funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups)

From: Valdis.Kletnieks () vt edu
Date: Mon, 19 Oct 2009 15:29:34 -0400
On Mon, 19 Oct 2009 15:03:24 EDT, der Mouse said:


I don't really know the structure of the top of the pyramid.  My
impression is that the IANA and/or IAB would have to be the entity to
impose responsibility when it delegates authority, but ICBW - whom is
it the RIRs and domain registrars contract with to get their authority?


The IAB has basically zero actual power - about the only thing they have any
control over is the IETF.  And the IETF doesn't have any power either - they
just publish RFCs and hope the marketplace actually uses them.  Proof of this:
RFC2827 - everybody agrees that ingress/egress filtering is A Good Thing, but
far too many sites don't do it...

Address space assignments start at the IANA, but they basically farm out an
entire /8 at a time to the regional RIR authorities (RIPE in Europe, APNIC in
the Pacific Rim, and ARIN in US/North America), who then give out /16's or so
to companies.  However, they do *NOT*, repeat *NOT* do any sort of policing of
what they get used for, other than to check your business plan to verify that
yes, you really *will* burn through a /14 in the next 2 years.

Something they explicitly do *not* do:  Guarantee the space is actually
routable. There's a fair amount that's in people's bogon filters from 5-6 years
ago and never updated when the /8 was actually put into use, or it's
scorched-earth address space that's blocked because it was abused by the
previous owner.  So you're not going to find any joy at IANA, and I don't
expect the RIRs to be able to *do* much of anything either.  Your best bet
is to convince people to not accept BGP announcements from miscreants.

Domain registrations derive from ICANN, which delegates to the registrars.
All I'll say here is "these are the people who brought you domain tasting".

Attachment: _bin
Description: 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: