[anti-abuse-wg] Abuse Report ignored. What to do as next?
- Previous message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
- Next message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alessandro Vesely
vesely at tana.it
Thu Nov 30 13:15:58 CET 2023
On Thu 30/Nov/2023 12:40:46 +0100 Laura Atkins wrote: > What happens if / when someone doesn’t? A minimal, yet useful reaction would be to remove their abuse PoC from RDAP pages. If the convention is clear that network operators without abuse-c are non-responders, it is easy for all the others to add the corresponding IPs to their drop lists. Ripe NCC could even distribute non-responders lists. A motion to reclaim wasted resources can be set up at a later time. Best Ale >> On 30 Nov 2023, at 10:47, Matthias Merkel <matthias.merkel at staclar.com> wrote: >> >> The proposal is to send verification emails to abuse mailboxes and have a >> link in them clicked, right? I would have no objection to that. >> >> Is there more that is being proposed in this proposal specifically? >> >> — >> Maria Merkel >> >> This email was sent by [company]. Any statements contained in this email are >> personal to the author and are not necessarily the statements of the company >> unless specifically stated. >> >> Novecore and Staclar are collective trading names of Novecore Ltd., >> registered in England and Wales under company number 11748197, Novecore >> Licensing Ltd., registered in England and Wales under company number >> 11544982, Staclar Carrier Ltd., registered in England and Wales under company >> number 12219686, Staclar Financial Services Ltd., registered in England and >> Wales under company number 13843292 (registered offices 54 Portland Place, >> London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in >> England and Wales under company number 13965912 (registered office 13 >> Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, >> registered in Estonia under registry code 16543205 (local contact Baltic >> Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) >> Inc., registered in Delaware under file number 6707907, Novecore Licensing >> (USA) LLC, registered in Delaware under file number 4030866, and Staclar, >> Inc., registered in Delaware under file number 7413401 (registered agents The >> Corporation Trust Company, Corporation Trust Center, 1209 Orange St, >> Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in >> the United Kingdom under VAT registration number 347 4545 80. Novecore >> (Estonia) OÜ is registered for VAT in the European Union under VAT >> registration number EE102518979. Novecore Professional Services Ltd. is a >> trust or company service provider registered with and supervised by HM >> Revenue & Customs under the Money Laundering, Terrorist Financing and >> Transfer of Funds (Information on the Payer) Regulations 2017 (registration >> number XMML00000178208). Staclar Financial Services Ltd. is an Annex 1 >> financial institution registered with and supervised by the Financial Conduct >> Authority under the Money Laundering, Terrorist Financing and Transfer of >> Funds (Information on the Payer) Regulations 2017 (firm reference number >> 989521). Registration is not equivalent to authorisation and is not an >> endorsement to do business with a firm. Staclar Financial Services Ltd. is >> not an authorised person within the meaning of the Financial Services and >> Markets Act 2000 and does not review, approve, or endorse financial >> promotions for securities issues it is involved in or provide any form of >> investment advice. >> Sent from Front >>> On November 30, 2023 at 11:45 AM GMT+1 ops.lists at gmail.com >>> <mailto:ops.lists at gmail.com> wrote: >>> >>> There is somewhat more being proposed than that bare minimum of due >>> diligence but none of this makes ripe ncc a regulator any more than a >>> pharmacist verifying a prescription becomes the FDA >>> >>> --srs >>> ------------------------------------------------------------------------------- >>> *From:* Matthias Merkel <matthias.merkel at staclar.com >>> <mailto:matthias.merkel at staclar.com>> >>> *Sent:* Thursday, November 30, 2023 4:03:07 PM >>> *To:* Suresh Ramasubramanian <ops.lists at gmail.com >>> <mailto:ops.lists at gmail.com>>; Leo Vegoda <leo at vegoda.org >>> <mailto:leo at vegoda.org>> >>> *Cc:* anti-abuse-wg at ripe.net <mailto:anti-abuse-wg at ripe.net> >>> <anti-abuse-wg at ripe.net <mailto:anti-abuse-wg at ripe.net>> >>> *Subject:* Re: [anti-abuse-wg] Abuse Report ignored. What to do as next? >>> I have already noted that I have no objections to a proposal solely to >>> verify abuse mailbox functionality, but that we should be careful adding >>> anything further. Perhaps I wasn't clear enough in