[rpd] Last Call - RPKI ROAs for Unallocated and Unassigned AFRINIC Address Space AFPUB-2019-GEN-006-DRAFT03.

[Noah]

On Tue, 29 Jun 2021, 11:37 Owen DeLong, <owen at delong.com> wrote:


>

>

> On Jun 27, 2021, at 14:55 , Noah <noah at neo.co.tz> wrote:

>

>

>

> On Sat, Jun 26, 2021 at 11:35 AM Owen DeLong <owen at delong.com> wrote:

>

>>

>>> So in the AFRINIC region, network abuse incidents have been reported on

>>> this very list as recent as this year and we have had incidents of

>>> misappropriation [1] of INR as well.

>>>

>>> [1]

>>> https://lists.afrinic.net/pipermail/community-discuss/2020-August/003678.html

>>>

>>>

>>> Your example cites resources that were misappropriated in such a way

>>> that they could have had ROAs issued that would have further masked the

>>> misappropriation.

>>>

>>

>> I read "further masked" ... eeeh heh ?

>>

>>

>> In other words, given the way those resources were misappropriated, they

>> could have still had (apparently) valid ROAs attesting to their origin ASN

>> providing an additional

>> assurance that this stolen space was in legitimate use.

>>

>

> Are we talking about bogons ROA'd with the AS0 tag?

>

>

> No, I’m saying that the example you cite likely would not have received

> AS0 ROAs even with this policy in place

>



That is an assumption you are making. If the policy was in place, chances
are the misappropriation would be limited because the implementation would
reduce such loopholes.

and likely could well have had ROAs

> attesting to the ASN that was advertising the misappropriated space.

>


This is an assumption absent the policy.



>

>> Hence providing additional disguise…further masking…

>>

>>

> How?

>

>

> Are you serious? If you have an AS X that receives misappropriated

> addresses at the end of the misappropriation chain that is able to get the

> RIR to

> sign ROAs attesting to their origination of the prefix, given that the

> misappropriation happened at the hands of an RIR insider, how are you not

> able

> to see this plainly?

>


Absent the AS0 policy, we can only assume.



>

> Does that clarify for you?

>>

>

> No it does not...

>

>

> Wow… Well, hopefully the above rather detailed explanation is simple

> enough for you this time.

>


There is nothing detailed but assumptions.

Noah


>

> Owen

>

>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20210629/b009bc7d/attachment-0001.html>