<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div class=""><div class="">Hello,</div><div class=""><br class=""></div><div class="">Let us be alert to detect and address issues like this affecting our networks and Internet resources.</div><div class=""><br class=""></div><div class="">Good that old human networking helped to immediately stop this hijacking, but It was the time when one could expect to rely on accurate and responsive abuse contacts.</div><div class=""><br class=""></div><div class="">Yes, ROA and ROV could not have helped here. They are designed to help with accidental mis-configuration of origin. But let imagine that the LoAs issued for the origination of this prefix by upstreams were turned into ROAs. Wouldn’t it be different?</div><div class=""><br class=""></div><div class="">The adoption of solution like Autonomous System Origin Authorization could have prevented the hijacking. But until we get there, shall we continue to refuse to improve the system with the little we have ?</div><div class=""><br class=""></div><div class="">An existing adoption and large scale experience with ROV would definitely help with the adoption of new solutions. </div><div class=""><br class=""></div><div class="">Adoption and implementation of accurate and responsive abuse contacts would be a critical tool in hand to quickly resolve this kind of issues.</div><div class=""><br class=""></div><div class="">The discussions over the incident also raised questions about policies and RSA compliance.</div><div class=""><br class=""></div><div class="">Policy-wise where do we stand ?</div><div class=""><br class=""></div><div class="">- an Abuse contact proposal was introduced in August 2018 and has been opposed</div><div class=""><br class=""></div><div class=""> -an AS0 ROA proposal introduced in November last year, which is meant to protect against hijacking of unallocated prefixes in Afrinic free pools and to encourage the same for members unused space was also opposed. You may have remembered the saga of the appeal against co-chairs decision of no- consensus after last the recent call period of this proposal</div><div class=""><br class=""></div><div class="">- a review of INRs usage proposal was submitted in May 2016 and was also opposed. The WG failed to design a consensual version</div><div class=""><br class=""></div><div class=""> - a policy compliance proposal has been submitted recently and we wait to see what will happen</div><div class=""><br class=""></div><div class="">RPD archives and PPMs notes give enough information on the discussions around these proposals.</div><div class=""><br class=""></div><div class="">While we wait for new proposals which will probably come from the current discussions, shouldn’t we revive and fix what went wrong with these proposals?</div><div class=""><br class=""></div><div class="">We knew that the post IPv4 exhaustion period will be delicate and supposed to be prepared for it.</div><div class=""><br class=""></div><div class="">Every little improvement we add to the infrastructure shall be welcome</div><div class=""><br class=""></div><div class="">Hope this helps</div><div class=""><br class=""></div><div class="">-Alain</div></div><div><br class=""><blockquote type="cite" class=""><div class="">On 26 May 2020, at 20:34, Mike Silber <<a href="mailto:silber.mike@gmail.com" class="">silber.mike@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><meta http-equiv="Content-Type" content="text/html; charset=utf-8" class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Thanks Anthony <div class=""><br class=""></div><div class="">In response to several other comments as well - </div><div class=""><br class=""></div><div class=""><ul class="MailOutline"><li class="">I appreciate Mark Tinka raising this issue</li><li class="">this sordid tale seems to have more than one side</li><li class="">I do not believe I (or possibly anyone else on this list) is able to pass judgement on this particular incident - as we lack all of the relevant facts or technical or legal background, or have conflicts.</li></ul><div class=""><br class=""></div></div><div class="">However there may be some useful learning from this incident and the need for new policies, revision to existing policies or better enforcement of policies.</div><div class=""><br class=""></div><div class="">Rather than debate if this was a personal attack (or not), or out of scope of the RPD list (or not), let us try bring this back to the purpose of this list - a discussion of AfriNIC’s policy environment.</div><div class=""><br class=""></div><div class="">Can someone please extrapolate from this regrettable incident what *policy* changes (or implementation changes) are required? If possible with some analysis of whether the consequences thereof are justified to prevent the harm being sought to be addressed.</div><div class=""><br class=""></div><div class="">Regards</div><div class=""><br class=""></div><div class="">Mike</div><div class=""><br class=""><blockquote type="cite" class=""><div class="">On 26 May 2020, at 20:03, Anthony Ubah <<a href="mailto:ubah.tonyiyke@gmail.com" class="">ubah.tonyiyke@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div dir="ltr" class=""><p class="MsoNormal" style="margin:0in 0in 8pt;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><span lang="EN-US" class="">I feel this
is gradually brewing up and steering up an unnecessary tension within the
community.</span></p><p class="MsoNormal" style="margin:0in 0in 8pt;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><span lang="EN-US" class="">I took time
to go through the trail, the post shared by the CEO of Cloud Innovation contained a
email by IPDC in which they have already openly apologized for their mistake(s).</span></p><p class="MsoNormal" style="margin:0in 0in 8pt;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><span lang="EN-US" class="">On the
other hand, heaping all blame on Cloud Innovation isn’t totally logical. </span></p><p class="MsoNormal" style="margin:0in 0in 8pt;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><span lang="EN-US" class="">From my
understanding, IPDC hijacked SEACOM’s ASN, IPDC being Cloud Innovation’s
customer. However, I don’t clearly see what role it plays in the whole process.
Predict ing it’s customer’s behaviour is scarcely possible, hardly any company can. Also is the company in the position/business to care of it per se, and without
violation of privacy?</span></p><p class="MsoNormal" style="margin:0in 0in 8pt;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><span lang="EN-US" class="">A typical example
is a Kitchenware store; If the store sells a knife to an individual, and the individual uses the same knife to commit a crime, would the hardware store also be held partly
accountable for the crime? </span></p><p class="MsoNormal" style="margin:0in 0in 8pt;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><span lang="EN-US" class="">Thus, whatever
the problem is IPDC should settle its differences directly with SEACOM</span></p><p class="MsoNormal" style="margin:0in 0in 8pt;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><span lang="EN-US" class=""><br class=""></span></p><div class=""><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div dir="ltr" class=""><p style="line-height:150%" class=""><b style="line-height:150%;font-size:12.8px" class=""><span style="line-height:150%" class=""><font face="garamond, serif" class="">Best Regards,</font></span></b></p><p style="line-height:150%" class=""><font face="garamond, serif" class=""><b style="line-height:150%;font-size:12.8px" class=""><span style="line-height:150%" class="">Anthony</span></b></font></p><p style="text-align:left" class=""><font size="2" color="#999999" face="garamond, serif" class=""><span style="line-height:150%;background-color:white" class="">E-mail: <a href="mailto:anthony.ubah@gloworld.com" target="_blank" class="">anthony.ubah@goldspine.com</a>.ng<br class=""></span></font></p></div></div></div></div></div></div><br class=""></div></div></div></blockquote></div>Snip</div>_______________________________________________<br class="">RPD mailing list<br class=""><a href="mailto:RPD@afrinic.net" class="">RPD@afrinic.net</a><br class="">https://lists.afrinic.net/mailman/listinfo/rpd<br class=""></div></blockquote></div><br class=""></body></html>