Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Suresh Ramasubramanian]

I would never say you didn’t handle abuse reports. The question is whether that 
applies to each and every member in the ripe region.

Even if a fraction of a percent of members or LIRs are affected by such a 
policy .. that is like saying there mustn’t be any speed limit because you are 
a careful and safe driver.

--srs

From: anti-abuse-wg  on behalf of Gert Doering 

Sent: Thursday, November 30, 2023 7:51:20 PM
To: Serge Droz 
Cc: anti-abuse-wg@ripe.net 
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

Hi,

On Thu, Nov 30, 2023 at 09:53:54AM +0100, Serge Droz via anti-abuse-wg wrote:
> And as long as this group cannot come up with a compromise nothing will
> change, in essence the anti-abuse wg is taken hostage by the nay sayers.
> These discussions have been going on for years. Nothing new has come out.

I'd argue the attention budget of the anti-abuse WG is taken hostage by
people bringing the same non-acceptable proposal back again and again...

Let me repeat that we *do* handle our abuse reports, man our abuse mail
address, and *do* like having working abuse contacts in the RIPE DB - it's
just that this proposal at hand will do just plain nothing to improve
the situation, while at the same hand annoying (and putting at potential
risk if something slips) those that already do the right thing.

No positive effect, but measurable drawbacks, so not a good way forward,
no matter how often this is re-started.

Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?

SpaceNet AG  Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Laura Atkins]

> On 30 Nov 2023, at 12:38, Leo Vegoda  wrote:
> 
> On Thu, 30 Nov 2023 at 13:16, Alessandro Vesely  wrote:
>> 
>> On Thu 30/Nov/2023 12:40:46 +0100 Laura Atkins wrote:
>>> What happens if / when someone doesn’t?
>> 
>> A minimal, yet useful reaction would be to remove their abuse PoC from RDAP
>> pages.  If the convention is clear that network operators without abuse-c are
>> non-responders, it is easy for all the others to add the corresponding IPs to
>> their drop lists.  Ripe NCC could even distribute non-responders lists.
>> 
>> A motion to reclaim wasted resources can be set up at a later time.
> 
> Publishing factual data that others can use to inform their own
> decision making processes seems quite different from reclaiming
> resources. A more productive path to evaluate.


The question is: how much will it cost to do this and how much will it actually 
improve anything?

laura 

-- 
The Delivery Expert

Laura Atkins
Word to the Wise
la...@wordtothewise.com

Delivery hints and commentary: http://wordtothewise.com/blog






-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Gert Doering]

Hi,

On Thu, Nov 30, 2023 at 09:53:54AM +0100, Serge Droz via anti-abuse-wg wrote:
> And as long as this group cannot come up with a compromise nothing will
> change, in essence the anti-abuse wg is taken hostage by the nay sayers.
> These discussions have been going on for years. Nothing new has come out.

I'd argue the attention budget of the anti-abuse WG is taken hostage by
people bringing the same non-acceptable proposal back again and again...

Let me repeat that we *do* handle our abuse reports, man our abuse mail
address, and *do* like having working abuse contacts in the RIPE DB - it's
just that this proposal at hand will do just plain nothing to improve
the situation, while at the same hand annoying (and putting at potential
risk if something slips) those that already do the right thing.

No positive effect, but measurable drawbacks, so not a good way forward,
no matter how often this is re-started.

Gert Doering
-- NetMaster
-- 
have you enabled IPv6 on something today...?

SpaceNet AG  Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279


signature.asc
Description: PGP signature
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Suresh Ramasubramanian]

As long as you publish it

--srs

From: anti-abuse-wg  on behalf of Leo Vegoda 

Sent: Thursday, November 30, 2023 6:08:59 PM
To: Alessandro Vesely 
Cc: anti-abuse-wg@ripe.net 
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

On Thu, 30 Nov 2023 at 13:16, Alessandro Vesely  wrote:
>
> On Thu 30/Nov/2023 12:40:46 +0100 Laura Atkins wrote:
> > What happens if / when someone doesn’t?
>
> A minimal, yet useful reaction would be to remove their abuse PoC from RDAP
> pages.  If the convention is clear that network operators without abuse-c are
> non-responders, it is easy for all the others to add the corresponding IPs to
> their drop lists.  Ripe NCC could even distribute non-responders lists.
>
> A motion to reclaim wasted resources can be set up at a later time.

Publishing factual data that others can use to inform their own
decision making processes seems quite different from reclaiming
resources. A more productive path to evaluate.

Thanks,

Leo

--

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Leo Vegoda]

On Thu, 30 Nov 2023 at 13:16, Alessandro Vesely  wrote:
>
> On Thu 30/Nov/2023 12:40:46 +0100 Laura Atkins wrote:
> > What happens if / when someone doesn’t?
>
> A minimal, yet useful reaction would be to remove their abuse PoC from RDAP
> pages.  If the convention is clear that network operators without abuse-c are
> non-responders, it is easy for all the others to add the corresponding IPs to
> their drop lists.  Ripe NCC could even distribute non-responders lists.
>
> A motion to reclaim wasted resources can be set up at a later time.

Publishing factual data that others can use to inform their own
decision making processes seems quite different from reclaiming
resources. A more productive path to evaluate.

Thanks,

Leo

-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Alessandro Vesely]

On Thu 30/Nov/2023 12:40:46 +0100 Laura Atkins wrote:

What happens if / when someone doesn’t?



A minimal, yet useful reaction would be to remove their abuse PoC from RDAP 
pages.  If the convention is clear that network operators without abuse-c are 
non-responders, it is easy for all the others to add the corresponding IPs to 
their drop lists.  Ripe NCC could even distribute non-responders lists.


A motion to reclaim wasted resources can be set up at a later time.


Best
Ale


On 30 Nov 2023, at 10:47, Matthias Merkel  wrote:

The proposal is to send verification emails to abuse mailboxes and have a 
link in them clicked, right? I would have no objection to that.


Is there more that is being proposed in this proposal specifically?

—
Maria Merkel

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.


Novecore and Staclar are collective trading names of Novecore Ltd., 
registered in England and Wales under company number 11748197, Novecore 
Licensing Ltd., registered in England and Wales under company number 
11544982, Staclar Carrier Ltd., registered in England and Wales under company 
number 12219686, Staclar Financial Services Ltd., registered in England and 
Wales under company number 13843292 (registered offices 54 Portland Place, 
London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in 
England and Wales under company number 13965912 (registered office 13 
Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, 
registered in Estonia under registry code 16543205 (local contact Baltic 
Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) 
Inc., registered in Delaware under file number 6707907, Novecore Licensing 
(USA) LLC, registered in Delaware under file number 4030866, and Staclar, 
Inc., registered in Delaware under file number 7413401 (registered agents The 
Corporation Trust Company, Corporation Trust Center, 1209 Orange St, 
Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in 
the United Kingdom under VAT registration number 347 4545 80. Novecore 
(Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a 
trust or company service provider registered with and supervised by HM 
Revenue & Customs under the Money Laundering, Terrorist Financing and 
Transfer of Funds (Information on the Payer) Regulations 2017 (registration 
number XMML0178208). Staclar Financial Services Ltd. is an Annex 1 
financial institution registered with and supervised by the Financial Conduct 
Authority under the Money Laundering, Terrorist Financing and Transfer of 
Funds (Information on the Payer) Regulations 2017 (firm reference number 
989521). Registration is not equivalent to authorisation and is not an 
endorsement to do business with a firm. Staclar Financial Services Ltd. is 
not an authorised person within the meaning of the Financial Services and 
Markets Act 2000 and does not review, approve, or endorse financial 
promotions for securities issues it is involved in or provide any form of 
investment advice.

Sent from Front
On November 30, 2023 at 11:45 AM GMT+1 ops.li...@gmail.com 
 wrote:


There is somewhat more being proposed than that bare minimum of due 
diligence but none of this makes ripe ncc a regulator any more than a 
pharmacist verifying a prescription becomes the FDA


--srs
---
*From:* Matthias Merkel >

*Sent:* Thursday, November 30, 2023 4:03:07 PM
*To:* Suresh Ramasubramanian >; Leo Vegoda >
*Cc:* anti-abuse-wg@ripe.net  
mailto:anti-abuse-wg@ripe.net>>

*Subject:* Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?
I have already noted that I have no objections to a proposal solely to 
verify abuse mailbox functionality, but that we should be careful adding 
anything further. Perhaps I wasn't clear enough in this:


Arguably a proposal to simply require verification of the abuse mailbox
does not make the NCC a regulator (and, in fact, I think the NCC already
does this with ASNs), but I do not see how this would be an effective
measure.

Making further requirements would make the NCC a regulator, and this may
be dangerous precedent.


Regarding the potential that government regulators will put rules in place 
if we don't, I don't think this is a big concern here. Many governments 
already do have those rules and already supervise network operators in their 
countries. The issue in this specific case is that some countries simply 
don't care, and do not have laws or regulations around the issue.


—
Maria Merkel

This email was sent by 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Laura Atkins]

What happens if / when someone doesn’t? 

laura 



> On 30 Nov 2023, at 10:47, Matthias Merkel  wrote:
> 
> The proposal is to send verification emails to abuse mailboxes and have a 
> link in them clicked, right? I would have no objection to that.
> 
> Is there more that is being proposed in this proposal specifically?
> 
> —
> Maria Merkel
> 
> 
> This email was sent by [company]. Any statements contained in this email are 
> personal to the author and are not necessarily the statements of the company 
> unless specifically stated.
> 
> Novecore and Staclar are collective trading names of Novecore Ltd., 
> registered in England and Wales under company number 11748197, Novecore 
> Licensing Ltd., registered in England and Wales under company number 
> 11544982, Staclar Carrier Ltd., registered in England and Wales under company 
> number 12219686, Staclar Financial Services Ltd., registered in England and 
> Wales under company number 13843292 (registered offices 54 Portland Place, 
> London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in 
> England and Wales under company number 13965912 (registered office 13 
> Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, 
> registered in Estonia under registry code 16543205 (local contact Baltic 
> Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) 
> Inc., registered in Delaware under file number 6707907, Novecore Licensing 
> (USA) LLC, registered in Delaware under file number 4030866, and Staclar, 
> Inc., registered in Delaware under file number 7413401 (registered agents The 
> Corporation Trust Company, Corporation Trust Center, 1209 Orange St, 
> Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in 
> the United Kingdom under VAT registration number 347 4545 80. Novecore 
> (Estonia) OÜ is registered for VAT in the European Union under VAT 
> registration number EE102518979. Novecore Professional Services Ltd. is a 
> trust or company service provider registered with and supervised by HM 
> Revenue & Customs under the Money Laundering, Terrorist Financing and 
> Transfer of Funds (Information on the Payer) Regulations 2017 (registration 
> number XMML0178208). Staclar Financial Services Ltd. is an Annex 1 
> financial institution registered with and supervised by the Financial Conduct 
> Authority under the Money Laundering, Terrorist Financing and Transfer of 
> Funds (Information on the Payer) Regulations 2017 (firm reference number 
> 989521). Registration is not equivalent to authorisation and is not an 
> endorsement to do business with a firm. Staclar Financial Services Ltd. is 
> not an authorised person within the meaning of the Financial Services and 
> Markets Act 2000 and does not review, approve, or endorse financial 
> promotions for securities issues it is involved in or provide any form of 
> investment advice.
> 
>> On November 30, 2023 at 11:45 AM GMT+1 ops.li...@gmail.com 
>>  wrote:
>> 
>> There is somewhat more being proposed than that bare minimum of due 
>> diligence but none of this makes ripe ncc a regulator any more than a 
>> pharmacist verifying a prescription becomes the FDA
>> 
>> --srs
>> From: Matthias Merkel > >
>> Sent: Thursday, November 30, 2023 4:03:07 PM
>> To: Suresh Ramasubramanian > >; Leo Vegoda > >
>> Cc: anti-abuse-wg@ripe.net  
>> mailto:anti-abuse-wg@ripe.net>>
>> Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?
>>  
>> I have already noted that I have no objections to a proposal solely to 
>> verify abuse mailbox functionality, but that we should be careful adding 
>> anything further. Perhaps I wasn't clear enough in this:
>> Arguably a proposal to simply require verification of the abuse mailbox does 
>> not make the NCC a regulator (and, in fact, I think the NCC already does 
>> this with ASNs), but I do not see how this would be an effective measure. 
>> 
>> Making further requirements would make the NCC a regulator, and this may be 
>> dangerous precedent. 
>> 
>> Regarding the potential that government regulators will put rules in place 
>> if we don't, I don't think this is a big concern here. Many governments 
>> already do have those rules and already supervise network operators in their 
>> countries. The issue in this specific case is that some countries simply 
>> don't care, and do not have laws or regulations around the issue.
>> 
>> —
>> Maria Merkel
>> 
>> 
>> This email was sent by [company]. Any statements contained in this email are 
>> personal to the author and are not necessarily the statements of the company 
>> unless specifically stated.
>> 
>> Novecore and Staclar are collective trading names of Novecore Ltd., 
>> registered in England and Wales under company number 11748197, Novecore 
>> Licensing Ltd., registered in England 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Matthias Merkel]

The proposal is to send verification emails to abuse mailboxes and have a link 
in them clicked, right? I would have no objection to that.

Is there more that is being proposed in this proposal specifically?

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 11:45 AM GMT+1 
ops.li...@gmail.com wrote:

There is somewhat more being proposed than that bare minimum of due diligence 
but none of this makes ripe ncc a regulator any more than a pharmacist 
verifying a prescription becomes the FDA

--srs

From: Matthias Merkel 
mailto:matthias.mer...@staclar.com>>
Sent: Thursday, November 30, 2023 4:03:07 PM
To: Suresh Ramasubramanian mailto:ops.li...@gmail.com>>; 
Leo Vegoda mailto:l...@vegoda.org>>
Cc: anti-abuse-wg@ripe.net 
mailto:anti-abuse-wg@ripe.net>>
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

I have already noted that I have no objections to a proposal solely to verify 
abuse mailbox functionality, but that we should be careful adding anything 
further. Perhaps I wasn't clear enough in this:
Arguably a proposal to simply require verification of the abuse mailbox does 
not make the NCC a regulator (and, in fact, I think the NCC already does this 
with ASNs), but I do not see how this would be an effective measure.

Making further requirements would make the NCC a regulator, and this may be 
dangerous precedent.

Regarding the potential that government regulators will put rules in place if 
we don't, I don't think this is a big concern here. Many governments already do 
have those rules and already supervise network operators in their countries. 
The issue in this specific case is that some countries simply don't care, and 
do not have laws or regulations around the issue.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Suresh Ramasubramanian]

There is somewhat more being proposed than that bare minimum of due diligence 
but none of this makes ripe ncc a regulator any more than a pharmacist 
verifying a prescription becomes the FDA

--srs

From: Matthias Merkel 
Sent: Thursday, November 30, 2023 4:03:07 PM
To: Suresh Ramasubramanian ; Leo Vegoda 
Cc: anti-abuse-wg@ripe.net 
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

I have already noted that I have no objections to a proposal solely to verify 
abuse mailbox functionality, but that we should be careful adding anything 
further. Perhaps I wasn't clear enough in this:
Arguably a proposal to simply require verification of the abuse mailbox does 
not make the NCC a regulator (and, in fact, I think the NCC already does this 
with ASNs), but I do not see how this would be an effective measure.

Making further requirements would make the NCC a regulator, and this may be 
dangerous precedent.

Regarding the potential that government regulators will put rules in place if 
we don't, I don't think this is a big concern here. Many governments already do 
have those rules and already supervise network operators in their countries. 
The issue in this specific case is that some countries simply don't care, and 
do not have laws or regulations around the issue.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 11:25 AM GMT+1 
ops.li...@gmail.com wrote:

This is simply an ongoing verification that the justification and other 
paperwork which were used to allocate the numbers are reasonable and correct

Consensus tends to work in strange ways - and room packing isn’t unknown if you 
see the example I cited

--srs

From: anti-abuse-wg 
mailto:anti-abuse-wg-boun...@ripe.net>> on 
behalf of Matthias Merkel 
mailto:matthias.mer...@staclar.com>>
Sent: Thursday, November 30, 2023 3:24:02 PM
To: Leo Vegoda mailto:l...@vegoda.org>>; Suresh 
Ramasubramanian mailto:ops.li...@gmail.com>>
Cc: anti-abuse-wg@ripe.net 
mailto:anti-abuse-wg@ripe.net>>
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

Of course, this is not how consensus works.

I also think you're misunderstanding my argument. I'm all for fighting abuse. A 
lot of my work is in abuse and fraud prevention and in the prevention of 
financial crime. I'm not arguing against preventing 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Matthias Merkel]

I have already noted that I have no objections to a proposal solely to verify 
abuse mailbox functionality, but that we should be careful adding anything 
further. Perhaps I wasn't clear enough in this:
Arguably a proposal to simply require verification of the abuse mailbox does 
not make the NCC a regulator (and, in fact, I think the NCC already does this 
with ASNs), but I do not see how this would be an effective measure.

