On 22/03/2019, 22:43, "anti-abuse-wg on behalf of Ronald F. Guilmette"
<anti-abuse-wg-boun...@ripe.net on behalf of r...@tristatelogic.com> wrote:
> In message <b9295ef6-d574-4d52-bd44-c0a9312fc...@a2b-internet.com>,
> Erik Bais <eb...@a2b-internet.com> wrote:
> >So even if they would get the Bulgarian spammer/hijackers in front of a
> >Dutch judge .. the change was that ... they would walk, because there was
> >no harm done .. No law was broken, no system invaded and nothing stopped
> >working . . .
> This sound like an argument IN FAVOR of the proposal that you have said
> you are opoposing! Ordinary civil and criminal counrts are still operating
> on rules from the last century, or more often, from the century before
> that.
I find it interesting how you try to twist the wording.
In case of the Bulgarian spammers hijacking the IP space of the Dutch Ministry
of Foreign Affairs, where the IP space was hijacked but not actually used (for
sending spam or other stuff), it wasn't deemed illegal. Frowned up on and
undesirable.. but not illegal.
Similar as if you 'loaned' a chair from your neighbour without consent and put
it back without damage isn't regarded as stealing.
If one country proved that they have capable laws for IT related issues, I
think that the Netherlands has some very good reputation.
Kudos here to the Dutch High Tech Crime Team Units work in the past years.
> >So in this case, the Italian Police (ROS) used (forced??) an Italian ISP
> to
> >hijack some IP space to regain control of their lost RAT C&C server..
> >(endpoint for RAT infected machines.) This wasn't an accident .. but was
> it
> >criminal by the ISP to assist their local police ?
> >And what would have been the impact if they didn't . . ?
> I am sooooooo glad that Erik Bais brought up the case of Hacking Team,
> because this case totally undermines Eric's argument in opposition to
> the proposal.
Again you are wrong on the interpretation ..
The reason why I brought up, is that it may not be clear why something
happened.
> Yet Erik Bais is arguing that RIPE policy decisions should be driven by
> a desire to accomodate the needs of exactly such Bad Actors.
Again you are so wrong here .. and I'm beginning to feel I'm feeding someone
here ..
I was the author of the RIPE policy to include RPKI for non-members. ( to
include PI holders and Legacy holder their resources into the RPKI system )
I'm not stating with that that RPKI is perfect, but it is one of the best ways
to protect yourself against bgp hijacking.
If everyone would sign their own prefixes, it will reduce the impact of
hijacks. There is a lot of momentum at this moment for RPKI and more and more
networks are already dropping invalid's.
I'm not going into the allegation that you made on my person.
> Erik Bais' final and "biggest" objection is as follows:
> >The biggest issue what I see in this policy, is that the RIPE NCC ( either
> >themselves or the Exec Board. ) is desired / aimed to pull the trigger on
> a
> >membership or contractual relationship.
> I state the obvious question: Who ELSE is empowered, under law, to "pull
> the trigger" on one of RIPE's contractual relationships? Obvious answer:
> Nobody. The member can himself/herself/itself terminate the contract, but
> the only other party that may do so, under law, and in accordance with the
> contract itself, is RIPE.
Let me first educate you on the difference between RIPE and the RIPE NCC.
RIPE is the community. Everyone can be a community member and it is for free
and RIPE doesn't give or take resources. RIPE defines the policies.
The RIPE NCC is the member organisation (Association) and a legal entity.
The member organisation has elected certain people to act as the Executive
Board.. Among others, to act as the organising group to have oversight over the
finances and the execution of the legal entity (the RIPE NCC) .
Changes in the Articles of Association (that go among things over how a
membership can be terminated ) are to be proposed in the General Meeting (GM),
that only members (LIR's) can vote on.
The members of the Executive Board are volunteers with a private responsibility
on how the association is run and is done correctly. And each year we need to
discharge the Exec. Board for their responsibilities (by member vote.) during
the AGM.
That is why there every year the following resolution to vote on during a GM.
- "The General Meeting discharges the Executive Board with regard to its
actions as they appear from the Annual Report <year>"
So if we want the Executive board to do something like this, this needs to go
to the GM.
Second, I would STRONGLY object to proceed on that, because it will bring the
Executive Board AND the RIPE NCC in a position as the sole RIR in the region to
become liable for damages.
If the intent for the authors is that there should be a reference that the
community doesn't like hijacking (And I'm fully sympathetic to that idea..)
and want to describe how to a member should proceed to get the hijacker kicked
of the internet and get their resources revoked..
Great !!.
But leave the Executive Board AND the RIPE NCC (and staff) out of the judging
seat ...
That they act after a signed court order and merely act as the
operational/administrative institute, it leaves them protected as they are not
the ruling and judging entity.
Please keep in mind the differences between RIPE and the RIPE NCC and the
procedures that are already in place and use them correctly in your postings..
Even the postings where you are trying to twist the truth or bending in your
own favour.
I would also like it if you would refrain from making ANY comments about the
WWII and apologize to the people on the list. It has NOTHING to do with the
topic at hand.
And if you can't somehow I'll ask the moderators of the list to kindly ask you
again or block you from posting again.
Regards,
Erik Bais
