Lina Tarasonyte - 24-11-2021 10:31:47
Hi everyone, I'm Lina from the RIPE NCC. This chat panel is meant for discussion ONLY. If you have questions for the speaker and you want the session chair to read it out, please write it in the Q&A window also stating your affiliation. Otherwise, you can ask questions using the microphone icon.
Please note that all chat transcripts will be archived and made available to the public on https://ripe83.ripe.net/.
Chris Buckridge - 24-11-2021 10:32:54
Niall O'Reilly - 24-11-2021 10:34:13
Farzaneh Badiei - 24-11-2021 10:34:27
oh you record the chat and keep it? I hope the future generations read it carefully and learn and not be in digital dark ages!
Lina Tarasonyte - 24-11-2021 10:36:45
Hello Farzaneh Badiei, yes, all chat transcripts will be archived and made available to the public on https://ripe83.ripe.net/.
Farzaneh Badiei - 24-11-2021 10:37:41
thank you Lina.
Lina Tarasonyte - 24-11-2021 10:39:20
you are welcome!
Maximilian Beiche - 24-11-2021 10:50:18
Sorry. took me a while, to write it down.
Remco van Mook - 24-11-2021 10:50:29
RIPE NCC is not the internet police +100000
Gert Doering - 24-11-2021 10:50:55
if you buy me a black helicopter, I can play the Internet Police for you
Andreas Wittkemper - 24-11-2021 10:51:40
Alun Davies - 24-11-2021 10:52:05
More info on RIPE NCC anti-abuse support here: https://labs.ripe.net/author/angela_dallara/ripe-ncc-anti-abuse-support-what-to-do-if-it-happens-to-you/
Shane Kerr - 24-11-2021 10:52:40
Good luck answering that Brian!
Cynthia Revström - 24-11-2021 10:52:42
Remco, yeah we all know that the secret-wg is the actual internet police. :P
Remco van Mook - 24-11-2021 10:53:07
police would imply some form of justice :)
Shane Kerr - 24-11-2021 10:53:14
Remco van Mook - 24-11-2021 10:53:25
Cynthia Revström - 24-11-2021 10:53:58
I am now thinking of the future people who might read these logs and find all the random unrelated chatter
Shane Kerr - 24-11-2021 10:54:04
I don't think anyone would argue that a police state is a just society. :-D
Anders Mundt Due - 24-11-2021 10:54:33
one thing is learning how to make abuse-c information in the database, it's a whole other problem making sure other people use abuse-c.. we're getting a lot of copyright violation messages that aren't ending up at our abuse-c address. so we can't deal with them (they've got a xml blob that our abuse folk know how to parse)
Remco van Mook - 24-11-2021 10:54:57
these logs would need a tom&jerry style disclaimer
Cynthia Revström - 24-11-2021 10:55:21
yes, nothing I have said so far should be taken too seriously
Shane Kerr - 24-11-2021 10:55:40
I think I'll submit a presentation for the next anti-abuse working group called "why we can't have nice things"...
Chris Buckridge - 24-11-2021 10:55:49
there are some more questions int he Q&A
Peter Koch - 24-11-2021 10:55:56
I agree "the problem" needs to be addressed (as if it wouldn't already), but I fail to understand why this should happen in the RIR context
Chris Buckridge - 24-11-2021 10:56:14
Farzaneh Badiei - 24-11-2021 10:56:29
how do you define abuse? I don't get it from the blog and it sounds like it is not limited to technical abuse
Cynthia Revström - 24-11-2021 10:57:20
I mean it depends on what you mean by "technical abuse", it is abuse that uses the network for facilitation.
Brian Nisbet - 24-11-2021 10:57:54
"how do you define abuse?" That would be the other huge question.
Marco d'Itri - 24-11-2021 10:57:57
not really: so far it has been understood to be "abuse of the network"
Farzaneh Badiei - 24-11-2021 10:58:10
so in the context of dns you have phishing, etc. abusive content is not technical.
Maximilian Beiche - 24-11-2021 10:58:20
Hi Peter, it does not necessarily have to be done at the RIR level. However, I believe that with this reasoning it will lead to "nowhere" finding a suitable position.
The RIR could be a good linking point, as the RIR may also have purely actual technical capabilities to take network-wide action.