Making further requirements would make the NCC a regulator, and this may be 
dangerous precedent.

Regarding the potential that government regulators will put rules in place if 
we don't, I don't think this is a big concern here. Many governments already do 
have those rules and already supervise network operators in their countries. 
The issue in this specific case is that some countries simply don't care, and 
do not have laws or regulations around the issue.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 11:25 AM GMT+1 
ops.li...@gmail.com wrote:

This is simply an ongoing verification that the justification and other 
paperwork which were used to allocate the numbers are reasonable and correct

Consensus tends to work in strange ways - and room packing isn’t unknown if you 
see the example I cited

--srs

From: anti-abuse-wg 
mailto:anti-abuse-wg-boun...@ripe.net>> on 
behalf of Matthias Merkel 
mailto:matthias.mer...@staclar.com>>
Sent: Thursday, November 30, 2023 3:24:02 PM
To: Leo Vegoda mailto:l...@vegoda.org>>; Suresh 
Ramasubramanian mailto:ops.li...@gmail.com>>
Cc: anti-abuse-wg@ripe.net 
mailto:anti-abuse-wg@ripe.net>>
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

Of course, this is not how consensus works.

I also think you're misunderstanding my argument. I'm all for fighting abuse. A 
lot of my work is in abuse and fraud prevention and in the prevention of 
financial crime. I'm not arguing against preventing abuse, only against adding 
even more regulators where they aren't needed.

The Gmail example still does not address my concern. They say what you can do 
with Gmail, which is the service. An IP address itself is not an abusable 
service, the systems addressed by them are. Gmail doesn't tell you what to do 
on third party services you sign up to with your gmail.com 
address. Google is responsible for Gmail. The RIPE NCC 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Suresh Ramasubramanian]

This is simply an ongoing verification that the justification and other 
paperwork which were used to allocate the numbers are reasonable and correct

Consensus tends to work in strange ways - and room packing isn’t unknown if you 
see the example I cited

--srs

From: anti-abuse-wg  on behalf of Matthias 
Merkel 
Sent: Thursday, November 30, 2023 3:24:02 PM
To: Leo Vegoda ; Suresh Ramasubramanian 
Cc: anti-abuse-wg@ripe.net 
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

Of course, this is not how consensus works.

I also think you're misunderstanding my argument. I'm all for fighting abuse. A 
lot of my work is in abuse and fraud prevention and in the prevention of 
financial crime. I'm not arguing against preventing abuse, only against adding 
even more regulators where they aren't needed.

The Gmail example still does not address my concern. They say what you can do 
with Gmail, which is the service. An IP address itself is not an abusable 
service, the systems addressed by them are. Gmail doesn't tell you what to do 
on third party services you sign up to with your gmail.com 
address. Google is responsible for Gmail. The RIPE NCC is responsible for the 
IP addresses. The network operator is responsible for the systems.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 10:48 AM GMT+1 l...@vegoda.org 
wrote:

On Thu, 30 Nov 2023 at 10:44, Suresh Ramasubramanian
mailto:ops.li...@gmail.com>> wrote:

>
> The funny part is that the abuse teams of the very same companies will be out 
> there in other conferences working earnestly and well on best practices. If 
> they were to turn up at a ripe meeting and provide consensus ..
>
> And before you accuse me of packing the room to generate artificial consensus

Consensus isn't a numbers thing. I think you've misunderstood the process.

Regards,

Leo

--

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Suresh Ramasubramanian]

A good friend who is a former regulator told me exactly this. I’ll share that 
bottle with you, Serge :)

--srs

From: anti-abuse-wg  on behalf of Serge Droz 
via anti-abuse-wg 
Sent: Thursday, November 30, 2023 3:20:29 PM
To: anti-abuse-wg@ripe.net 
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

As I said

I disagree. Gmail says what you can do with their accounts, that doesn't
make them a regulator. But it doesn't matter: At the end of the day it's
excuses to not do anything about a growing problem.

And what typically happens in such cases is that states get upset and
start dictating the rules, i.e. the real regulators come out. At this
point the community has pretty much lost the ability to shape the rules.

I bet a good bottle of you favorite drink, that this is what will happen.

Best
Serge

On 30.11.23 09:58, Matthias Merkel wrote:
> Hi Serge,
>
> The difference is the scope of the rules.
>
> All organizations, including the RIPE NCC, enforce rules as part of
> their own business, for example with customers, etc.
>
> What is being proposed here is imposing rules on unrelated things. Abuse
> isn't inherently of the resources provided by RIPE, but rather of the
> services addressed by them. It's like the postal service making rules on
> what you can do at your house because it has an address assigned by them.
>
> This is the difference between regulator or not. The definition I cited
> is from the dictionary.
>
> —
> Maria Merkel
>
> This email was sent by [company]. Any statements contained in this email
> are personal to the author and are not necessarily the statements of the
> company unless specifically stated.
>
> Novecore and Staclar are collective trading names of Novecore Ltd.,
> registered in England and Wales under company number 11748197, Novecore
> Licensing Ltd., registered in England and Wales under company number
> 11544982, Staclar Carrier Ltd., registered in England and Wales under
> company number 12219686, Staclar Financial Services Ltd., registered in
> England and Wales under company number 13843292 (registered offices 54
> Portland Place, London, UK, W1B 1DY); Novecore Professional Services
> Ltd., registered in England and Wales under company number 13965912
> (registered office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA);
> Novecore (Estonia) OÜ, registered in Estonia under registry code
> 16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117
> Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under
> file number 6707907, Novecore Licensing (USA) LLC, registered in
> Delaware under file number 4030866, and Staclar, Inc., registered in
> Delaware under file number 7413401 (registered agents The Corporation
> Trust Company, Corporation Trust Center, 1209 Orange St, Wilmington DE
> 19801, USA). Novecore Licensing Ltd. is registered for VAT in the United
> Kingdom under VAT registration number 347 4545 80. Novecore (Estonia) OÜ
> is registered for VAT in the European Union under VAT registration
> number EE102518979. Novecore Professional Services Ltd. is a trust or
> company service provider registered with and supervised by HM Revenue &
> Customs under the Money Laundering, Terrorist Financing and Transfer of
> Funds (Information on the Payer) Regulations 2017 (registration number
> XMML0178208). Staclar Financial Services Ltd. is an Annex 1
> financial institution registered with and supervised by the Financial
> Conduct Authority under the Money Laundering, Terrorist Financing and
> Transfer of Funds (Information on the Payer) Regulations 2017 (firm
> reference number 989521). Registration is not equivalent to
> authorisation and is not an endorsement to do business with a firm.
> Staclar Financial Services Ltd. is not an authorised person within the
> meaning of the Financial Services and Markets Act 2000 and does not
> review, approve, or endorse financial promotions for securities issues
> it is involved in or provide any form of investment advice.
> Sent from Front
>> On November 30, 2023 at 9:54 AM GMT+1 anti-abuse-wg@ripe.net
>>  wrote:
>>
>> I do not agree
>>
>> Every organization has rules it enforces. That doesn't make it a
>> regulator. The public transport here, where I live enforces that you
>> have a valid ticket. That doesn't make it the transport regulator.
>>
>> In fact RIPE NCC will probably enforce that you pay your fees.
>>
>> The issue here is, that we have two subgroups:
>>
>> One that thinks we should try go a bit further to ensure that people do
>> what can be expected they should be doing, and another fractions that
>> feels every little bit of additional load is too much and will not solve
>> the problem 100%. It's like saying we give up on speed limits because it
>> doesn't prevent speeding.
>>
>> And as long as this group cannot come up with a compromise nothing will
>> change, in essence the anti-abuse wg is taken 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Matthias Merkel]

Of course, this is not how consensus works.

I also think you're misunderstanding my argument. I'm all for fighting abuse. A 
lot of my work is in abuse and fraud prevention and in the prevention of 
financial crime. I'm not arguing against preventing abuse, only against adding 
even more regulators where they aren't needed.

The Gmail example still does not address my concern. They say what you can do 
with Gmail, which is the service. An IP address itself is not an abusable 
service, the systems addressed by them are. Gmail doesn't tell you what to do 
on third party services you sign up to with your gmail.com 
address. Google is responsible for Gmail. The RIPE NCC is responsible for the 
IP addresses. The network operator is responsible for the systems.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 10:48 AM GMT+1 l...@vegoda.org 
wrote:

On Thu, 30 Nov 2023 at 10:44, Suresh Ramasubramanian
mailto:ops.li...@gmail.com>> wrote:

>
> The funny part is that the abuse teams of the very same companies will be out 
> there in other conferences working earnestly and well on best practices. If 
> they were to turn up at a ripe meeting and provide consensus ..
>
> And before you accuse me of packing the room to generate artificial consensus

Consensus isn't a numbers thing. I think you've misunderstood the process.

Regards,

Leo

--

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Serge Droz via anti-abuse-wg]

As I said

I disagree. Gmail says what you can do with their accounts, that doesn't 
make them a regulator. But it doesn't matter: At the end of the day it's 
excuses to not do anything about a growing problem.


And what typically happens in such cases is that states get upset and 
start dictating the rules, i.e. the real regulators come out. At this 
point the community has pretty much lost the ability to shape the rules.


I bet a good bottle of you favorite drink, that this is what will happen.

Best
Serge

On 30.11.23 09:58, Matthias Merkel wrote:

Hi Serge,

The difference is the scope of the rules.

All organizations, including the RIPE NCC, enforce rules as part of 
their own business, for example with customers, etc.


What is being proposed here is imposing rules on unrelated things. Abuse 
isn't inherently of the resources provided by RIPE, but rather of the 
services addressed by them. It's like the postal service making rules on 
what you can do at your house because it has an address assigned by them.


This is the difference between regulator or not. The definition I cited 
is from the dictionary.


—
Maria Merkel

This email was sent by [company]. Any statements contained in this email 
are personal to the author and are not necessarily the statements of the 
company unless specifically stated.


Novecore and Staclar are collective trading names of Novecore Ltd., 
registered in England and Wales under company number 11748197, Novecore 
Licensing Ltd., registered in England and Wales under company number 
11544982, Staclar Carrier Ltd., registered in England and Wales under 
company number 12219686, Staclar Financial Services Ltd., registered in 
England and Wales under company number 13843292 (registered offices 54 
Portland Place, London, UK, W1B 1DY); Novecore Professional Services 
Ltd., registered in England and Wales under company number 13965912 
(registered office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); 
Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under 
file number 6707907, Novecore Licensing (USA) LLC, registered in 
Delaware under file number 4030866, and Staclar, Inc., registered in 
Delaware under file number 7413401 (registered agents The Corporation 
Trust Company, Corporation Trust Center, 1209 Orange St, Wilmington DE 
19801, USA). Novecore Licensing Ltd. is registered for VAT in the United 
Kingdom under VAT registration number 347 4545 80. Novecore (Estonia) OÜ 
is registered for VAT in the European Union under VAT registration 
number EE102518979. Novecore Professional Services Ltd. is a trust or 
company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of 
Funds (Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 
financial institution registered with and supervised by the Financial 
Conduct Authority under the Money Laundering, Terrorist Financing and 
Transfer of Funds (Information on the Payer) Regulations 2017 (firm 
reference number 989521). Registration is not equivalent to 
authorisation and is not an endorsement to do business with a firm. 
Staclar Financial Services Ltd. is not an authorised person within the 
meaning of the Financial Services and Markets Act 2000 and does not 
review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.

Sent from Front
On November 30, 2023 at 9:54 AM GMT+1 anti-abuse-wg@ripe.net 
 wrote:


I do not agree

Every organization has rules it enforces. That doesn't make it a
regulator. The public transport here, where I live enforces that you
have a valid ticket. That doesn't make it the transport regulator.

In fact RIPE NCC will probably enforce that you pay your fees.

The issue here is, that we have two subgroups:

One that thinks we should try go a bit further to ensure that people do
what can be expected they should be doing, and another fractions that
feels every little bit of additional load is too much and will not solve
the problem 100%. It's like saying we give up on speed limits because it
doesn't prevent speeding.

And as long as this group cannot come up with a compromise nothing will
change, in essence the anti-abuse wg is taken hostage by the nay sayers.
These discussions have been going on for years. Nothing new has come out.

We don't even try. We could, and then see if it makes a difference. If
not we go back. But nope.

Best
Serge

On 30.11.23 09:39, Matthias Merkel wrote:


> Hi Leo,
>
> The definition of a regulator is an entity that sets and enforces 
rules

> on the persons it supervises.
>
> If the RIPE NCC goes further than just providing numbers, and instead
> enforces rules 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Leo Vegoda]

On Thu, 30 Nov 2023 at 10:44, Suresh Ramasubramanian
 wrote:
>
> The funny part is that the abuse teams of the very same companies will be out 
> there in other conferences working earnestly and well on best practices.   If 
> they were to turn up at a ripe meeting and provide consensus ..
>
> And before you accuse me of packing the room to generate artificial consensus

Consensus isn't a numbers thing. I think you've misunderstood the process.

Regards,

Leo

-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Suresh Ramasubramanian]

The funny part is that the abuse teams of the very same companies will be out 
there in other conferences working earnestly and well on best practices.   If 
they were to turn up at a ripe meeting and provide consensus ..

And before you accuse me of packing the room to generate artificial consensus 
please remember just how many ripe luminaries just happened to be in the room 
during an any other business segment of the wg a decade or so back, just so 
that Richard Cox could be ousted from the chair.

--srs

From: anti-abuse-wg  on behalf of Serge Droz 
via anti-abuse-wg 
Sent: Thursday, November 30, 2023 2:23:54 PM
To: anti-abuse-wg@ripe.net 
Subject: Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

I do not agree

Every organization has rules it enforces. That doesn't make it a
regulator. The public transport here, where I live enforces that you
have a valid ticket. That doesn't make it the transport regulator.

In fact RIPE NCC will probably enforce that you pay your fees.

The issue here is, that we have two subgroups:

One that thinks we should try go a bit further to ensure that people do
what can be expected they should be doing, and another fractions that
feels every little bit of additional load is too much and will not solve
the problem 100%. It's like saying we give up on speed limits because it
doesn't prevent speeding.

And as long as this group cannot come up with a compromise nothing will
change, in essence the anti-abuse wg is taken hostage by the nay sayers.
These discussions have been going on for years. Nothing new has come out.

We don't even try. We could, and then see if it makes a difference. If
not we go back. But nope.

Best
Serge

On 30.11.23 09:39, Matthias Merkel wrote:
> Hi Leo,
>
> The definition of a regulator is an entity that sets and enforces rules
> on the persons it supervises.
>
> If the RIPE NCC goes further than just providing numbers, and instead
> enforces rules on usage associated with them (note that this doesn't
> even concern the use of the numbers themselves, but rather services
> addressed by them), it will, by definition, be a regulator.
>
> I'm not sure that there will be consensus on wanting the NCC to become a
> regulator.
>
> —
> Maria Merkel
>
> This email was sent by Staclar, Inc. Any statements contained in this
> email are personal to the author and are not necessarily the statements
> of the company unless specifically stated.
>
> Novecore and Staclar are collective trading names of Novecore Ltd.,
> registered in England and Wales under company number 11748197, Novecore
> Licensing Ltd., registered in England and Wales under company number
> 11544982, Staclar Carrier Ltd., registered in England and Wales under
> company number 12219686, Staclar Financial Services Ltd., registered in
> England and Wales under company number 13843292 (registered offices 54
> Portland Place, London, UK, W1B 1DY); Novecore Professional Services
> Ltd., registered in England and Wales under company number 13965912
> (registered office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA);
> Novecore (Estonia) OÜ, registered in Estonia under registry code
> 16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117
> Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under
> file number 6707907, Novecore Licensing (USA) LLC, registered in
> Delaware under file number 4030866, and Staclar, Inc., registered in
> Delaware under file number 7413401 (registered agents The Corporation
> Trust Company, Corporation Trust Center, 1209 Orange St, Wilmington DE
> 19801, USA). Novecore Licensing Ltd. is registered for VAT in the United
> Kingdom under VAT registration number 347 4545 80. Novecore (Estonia) OÜ
> is registered for VAT in the European Union under VAT registration
> number EE102518979. Novecore Professional Services Ltd. is a trust or
> company service provider registered with and supervised by HM Revenue &
> Customs under the Money Laundering, Terrorist Financing and Transfer of
> Funds (Information on the Payer) Regulations 2017 (registration number
> XMML0178208). Staclar Financial Services Ltd. is an Annex 1
> financial institution registered with and supervised by the Financial
> Conduct Authority under the Money Laundering, Terrorist Financing and
> Transfer of Funds (Information on the Payer) Regulations 2017 (firm
> reference number 989521). Registration is not equivalent to
> authorisation and is not an endorsement to do business with a firm.
> Staclar Financial Services Ltd. is not an authorised person within the
> meaning of the Financial Services and Markets Act 2000 and does not
> review, approve, or endorse financial promotions for securities issues
> it is involved in or provide any form of investment advice.
> Sent from Front
>> On November 30, 2023 at 9:36 AM GMT+1 anti-abuse-wg@ripe.net
>>  wrote:
>>
>> Hi Leo,
>>
>> I don’t see it as a regulator, I 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Matthias Merkel]

 This is why we shouldn't have a policy like this.

The existing policies are on the resources themselves and the services the NCC 
provides. If we create a policy that regulated services provided by RIPE NCC 
members, it will be binding, but that will then make the NCC a regulator.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 10:26 AM GMT+1 
anti-abuse-wg@ripe.net wrote:

>From the RIPE NCC LIR Account Agreement (the "Agreement”) 
>https://www.ripe.net/about-us/legal/ripe-ncc-lir-account-agreement

3.6 If the Member fails to comply with the RIPE Policies and RIPE NCC 
procedures as outlined in Section B.1 of the RIPE NCC procedural document 
‘Closure of Members, Deregistration of Internet Resources and Legacy Internet 
Resources’, the RIPE NCC may suspend the provision of RIPE NCC services to the 
Member and may deregister the Internet number resources registered to this LIR 
Account in accordance with the procedure outlined in Section B.2 of the RIPE 
NCC procedural document ‘Closure of Members, Deregistration of Internet 
Resources and Legacy Internet Resources’. The Member shall cooperate with the 
deregistration of the Internet Number Resources. The RIPE NCC may also 
terminate the RIPE NCC Standard Service Agreement in accordance with Article 
5.4 of this Agreement.

and from the RIPE NCC Standard Service Agreement 
https://www.ripe.net/publications/docs/ripe-812

6.1 The Member acknowledges applicability of, and adheres to, the RIPE 
Policies, the RIPE NCC procedural documents and the RIPE NCC LIR Account 
Agreement. The RIPE Policies and the RIPE NCC procedural documents are publicly 
available from the RIPE NCC Document Store. The RIPE NCC LIR Account Agreement 
is publicly available on the RIPE NCC website. These documents, which may be 
revised and updated from time to time, form an integral part of and apply fully 
to the RIPE NCC Standard Service Agreement. Each revised document will receive 
a new document number and can be found on 
https://www.ripe.net.


All the RIRs have similar terms to ensure policy compliance, otherwise, if they 
can’t be enforced, why we have policies at all?

Regards,
Jordi

@jordipalet


El 30 nov 2023, a las 10:07, jordi.palet--- via anti-abuse-wg 
mailto:anti-abuse-wg@ripe.net>> escribió:

In APNIC, LACNIC or AFRINIC, just to set an example, leasing of addresses 
(unless for “connected customers”) 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[jordi.palet--- via anti-abuse-wg]

>From the RIPE NCC LIR Account Agreement (the "Agreement”) 
>https://www.ripe.net/about-us/legal/ripe-ncc-lir-account-agreement

3.6 If the Member fails to comply with the RIPE Policies and RIPE NCC 
procedures as outlined in Section B.1 of the RIPE NCC procedural document 
‘Closure of Members, Deregistration of Internet Resources and Legacy Internet 
Resources’, the RIPE NCC may suspend the provision of RIPE NCC services to the 
Member and may deregister the Internet number resources registered to this LIR 
Account in accordance with the procedure outlined in Section B.2 of the RIPE 
NCC procedural document ‘Closure of Members, Deregistration of Internet 
Resources and Legacy Internet Resources’. The Member shall cooperate with the 
deregistration of the Internet Number Resources. The RIPE NCC may also 
terminate the RIPE NCC Standard Service Agreement in accordance with Article 
5.4 of this Agreement.

and from the RIPE NCC Standard Service Agreement 
https://www.ripe.net/publications/docs/ripe-812

6.1 The Member acknowledges applicability of, and adheres to, the RIPE 
Policies, the RIPE NCC procedural documents and the RIPE NCC LIR Account 
Agreement. The RIPE Policies and the RIPE NCC procedural documents are publicly 
available from the RIPE NCC Document Store. The RIPE NCC LIR Account Agreement 
is publicly available on the RIPE NCC website. These documents, which may be 
revised and updated from time to time, form an integral part of and apply fully 
to the RIPE NCC Standard Service Agreement. Each revised document will receive 
a new document number and can be found on https://www.ripe.net.


All the RIRs have similar terms to ensure policy compliance, otherwise, if they 
can’t be enforced, why we have policies at all?

Regards,
Jordi

@jordipalet


> El 30 nov 2023, a las 10:07, jordi.palet--- via anti-abuse-wg 
>  escribió:
> 
> In APNIC, LACNIC or AFRINIC, just to set an example, leasing of addresses 
> (unless for “connected customers”) is not allowed.
> 
> If you do so, and the staff realize it, or somebody reports it to the staff, 
> then you will get a warning, or a few of them across a certain period of 
> time, you will get probably other policy-compliance reviewed, and then if you 
> still not correct the situation, there will be a reclamation process.
> 
> So are the other RIRs regulators, and not RIPE NCC? I don’t think so, and I 
> really don’t care if we call it regulator or not, it is a matter of ensuring 
> that the resources are provided under certain rules and in the end, we 
> enforce them.
> 
> Regards,
> Jordi
> 
> @jordipalet
> 
> 
>> El 30 nov 2023, a las 9:58, Matthias Merkel  
>> escribió:
>> 
>> Hi Serge,
>> 
>> The difference is the scope of the rules.
>> 
>> All organizations, including the RIPE NCC, enforce rules as part of their 
>> own business, for example with customers, etc.
>> 
>> What is being proposed here is imposing rules on unrelated things. Abuse 
>> isn't inherently of the resources provided by RIPE, but rather of the 
>> services addressed by them. It's like the postal service making rules on 
>> what you can do at your house because it has an address assigned by them.
>> 
>> This is the difference between regulator or not. The definition I cited is 
>> from the dictionary.
>> 
>> —
>> Maria Merkel
>> 
>> 
>> This email was sent by [company]. Any statements contained in this email are 
>> personal to the author and are not necessarily the statements of the company 
>> unless specifically stated.
>> 
>> Novecore and Staclar are collective trading names of Novecore Ltd., 
>> registered in England and Wales under company number 11748197, Novecore 
>> Licensing Ltd., registered in England and Wales under company number 
>> 11544982, Staclar Carrier Ltd., registered in England and Wales under 
>> company number 12219686, Staclar Financial Services Ltd., registered in 
>> England and Wales under company number 13843292 (registered offices 54 
>> Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., 
>> registered in England and Wales under company number 13965912 (registered 
>> office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore 
>> (Estonia) OÜ, registered in Estonia under registry code 16543205 (local 
>> contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); 
>> Novecore (USA) Inc., registered in Delaware under file number 6707907, 
>> Novecore Licensing (USA) LLC, registered in Delaware under file number 
>> 4030866, and Staclar, Inc., registered in Delaware under file number 7413401 
>> (registered agents The Corporation Trust Company, Corporation Trust Center, 
>> 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
>> registered for VAT in the United Kingdom under VAT registration number 347 
>> 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European Union 
>> under VAT registration number EE102518979. Novecore Professional Services 
>> Ltd. is a trust or company 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Matthias Merkel]

That would not make them regulators because those are rules on the addresses 
themselves, which are services provided by the RIR.

Enforcing a certain type of abuse handling or prevention would be rules on the 
services addressed by the addresses, which are not part of the services 
provided by the RIR.

Arguably a proposal to simply require verification of the abuse mailbox does 
not make the NCC a regulator (and, in fact, I think the NCC already does this 
with ASNs), but I do not see how this would be an effective measure.

Making further requirements would make the NCC a regulator, and this may be 
dangerous precedent. Once this happens, there may be calls for additional 
regulation by the NCC, both from the community and governments, but also from 
third parties, and the NCC is frankly not equipped to deal with this, nor is 
this desirable in my opinion. There could even be calls for the NCC to become 
responsible for enforcing certain EU regulations.

Regulation through supervision makes it much harder to enter an industry, and 
it is expensive for both the supervisor and the supervised. Our group is 
regulated by several governments for various functions in financial and 
professional services, as well as for network operations - which, in some 
countries, require government supervision, and by ICANN (which, among other 
things, is an industry regulator) as a domain registrar, and I can tell you 
that the effort in dealing with supervisors alone is significant.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 10:07 AM GMT+1 
anti-abuse-wg@ripe.net wrote:

In APNIC, LACNIC or AFRINIC, just to set an example, leasing of addresses 
(unless for “connected customers”) is not allowed.

