Connect with RIPE 59 : Facebook Twitter dopplr del.icio.us RSS linkedin

These are unedited transcripts and may contain errors.


The NCC Services Working Group session commenced on the 7th of October, 2009, at 4 p.m. as follows:

CHAIR: So, it's again time for the favourite Working Group of all, the NCC services one. We have a pretty packed agenda, we have an unusually packed agenda.

A few things before we start. As you do know, as soon as we are done here we are going to go straight to the RIPE NCC AGM, for those of you who are members of RIPE NCC and go straight from here to wherever the AGM is. It's somewhere close by. If you haven't registered or picked up your registration, I think you might still have a few minutes do so at the registration.

When we are done with the AGM, afterwards there is buses going to the social event from the terrace, starting at 7:00 and running until 8:00 and the dinner starts at 7:30.

With that go to the agenda, one small announcement in somewhere there as well, do that later.

And administrative matters: RIPE NCC normally provides us a scribe and monitor. I don't know who is scribing and monitoring for us. An applause for all the work they do. When you go to the microphone, please state your name and affiliation because this is webcasted and there seems to be quite a few people following us on webcast.

The minutes for the last meeting were sent out some time ago, I didn't see any comments on the mailing list. Unless anyone has any comments I think we can take these minutes as approved and have them posted. No additions so minutes approved.

And with that we go back to the agenda and first up is the traditional NCC update by Axel.

AXEL PAWLIK: Thank you, Kurtis.

All right, short update from the RIPE NCC. I am the Managing Director and you probably have heard quite a lot of what I am going to say here earlier this week in various Working Groups and plenaries so I will try to keep it short, also seeing there is a social that we are all waiting for or general meeting. That is right at the end of of the hallway.

Customers. We have a couple of departments, in?house they do different things depending on where they are, how they are called. Customer service basically looks after our members and customers in the wider sense and they do help other departments in?house to deal with their administrative stuff. And their members, services would have the setting up of new members, billing, administrative LIR Portal support and LIRs and also 2007?01 has fall into their laps quite brutally.

Coordination activities, they look after user support for database and DNS group and on information services they handle contracts for TTM and DNSMON, so that all goes fairly well. The one big, well, change that we are investigating currently there is to engage with our members and our customers in the wider sense by some other way than just e?mail, other RIRs are doing this so we are looking at this ourselves also. We have somewhat mixed feelings about it but we will try to make it a better experience for you. You tell us what you think of that.

Some statistics: Just over 21,000 tickets handled last year and we are over 14,000 tickets so far and various ticket areas, these are just the main categories we have there, and obviously we want them to go down because our services are so easy to understand and there won't be any billing issues any more so it's easier for you and us.

Registration services: Also going well, quite a high ticket load. We do have a project for quite some time on reclamation basically looking at IP address space and members or ex?members, members that don't pay any more, members ?? we can't find any more and I have statistics about that a little bit later on. But it's going better than we thought in principle, not that it would make that much of a difference in terms of address space, we do get back, but it's cleaning up the stuff and basically doing what we said we would be doing. Also we are putting a higher, again, higher emphasis on auditing our members, basically the idea is to start 40 new audits every month. Also, in the way of keeping our registry up?to?date and helping you do a good job as well.

Registration services: As I said 2007?01 implementitation is quite a heavy load, although, again, it went better than we, so far, than we thought originally or we feared. They are also quite busy with helping and working together with science group on the registration data quality project and again we have KPMG in?house auditing our registration services on the process making sure we do a good job.

Training as we know, entirely popular. They have done ?? they have trained 1,500 people this year already. 63 courses in 36 countries. Very popular. And due to that we also invest more in e?learning, DNS basics module, we have done, DNS vulnerabilities, we are currently working on and will be released later this year if everything goes well. New database modules. A lot of areas we need to work on here and we see that and we think that this e?learning is quite a helpful thing also to widen the base where we don't have to personally attend obviously.

We started full?day training course in IPv6, remember, in Dubai a year ago, where I put the question to you whether we should be doing anything like this or rather not; and you said, you do it in areas where it doesn't interfere with us, doesn't pose a threat or competition to us. We have started doing this, they seem to be very, very popular. Also, we have done, again, on the way of IPv6, testimonials and some of you we have tortured and filmed and put on our website there and the IPv6actnow.org website you have seen that and a lot of people look at it so it must have been a good idea to do this. And we do go to a lot of other people's conferences and events to talk about, of course, what the RIPE NCC is and primarily IPv6 there.

We have an in?house software group and they, well, they are beleaguered by lots of requests from all over the place within our company. Obviously, again, 2007?01 was very popular thing to request their support for that basically in tools. New meeting registration software has been done and is being continually developed now. Certification, yes, as, you know, we have invested it quite a bit in this area and are continuing to do so. Now we will probably focus in the next couple of months on the policy part of it. But this is still ongoing and our legacy stuff in?house in terms of registration services systems has been designed and is being implemented, so also, working in registration services should be coming more easier and more efficient. And some other stuff you have seen as well.