But of course, you have to bear in mind that I am of course looking at it from the point of view of an advocate of affected persons.
Cynthia Revström - 24-11-2021 10:59:32
Brian, I think this might be a good thing to deal with at a potential training "what is abuse?"
Shane Kerr - 24-11-2021 10:59:34
Maximilian... in general, I think that the RIPE community feels at the Internet police are... the police! We have people who's job it is to enforce the law, and definitely they should do that.
Farzaneh Badiei - 24-11-2021 10:59:41
Maximilian, who are these affected persons?
Gordon Gidofalvy - 24-11-2021 10:59:52
A standardized way to report abuse would definitely be welcome. from my experience working at a server provider before, abuse reports can be very tiring to rifle through -- especially to find out at the end that it was a frivolous report (a host from your network is pinging mine!!)
Maximilian Beiche - 24-11-2021 11:00:05
Shane thats 100% right, the ripe should never substitute the police/prosecution
Farzaneh Badiei - 24-11-2021 11:00:53
how can you provide remedy through using this training?
Maximilian Beiche - 24-11-2021 11:02:34
Farzaneh, answered you in private chat, to not overload this discussion.
Gordon Gidofalvy - 24-11-2021 11:03:13
Adding onto what I mentioned before: the other part is reporters (especially automatised ones) just mailbombing the org by CC-ing every maintainer on a n abuse report (even if they do not handle them!)
Robert Scheck - 24-11-2021 11:03:15
Could there be a switch from the edit to the presentation mode in PowerPoint?
Maximilian Beiche - 24-11-2021 11:03:28
sorry, if I interrupted in the wrong time, was a general question and had to find the correct words first
Brian Nisbet - 24-11-2021 11:03:33
Cynthia, it would be great, but unfortunately the answer is muddy. I wish it wasn't.
Brian Nisbet - 24-11-2021 11:03:44
There are some things that are arguably very clear, but others that aren't.
Cynthia Revström - 24-11-2021 11:03:50
Farzaneh Badiei - 24-11-2021 11:04:01
Thank you. Just to remind us all, there is a well respected principle that we don't regulate behavior through Internet infrastructure where we can't afford any due process.
Brian Nisbet - 24-11-2021 11:04:30
Maximillian, there is no need to apologise, it's a useful reminder to those of us who have been too deep in this that a) it's not solved and b) we can't assume knowledge.
Cynthia Revström - 24-11-2021 11:04:39
amusingly enough, my hobby network has received far more abuse than abuse reports in it's abuse mailbox
Farzaneh Badiei - 24-11-2021 11:08:32
this is bringing me back nightmares of whois.
Cynthia Revström - 24-11-2021 11:10:42
WHOIS is the reason I got into the world of RIPE amusingly enough
Maximilian Beiche - 24-11-2021 11:11:00
Thank you all for your comments. Especially as someone who has only recently had contact with RIPE, such impressions are important. And it shows me that these topics have been discussed and that I can participate in these discussions in the future.
Farzaneh Badiei - 24-11-2021 11:11:32
we discussed purposes for years at ICANN. we got nowhere until GDPR hit.
Brian Nisbet - 24-11-2021 11:11:33
We look forward to your ongoing participation, Maximillian!
Peter Koch - 24-11-2021 11:13:13
It might be helpful to remember the connex of the "purpose of the DB" and the "purpose of the NCC"
Farzaneh Badiei - 24-11-2021 11:13:16
but purpose for what? to disclose data? why do we have to establish purpose? sorry I haven't read the report admittedly...
Farzaneh Badiei - 24-11-2021 11:13:32
yes also are we talking about third party?
Farzaneh Badiei - 24-11-2021 11:15:33
the purpose of whois back in the days was for some engineers to contact others and they all kind of knew each other and Internet was not so global... but that whois became an IP law enforcement battlefield.
Farzaneh Badiei - 24-11-2021 11:19:01
so then what happens when we agree on the purposes? what do we do with those purposes? are they grounds for disclosure?
