[db-wg] ORG record vetting ?
- Previous message (by thread): [db-wg] ORG record vetting ?
- Next message (by thread): [db-wg] ORG record vetting ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jacob Slater
jacob at rezero.org
Mon Jul 29 07:25:44 CEST 2019
In this context, RIPE's published guidelines on due diligence ( https://www.ripe.net/publications/docs/ripe-700) cover what exactly is checked. From my experience, the guidelines are always enforced as written. As you mention, due to a variety of factors (based primarily on differences in jurisdiction), this process isn't always perfect. I'm sure the NCC deals with at least some of fraudulent activity as a result of the flaws you mention. Unfortunately, short of drastic measures (such as prohibiting certain jurisdictions from requesting resources), I can't see an easy way to improve the current situation. Do you have a suggestion for how the process could be improved? Jacob Slater On Sun, Jul 28, 2019 at 6:59 PM Ronald F. Guilmette via db-wg < db-wg at ripe.net> wrote: > In message < > CAFV686eMtz+rYPwbNZ90N-WhK-Q9auHTkN5AKTXBXvhj_HyQ1w at mail.gmail.com> > Jacob Slater <jacob at rezero.org> wrote: > > >Prior to an ASN or PI space being assigned by the NCC, the NCC goes > through > >and checks the organization info. > > Right. Got it. For some value of "checks". > > What would be the best way for a mere mortal, such as myself, to obtain > some elaboration on the meaning of the word "checks" in this context? > > Not to digress too much from that one question, but to be frank, this > whole notion of RIRs "checking" the organizations that they register > has puzzled me for some time. Let me explain. > > In every one of the five regions there are national or local jurisdictions > that are well known as corporate "secrecy" jurisdictions. I could easily > rattle off the names of several of these for each of the five regions, > but I'll spare you all and just assume you are all familiar with their > names also. > > In each of the five regions, there are jurisdictions that allow for > so-called > "nominee" officers, i.e. people whose names get attached to the corporate > registrations but who have neither any ownership of nor any day-to-day > control over the operations of the company. > > In each of the five regions, there are jurisdictions that will not reveal > the names of the actual "beneficial owners" of any given corporate entity > registered in that jurisdiction, i.e. in the absence of a lawsuit and/or > a court order to do so. > > In each of the five regions, there are jurisdictions that do not even > -collect- information about the names of the actual "beneficial owners" > of any given corporate entity registered in that jurisdiction. > > In each of the five regions, there are jurisdictions that DO collect > information about the names of the (alleged) "beneficial owners" of each > corporate entity registered within that jurisdiction, but where it is > well and widely known that nobody ever checks any of this information > due to an alleged lack of funding to do so (e.g. UK). > > In each of the five regions, there are jurisdictions that do not and will > not reveal any information about -either- "beneficial owners" or even > nominee officers in the absence of a lawsuit and/or a court order to do so. > > In each of the five regions, there are jurisdictions that do not operate > -any- publicly accessible registry list of the corporate entities that > -are- in fact legally incorporated in that jurisdiction. > > In each of the five regions, there are jurisdictions that do not, as a > matter of either law or policy, divulge even the nanes of the corporate > entities that are duly registered as legal entities within that > jurisdiction, > let alone any other or additional information about corporate entities, > and these jurisdictions will not release even this minimal kind of yes/no, > exists / doesn't exist kind of information on cororate entities in the > absence of of a lawsuit and/or a court order to do so. > > In each of the five regions, there are jurisdictions that respect only > their > own local court rulings while utterly ignoring everyone else's (e.g. > Nevis), > and some of these jurisdictions go one step further and also make it both > exceptrionally difficult and exceptionally expensive for outsiders to avail > themselves of whatever passes for "justice" in these jurisdictions. > > In light of the final two paragraphs above, I am, have been, and remain > in a state of ceaseless wonderment when it comes to this notion of RIRs > vetting "all" entities that are resource holders in the various regions. > The plain facts of the case would logically seem to render even the most > minimal kind of *independent* vetting inherently and provably impossible, > even in the best of conditions, at least with respect to those corpprate > entities that have been formed within one of these maximally discreet > corporate secrecy jurisdictions that litter the globe in every region. > > Am I wrong? Or should I just accept this self-evident logical quandary > as yet another one of the eternal, mystical, and insoluable mysteries of > the Universe, like what happened before the Big Bang and where single > socks go when they somehow escape, apparently of their own volition, from > the dryer, never to be seen or heard from again? > > > Regards, > rfg > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/db-wg/attachments/20190728/aa7ac98f/attachment.html>
- Previous message (by thread): [db-wg] ORG record vetting ?
- Next message (by thread): [db-wg] ORG record vetting ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]