this: >>> >>> Arguably a proposal to simply require verification of the abuse mailbox >>> does not make the NCC a regulator (and, in fact, I think the NCC already >>> does this with ASNs), but I do not see how this would be an effective >>> measure. >>> >>> Making further requirements would make the NCC a regulator, and this may >>> be dangerous precedent. >>> >>> >>> Regarding the potential that government regulators will put rules in place >>> if we don't, I don't think this is a big concern here. Many governments >>> already do have those rules and already supervise network operators in their >>> countries. The issue in this specific case is that some countries simply >>> don't care, and do not have laws or regulations around the issue. >>> >>> — >>> Maria Merkel >>> >>> This email was sent by [company]. Any statements contained in this email are >>> personal to the author and are not necessarily the statements of the company >>> unless specifically stated. >>> >>> Novecore and Staclar are collective trading names of Novecore Ltd., >>> registered in England and Wales under company number 11748197, Novecore >>> Licensing Ltd., registered in England and Wales under company number >>> 11544982, Staclar Carrier Ltd., registered in England and Wales under >>> company number 12219686, Staclar Financial Services Ltd., registered in >>> England and Wales under company number 13843292 (registered offices 54 >>> Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., >>> registered in England and Wales under company number 13965912 (registered >>> office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore >>> (Estonia) OÜ, registered in Estonia under registry code 16543205 (local >>> contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); >>> Novecore (USA) Inc., registered in Delaware under file number 6707907, >>> Novecore Licensing (USA) LLC, registered in Delaware under file number >>> 4030866, and Staclar, Inc., registered in Delaware under file number 7413401 >>> (registered agents The Corporation Trust Company, Corporation Trust Center, >>> 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is >>> registered for VAT in the United Kingdom under VAT registration number 347 >>> 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European Union >>> under VAT registration number EE102518979. Novecore Professional Services >>> Ltd. is a trust or company service provider registered with and supervised >>> by HM Revenue & Customs under the Money Laundering, Terrorist Financing and >>> Transfer of Funds (Information on the Payer) Regulations 2017 (registration >>> number XMML00000178208). Staclar Financial Services Ltd. is an Annex 1 >>> financial institution registered with and supervised by the Financial >>> Conduct Authority under the Money Laundering, Terrorist Financing and >>> Transfer of Funds (Information on the Payer) Regulations 2017 (firm >>> reference number 989521). Registration is not equivalent to authorisation >>> and is not an endorsement to do business with a firm. Staclar Financial >>> Services Ltd. is not an authorised person within the meaning of the >>> Financial Services and Markets Act 2000 and does not review, approve, or >>> endorse financial promotions for securities issues it is involved in or >>> provide any form of investment advice. >>> Sent from Front >>>> On November 30, 2023 at 11:25 AM GMT+1 ops.lists at gmail.com >>>> <mailto:ops.lists at gmail.com> wrote: >>>> >>>> This is simply an ongoing verification that the justification and other >>>> paperwork which were used to allocate the numbers are reasonable and correct >>>> >>>> Consensus tends to work in strange ways - and room packing isn’t unknown if >>>> you see the example I cited >>>> >>>> --srs >>>> ------------------------------------------------------------------------------- >>>> *From:* anti-abuse-wg <anti-abuse-wg-bounces at ripe.net >>>> <mailto:anti-abuse-wg-bounces at ripe.net>> on behalf of Matthias Merkel >>>> <matthias.merkel at staclar.com <mailto:matthias.merkel at staclar.com>> >>>> *Sent:* Thursday, November 30, 2023 3:24:02 PM >>>> *To:* Leo Vegoda <leo at vegoda.org <mailto:leo at vegoda.org>>; Suresh >>>> Ramasubramanian <ops.lists at gmail.com <mailto:ops.lists at gmail.com>> >>>> *Cc:* anti-abuse-wg at ripe.net <mailto:anti-abuse-wg at ripe.net> >>>> <anti-abuse-wg at ripe.net <mailto:anti-abuse-wg at ripe.net>> >>>> *Subject:* Re: [anti-abuse-wg] Abuse Report ignored. What to do as next? >>>> Of course, this is not how consensus works. >>>> >>>> I also think you're misunderstanding my argument. I'm all for fighting >>>> abuse. A lot of my work is in abuse and fraud prevention and in the >>>> prevention of financial crime. I'm not arguing