Proof of ownership; when someone demands you remove a prefix

[nanog-post at rsuc.gweep.net (Joe Provo)]

On Mon, Mar 12, 2018 at 11:46:31AM -0700, Sean Pedersen wrote:
> We recently received a demand to stop announcing a "fraudulent" prefix. Is
> there an industry best practice when handling these kind of requests? Do you
> have personal or company-specific preferences or requirements? To the best
> of my knowledge, we've rarely, if ever, received such a request. This is
> relatively new territory.
 
Best practice is for the prefix-user to have correct data of 
subdelegation in the correct RIR. LOA letters have been forged
since well before runout, in the days when they were faxed. 
Issues with potential RIR haacks should be taken straight to 
that RIR; those hve also been unfortunately common. These 
days, ROAs would be nice to see for anyone up-to-date on methods.  
At the very least, the low bar of IRR data should be present.

If there's only a private letter between two parties, no one 
a few hops away can validate that, so the user of the space 
flatly should expect poor propagation.  If there's no data
published that a remote party can use, there should be zero
expectation any remote party will accept the prefix on that
path.

IME this is pretty old territory, and should be part of any 
providers' M&P for handling PI space.

Cheers,

Joe

-- 
Posted from my personal account - see X-Disclaimer header.
Joe Provo / Gweep / Earthling