Closing members: Why are we talking about this now? We do, as I said earlier, we do close members from time to time, mostly when they don't want to pay any more or have vanished from the face of the planet. We need a bit of a clarification in how we do it, when, why we do it, so we need clarification in the ?? we have a policy there. We need to rewrite, in parts, our procedure document and, of course, it's also important for memberships statistics just and ?? for the revenue, we might get some people back and some money back as well.

Basically want to tell you what we are doing, how we are doing it, what the experience is. Also, as you might imagine, there is some interest from other quarters about chucking bad potatoes out or apples out. This is quite a touchy thing. We need to talk about this quite openly and develop an understanding of what RIPE NCC can do, what RIPE NCC should do and should not do. So basically I am looking at Brian there through the light and there is the Anti?Abuse Working Group coming on, I think tomorrow, and maybe you want to talk about some of the aspects of closures there.

Reasons for closure: As I said, most of you guys ex?members didn't pay any more, so we tried to remind that you we are still there and that we might provide a useful service to you and we send reminders and more and in the end no, we close you.

Then there are the ?? the next biggest group, about a quarter, is mergers and takeovers, not really closure, sort of cleaning up the files. Some of our members have gone away voluntarily, I don't know, maybe going out of business and very oddly telling us that they don't want to be members any more and they say bye and we close the files. And some small numbers in various different things.

As I said, it was or is a somewhat surprisingly positive experience when we look at reclamation there. Basically, what we do when we close a member, we try to contact the registry to get resources back and what happens if nobody is at home and talks to us after continued tries, and we go and this is apparently not used, we will claim and put it into and that is it for the time being. If the space used by the not replying member is apparently used on the Internet, is announced, we do contact the upstreams and ask do you know these people you are routing traffic for and if that is so, then maybe wecan reach them; if that is not the case, no contact information available, we do contact the upstreams and ask them to stop routing that traffic for those blocks and they do that in many cases, most cases.

The whole process we do reclaim addresses, 5 million sounds like a lot but it's not really. We also find people who suddenly remember that, oh, yes, that is what that invoice was for, the RIPE NCC, and actually they want to be members and we bring them back home and into the fold and they give us some money; this is not about the money, it's more about membership and finding them and reminding them that we are there.

We want to continue this, we want to rewrite RIPE?301, basically spelling out precisely how this all should work easily and smoothly and understandably. Most of you, of course, won't have to do this because you won't go away.

In?house further we have not only the software group but also as well as the support groups basically IT, some of the people are running around here and providing infrastructure for this meeting, which is great. They also provide lots of infrastructure at home and lots of improvements over time. Some of them, I see some of them I don't really see ?? I moaned a bit about two factor identification, it'll be a pain to use, more pain than now apparently. But it's all in your interests and keep your stuff safe and our network closed for outsiders obviously.

Domain services running and deploying more root servers of the K variety. We do that. We put one into Africa, we are currently preparing looking at researching one for Brazil. This is something that we continue to do not as a high pressure ?? high priority activity but something that we think we can do to improve the Internet experience here and there and yes, that is what we do. Perhaps you heard about that, RIPE labs. I think it is important to reiterate here that that is a feature that is basically a presentation layer on top of existing or tools that are being developed, ideas that are coming out. This is basically a presentation and community and obviously we aim to be the community builder, to engage you all and you and other people out there on the great big Internet to become part of this and, yes, help us rolling out new services and other people, you people as well that have ideas. This is part of the communications activities, really. This is not part of the technical infrastructure of the RIPE NCC, this is presentation. And to continue to look and comment and contribute. We have seen, obviously, a spike yesterday in people who looked at this, this should grow and prosper, I think it's a good thing for all of us.

Information services development. Quite a lot of tools here that are being developed over time, have been developed are still being developed. The really exciting stuff now also you have seen yesterday is NetSense. That is the one, again, presentation layer where we show what you can do with all the tools underneath it that in part we have had for quite some time.

Again, quality of the registry, the science group has been very instrumental in putting cycles into looking at this, fixing the problems that ?? thank you, Geoff, if you are here ?? he keeps bugging us about inconsistencies among the RIRs. This is making great progress ? well, progress, slow progress but progress ? and what it has ?? Robert has a few slides he is going to show this afternoon as well.

You have seen that at work that is a new tool, we want to develop this further to help look at various bits of history, of various address blocks. This could also become a very, very important and very helpful tool. This is, I think, the first one that goes through labs to garner, commence support and being developed with the help of labs.

Now, if you were here the previous session, you have seen that we are reaching out quite a lot to a lot of people, to a lot of people outside of this technical community also, and I have just a list of acronyms there, together with our friends from the other RIRs within the NRO we do talk to ICANN and the OECD and IGF, ITU, we go to industry events, like currently quite a lot of people are down in Geneva, the telecom world. What I have done is I have donated quite a sizable chunk of Paul's time, Paul Rendek's time, to the NRO to help run this, to focus this and he complains because now he works 150 percent instead of 100 percent, probably 120 before, but life is too bad. So I think this is essential that we do this, among the RIRs and with your support. ASO, the address supporting organisation, being supported by the NRO numbers council is something ?? the secretariat for that is something that currently sits this year at the RIPE NCC and Nick and Paul came crying to me at the beginning of the year: "We don't have the capacity to do this." They do this anyway. It's important we do this. Next year it will go away and life will be easy again. I can give more time of Paul to other good causes.

IPv6 Act Now. An important thing. That is something that suddenly came up and was done ? well, was there. It's never done; it will be continually developed. It is not aimed much at you but more at the broader community and broader technical community and other people who asked you what are you doing about pushing IPv6. So that is that.

Then of course, there are the many events that fall squarely within the RIPE NCC service region and the RIPE area, I call them our own. Now, there are the RIPE NCC round tables for governments and regulators, two per year that they we do and they are quite popular. Little workshops for law enforcement people that we support. They are the regional meetings where we go to Moscow or the Middle East, very successfully I think over the last five years or so already. They do need also some staff support. The other regional events Paul mentioned, national or regional IGF?related things that we think is useful to attend. IPv6 survey, you heard about this earlier in the plenary so I don't talk that much about that. These are things that we need to do.

Now, the question is, is there enough, are you happy with that? We are here to serve you, primarily, our members, and our community beyond our members, whatever that is, technical community, maybe. But there are other stakeholders also, there are the governments and regulators and the general public and businesses out there and we think if we address them through going to it the IGF and maybe pulling off more effort together with the other RIRs as the NRO, what we do there is we would benefit our members indirectly through defending whatever it is, the bottom up industry self regulatory process. There should be a P at the end of that. This is something that doesn't benefit you directly but indirectly. If we do our stuff correctly here people will build some understanding of this process, of this group of the way we are working and hopefully they will leave us alone. That is the idea here or they will come and attend and be part of this.

So, in our daily work, over the year in dealing with our members we document our plans for next year. There is an activity plan and you probably have read it already. We do present it and publish it a couple of weeks before the general meeting always and it's a public thing. We do present here, we do make announcement on the mailing list, we have a member mailing list, we have used that more than usual over the last few months with some success I would think. But especially talking about the activity plan, there is usually no comment about that from you people, which I think probably is good and I can turn over in my bed and go back to sleep and do the stuff that I usually do. That is my interpretation. Tell me if that is not so if it's bad and would you rather say something about that.

Basically what I am trying to impress on you is we think we do good jobs for you and spend lots of your money on very valuable causes. If you disagree with this, let us know. If you see holes in our portfolio where you think we should be doing things that you are waiting for years for us to pick up, tell us. It's quicker and easier. And that basically is what this slide is about. Please tell us.

And this was obviously the very first part of the general meeting presentation already and we will continue with all the intricate details of money and stuff at the general meeting properly in about an hour's time I would hope.

Thank you. Any questions or comments or suggestions?

CHAIR: No.

AXEL PAWLIK: I roll over in bed and dream then.

(Applause)

CHAIR: Next we have Robert on registration data quality.

ROBERT KISTELEKI: So those of you who have been in the previous meeting in Amsterdam might remember that I gave a presentation about the registration quality projects itself. I showed you the methodology that we do and the whole idea was introduced that we are actually doing it and we do try to take care of our registration data and try to make it better over time. This is just a really short update on what we have been doing in the last half a year about this topic.

Since May, major events that have been done are listed here. Basically, this is an ongoing effort so we have now the toolset which is able to measure to some extent to our definition the quality of their data inside the NCC and that means that the tool is there but obviously the bulk of the work is actually correcting the problem that the tool identifies and that is continuous effort so has been going on over the last half year. Registration services internally now have dedicated people for this project so they are working hard to make sure that the quality is improving and not degrading over time and they have actually made good progress in that both in the continuous way of doing this and also in bigger chunks, as you will see in these two graphs. To some extent they show.

