[LACNIC/Politicas] Los secuestros BGP constituyen una violación de las políticas - LAC-2019-5

Carlos Friaças cfriacas at fccn.pt
Fri Apr 12 08:11:21 -03 2019 


Hi,
(please see inline)


On Fri, 12 Apr 2019, Arturo Servin wrote:

> 
>  
>       Let's go back to the Pakistan Telecom/Google case...
>       The correct way of doing a ban to Google services for users within
>       Pakistan would have been filtering. Instead by hijacking Google's routes,
>       the communication between Google and networks in other countries was also
>       affected.
>
>       My point is:
>
>       No rule in place -- fine, we can go with hijacking or filtering to
>       accomplish the govt/court order.
>
>       Rule in place -- hijacking is not admissible, we need to use filtering.
>
>       Unfortunately there wasn't a rule in place, so Pakistan Telecom chose the
>       wrong approach :/
> 
> 
>  
> First, we do not know for fact what Pakistan Telecom wanted to do.

Yes, they were only trying to follow orders...


> It could have just a static route or a filter that went
> wrong.

Fat fingers, OK... could be.


> Second, IMO it is very naive to think that a "rule" in a RIR would avoid a bad actor to do something bad.

The prevention rate will not be 100%, as there is no law that can fully 
prevent a crime.

The bad actor today, just knows there are no consequences, because there 
is no "rule", or "norm".

If there was a rule, he/she might need to look at the risk of doing it.



> Third, RIR policies are not "rules", neither protocols, domain names, 
> etc. Those are norms that we chose to follow to guarantee
> that the Internet works well.

...and as safe as possible for everyone?

I'm OK with calling it a "norm", instead of a "rule".



> These works because there is a large mass of people deciding to use. In 
> the moment that most of those decide to use an alternate root, an 
> alternate IP protocol or an alternate numbers registry we would have a 
> fractioned Internet and no "rule" or policy would stop that.

There are already fractioned Internets.
Hijacking of resources is in fact aiding that, reducing the RIR system's 
global value.



> Fourth, as said many times. There are places to define some norms, to 
> say that the use of an number resource is good or bad it is a policy 
> decision that has no room in the RIRs policy manual as this is for 
> allocation, assignment and administration of number resources, not its 
> use.

"administration" may have different concepts to different people.
My concept of "administration" includes doing something about members 
that wrongly use resources held by other members (hiding behind borders 
and different jurisdictions).



> Possibly in another forum, possibly operational, related to law 
> enforcement, Internet policy, etc. but not here.

That's a good point:
       + Which other forum? ICANN? IETF? IGF? ITU-T?

I don't have an answer for that, as i do believe the RIR system (as a 
whole) is where some difference can be made.


Regards,
Carlos


> Regards
> as

More information about the Politicas mailing list