned. Anyway, thanks for the clarification Brian. Regards, rfg
Hi Ronald,
Given what you've just said, I don't think that it would be accurate to say that I am an uneuqivocal supporter of the present -process- for adopting RIPE policy proposals. In fact, quite the contrary. My hope would be that if working group `X' endorses some policy which could potentially have far ranging implications for the whole membership then -all- of the parties affected should have some voice in the policy adoption process. And if that is not currently how things work, then it is, in my estimation, sub-optimal.
There are several moments in the process where the world outside the working group is notified. There is a dedicated mailing list for that: https://www.ripe.net/ripe/mail/archives/policy-announce/. And although the RIPE NCC doesn't have any special status in policy development, they do provide the working group with an impact analysis at the beginning of the review phase of the PDP. Any potential problems can then be addressed in the working group. So instead of the working group sending a recommendation to the NCC, we do it the other way around. I personally strongly prefer this model because it bases consensus on the arguments from the wider community. Cheers, Sander
Hi, Sascha, All, Seriously? Newcomers welcomed? It's just a matter of going back and re-read parts of the thread and some sub-threads... Regards, Carlos On Thu, 4 Apr 2019, Sascha Luck [ml] wrote:
On Thu, Apr 04, 2019 at 04:52:32PM +0100, CSIRT.UMINHO Marco Teixeira wrote:
While I speak for myself, I might incur the risk of representing a lot of the so-called "Astroturfers?!". While some accuse (please don't take it personally, it's just clarification) the newcomers of being voiceless, I must say that I have been, with great effort, refraining from going into a long discourse on a list where I am new. That should not be understood as a sign of "spamming" a vetting process, but as a sign of respect for all of you, long-standing members of RIPE, guardians of our IP addresses, one of the building blocks of the Internet :-)
I know of forums where "the n00b" is expected to shut up and listen, but this is not one of them. At least I have never noticed that newcomers weren't welcomed - and as I stated before, I personally would like to see more and different voices here - and no, not just those who agree with me although I hope some will...
So don't be afraid to speak up if you've something to say!
As one last thought, again IMHO, I believe BGP Hijacking is one of the most pressing issues, menacing the Internet resiliency, and it must be dealt with. In the same manner, we apply AUP's to our users, it's RIPE responsibility, to clearly state, it is not acceptable, and it will have consequences... Raising the risk for companies is the only way we tip the balance of "Loss vs Earning", and hopefully eradicate bad actors, or hopefully even stopping them right at their business plans.
1) The RIPE NCC is not the provider of "AUP" for the entire Internet or even the Internet of the Service Region. I understand that some would *like* it to be, but that is not what the members are paying it for. 2) If anyone needs to be "eradicated", I'd prefer that to be determined by a judge and, preferably, a jury. NOT some neighbourhood watch curtain-twitcher with the help of a monopoly service provider.
This is why I support "2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)"
and this is why I oppose it :)
rgds, SL
Newcomers are welcome. It's that simple. If newcomers do not feel welcome then it is up to the Co-Chairs and all members of the WG to improve that. I know that saying something doesn't automatically make it so, and I know how intimidating some mail threads can be, but remember to make everyone welcome and to treat their words with good intent. It's on all of us. Thanks, Brian Co-Chair, RIPE AAWG Brian Nisbet Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270
-----Original Message----- From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> On Behalf Of Carlos Friaças via anti-abuse-wg Sent: Friday 5 April 2019 08:28 To: Sascha Luck [ml] <aawg@c4inet.net> Cc: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] On +1s and Policy Awareness AND Astro... something...
Hi, Sascha, All,
Seriously? Newcomers welcomed?
It's just a matter of going back and re-read parts of the thread and some sub- threads...
Regards, Carlos
On Thu, 4 Apr 2019, Sascha Luck [ml] wrote:
On Thu, Apr 04, 2019 at 04:52:32PM +0100, CSIRT.UMINHO Marco Teixeira wrote:
While I speak for myself, I might incur the risk of representing a lot of the so-called "Astroturfers?!". While some accuse (please don't take it personally, it's just clarification) the newcomers of being voiceless, I must say that I have been, with great effort, refraining from going into a long discourse on a list where I am new. That should not be understood as a sign of "spamming" a vetting process, but as a sign of respect for all of you, long-standing members of RIPE, guardians of our IP addresses, one of the building blocks of the Internet :-)
I know of forums where "the n00b" is expected to shut up and listen, but this is not one of them. At least I have never noticed that newcomers weren't welcomed - and as I stated before, I personally would like to see more and different voices here - and no, not just those who agree with me although I hope some will...
So don't be afraid to speak up if you've something to say!
As one last thought, again IMHO, I believe BGP Hijacking is one of the most pressing issues, menacing the Internet resiliency, and it must be dealt with. In the same manner, we apply AUP's to our users, it's RIPE responsibility, to clearly state, it is not acceptable, and it will have consequences... Raising the risk for companies is the only way we tip the balance of "Loss vs Earning", and hopefully eradicate bad actors, or hopefully even stopping them right at their business plans.
1) The RIPE NCC is not the provider of "AUP" for the entire Internet or even the Internet of the Service Region. I understand that some would *like* it to be, but that is not what the members are paying it for. 2) If anyone needs to be "eradicated", I'd prefer that to be determined by a judge and, preferably, a jury. NOT some neighbourhood watch curtain-twitcher with the help of a monopoly service provider.
This is why I support "2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)"
and this is why I oppose it :)
rgds, SL
Comments inline =Marco
On Thu, Apr 04, 2019 at 04:52:32PM +0100, CSIRT.UMINHO Marco Teixeira wrote:
While I speak for myself, I might incur the risk of representing a lot of the so-called "Astroturfers?!". While some accuse (please don't take it personally, it's just clarification) the newcomers of being voiceless, I must say that I have been, with great effort, refraining from going into a long discourse on a list where I am new. That should not be understood as a sign of "spamming" a vetting process, but as a sign of respect for all of you, long-standing members of RIPE, guardians of our IP addresses, one of the building blocks of the Internet :-)
I know of forums where "the n00b" is expected to shut up and listen, but this is not one of them. At least I have never noticed that newcomers weren't welcomed - and as I stated before, I personally would like to see more and different voices here - and no, not just those who agree with me although I hope some will...
It's not a "n00b" issue, for me, it's Netiquete.
So don't be afraid to speak up if you've something to say!
I just did :)
As one last thought, again IMHO, I believe BGP Hijacking is one of the most pressing issues, menacing the Internet resiliency, and it must be dealt with. In the same manner, we apply AUP's to our users, it's RIPE responsibility, to clearly state, it is not acceptable, and it will have consequences... Raising the risk for companies is the only way we tip the balance of "Loss vs Earning", and hopefully eradicate bad actors, or hopefully even stopping them right at their business plans.
1) The RIPE NCC is not the provider of "AUP" for the entire Internet or even the Internet of the Service Region. I understand that some would *like* it to be, but that is not what the members are paying it for.
Never said so. But it does provide a service that is beeing abused! And you can't really start to takle that if you don't have policy in place.
2) If anyone needs to be "eradicated", I'd prefer that to be determined by a judge and, preferably, a jury. NOT some neighbourhood watch curtain-twitcher with the help of a monopoly service provider.
I believe this argument of yours has been heavilly rebated already so i won't get into lenghty conter-argument. Just to say that, by your line of thinking, we should disolve RIPE and RIPE-NCC and reclaim a piece of IPv4. If anyone doesn't like it, let them sue.
participants (9)
-
Brian Nisbet -
Carlos Friaças -
CSIRT.UMINHO Marco Teixeira -
Eduardo Duarte -
Gert Doering -
Ronald F. Guilmette -
Sander Steffann -
Sascha Luck [ml] -
Suresh Ramasubramanian