Proof of ownership; when someone demands you remove a prefix
spedersen.lists at gmail.com
Mon Mar 12 18:46:31 UTC 2018
We recently received a demand to stop announcing a "fraudulent" prefix. Is
there an industry best practice when handling these kind of requests? Do you
have personal or company-specific preferences or requirements? To the best
of my knowledge, we've rarely, if ever, received such a request. This is
relatively new territory.
In this case we have a signed LOA on file for that prefix and I've reached
out to our customer to verify the validity of the sender's request. The
sender claims to have proof that they are authorized to speak on behalf of
the owner. I will wait until I hear from our customer before I consider a
response to the sender. I don't get a real sense of legitimacy from the
sender making the request. No one else announces the prefix. Nothing about
the request appears to be legitimate, especially considering the sender.
I thought about requesting they make changes to their RIR database objects
to confirm ownership, but all that does is verify that person has access to
the account tied to the ORG/resource, not ownership. Current entries in the
database list the same ORG and contact that signed the LOA. When do you get
to the point where things look "good enough" to believe someone?
Has anyone gone so far as to make the requestor provide something like a
notarized copy stating ownership? Have you ever gotten legal departments
involved? The RIR?
More information about the NANOG