I would personally reach out to the technical POC for the customer. Perhaps have your sales rep for the account resolve the issue. Steven Naslund Chicago IL -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Sean Pedersen Sent: Monday, March 12, 2018 1:47 PM To: nanog@nanog.org Subject: Proof of ownership; when someone demands you remove a prefix We recently received a demand to stop announcing a "fraudulent" prefix. Is there an industry best practice when handling these kind of requests? Do you have personal or company-specific preferences or requirements? To the best of my knowledge, we've rarely, if ever, received such a request. This is relatively new territory. In this case we have a signed LOA on file for that prefix and I've reached out to our customer to verify the validity of the sender's request. The sender claims to have proof that they are authorized to speak on behalf of the owner. I will wait until I hear from our customer before I consider a response to the sender. I don't get a real sense of legitimacy from the sender making the request. No one else announces the prefix. Nothing about the request appears to be legitimate, especially considering the sender. I thought about requesting they make changes to their RIR database objects to confirm ownership, but all that does is verify that person has access to the account tied to the ORG/resource, not ownership. Current entries in the database list the same ORG and contact that signed the LOA. When do you get to the point where things look "good enough" to believe someone? Has anyone gone so far as to make the requestor provide something like a notarized copy stating ownership? Have you ever gotten legal departments involved? The RIR?