If you do so, and the staff realize it, or somebody reports it to the staff, 
then you will get a warning, or a few of them across a certain period of time, 
you will get probably other policy-compliance reviewed, and then if you still 
not correct the situation, there will be a reclamation process.

So are the other RIRs regulators, and not RIPE NCC? I don’t think so, and I 
really don’t care if we call it regulator or not, it is a matter of ensuring 
that the resources are provided under certain rules and in the end, we enforce 
them.

Regards,
Jordi

@jordipalet


El 30 nov 2023, a las 9:58, Matthias Merkel 
mailto:matthias.mer...@staclar.com>> escribió:

Hi Serge,

The difference 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[jordi.palet--- via anti-abuse-wg]

Well, I can personally feel it when comparing abuse reporting in those regions 
(before and after the policy implementation) vs RIPE. That’s sufficient for me. 
I call it results.

Also, when the LIRs don’t respond to abuse cases or abuse-c emails bounce, I 
can ask the relevant RIR to resolve it, and if they can’t, they must enforce 
the policy. Again, I call it a very noticeable result, vs this region where I 
have nothing to do.

Regards,
Jordi

@jordipalet


> El 30 nov 2023, a las 9:53, Leo Vegoda  escribió:
> 
> Hi Jordi,
> 
> On Thu, 30 Nov 2023 at 09:36, jordi.palet--- via anti-abuse-wg
>  wrote:
> 
> [...]
> 
>> Each RIR has measured the “level of adoption” as they progressed with the 
>> initial verification (and this was presented at least a couple of times in 
>> every RIR), so there are slides in each of them, showing the progress. I can 
>> try to find them for you in the previous year's events if you can’t find 
>> them. Also my personal experience reporting over 1.500 abuse cases, average 
>> per day, shows that I get more “happy-ending” responses from those regions 
>> than before and keeps going better and better, which is not the case from 
>> RIPE unfortunately.
> 
> I was hoping for measurements showing an actual reduction in abuse. If
> there is no reduction in abuse that can be tightly linked to abuse-c
> verification etc... then what value does it bring?
> 
> Kind regards,
> 
> Leo


**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly prohibited and will be 
considered a criminal offense. If you are not the intended recipient be aware 
that any disclosure, copying, distribution or use of the contents of this 
information, even if partially, including attached files, is strictly 
prohibited, will be considered a criminal offense, so you must reply to the 
original sender to inform about this communication and delete it.




-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[jordi.palet--- via anti-abuse-wg]

In APNIC, LACNIC or AFRINIC, just to set an example, leasing of addresses 
(unless for “connected customers”) is not allowed.

If you do so, and the staff realize it, or somebody reports it to the staff, 
then you will get a warning, or a few of them across a certain period of time, 
you will get probably other policy-compliance reviewed, and then if you still 
not correct the situation, there will be a reclamation process.

So are the other RIRs regulators, and not RIPE NCC? I don’t think so, and I 
really don’t care if we call it regulator or not, it is a matter of ensuring 
that the resources are provided under certain rules and in the end, we enforce 
them.

Regards,
Jordi

@jordipalet


> El 30 nov 2023, a las 9:58, Matthias Merkel  
> escribió:
> 
> Hi Serge,
> 
> The difference is the scope of the rules.
> 
> All organizations, including the RIPE NCC, enforce rules as part of their own 
> business, for example with customers, etc.
> 
> What is being proposed here is imposing rules on unrelated things. Abuse 
> isn't inherently of the resources provided by RIPE, but rather of the 
> services addressed by them. It's like the postal service making rules on what 
> you can do at your house because it has an address assigned by them.
> 
> This is the difference between regulator or not. The definition I cited is 
> from the dictionary.
> 
> —
> Maria Merkel
> 
> 
> This email was sent by [company]. Any statements contained in this email are 
> personal to the author and are not necessarily the statements of the company 
> unless specifically stated.
> 
> Novecore and Staclar are collective trading names of Novecore Ltd., 
> registered in England and Wales under company number 11748197, Novecore 
> Licensing Ltd., registered in England and Wales under company number 
> 11544982, Staclar Carrier Ltd., registered in England and Wales under company 
> number 12219686, Staclar Financial Services Ltd., registered in England and 
> Wales under company number 13843292 (registered offices 54 Portland Place, 
> London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in 
> England and Wales under company number 13965912 (registered office 13 
> Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, 
> registered in Estonia under registry code 16543205 (local contact Baltic 
> Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) 
> Inc., registered in Delaware under file number 6707907, Novecore Licensing 
> (USA) LLC, registered in Delaware under file number 4030866, and Staclar, 
> Inc., registered in Delaware under file number 7413401 (registered agents The 
> Corporation Trust Company, Corporation Trust Center, 1209 Orange St, 
> Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in 
> the United Kingdom under VAT registration number 347 4545 80. Novecore 
> (Estonia) OÜ is registered for VAT in the European Union under VAT 
> registration number EE102518979. Novecore Professional Services Ltd. is a 
> trust or company service provider registered with and supervised by HM 
> Revenue & Customs under the Money Laundering, Terrorist Financing and 
> Transfer of Funds (Information on the Payer) Regulations 2017 (registration 
> number XMML0178208). Staclar Financial Services Ltd. is an Annex 1 
> financial institution registered with and supervised by the Financial Conduct 
> Authority under the Money Laundering, Terrorist Financing and Transfer of 
> Funds (Information on the Payer) Regulations 2017 (firm reference number 
> 989521). Registration is not equivalent to authorisation and is not an 
> endorsement to do business with a firm. Staclar Financial Services Ltd. is 
> not an authorised person within the meaning of the Financial Services and 
> Markets Act 2000 and does not review, approve, or endorse financial 
> promotions for securities issues it is involved in or provide any form of 
> investment advice.
> 
>> On November 30, 2023 at 9:54 AM GMT+1 anti-abuse-wg@ripe.net 
>>  wrote:
>> 
>> I do not agree
>> 
>> Every organization has rules it enforces. That doesn't make it a 
>> regulator. The public transport here, where I live enforces that you 
>> have a valid ticket. That doesn't make it the transport regulator.
>> 
>> In fact RIPE NCC will probably enforce that you pay your fees.
>> 
>> The issue here is, that we have two subgroups:
>> 
>> One that thinks we should try go a bit further to ensure that people do 
>> what can be expected they should be doing, and another fractions that 
>> feels every little bit of additional load is too much and will not solve 
>> the problem 100%. It's like saying we give up on speed limits because it 
>> doesn't prevent speeding.
>> 
>> And as long as this group cannot come up with a compromise nothing will 
>> change, in essence the anti-abuse wg is taken hostage by the nay sayers.
>> These discussions have been going on for years. Nothing new has come out.

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Matthias Merkel]

Hi Serge,

The difference is the scope of the rules.

All organizations, including the RIPE NCC, enforce rules as part of their own 
business, for example with customers, etc.

What is being proposed here is imposing rules on unrelated things. Abuse isn't 
inherently of the resources provided by RIPE, but rather of the services 
addressed by them. It's like the postal service making rules on what you can do 
at your house because it has an address assigned by them.

This is the difference between regulator or not. The definition I cited is from 
the dictionary.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by [company]. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 9:54 AM GMT+1 
anti-abuse-wg@ripe.net wrote:

I do not agree

Every organization has rules it enforces. That doesn't make it a
regulator. The public transport here, where I live enforces that you
have a valid ticket. That doesn't make it the transport regulator.

In fact RIPE NCC will probably enforce that you pay your fees.

The issue here is, that we have two subgroups:

One that thinks we should try go a bit further to ensure that people do
what can be expected they should be doing, and another fractions that
feels every little bit of additional load is too much and will not solve
the problem 100%. It's like saying we give up on speed limits because it
doesn't prevent speeding.

And as long as this group cannot come up with a compromise nothing will
change, in essence the anti-abuse wg is taken hostage by the nay sayers.
These discussions have been going on for years. Nothing new has come out.

We don't even try. We could, and then see if it makes a difference. If
not we go back. But nope.

Best
Serge

On 30.11.23 09:39, Matthias Merkel wrote:

> Hi Leo,
>
> The definition of a regulator is an entity that sets and enforces rules
> on the persons it supervises.
>
> If the RIPE NCC goes further than just providing numbers, and instead
> enforces rules on usage associated with them (note that this doesn't
> even concern the use of the numbers themselves, but rather services
> addressed by them), it will, by definition, be a regulator.
>
> I'm not sure that there will be consensus on wanting the NCC to become a
> regulator.
>
> —
> Maria Merkel
>
> This email was sent by Staclar, Inc. Any statements contained in this
> email are personal to the author and are not necessarily the statements
> of the company unless specifically stated.
>
> Novecore and Staclar are 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Leo Vegoda]

Hi Jordi,

On Thu, 30 Nov 2023 at 09:36, jordi.palet--- via anti-abuse-wg
 wrote:

[...]

