HomeSoftwareIT SecurityRIPE78: Step by step to the routing police?

RIPE78: Step by step to the routing police?

Published on

Should IP address managers sanction their members’ misbehavior by removing IP addresses? Two similar proposals are heating up the mood at the 78th RIPE meeting in Reykjavík this week. Opponents speak of abuse of the self-government process. The advocates warn that otherwise, state regulation could threaten.

Incorrect or missing entries in the RIPE’s database, which lists who owns which IP addresses, are a perennial favorite in the debates over the rules that the community of IP address administrators give themselves. The obligation to enter a contact address on the victims of abuse can turn to the responsible network operator or address owner, there is quite some time.

Since this year, it is also checked annually whether this “Abuse Contact” is still right. The RIPE NCC, the full-time arm of RIPE, has sent out all 22,500 members since the beginning of the year.

That’s not enough but says Jordi Palet Martínez, who works as an advisor in the field of IPv6, especially for authorities in many countries. Martínez now demands that when checking the “abuse-contacts” in the future, it must also be ensured that a person actually answers at the other end of the line. As before, there might be “fake emails or random emails”.

“Some mailboxes are never looked at,” Martínez complained at the meeting of the RIPE Anti-Abuse Working Group in Reykjavík. His suggestion: If the RIPE NCC does not answer a real human being within 30 days, penalties should be given – up to the withdrawal of all IP addresses and the exclusion of the corresponding member. Similar proposals have been suggested by law enforcement officials in the past. In a second proposal, Martínez also demands the punishment for BGP hijacking. He meant the use of external IP addresses or AS numbers, he explained in the heated debate.

The RIPE NCC has to be careful that such and similar proposals do not make it a “routing police”, critics say. On the one hand hardly practicable called the opponents the ideas. RIPE Chairman Hans Petter Holen, CSIO at Visma, and Cloudflares CEO Martin Levy, recalled the advancing automation in network management.

On the other hand, some referred to legal unsustainability. Any court would find disproportionate to sacking and removal of addresses as a consequence of a lack of “human” response to an abusive e-mail, predicted Nick Hilliard of the Irish Internet node INEX. Not to mention the amount of work the RIPE NCC would have to do. Above all, the measure brings no more security, said Hilliard.

Real culprits can hardly be deterred by a burdensome bureaucratic procedure. Similar comments hailed for the sanction proposal against BGP hijacking, which is even more difficult for the address managers to identify and prove.

Practically closed, the RIPE members present, in particular, vouched for a salami tactic in the use of the address self-government to enforce good conduct.

Soon, someone in one of the member countries of the RIPE coverage area might come up with the idea that certain content would have to be sanctioned. In addition to Europe, the area also includes the Middle East and Russia. Somewhere there was always something to complain about, said Hilliard before the meeting.

Peter Koch from Denic suggested that the RIPE urgently need to agree on what the purpose of the RIPE database is. The many attempts in recent years to use the database as a means of pressure, the original task to the opposite. The database was created as a tool to help the network administrators to coordinate the routing.

In Reykjavík, RIPE members are now actually initiating an initiative to rebuild the database. A task force is scheduled to start work in the coming months. Controversial is already at the beginning, who should be part of the task force. If you want to invite prosecutors, you should not forget the privacy advocates, Koch said.

But there may be a lot of time left until there is a new, clean database with a clear purpose. To counter the growing pressure from outside, RIPE chief scientist Daniel Karrenberg, one of the authors of the original database and founding member, appealed to the administrators. The network operators need to do more for secure routing. There are fewer problems if Route Filtering and RPKI are used as authentication steps for the routes. If they wanted to avoid the top-down systems that were brought up again and again, they had to invest in them, Karrenbergs appealed, promising: “If we do not do that, the future looks grim.”

Source: RIPE

Latest articles

Here’s How and When Mount Everest-sized ‘Devil Comet’ Can Be Seen With Naked Eye

Mount Everest sized Comet 12P/Pons-Brooks, also known as "devil comet" which is making its...

Something Fascinating Happened When a Giant Quantum Vortex was Created in Superfluid Helium

Scientists created a giant swirling vortex within superfluid helium that is chilled to the...

The Science of Middle-aged Brain and the Best Thing You Can Do to Keep it Healthy, Revealed

Middle age: It is an important period in brain aging, characterized by unique biological...

Science Shock: Salmon’s Food Choices Better at Reducing Risk of Heart Disease and Stroke

Salmon: Rich in Health Benefits, Yet May Offer Less Nutritional Value - This is...

More like this

Here’s How and When Mount Everest-sized ‘Devil Comet’ Can Be Seen With Naked Eye

Mount Everest sized Comet 12P/Pons-Brooks, also known as "devil comet" which is making its...

Something Fascinating Happened When a Giant Quantum Vortex was Created in Superfluid Helium

Scientists created a giant swirling vortex within superfluid helium that is chilled to the...

The Science of Middle-aged Brain and the Best Thing You Can Do to Keep it Healthy, Revealed

Middle age: It is an important period in brain aging, characterized by unique biological...