Peter Koch - 24-11-2021 11:19:36
hint: "purpose" and "use case" might be distinct terms
Shane Kerr - 24-11-2021 11:20:19
We also suggested deprecating a lot of functionality!!! :-D
Leo Vegoda - 24-11-2021 11:20:37
I dislike the phrase "shadowy circles". This community is highly transparent
Farzaneh Badiei - 24-11-2021 11:20:46
+1 Peter ... it's too early in the morning for me to talk sorry about typing so much
Daniel Karrenberg - 24-11-2021 11:21:14
Let's have this discussion where it belongs: the db WG
Cynthia Revström - 24-11-2021 11:21:21
Peter Koch - 24-11-2021 11:21:32
@Farzaneh first, good morning, then my nsg was broadcast, not aimed at you
Peter Koch - 24-11-2021 11:22:17
@Daniel I think the discussion is bigger than DB WG, but agree, not ideally placed here
Farzaneh Badiei - 24-11-2021 11:23:31
@Peter Good morning. I agreed with "use case" v "purpose" ... I am having flash backs of never ending discussions.
Brian Nisbet - 24-11-2021 11:23:48
I'm very happy to have the questions raised here, and the awareness is needed, but ultimately, yes, as we did, back to DB for the core discussion, but I would agree it is wider.
Daniel Karrenberg - 24-11-2021 11:24:01
I like the title of the talk. We should make an effort to keep our community humour!
Brian Nisbet - 24-11-2021 11:24:06
I'm just so sad Peter didn't feel AA-WG worthy of a presentation from the TF. :( :)
Farzaneh Badiei - 24-11-2021 11:24:27
digital resources and providers? I dont get the joke
Farzaneh Badiei - 24-11-2021 11:24:33
is it "digital"?
Markus de Brün - 24-11-2021 11:26:08
I think Daniel meant "The Hijackers Guide to the Galaxy"
Farzaneh Badiei - 24-11-2021 11:26:14
good example of operational abuse.
Farzaneh Badiei - 24-11-2021 11:27:33
ah, thank you Markus. I missed the first slide while typing.
Peter Koch - 24-11-2021 11:29:32
@Brian: apologies, happy to take the blame, but AAWG wasn't really 'singled out' amongst the WGs, chosen based on prospective 'targets' of the recommendations
Brian Nisbet - 24-11-2021 11:30:09
It's ok, you just don't love us...
Brian Nisbet - 24-11-2021 11:30:16
I'll just weep silently in the corner.
Gert Doering - 24-11-2021 11:30:25
@brian: here, have a cookie
Eliot Lear - 24-11-2021 11:30:39
Seems to me like 2fa is pretty much accepted. Everyone has their favorite app, no?
Erik Bais - 24-11-2021 11:31:02
@brian: we still love you ;)
Brian Nisbet - 24-11-2021 11:31:12
Kurt Kayser - 24-11-2021 11:31:32
Kudos for the stenographers.. well done!
Cynthia Revström - 24-11-2021 11:31:34
yes that was it
Cynthia Revström - 24-11-2021 11:31:37
Peter Koch - 24-11-2021 11:32:40
hmm, Brian, catch22; publicly archived chat is not the right venue for that type of confession; see you in spatial - not a threat!
Brian Nisbet - 24-11-2021 11:33:19
Cynthia Revström - 24-11-2021 11:34:00
for those interested, Let's Encrypt did implement multiple perspective domain validation last year to make BGP hijacks less of a threat https://letsencrypt.org/2020/02/19/multi-perspective-validation.html
Job Snijders - 24-11-2021 11:35:19
Cynthia Revström - 24-11-2021 11:35:35
oh, hi Job!
Erik Bais - 24-11-2021 11:36:42
@gert & @brian : Google Authenticator is now offering export to paper / QR option ..
Robert Kisteleki - 24-11-2021 11:36:46
@Brian there's a difference between planned an unplanned change of device.
Gert Doering - 24-11-2021 11:37:21
yes, things are improving. And if you know in advance that your 2FA is going to break, it's fairly doable.
Gert Doering - 24-11-2021 11:37:34
The "oh, shit, it's broken, good that I have backups..." is what is not so nice...
Job Snijders - 24-11-2021 11:37:52
Everyone - please upgrade from TOTP to FIDO2/U2F :-)
Ondřej Caletka - 24-11-2021 11:37:58
2FA is only as secure as is its recovery procedure.
Robert Kisteleki - 24-11-2021 11:38:04
@Gert I make (secure enough) backups of the "2FA QR codes". it's really handy in case of unplanned changes
Gert Doering - 24-11-2021 11:38:06
since most 2FA Apps I have encountered (rightly so) do not store their stuff in "The Cloud Backup"
Gert Doering - 24-11-2021 11:38:32
@Robert: yes, this is good advice. To do so on day one, when importing the code...