> Each RIR has measured the “level of adoption” as they progressed with the 
> initial verification (and this was presented at least a couple of times in 
> every RIR), so there are slides in each of them, showing the progress. I can 
> try to find them for you in the previous year's events if you can’t find 
> them. Also my personal experience reporting over 1.500 abuse cases, average 
> per day, shows that I get more “happy-ending” responses from those regions 
> than before and keeps going better and better, which is not the case from 
> RIPE unfortunately.

I was hoping for measurements showing an actual reduction in abuse. If
there is no reduction in abuse that can be tightly linked to abuse-c
verification etc... then what value does it bring?

Kind regards,

Leo

-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Serge Droz via anti-abuse-wg]

I do not agree

Every organization has rules it enforces. That doesn't make it a 
regulator. The public transport here, where I live enforces that you 
have a valid ticket. That doesn't make it the transport regulator.


In fact RIPE NCC will probably enforce that you pay your fees.

The issue here is, that we have two subgroups:

One that thinks we should try go a bit further to ensure that people do 
what can be expected they should be doing, and another fractions that 
feels every little bit of additional load is too much and will not solve 
the problem 100%. It's like saying we give up on speed limits because it 
doesn't prevent speeding.


And as long as this group cannot come up with a compromise nothing will 
change, in essence the anti-abuse wg is taken hostage by the nay sayers.

These discussions have been going on for years. Nothing new has come out.

We don't even try. We could, and then see if it makes a difference. If 
not we go back. But nope.


Best
Serge

On 30.11.23 09:39, Matthias Merkel wrote:

Hi Leo,

The definition of a regulator is an entity that sets and enforces rules 
on the persons it supervises.


If the RIPE NCC goes further than just providing numbers, and instead 
enforces rules on usage associated with them (note that this doesn't 
even concern the use of the numbers themselves, but rather services 
addressed by them), it will, by definition, be a regulator.


I'm not sure that there will be consensus on wanting the NCC to become a 
regulator.


—
Maria Merkel

This email was sent by Staclar, Inc. Any statements contained in this 
email are personal to the author and are not necessarily the statements 
of the company unless specifically stated.


Novecore and Staclar are collective trading names of Novecore Ltd., 
registered in England and Wales under company number 11748197, Novecore 
Licensing Ltd., registered in England and Wales under company number 
11544982, Staclar Carrier Ltd., registered in England and Wales under 
company number 12219686, Staclar Financial Services Ltd., registered in 
England and Wales under company number 13843292 (registered offices 54 
Portland Place, London, UK, W1B 1DY); Novecore Professional Services 
Ltd., registered in England and Wales under company number 13965912 
(registered office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); 
Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under 
file number 6707907, Novecore Licensing (USA) LLC, registered in 
Delaware under file number 4030866, and Staclar, Inc., registered in 
Delaware under file number 7413401 (registered agents The Corporation 
Trust Company, Corporation Trust Center, 1209 Orange St, Wilmington DE 
19801, USA). Novecore Licensing Ltd. is registered for VAT in the United 
Kingdom under VAT registration number 347 4545 80. Novecore (Estonia) OÜ 
is registered for VAT in the European Union under VAT registration 
number EE102518979. Novecore Professional Services Ltd. is a trust or 
company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of 
Funds (Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 
financial institution registered with and supervised by the Financial 
Conduct Authority under the Money Laundering, Terrorist Financing and 
Transfer of Funds (Information on the Payer) Regulations 2017 (firm 
reference number 989521). Registration is not equivalent to 
authorisation and is not an endorsement to do business with a firm. 
Staclar Financial Services Ltd. is not an authorised person within the 
meaning of the Financial Services and Markets Act 2000 and does not 
review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.

Sent from Front
On November 30, 2023 at 9:36 AM GMT+1 anti-abuse-wg@ripe.net 
 wrote:


Hi Leo,

I don’t see it as a regulator, I see it as one of the functions of a 
RIR. Not just provide numbers, but also ensure that they are being 
used fairly and according community agreed policies. Otherwise we 
could also say that other reasons for recovery are invalid because we 
become a regulator, right?


Each RIR has measured the “level of adoption” as they progressed with 
the initial verification (and this was presented at least a couple of 
times in every RIR), so there are slides in each of them, showing the 
progress. I can try to find them for you in the previous year's events 
if you can’t find them. Also my personal experience reporting over 
1.500 abuse cases, average per day, shows that I get more 
“happy-ending” responses from those regions than before and keeps 
going better and better, which is not the case from RIPE 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Matthias Merkel]

The RIPE community sets rules for the operation of the RIPE NCC, not rules 
imposed on any network operators.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by Staclar, Inc. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 9:48 AM GMT+1 
anti-abuse-wg@ripe.net wrote:

We do that already. We setup rules and enforce them in all the 5 RIRs.

Regards,
Jordi

@jordipalet


El 30 nov 2023, a las 9:39, Matthias Merkel 
mailto:matthias.mer...@staclar.com>> escribió:

Hi Leo,

The definition of a regulator is an entity that sets and enforces rules on the 
persons it supervises.

If the RIPE NCC goes further than just providing numbers, and instead enforces 
rules on usage associated with them (note that this doesn't even concern the 
use of the numbers themselves, but rather services addressed by them), it will, 
by definition, be a regulator.

I'm not sure that there will be consensus on wanting the NCC to become a 
regulator.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by Staclar, Inc. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[jordi.palet--- via anti-abuse-wg]

We do that already. We setup rules and enforce them in all the 5 RIRs.

Regards,
Jordi

@jordipalet


> El 30 nov 2023, a las 9:39, Matthias Merkel  
> escribió:
> 
> Hi Leo,
> 
> The definition of a regulator is an entity that sets and enforces rules on 
> the persons it supervises.
> 
> If the RIPE NCC goes further than just providing numbers, and instead 
> enforces rules on usage associated with them (note that this doesn't even 
> concern the use of the numbers themselves, but rather services addressed by 
> them), it will, by definition, be a regulator.
> 
> I'm not sure that there will be consensus on wanting the NCC to become a 
> regulator.
> 
> —
> Maria Merkel
> 
> 
> This email was sent by Staclar, Inc. Any statements contained in this email 
> are personal to the author and are not necessarily the statements of the 
> company unless specifically stated.
> 
> Novecore and Staclar are collective trading names of Novecore Ltd., 
> registered in England and Wales under company number 11748197, Novecore 
> Licensing Ltd., registered in England and Wales under company number 
> 11544982, Staclar Carrier Ltd., registered in England and Wales under company 
> number 12219686, Staclar Financial Services Ltd., registered in England and 
> Wales under company number 13843292 (registered offices 54 Portland Place, 
> London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in 
> England and Wales under company number 13965912 (registered office 13 
> Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, 
> registered in Estonia under registry code 16543205 (local contact Baltic 
> Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) 
> Inc., registered in Delaware under file number 6707907, Novecore Licensing 
> (USA) LLC, registered in Delaware under file number 4030866, and Staclar, 
> Inc., registered in Delaware under file number 7413401 (registered agents The 
> Corporation Trust Company, Corporation Trust Center, 1209 Orange St, 
> Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in 
> the United Kingdom under VAT registration number 347 4545 80. Novecore 
> (Estonia) OÜ is registered for VAT in the European Union under VAT 
> registration number EE102518979. Novecore Professional Services Ltd. is a 
> trust or company service provider registered with and supervised by HM 
> Revenue & Customs under the Money Laundering, Terrorist Financing and 
> Transfer of Funds (Information on the Payer) Regulations 2017 (registration 
> number XMML0178208). Staclar Financial Services Ltd. is an Annex 1 
> financial institution registered with and supervised by the Financial Conduct 
> Authority under the Money Laundering, Terrorist Financing and Transfer of 
> Funds (Information on the Payer) Regulations 2017 (firm reference number 
> 989521). Registration is not equivalent to authorisation and is not an 
> endorsement to do business with a firm. Staclar Financial Services Ltd. is 
> not an authorised person within the meaning of the Financial Services and 
> Markets Act 2000 and does not review, approve, or endorse financial 
> promotions for securities issues it is involved in or provide any form of 
> investment advice.
> 
>> On November 30, 2023 at 9:36 AM GMT+1 anti-abuse-wg@ripe.net 
>>  wrote:
>> 
>> Hi Leo,
>> 
>> I don’t see it as a regulator, I see it as one of the functions of a RIR. 
>> Not just provide numbers, but also ensure that they are being used fairly 
>> and according community agreed policies. Otherwise we could also say that 
>> other reasons for recovery are invalid because we become a regulator, right?
>> 
>> Each RIR has measured the “level of adoption” as they progressed with the 
>> initial verification (and this was presented at least a couple of times in 
>> every RIR), so there are slides in each of them, showing the progress. I can 
>> try to find them for you in the previous year's events if you can’t find 
>> them. Also my personal experience reporting over 1.500 abuse cases, average 
>> per day, shows that I get more “happy-ending” responses from those regions 
>> than before and keeps going better and better, which is not the case from 
>> RIPE unfortunately.
>> 
>> Regards,
>> Jordi
>> 
>> @jordipalet
>> 
>>> 
>>> > El 29 nov 2023, a las 16:09, Leo Vegoda >> > > escribió:
>>> > 
>>> > Hi Jordi,
>>> > 
>>> > 
>>> > On Nov 29, 2023, at 11:29, jordi.palet--- via anti-abuse-wg 
>>> > mailto:anti-abuse-wg@ripe.net>> wrote:
>>> >> 
>>> >> I agree that the carrot is better than the stick, but if the carrot 
>>> >> doesn’t work, we need to use the stick.
>>> >> 
>>> >> My original proposal was basically enforcing the NCC to reclaim the 
>>> >> resources when there is a persistent violation of resolving abuse cases. 
>>> >> This can be progressive, such as not allowing to update objects in the 
>>> >> database, etc. No need to go with “a single 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[Matthias Merkel]

