[153947] in North American Network Operators' Group
Re: ZOMG: IPv6 a plot to stymie FBI !!!11!ONE!
daemon@ATHENA.MIT.EDU (Arturo Servin)
Mon Jun 18 09:14:01 2012
From: Arturo Servin <arturo.servin@gmail.com>
In-Reply-To: <11B526C7-5B3D-42EC-8D01-584F1B11199D@delong.com>
Date: Mon, 18 Jun 2012 10:13:07 -0300
To: Owen DeLong <owen@delong.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 18 Jun 2012, at 09:48, Owen DeLong wrote:
>=20
> On Jun 18, 2012, at 4:50 AM, Arturo Servin wrote:
>=20
>>=20
>> On 17 Jun 2012, at 20:29, Owen DeLong wrote:
>>=20
>>>=20
>>> Lather rinse repeat with a better choice of address...
>>>=20
>>> 2001:550:3ee3:f329:102a3:2aff:fe23:1f69
>>>=20
>>> This is in the ARIN region...
>>>=20
>>> It's from within a particular ISP's /32.
>>>=20
>>> Has that ISP delegated some overlapping fraction to another ISP? If =
so, it's not in whois.
>>> Have they delegated it to an end user? Again, if so, it's not in =
whois.
>>>=20
>>> Same for 2001:550:10:20:62a3:3eff:fe19:2909
>>>=20
>>> I don't honestly know if either of those prefixes is allocated or =
not, so maybe nothing's wrong
>>> in this particular case, but if they have been delegated and not =
registered in whois, that's
>>> a real problem when it comes time to get a search warrant if speed =
is of the essence.
>>>=20
>>> Owen
>>>=20
>>=20
>> Not being in the whois is not an indicator that the ISP (to whom =
the address block has been delegated) does not know about which customer =
has an IP (v4 or v6, doesn't matter). I have seen tons of ISPs that do =
not publish delegations in the whois but have a huge excel worksheets =
where they record every suballocation.
>> =09
>> You just need a warrant to see that info. Ergo, the FBI, =
interpol or you name it should not have problem to get them.
>>=20
>> /as
>=20
> Right...
>=20
> However...
>=20
> 1. That's a violation of resource policy.
> 2. It's an extra step and multi-day delay in a situation where time =
may be of the essence.
>=20
> Further, we're not talking about the recording of every end-user =
assignment so much as the fact that in some cases, large delegations to =
down-stream ISPs are not recorded in whois. My understanding from =
talking to the FBI/DEA people is that they want to be able to serve the =
correct ISP on the first try rather than iterating through multiple =
layers of delegations.
>=20
> That does not seem an unreasonable expectation.
>=20
> Owen
>=20
Not at all an unreasonable expectation.
And that's the way it should be IMO.
My point is that v6 is not very different than IPv4 in that =
respect.
/as
