On Thu, 5 Sep 2019, Jacob Slater wrote:
All,
Hi Jacob, All,
Given the number of people who may submit a report (anyone receiving a
full table from their upstream(s), assuming the accused hijack makes it
into the DFZ),
If that happens, then potentially everyone can be a victim, yes.
Then they should be able to place a report.
But that's a fundamental part of why some changes are needed: it's not
only the legitimate address space owner who is the victim of an hijack.
People/networks whose packets are diverted by an hijack are also victims
of traffic interception.
Afaik, this is possible within LACNIC (i.e. through warp.lacnic.net). When
the same proposal was discussed there, the yearly number of reports (if
i'm not mistaken) was on the scale of dozens -- and they have a very high
degree of helping stop/mitigate the incidents, almost close to 100%, which
is fantastic!
I'm still concerned that the proposed policy would cause more harm than
good. A random AS that happens to receive the announcement isn't in an
authoritative position to know if a given announcement was unauthorized.
I can fully agree that a system based on (possibly forged) LOAs, and
unauthenticated IRR created the huge mess we are submerged in today...
:(((
Putting them through a reporting process that might well require the
disclosure of internal information because of an unrelated
individual/group being suspicious is a problem.
I fail to identify exactly were the proposal describes such a need.
Even so, the experts should be binded to NDAs... :-)
Regards,
Carlos
Combined with the issues detailed in the Impact Analysis, I'm opposed to the
policy as written.
Jacob Slater
On Thu, Sep 5, 2019 at 9:24 AM Marco Schmidt <mschm...@ripe.net> wrote:
Dear colleagues,
Policy proposal 2019-03, "Resource Hijacking is a RIPE Policy Violation"
is now in the Review Phase.
The goal of this proposal is to define that BGP hijacking is not
accepted as normal practice within the RIPE NCC service region.
The proposal has been updated following the last round of discussion and
is now at version v2.0. Some of the changes made to version v1.0 include:
- Includes procedural steps for reporting and evaluation of potential
hijacks
- Provides guidelines for external experts
- Adjusted title
The RIPE NCC has prepared an impact analysis on this latest proposal
version to support the community?s discussion. You can find the full
proposal and impact analysis at:
https://www.ripe.net/participate/policies/proposals/2019-03
https://www.ripe.net/participate/policies/proposals/2019-03#impact-analysis
And the draft documents at:
https://www.ripe.net/participate/policies/proposals/2019-03/draft
As per the RIPE Policy Development Process (PDP), the purpose of this
four week Review Phase is to continue discussion of the proposal, taking
the impact analysis into consideration, and to review the full draft
RIPE Policy Document.
At the end of the Review Phase, the Working Group (WG) Chairs will
determine whether the WG has reached rough consensus. It is therefore
important to provide your opinion, even if it is simply a restatement of
your input from the previous phase.
We encourage you to read the proposal, impact analysis and draft
document and send any comments to <anti-abuse-wg@ripe.net> before 4
October 2019.
Kind regards,
Marco Schmidt
Policy Officer
RIPE NCC