Hi Leo,

The definition of a regulator is an entity that sets and enforces rules on the 
persons it supervises.

If the RIPE NCC goes further than just providing numbers, and instead enforces 
rules on usage associated with them (note that this doesn't even concern the 
use of the numbers themselves, but rather services addressed by them), it will, 
by definition, be a regulator.

I'm not sure that there will be consensus on wanting the NCC to become a 
regulator.

—
Maria Merkel
[https://cdn.staclar.com/logos/novecore/newlogo.png]

This email was sent by Staclar, Inc. Any statements contained in this email are 
personal to the author and are not necessarily the statements of the company 
unless specifically stated.

Novecore and Staclar are collective trading names of Novecore Ltd., registered 
in England and Wales under company number 11748197, Novecore Licensing Ltd., 
registered in England and Wales under company number 11544982, Staclar Carrier 
Ltd., registered in England and Wales under company number 12219686, Staclar 
Financial Services Ltd., registered in England and Wales under company number 
13843292 (registered offices 54 Portland Place, London, UK, W1B 1DY); Novecore 
Professional Services Ltd., registered in England and Wales under company 
number 13965912 (registered office 13 Freeland Park, Wareham Road, Poole, UK, 
BH16 6FA); Novecore (Estonia) OÜ, registered in Estonia under registry code 
16543205 (local contact Baltic Business Services OÜ, Narva mnt 5, 10117 
Tallinn, Estonia); Novecore (USA) Inc., registered in Delaware under file 
number 6707907, Novecore Licensing (USA) LLC, registered in Delaware under file 
number 4030866, and Staclar, Inc., registered in Delaware under file number 
7413401 (registered agents The Corporation Trust Company, Corporation Trust 
Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is 
registered for VAT in the United Kingdom under VAT registration number 347 4545 
80. Novecore (Estonia) OÜ is registered for VAT in the European Union under VAT 
registration number EE102518979. Novecore Professional Services Ltd. is a trust 
or company service provider registered with and supervised by HM Revenue & 
Customs under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (registration number 
XMML0178208). Staclar Financial Services Ltd. is an Annex 1 financial 
institution registered with and supervised by the Financial Conduct Authority 
under the Money Laundering, Terrorist Financing and Transfer of Funds 
(Information on the Payer) Regulations 2017 (firm reference number 989521). 
Registration is not equivalent to authorisation and is not an endorsement to do 
business with a firm. Staclar Financial Services Ltd. is not an authorised 
person within the meaning of the Financial Services and Markets Act 2000 and 
does not review, approve, or endorse financial promotions for securities issues 
it is involved in or provide any form of investment advice.
[Sent from Front]
On November 30, 2023 at 9:36 AM GMT+1 
anti-abuse-wg@ripe.net wrote:

Hi Leo,

I don’t see it as a regulator, I see it as one of the functions of a RIR. Not 
just provide numbers, but also ensure that they are being used fairly and 
according community agreed policies. Otherwise we could also say that other 
reasons for recovery are invalid because we become a regulator, right?

Each RIR has measured the “level of adoption” as they progressed with the 
initial verification (and this was presented at least a couple of times in 
every RIR), so there are slides in each of them, showing the progress. I can 
try to find them for you in the previous year's events if you can’t find them. 
Also my personal experience reporting over 1.500 abuse cases, average per day, 
shows that I get more “happy-ending” responses from those regions than before 
and keeps going better and better, which is not the case from RIPE 
unfortunately.

Regards,
Jordi

@jordipalet


> El 29 nov 2023, a las 16:09, Leo Vegoda 
> mailto:l...@vegoda.org>> escribió:
>
> Hi Jordi,
>
>
> On Nov 29, 2023, at 11:29, jordi.palet--- via anti-abuse-wg 
> mailto:anti-abuse-wg@ripe.net>> wrote:
>>
>> I agree that the carrot is better than the stick, but if the carrot doesn’t 
>> work, we need to use the stick.
>>
>> My original proposal was basically enforcing the NCC to reclaim the 
>> resources when there is a persistent violation of resolving abuse cases. 
>> This can be progressive, such as not allowing to update objects in the 
>> database, etc. No need to go with “a single failure means you lose your 
>> resources”.
>
> How could we do this without the RIPE NCC becoming some kind of regulator? Or 
> is the proposal to make the RIPE NCC a private sector regulator?
>
>> As said, this is working in other 2 regions, one more coming (pending of the 
>> AFRINIC board ratification). Why should not work in this region the same? 

Re: [anti-abuse-wg] Abuse Report ignored. What to do as next?

[jordi.palet--- via anti-abuse-wg]

Hi Leo,

I don’t see it as a regulator, I see it as one of the functions of a RIR. Not 
just provide numbers, but also ensure that they are being used fairly and 
according community agreed policies. Otherwise we could also say that other 
reasons for recovery are invalid because we become a regulator, right?

Each RIR has measured the “level of adoption” as they progressed with the 
initial verification (and this was presented at least a couple of times in 
every RIR), so there are slides in each of them, showing the progress. I can 
try to find them for you in the previous year's events if you can’t find them. 
Also my personal experience reporting over 1.500 abuse cases, average per day, 
shows that I get more “happy-ending” responses from those regions than before 
and keeps going better and better, which is not the case from RIPE 
unfortunately.

Regards,
Jordi

@jordipalet


> El 29 nov 2023, a las 16:09, Leo Vegoda  escribió:
> 
> Hi Jordi,
> 
> 
> On Nov 29, 2023, at 11:29, jordi.palet--- via anti-abuse-wg 
>  wrote:
>> 
>> I agree that the carrot is better than the stick, but if the carrot doesn’t 
>> work, we need to use the stick.
>> 
>> My original proposal was basically enforcing the NCC to reclaim the 
>> resources when there is a persistent violation of resolving abuse cases. 
>> This can be progressive, such as not allowing to update objects in the 
>> database, etc. No need to go with “a single failure means you lose your 
>> resources”.
> 
> How could we do this without the RIPE NCC becoming some kind of regulator? Or 
> is the proposal to make the RIPE NCC a private sector regulator?
> 
>> As said, this is working in other 2 regions, one more coming (pending of the 
>> AFRINIC board ratification). Why should not work in this region the same? 
>> Also the PoC in ARIN works in a similar way, and being non-responsive means 
>> you get some “members” rights restricted.
> 
> Who has been measuring the reduction is abuse? How tightly is that drop in 
> abuse linked to this policy action rather than other factors?
> 
> Kind regards,
> 
> Leo
> 


**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly prohibited and will be 
considered a criminal offense. If you are not the intended recipient be aware 
that any disclosure, copying, distribution or use of the contents of this 
information, even if partially, including attached files, is strictly 
prohibited, will be considered a criminal offense, so you must reply to the 
original sender to inform about this communication and delete it.





-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg