Hi, Looking forward to version 2 of policy proposal :)
Wanted to thank those that serve on @anti-abuse for their service, dedication and valuable time. I also want to generally thank everyone for everything I learned here in 2017. I wish everyone an amazing 2018 Thank you Andre On Thu, 7 Dec 2017 12:17:25 +0000 Brian Nisbet <brian.nis...@heanet.ie> wrote: > Colleagues, > > The RIPE NCC staff have put together the draft minutes from RIPE75. I > would appreciate if you could take a look and let me know of any > errors, issues or required corrections. > > RIPE 75 Anti-Abuse Working Group Minutes > > Wednesday, 25 October 2017, 11:00 - 12:30 > WG Co-Chair: Brian Nisbet > Scribe: Nathalie Trenaman, RIPE NCC > Status: Draft > > A. Administrative Matters > > Brian Nisbet opened the meeting and welcomed the working group. > > There was one addition to the agenda: Jan Žorž will do a brief > presentation about the BCOP work. The minutes for the RIPE 74 meeting > were approved. > > B. Update > B1. Recent list Discussion > > Brian mentioned that there was nothing much to reference content-wise > on the mailing list apart from the usual discussions. > > The RIPE community Code of Conduct is extended and includes the > mailing list. > > There was positive feedback about this development. > > C. Policies > > C1. Policies: 2017-02 (Regular Abuse-C Validation) - Gregory Mounier > and Hervé Clemens > > The presentation is available at: > https://ripe75.ripe.net/presentations/119-Policy-change-proposal-RIPE-75-Dubai-V4.pdf > > Jan Žorž, ISOC, said he liked the idea of an auto-responder and wanted > to give RIPE NCC the mandate to validate contacts, but he was not sure > about the frequency of once-a-year for validation. Jan thinks that > over 90% of the contacts are probably correct. > > Ruediger Volk, Deutsche Telekom, stressed his point that he would like > to see a guideline document for abuse-c contact information. > > Brian Nisbet pointed out that this has been a discussion before and > that more input was then requested and not received. > > Ruediger Volk added that the RIPE NCC already has the mandate to keep > the registry accurate and that there is no need for a separate policy > to enforce that. > A repercussion of closing an LIR from this policy violates the > Standard Service Agreement (SSA). > > Nigel Titley, RIPE NCC Executive Board, stated that if this becomes a > policy, it becomes automatically part of the SSA. > > Piotr Strzyžewski, Silesian University of Technology, Computer Centre, > said he missed the financial impact slide in this presentation. > > Gregory Mounier, Europe, explained that it would be in the impact > analysis, produced by the RIPE NCC. > > Piotr Strzyžewski said that in the General Meeting yesterday, it was > discussed that there should not be an increase of more RIPE NCC staff > members. He added that he feared robots and automation will be set up > by members to deal with the process. > > Andrew de la Haye, RIPE NCC, explained that there would be an impact > analysis published in the next phase of the policy process. If the > policy would reach consensus, they would not include the cost factor. > The cost factor will be discussed in the General Meeting. > > Erik Bais, A2B Internet, said that he thought the ARC (Assisted > Registry Check) process was the right process for this and that the > RIPE NCC had enough issues chasing members for ARCs. He added that he > was strongly against the part of this policy proposal that mentions > closing members. > > Andrea Cima, RIPE NCC, commented that the RIPE NCC wouldn’t be able to > contact all the members through ARCs on a yearly basis, but they can > partially use ARCs to prioritise those members where they think the > abuse-c information is incorrect. He added that they do not know the > numbers yet, so ARCs may not be enough to fulfil. ARCs can help but > it's not the full solution. > > Peter Hessler, Hostserver GmbH, stated that he is very much against > this policy. He said it was a waste of resources in all areas and he > is extremely against the closure clause of this policy proposal. > > Alexander Isavin, Internet Protection Society, said that what is sad > about this policy proposal, was that is comes from law enforcement. He > added that RIPE is not about helping law enforcement, but to support > networks. > > Brian Nisbet says that they should not forget that law enforcement is > part of their community. > > Gregory Mounier said that by monitoring an email address, law > enforcement would not be able to investigate criminals and that this > policy proposal is for the good of the community. > > William Sylvester, Addrex, asked if this policy proposal excluded > legacy space holders. > > Brian replied that it did because they have no ability to impose > policy on legacy address space. > > William said he opposes policies that reclaim any space. > > Brian added that this raised an interesting point because it's been > said a couple of times and this is something for the community to > consider, not specifically to this. If people don't support a policy > which may lead potentially to the revocation of resources (speaking > purely as himself here), it puts the community in a very interesting > position in regards to what they may or may not be able to do in the > future and the policies which currently exist which can lead to > closure of members and revocation of resources. It is a very general > comment, that is an interesting thing because it was referenced > during the General Meeting last time as well. > > Gregory commented that he would also like to include the legacy space, > but he was told not to. > > Jordi Palet Martinez, The IPv6 Company, said that he was in favour of > this proposal because it improved contact information. He said that a > form is not a good idea, because it is a waste of resources. An email > should be answered in a certain amount of days. > > Brian added that version two of this policy proposal would be sent to > the mailing list soon. > > D. Interactions > D1. Working Groups - RIPE Database and Implementation of “abuse-c" > > Brian encouraged everyone to look at the conversations on the Database > mailing list and to attend the Database Working Group session if they > wanted to discuss this topic. He said he was not going to go into it > here because it was a piece of work on the database but it was worth > referencing because it's about the abuse‑c. > > E. Presentation > E1. Netflow Based Botnet Detection - Alireza Vaziri > The presentation is available > at: https://ripe75.ripe.net/presentations/89-Botnet-V3.pdf > > There were no questions or comments. > > E2. Pre-Transfer Clean-Up of Abused Prefixes - Erik Bais > The presentation is available at: > > https://ripe75.ripe.net/wp-content/uploads/presentations/45-Prefix-Broker-presentation-RIPE75-AAWG.pdf > > Brian asked how to make contact with the larger RBLs (Real-Time > Blackhole Lists) and how to persuade them to update their information. > > Erik said they had some experience with them because of GRUMbot, but > the people from Shadowserver have very good contacts. Typically is > wasn’t that hard to get them to update their information. > Gregory Mounier asked if he knew how the bad guys got the IPs, was it > hijacking. > > Erik replied that the IP space was from a Dutch hosting provider that > was a member of the RIPE NCC. So it was customers that were in this > space that were using it for this type of activity and hiding their > command and control servers. > > X. AOB > > Jan Žorž presented about a new idea from the BCOP (Best Current > Operational Practice) Task Force. It is about IPv6 and mail servers; > how to protect them, including DKIM, DMARC etc. > > Jan asked if there were any volunteers in the WG to help write this > document. Jan will send a mail to the mailing list as well. > > Peter Koch, DENIC, asked about the scope of this best practice > document and if there was a guideline for these operational best > practices. > > Jan Žorž replied that Franck Martin from LinkedIn wrote something > already, but he wants a BCOP document for a broader audience. > > Z. Agenda for RIPE 76 > > Brian closed the meeting and reminded people to submit topics for the > RIPE 76 agenda. > >