Ties de Kock - 24-11-2021 11:38:47
You can also store the same TOTP in multple yubikeys if you need to use TOTP
Gert Doering - 24-11-2021 11:39:06
since I totally fail at this for the umpton of QR codes I have imported in 5 different authenticator apps... just pointing out the risk here. Better user training needed!
Ondřej Caletka - 24-11-2021 11:39:18
Also TOTP is a very user unfriendly way of 2FA. Fido/Webauthn is much more user friendly, especially with Fido tokens embedded in Windows/Android and macOS computers.
Robert Kisteleki - 24-11-2021 11:39:23
yes. good news is you can do it later too for the ones you forgot if you go through the pain of deliberately disabling / enabling 2fa. I strongly advise doing so
Ties de Kock - 24-11-2021 11:39:50
Webauthn is the best way to go. But needs support for multiple tokens on the other end (because I want two tokens active)
Ondřej Caletka - 24-11-2021 11:40:29
Definitely, Webauthn with support for just one token is implemented wrong :grinning:
Erik Bais - 24-11-2021 11:40:32
is his connection hijacked ?
Christian Bretterhofer - 24-11-2021 11:40:47
maybe his resources got highjacked?
Cynthia Revström - 24-11-2021 11:44:18
Theodoros Polychniatis - 24-11-2021 11:45:05
The current Ripe NCC Access solution is limited now, but we plan to review it in 2022 so that we can provide more authentication options.
Cynthia Revström - 24-11-2021 11:45:27
is it still Atlassian Crowd?
Yuriy Bogdanov - 24-11-2021 11:46:56
hi Erik )
Theodoros Polychniatis - 24-11-2021 11:46:57
yes, with a whole layer of custom software on top
Emile Aben - 24-11-2021 11:48:36
ack. There is different types of hijacking. I was talking about BGP hijacks, not other ones
Erik Bais - 24-11-2021 11:48:48
Erik Bais - 24-11-2021 11:49:17
Yuri, let's meet up on Spatial-chat if you have additional questions on that topic.
Remco van Mook - 24-11-2021 11:49:40
Yay for reselection!
Erik Bais - 24-11-2021 11:49:45
We all love Tobias !!
Cynthia Revström - 24-11-2021 11:49:47
while not being very involved, sure :)
Anders Mundt Due - 24-11-2021 11:49:49
+1 for Brian
Erik Bais - 24-11-2021 11:49:59
Michael Perzi - 24-11-2021 11:50:01
Alex Le Heux - 24-11-2021 11:50:01
Alexander Isavnin - 24-11-2021 11:50:03
Tobias Knecht - 24-11-2021 11:50:09
Thanks everybody! :)
Remco van Mook - 24-11-2021 11:50:09
that makes it official :)
Niall O'Reilly - 24-11-2021 11:50:33
Thanaks, Brian and speakers!
Cynthia Revström - 24-11-2021 11:50:33
is there a poll feature that could be used for these kinds of things?
Remco van Mook - 24-11-2021 11:50:53
there is :)
Erik Bais - 24-11-2021 11:50:59
Cynthia : yes there is. via de Ops.team
Erik Bais - 24-11-2021 11:51:17
Oh nice .. html integration .. :P
Cynthia Revström - 24-11-2021 11:51:36
maybe I can finally get my dinner I won at RIPE 80 :o
Hervé Clément - 24-11-2021 11:51:55
thanks Brian !
Erik Bais - 24-11-2021 11:51:58
Thnx for the session @brian.
Shane Kerr - 24-11-2021 11:52:00
Bye Brian! :-D
Yuriy Bogdanov - 24-11-2021 11:52:00
Will the be today time at Spatial chat? today is a busy day. Erik or you will be there?
Brian Nisbet - 24-11-2021 11:52:02
Thank you all!
Mirjam Kühne - 24-11-2021 11:52:04
Great job at chairing, Brian. Thanks
Lina Tarasonyte - 24-11-2021 11:52:33
This session has now ended. The next session is Database Working Group and it will start at 13:00. More info on the RIPE 83 meeting plan: https://ripe83.ripe.net/programme/meeting-plan/