Search RPD Archives
[rpd] New Policy Proposal Received - "Provisions for Resource Hijacking (AFPUB-2019-GEN-001-DRAFT01)"
owen at delong.com
Sun May 26 15:53:32 UTC 2019
As I’ve stated in the other regions where the same authors have floated this, there are a number of fundamental errors in the understanding of the role of the RIR system underlying this proposal.
It is apparently a common misconception that RIRs have some authority to grant “rights to use” number resources. That’s an easy mistake to make because the distinction is subtle, but in this context it becomes important.
The registry system grants registration for uniqueness. Any right to use is granted not by the registry system, but by those who initiate, accept, and reannounce prefixes in routers. Thus, it is ISPs who control the right to use and not the registry.
Fortunately, and to the tremendous benefit of all, the vast majority of ISPs choose to use the data in the RIR registry system as authoritative and base their grants of rights on it. This allows for a much more functional internet than if they each used competing and overlapping registry systems. However, the decision to use the RIR registry system is entirely voluntary on the part of each network operator.
The vast majority of resource hijacking in the wild is not committed by RIR members. There seems to be some exception to this in the RIPE region. As such, this policy proposal is unlikely to impact the perpetrators and far more likely to harm the victims it purports to protect.
I have tremendous respect for the authors and no doubt whatsoever that they mean well. However, the misconceptions underlying this policy prevent it from having any useful outcome. I would rate it risky, but possibly mostly harmless at best.
Therefore, I do not support the proposal.
> On May 26, 2019, at 07:48, haruna adoga <hartek66 at gmail.com> wrote:
> I must start by saying the authors of this proposal have done a great job, considering the negative effect of resource (IPv4, IPv6, ASN) hijacking to our region.
> I do believe that since operational errors such as mistakes in BGP configurations can lead to what might be perceived as a resource hijacking activity (policy violation), it is ideal that this proposal gives the suspected resource hijacker a reasonable amount of time to explain their actions.
> The duration can be deliberated by the policy authors and other members. The suspected hijacker should be given a maximum of 6 weeks rather that 4 weeks to object any conclusions, as proposed by the authors.
> This will further clarify if the activity is an act of persistent intentional hijack or an operational error.
> RPD mailing list
> RPD at afrinic.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the RPD