In message <637758753.2826426.1446595528880.javamail.ya...@mail.yahoo.com>,
ripede...@yahoo.co.uk wrote:
>Ronald
>"I neither mentioned nor asked about out-of-region objects."
>"then proceeded to announce a bunch of self-evidently bogus routes to relat=
>ively large swaths of APNIC address space."
>
>Last time I checked APNIC address space is 'out of region' for RIPE.
Yes, but you're misplacing the emphasis.
With regards to this specific incident (and this specific set of what looks
to be 3 inter-related rogue ASNs) I myself don't really care which 1/5th of
the world they are stealing IP space from. I just want to know who they
really are. The region they are stealing from (at the moment) is almost
irrelevant. By tomorrow, they'll be stealing from AFRINIC, and then
from LACNIC the day afrer that.
>A lot of what {bad guys}
>do also seems to involve out of region resources.
Yes, but not all. I say again, I don't care which 1/5th of the wold they
are messing with. Regardless, I want to be able to identify them.
>That {past}
>discussion seemed to centre on wonderful, technically brilliant, perfe=
>ctionist systems of cross registry authentication to solve the entire problem.
I'm not even talking about (or even interested in) route objects in the
data base at the moment. That's a whole different problem and a whole
different kettle of fish. At the moment, I personally am focused on ORG-
records.
>But if you want anything like this to happen, regar=
>dless of who does it (RIPE NCC or members), then you have to move beyond th=
>e initial arguments against it, propose a policy and take it through the st=
>ages of discussion. If there is a consensus on doing it/something/whatever =
>then that will happen.
Yes. Understood. Thank you.
>If=
> someone gets around the legal requirements in their country and is able to=
> set up a bogus company with legitimate papers, they will get internet reso=
>urces. As you have noted, there are many countries in the RIPE region where=
> corruption runs at very high levels. If you have the right contacts you wi=
>ll get your bogus company.
To be clear, perhaps *someone* here noted that "there are many countries in
the RIPE region where corruption runs at very high levels", but whoever
that may have been, it wasn't me. I believe that to be a factually
accurate statement, but I personally did not make any such comment here,
I think.
But regardless of whether I did or didn't, you are again missing the point
and (thus) vearing off onto unrelated tangents.
As I have repeatedly said, it is my clear impression that the case of
AS204224 *does not* involve anybody bribing anybody to create a new
and/or largely fictitious company, but rather, this seem to be a good
old-fashioned case of identity theft.
I may be wrong about that, but that also would be irrelevant.
I am certainly not so deluded as to believe that anything with either
RIPE or RIPE NCC might do erase all traces of corruption from the face
of the earth, and I am *not* urging that either RIPE or RIPE NCC set out
on any quixotic quest to do so. Rather, I've suggested the much more
modest goal of at least trying to insure that contact details present
in the data base are actually associated with the parties they allegedly
represent. Such a step would, I think, foil many, if not all attempts
at identity theft, as in the case of AS204224, even through they quite
certainly would have no effect at all on world-wide corruption.
>You have to accept that Europe, Middle East and Central Asia is a very diff=
>erent landscape than the USA. Whilst I applaud efforts to validate data, th=
>e misuse of valid data will still happen.
We are in agreement.
>... There should be no object in the
>database that is not directly or indirectly linked to an ORGANISATION object.
Again, we are in agreement. I'll even go further and say I am frankly
rather surprised that the simple rule you just elaborated is not already
in place.
Regards,
rfg
