Should IP address managers sanction their members’ misbehavior by removing IP addresses? Two similar proposals are heating up the mood at the 78th RIPE meeting in Reykjavík this week. Opponents speak of abuse of the self-government process. The advocates warn that otherwise state regulation could threaten.
Read More Stories: eSports and 5G: the Vodafone and ESL tournament
How to proceed against erroneous entries?
Incorrect or missing entries in the RIPE’s database, which lists who owns which IP addresses, are a perennial favorite in the debates over the rules that the community of IP address administrators give themselves. The obligation to enter a contact address on the victims of abuse can turn to the responsible network operator or address owner, there is quite some time.
Read More Stories: Researchers study how augmented reality affects our behavior
Since this year, it is also checked annually whether this “Abuse Contact” is still right. The RIPE NCC, the full-time arm of RIPE, has sent out all 22,500 memberssince the beginning of the year.
That’s not enough, but says Jordi Palet Martínez, who works as an advisor in the field of IPv6, especially for authorities in many countries. Martínez now demands that when checking the “abuse-contacts” in the future, it must also be ensured that a person actually answers at the other end of the line. As before, there might be “fake emails or random emails”.
Read More Stories: Starlink: SpaceX’s first 60 satellites in orbit
“Some mailboxes are never looked at,” Martínez complained at the meeting of the RIPE Anti-Abuse Working Group in Reykjavík. His suggestion : If the RIPE NCC does not answer a real human being within 30 days, penalties should be given – up to the withdrawal of all IP addresses and the exclusion of the corresponding member. Similar proposals have been suggested by law enforcement officials in the past. In a second proposal Martínez also demands the punishment for BGP hijacking. He meant the use of external IP addresses or AS numbers, he explained in the heated debate.
Read More Stories: Social Network: Over two billion fake accounts via Facebook
Salami tactics for sanctions
The RIPE NCC has to be careful that such and similar proposals do not make it a “routing police”, critics say. On the one hand hardly practicable called the opponents the ideas. RIPE Chairman Hans Petter Holen, CSIO at Visma, and Cloudflares CEO Martin Levy, recalled the advancing automation in network management.
On the other hand, some referred to the legal unsustainability. Any court would find disproportionate to sacking and removal of addresses as a consequence of a lack of a “human” response to an abusive e-mail, predicted Nick Hilliard of the Irish Internet node INEX. Not to mention the amount of work the RIPE NCC would have to do. Above all, the measure brings no more security, said Hilliard.
Read More Stories: Who Are The Scientists Camels? How do they get legal drugs to investigate?
Real culprits can hardly be deterred by a burdensome bureaucratic procedure. Similar comments hailed for the sanction proposal against BGP hijacking, which is even more difficult for the address managers to identify and prove.
Practically closed, the RIPE members present, in particular, vouched for a salami tactic in the use of the address self-government to enforce good conduct.
Read More Stories: Google redesigns the SERPs on mobile devices
Soon, someone in one of the member countries of the RIPE coverage area might come up with the idea that certain content would have to be sanctioned. In addition to Europe, the area also includes the Middle East and Russia. Somewhere there was always something to complain about, said Hilliard before the meeting.
Read More Stories: Windows 10 and IE11: zero-day exploits available
New database, secure routing
Peter Koch from Denic suggested that the RIPE urgently need to agree what the purpose of the RIPE database is. The many attempts in recent years to use the database as a means of pressure, the original task to the opposite. The database was created as a tool to help the network administrators to coordinate the routing.
Read More Stories: Google Duplex: Machine reservation often needs human help
In Reykjavík, RIPE members are now actually initiating an initiative to rebuild the database. A task force is scheduled to start work in the coming months. Controversial is already at the beginning, who should be part of the task force. If you want to invite prosecutors, you should not forget the privacy advocates, Koch said.
Read More Stories: Linux gets CPU frequency scaling for Raspberry Pi
But there may be a lot of time left until there is a new, clean database with a clear purpose. To counter the growing pressure from outside, RIPE chief scientist Daniel Karrenberg, one of the authors of the original database and founding member, appealed to the administrators. The network operators need to do more for secure routing. There are fewer problems if Route Filtering and RPKI are used as an authentication step for the routes. If they wanted to avoid the top-down systems that were brought up again and again, they had to invest in them, Karrenbergs appealed, promising: “If we do not do that, the future looks grim.”
Read More Stories: Huawei: the alternative to Android already in the fall?