nanog mailing list archives

Re: large BCP38 compliance testing


From: Alain Hebert <ahebert () pubnix net>
Date: Fri, 03 Oct 2014 15:20:58 -0400

    Well (beware it is friday),

    On the 1st of January 2015:

        . Refuse every routes;

        . Start accepting only those passing some sort of BCP38 specs
performed by some QSA =D;

        . ???

        . Profit;

On 10/03/14 15:03, Mikael Abrahamsson wrote:
On Fri, 3 Oct 2014, Rich Kulawiec wrote:

The same thing applies here: persistent, systemic sources of large-scale
abuse via BCP-38 noncompliance are either:

    1. Being operated by clueless, negligent, incompetent people
or
    2. Being operated by deliberately abusive people

There are no other possibilities.  (Note: "persistent, systemic".
Transient, isolated problems happen to everyone and are not what I'm
talking about here.)

It's difficult to know which of those two are true via external
observation, but it's not *necessary* to know: the appropriate remedial
action remains the same in either case: stop giving them the means.

So how do we detect these and make sure they feel pain for not doing
the right thing. The CIDR report hasn't incurred pain as far as I
know, so public shaming doesn't seem to work even in cases where we
can detect people incurring hurt on others. So how do we work this? It
obviously hasn't worked so far, what do we change to make this work?



Current thread: