Re: DoD IP Space

[Mark Foster <blakjak () blakjak net>]

Hi Mel,

I'd expect ARIN to hold them to account for complying with ARIN rules, 
if they are subject.  In years gone by, I have been able to contact US 
DoD organisations using published contact methods to address technical 
issues. So even if there's technical non-compliance (which i'd agree 
should be addressed), it could be a lot worse.

As for the DoD's accountability via your system of government, my view 
would be that instead of bogon-filtering addresses legitimately 
appearing in your BGP, with the justification being "they havn't 
before!", you could consider asking them via channels. Like 
https://open.defense.gov/transparency/foia.aspx for example.  But i'm 
not a citizen of the United States, so will happily plead ignorance as 
to whether this is likely to lead you to what you want to know or not.

In my country the government is also accountable to the people. But that 
doesn't mean I would expect an Internet Service Provider to deliberately 
sabotage the network access of their customers, either. Starts to feel 
like a net neutrality argument again.

Mark.

PS: If DoD make use of IP address space that they legitimately hold, i'm 
not sure you can call it a civilian resource, despite it interacting 
with civilian counterparts.  Any consumable held by a military 
organisation is a military resource and they'll make use of it based on 
their operational requirements. The best comparison I could think of, 
would be fuel (gasoline/petroleum/diesel/Jet-A1), all of which has both 
military and civilian application.

On 25/04/2021 7:40 pm, Mel Beckman wrote:
> Mark,
>
> ARIN rules require every IP space holder to publish accurate — and effective —  Admin, Tech, and Abuse POCs. The DOD 
> hasn’t done this, as I pointed out, and as you can test for yourself. Your expectation that the DOD will “generally 
> comply with all of the expected norms” is sorely naive, and already disproven.
>
> As far as “why does anyone on the Internet need to publish to your arbitrary standards”, you seem to forget that in the 
> U.S., the government is accountable to the People. Where a private company may not have to explain its purposes, the 
> government most certainly does in the private sector. With these IP spaces being thrust into the civilian realm, yes, 
> they owe the citizenry an explanation of their actions, just as they would if they had started mounting missile 
> launchers on highway overpasses. It’s a direct militarization of a civilian utility.
>
> Keep in mind that the U.S. Government — under all administrations — has shown that it will abuse every technical advantage 
> it can, as long as it can do so in secret. Perhaps you’ve forgotten James Clapper, the former director of national 
> intelligence, who falsely testified to Congress that the government does “not wittingly” collect the telephone records of 
> millions of Americans. And he was just the tip of the iceberg. Before Clapper under Obama there was the Bush 
> administration’s Stellar Wind" warrantless surveillance program. The list of government abuse of civilian resources is 
> colossal .
>
> Fighting against that isn’t political. It’s patriotic.
>
>   -mel
>
> > On Apr 25, 2021, at 12:02 AM, Mark Foster <blakjak () blakjak net> wrote:
> >
> > 
> > > On 25/04/2021 3:24 am, Mel Beckman wrote:
> > > This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at 
> > > a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. 
> > > The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and 
> > > networks. They tend to think they know “what’s good for” us.
> > >
> > >   -mel
> > Why does anyone on the Internet need to publish to your arbitrary standards, what they intend to do with their IP 
> > address ranges?
> >
> > Failure to advertise the IP address space to the Internet (until now, perhaps) doesn't make the address space any less 
> > legitimate, and though I'd expect the DoD to generally comply with all of the expected norms around BGP arrangements and 
> > published whois details, at the end of the day, they can nominate who should originate it from their AS and as long as we can see who 
> > owns it.... it's just not our business.
> >
> > Any organisation who's used DoD space in a way that's likely to conflict with, well, the DoD, gambled and lost.
> >
> > Mark.