against preventing abuse, >>>> only against adding even more regulators where they aren't needed. >>>> >>>> The Gmail example still does not address my concern. They say what you can >>>> do with Gmail, which is the service. An IP address itself is not an >>>> abusable service, the systems addressed by them are. Gmail doesn't tell you >>>> what to do on third party services you sign up to with your gmail.com >>>> <http://gmail.com/> address. Google is responsible for Gmail. The RIPE NCC >>>> is responsible for the IP addresses. The network operator is responsible >>>> for the systems. >>>> >>>> — >>>> Maria Merkel >>>> >>>> This email was sent by [company]. Any statements contained in this email >>>> are personal to the author and are not necessarily the statements of the >>>> company unless specifically stated. >>>> >>>> Novecore and Staclar are collective trading names of Novecore Ltd., >>>> registered in England and Wales under company number 11748197, Novecore >>>> Licensing Ltd., registered in England and Wales under company number >>>> 11544982, Staclar Carrier Ltd., registered in England and Wales under >>>> company number 12219686, Staclar Financial Services Ltd., registered in >>>> England and Wales under company number 13843292 (registered offices 54 >>>> Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., >>>> registered in England and Wales under company number 13965912 (registered >>>> office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore >>>> (Estonia) OÜ, registered in Estonia under registry code 16543205 (local >>>> contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); >>>> Novecore (USA) Inc., registered in Delaware under file number 6707907, >>>> Novecore Licensing (USA) LLC, registered in Delaware under file number >>>> 4030866, and Staclar, Inc., registered in Delaware under file number >>>> 7413401 (registered agents The Corporation Trust Company, Corporation Trust >>>> Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. >>>> is registered for VAT in the United Kingdom under VAT registration number >>>> 347 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European >>>> Union under VAT registration number EE102518979. Novecore Professional >>>> Services Ltd. is a trust or company service provider registered with and >>>> supervised by HM Revenue & Customs under the Money Laundering, Terrorist >>>> Financing and Transfer of Funds (Information on the Payer) Regulations 2017 >>>> (registration number XMML00000178208). Staclar Financial Services Ltd. is >>>> an Annex 1 financial institution registered with and supervised by the >>>> Financial Conduct Authority under the Money Laundering, Terrorist Financing >>>> and Transfer of Funds (Information on the Payer) Regulations 2017 (firm >>>> reference number 989521). Registration is not equivalent to authorisation >>>> and is not an endorsement to do business with a firm. Staclar Financial >>>> Services Ltd. is not an authorised person within the meaning of the >>>> Financial Services and Markets Act 2000 and does not review, approve, or >>>> endorse financial promotions for securities issues it is involved in or >>>> provide any form of investment advice. >>>> Sent from Front >>>>> On November 30, 2023 at 10:48 AM GMT+1 leo at vegoda.org >>>>> <mailto:leo at vegoda.org> wrote: >>>>> >>>>> On Thu, 30 Nov 2023 at 10:44, Suresh Ramasubramanian >>>>> <ops.lists at gmail.com <mailto:ops.lists at gmail.com>> wrote: >>>>>> >>>>>> > >>>>>> > The funny part is that the abuse teams of the very same companies will >>>>>> be out there in other conferences working earnestly and well on best >>>>>> practices. If they were to turn up at a ripe meeting and provide >>>>>> consensus .. >>>>>> > >>>>>> > And before you accuse me of packing the room to generate artificial >>>>>> consensus >>>>>> >>>>>> Consensus isn't a numbers thing. I think you've misunderstood the process. >>>>>> >>>>>> Regards, >>>>>> >>>>>> Leo >>>>>> >>>>>> -- >>>>>> >>>>>> To unsubscribe from this mailing list, get a password reminder, or change >>>>>> your subscription options, please visit: >>>>>> https://lists.ripe.net/mailman/listinfo/anti-abuse-wg >>>>>> <https://lists.ripe.net/mailman/listinfo/anti-abuse-wg> >> -- >> >> To unsubscribe from this mailing list, get a password reminder, or change >> your subscription options, please visit: >> https://lists.ripe.net/mailman/listinfo/anti-abuse-wg > > -- > The Delivery Expert > > Laura Atkins > Word to the Wise > laura at wordtothewise.com > > Delivery hints and commentary: http://wordtothewise.com/blog > > > > > > >
- Previous message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
- Next message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]