On Tue, May 07, 2019 at 07:25:49PM +0000, Michel Py wrote: > Hi Keith, > > > Keith W. Hare wrote : > > I have not yet seen a complete clear consistent definition of BGP/Route > > hijacking. Such a definition is a prerequisite to defining a meaningful > > policy. > > I agree.
I've always operated with the definition that a hijack is the purposeful subversion of the registrant's intended use of the registered prefix. (This proposal and thread is about BGP hijacks, but we also see registry hijacks and other forms.) A key problem in determining intent is that its publication is not mandatory (and that publication itself can be subverted, but that's not the flavour of hijack at hand). We have some organizations who positively assert their intent as doing so maximizes their relaible reachability, but there's a great many who do not, out of ignorance or desire. As a registrant, if I'm using this or that service which moves packets to my prefix (be it from my own ASNs, announcing it by my ISPs ASN, filtering through a DDoS scrubber, announced by my colo provider, etc) is still correctly registered to me, not that provider. If I'm smart, I will publish my intended announcement sources in - OriginAS in my whois - RPKI ROAs - IRR data ...and then anyone on the 'net can see if a given announcement (or their changes) is intented and expected or not. Cheers, Joe -- Posted from my personal account - see X-Disclaimer header. Joe Provo / Gweep / Earthling _______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
