Skip to main content

You're viewing an archived page. It is no longer being updated.


Anti-Abuse Working Group Minutes – RIPE 65

Date: Thursday, 27 September 2012, 14:00-15:30

WG co-Chairs: Brian Nisbet, Tobias Knecht

Scribe: Alex le Heux

Status: Draft

Brian welcomed the audience and introduced himself and Tobias Knecht, Anti-Abuse Working Group co-Chairs.

A. Administrative Matters

  • Welcome
  • Scribe, Jabber, stenography
  • Microphone etiquette
  • Approve minutes from RIPE 64

No comments on RIPE 64 minutes, declared final.

Finalise agenda:

No changes proposed to the agenda.

B. Update

B1. Recent List Discussion

These are all covered by the agenda.

B2. CleanIT Project Update - But Klaasen

The presentation is available at:

Anto Veldre, Estonian Information System Authority, said it was unclear how is it possible that some club will decide on fundamental rights that must be defined by law. He said he didn't understand prohibiting the usage of some languages, Arabic or Estonian, or how But succeeded in involving people in making such proposals.

But Klassen replied that he didn't understand the question.

Brian Nisbet, Anti-Abuse WG co-Chair, replied that he discussed this previously with Anto and will try to help him understand the question. He said they have some examples from brainstorming discussions and that some of them were about enforcing language use on the Internet. Some of the suggestions were on the outer edge of what this community would consider technically feasible. Brian said the question is: how did the people making such suggestions get involved and are these the bulk of the people involved.

But Klaassen replied that they don't keep track of who comes up with ideas. This could come from the public or a small discussion group. These are ideas that are under consideration, they came to them and they want to have discussion about them. If it's not legally feasible, it will not get to the end stage.

Daniel Karrenberg, RIPE NCC, commented that the problem he has is that on one hand, it's "just ideas", and on the other hand "you are EU". Daniel commented that what he's hearing from the audience is “first they tried child porn, now they're trying terrorists”. He added that there was a discussion with someone from Denmark who was explaining how he ran a grassroots thing to help people get around the filtering that has been implemented there. During the discussion someone asked if he wasn't doing something illegal. He was not, the filtering was sort of voluntarily done by the ISPs. He added that in this room, you sometimes have people from the technical community who have successfully resisted things like this in their own countries. He added that it was good But came to engage with them but taking the “it's all informal” stance doesn't build confidence.

But Klaassen replied that it wasn't all informal. The issue is that they want to have an open dialog. He said the project proposal states that it's a process for having a dialogue between different stakeholders in a multi-stakeholder environment and it happens rarely. He said that they're trying to do this with a balanced group and have an open and constructive dialogue and doesn't see why that's a problem. He said he understood there was a lot of misunderstanding around the blue and yellow flag, the document that says they will filter, and this will confuse people so that's why they didn't publish it.

Arjan Kamphuis, Bits of Freedom, thanked But for coming. He commented that if he would have followed the process and all the steps would have been communicated, that would have been great. He said that many of them had seen stuff like this before, like with ACTA and patents, and that when people first get a hold of documents and get worried, they get answers like “we're still discussing this” and then suddenly something happens and it gets locked in. This worries many people. He asked But to be proactive about communicating the dates.

Arjan then commented about the text. He said he contacted some former intelligence people and got two different responses. The first was that there is no definition of “terrorism”, it could be anything. The second person said that if you took the opening piece of text and replace “Al Qaeda” with “Pentagon”, the sentence still works because the Pentagon killed a hundred times more people over the last ten years. He asked what was the problem that But was trying to solve.

But replied that Arjan's comments are not too late and not too early. He said they ask participants to comment every time they publish it. They get many comments, many useful, and they have a lot of work. It's been like that from the beginning. He added they were not like ACTA and they have their own process.

But said that terrorism websites are not weapons but support terrorists' daily operations. They are looking for propaganda and radicalisation, that's what they face in counter-terrorism. They use the EU's definition in the document. They are trying to take an open approach and make the definition as clear as possible.

Jim Reid said they must be careful doing things in this area with the processes in place. Everyone agrees that something needs to be done but wondered how the processes are used on a daily basis. He said there was a concern about mission creep and that noble things like counter-terrorism laws can be deliberately used for other things when the scope and boundary conditions are not clearly laid out.

But replied that it was about trust and whether you could trust the government.

Jim replied that it's party about trust, but wondered where the audits and controls were.

But said he wanted to change the public image of trust in the government but he can't. He said that they needed to gain more trust to do the project as openly as they can and publish every two months.

Alexander Isavnin, ZAO NetLine, wondered how many terrorism acts have been prevented in the Netherlands. He said he was from a country that But didn't think was open and free and he was glad to see that slide because it shows an example of counter-terrorism in Russia. He said some students were jailed for preparing a terrorist act against Putin and they were caught on a forum on the Internet. They did make an explosive device. Interestingly, the person pushing them to do it and showing them how was never found. No one believes it. He added that the tradition in Russia is for law enforcement to provoke. He added that people shouldn't trust the counter-terrorism organisations in Europe that are trying to overrule the Internet.

Arjan, XS4ALL, via chat, asked if But could list some of the participants that have been “reached out too” in the creation of the document.

But replied that all partners and participants are listed on the website.

Brian added that he linked to that page last week. The participants don't state that they agree with the document.

But agreed and said that the process of commitments starts after the last conference.

B3. RIPE NCC Data Protection Legal Advice Update – Athina Fragkouli, RIPE NCC

The presentation is available at:

Athina Fragkouli

Shane Kerr, ISC, commented on slide 20. He agreed it was a hard problem but wasn't sure that MNT-BY inputs the data, but he wasn't sure that person determines the processing.

Athina replied that MNT-BY is not the "responsible party", the RIPE NCC is that by default.

Denis Walker, RIPE NCC, said by definition the ABUSE-C would not be personal data, that's why they provide bulk access to it.

B4. “Requesting feedback about abuse-finder widget in RIPEstat” - Christian Teuschel, RIPE NCC

The presentation is available at:

Christian asked if it would be useful for the RIPEstat team to put more effort into the abuse contact.

Three people raised their hands about abuse contact, no one raise their hand about more false positives, about five people raised their hand about more restricted, no one raised their hand about more checks like geolocation and two people raised their hand about distance in RIPE Database objects.

Wilfried Woeber, UniVie, commented that the distance only gives an indication about the cluefulness about the people who put in the entries.

Leo Vegoda, ICANN, said he looked through the anti-abuse stuff and popped in his private address and it said: "private address, no contact information". He said he looked at what they had in, and would like to offer to work with you to offer the quality of info to the average user.

Christian thanked Leo and said that the abuse widget is very new and they haven't had much time to improve it yet.

Peter Koch, DeNIC, asked for the policy for selecting blacklists. He said you register facts in the RIPE Database and here they extend it to a reputation system. He said the scrutiny is questionable and that the target audience is not qualified to judge this. He added that a line had been crossed and it made him nervous.

Daniel Karrenberg replied that this was not their database: it's RIPEstat. RIPEstat aims to get any data about a resource and present it. He said he shared Peter's concern about presenting it totally unqualified and they're working on that. Their policy is “anything they can get”. He added that the problem is that most blacklists don't permit re-publication and showing of history. These may not be the greatest ones, but to the knowledgeable person, the current state and history is useful thing to know. He said clearly it's not part of the registry, but part of the information services that the RIPE NCC provides. They want to put this into context for consumers that aren't usually geeks.

Christian asked the audience to send further feedback by email. Wout de Natris, a consultant, commented that what they're seeing here is Internet governance how it should be. He advised to gather information from as many independent places as they can. He added that there are a lot of botnet centres and ISPs cooperating with that. There is a lot of data to be gathered of what is going wrong there and they're making it visible, which is a start.

B5. “Re-allocation of address blocks” – Ingrid Wijte, RIPE NCC

The presentation is available at:

There were no questions.

B6. Operation of “Copy Shops” - Peter Forsman, .SE

The presentation is available at:

Daniel Karrenberg asked what the RIPE community could do to help?

Peter said he couldn't say exactly. He was just there to raise awareness because the Swedish law enforcement asked him to help find the websites that target Swedes. He said it couldn't be done, there are new ones next week.

Daniel asked why he thought that the new gTLDs made a difference. It makes no difference what the domain is, they went for the cheapest ones.

Peter replied that they go through .cn ones mostly. If ICANN has a problem with registrant data today, there won't be less of a problem with the new TLDs.

Daniel replied that the ones listed on his slide were GoDaddy and ENUM, not Chinese.

Peter said those were examples. If they see 1,000 new TLDs in the future, the price would be lower than .com today.

Daniel added that they would go for the cheapest ones and the ones that are not really good at publishing registrant data.

C. Policies

RIPE Policy 2011-06

Brian Nisbet announced that 2011-06 has reached consensus. He thanked the task force and Tobias who wrote the bulk of it and push it through. He said they'd speak to the RIPE NCC about implementation.

Daniel commented that he loved it and asked how he proposed not having it remain wishful thinking. He added that you can mandate all sorts of things but getting people to populate it is the hard part.

Brian said they'd work with the RIPE NCC on the basic information and looking at 2007-01, those are big jobs. He added that they've already talked about what's next in terms of policies such as data verification. He acknowledged that people would continue to do bad things but hoped this would be a first step in creating a framework to improve that.

Daniel commented that he's detecting antagonism about the RIPE NCC doing stuff without asking the community. He added that if they had to make people do something, the community should be directly involved. The community guidance should be very clear.

Brian agreed and said that he and Tobias have undertaken that work. Hesaid he did not want the RIPE NCC to get blamed for what's clearly a community request.

D. Interactions

Brian Nisbet said there haven't been many since RIPE 64 but 2011-06 might bring up some so they'll see what happens.

D1. Working Groups

D3. RIPE NCC Gov/LEA Interactions Update

Brian commented that it's been a quiet summer and that there's a certain amount of management by exception done by the LEAs. He said that he's spoken with Jochem de Ruig, RIPE NCC, and was informed about planned interactions with the LEAs.

X. A.O.B.

There were no AOBs.

Z. Agenda for RIPE 66

Brian Nisbet asked the audience to email input for the RIPE 66 Anti-Abuse Working Group agenda to the mailing list, to Brian and Tobias.

Brian thanked the audience and closed the session.