So this is the last half a year on logarithmic scale and I put up three lines of the year to make it easier. The top two are actually just for reference, the red one is RIPE NCC allocated address signed and blue is unallocated so roughly 20, 30 /8s, and the one below is the ?? we call it inconsistent or problematic. This is where some databases disagree on whether this is RIPE space or not RIPE space. So some databases, most of them are internal to the RIPE NCC so sometimes the problem is not with us but someone else, we still need to fix it. It's more or less constant but it's going down over time, with significant drops, for example, here and here, this one in June was a big batch that was submitted by ?? of corrections that was submitted by our registration folk based on Geoff's work. And this one is another change in the toolset that we actually used. This huge spike is not a mistake, it's actually for real. This was when we received two new /8s and I wanted to include this on this slide because it really shows that the tool actually catches problems. This was not a problem as such because what was happening is that we received those shiny new /8s from IANA but the process of actually starting using it was ongoing for two or three days so databases needed to be updated, we needed to start secondary DNS and so on. But as that process was actually finished it also became clear again. So we actually expect those kind of bumps as soon as we receive new /8s but we expect them to go down in two or three days, roughly, which they did. And this is my last slide, this just shows the number of different types of inconsistencies, this is how we measure how many databases disagree with each other. What you can see here is that our folk has been working on it but it didn't solve issues that were quite new and unknown; the big chunk was happening here around September it significantly went down and now we have a good toolset that allows us to go down even more below and hopefully we are going to get to zero at some point soon and that was it. Any questions?

CHAIR: Right. Thank you.

(Applause)

NEILL O'REILLY: This is the last plenary in the meeting before Friday morning and there is a timetable change for Friday morning. The ENUM working group has a very short agenda so we will be starting at 9:30 instead of 9:00, so I am sure people who want to go to dinner as well will be pleased.

CHAIR: Thank you. Next up is Andrea from the RIPE NCC.

ANDREA CIMA: Good afternoon, I am from the RIPE NCC and will give you an update about the implementation of contractual relationship requirement for end users. Also better known as policy proposal 2007?01.

I will start with a little bit of background information and we can say that until not very long time ago, actually until this policy had not been approved, end users requesting independent resources like, for example, PI assignments and AS numbers were not required to in any event a contractual relationship with the LIR who was requesting the resources on their behalf. As a consequence, over the years it was very difficult to keep track of who was actually using those resources.

Now, with the implementation of this policy, end users are requesting independent ?? required to get intercontractual relationship either with the LIR or directly with the RIPE NCC.

As due to it the magnitude of this policy implementation, we have decided to split it into different phases: In fact, one, which has been implemented on the 3rd of March 2009, the focus point has been to make sure that all new requests for independent resources would have a contract in place. So, currently, whenever an end user is requesting some independent resources, they have to sign a contract whether sponsoring LIR or correctly with RIPE NCC.

Now, what are the main differences between end users of LIRs and the direct assignment users? The end user of LIR sends a contract with LIR which is sponsoring who is requesting the resources for them, while a direct assignment user sends a contract with the RIPE NCC. The end user of LIR is not being charged directly. The LIR is being charged on their behalf and when a direct assignment user is charged directly by RIPE NCC. And neither of them have RIPE NCC membership, however direct assignment users can request independent resources for their own infrastructure directly to the RIPE NCC. But that is the only services they receive. They are not allowed to request independent resources or resources for third parties. In order to be able to distinguish we have created a new organisation tab for them.

Moving on to Phase Two, which is is a little bit more complicated. Why? Because the goal is to make sure that there is a contract in place between end users who have requested independent resources in the past and a sponsoring LIR.

Now, what are the number that we are looking at here? We can see there are about 1,200 LIRs who are never requested an independent resource. About 3,200 who have requested one independent resource. And if we look at the type we can see that these are mostly AS numbers and therefore, we can say that these are used by the own infrastructure. About 1,000 LIRs have requested between 2 and 5 independent resources each, 206 have requested between 6 and 10 independent resources.

Now if we look at the last numbers we can see 422 LIRs who have requested an average of 44 independent resources each. Now, however, if we look at the top five of these LIRs, we can see that these have requested between the 500 and 900 independent resources each so this raises the average a lot.

The total amount of resource we are dealing with in Phase Two is quite high and we are talking about almost 27,000 independent resources.

So what have we been doing so far? We have been contacting end users through the LIRs who originally requested the independent resource for them. LIRs have had the chance until 23 September to select their preferred option through an interface provided in the LIR Portal and according to the RIPE NCC whether an assignment was in use by their own infrastructure, a customer or by an organisation which is not a customer of theirs and which they are not going to sign a contract with.

Why the 23rd of September? Because in this way, LIRs would not be charged for independent resources in use by organisations which are not their customers. However, we know that making contracts takes up a lot.of time, there is a lot of administration involved and for this reasons LIRs have until the end of this year to actually upload contracts and registration papers for their customers.

Now what are the results so far? As we have been saying there has been quite a lot of work involved especially for our members. However, we have seen that the participation has been extremely good and 73 percent of all the LIRs involved have participated to this policy implementation, thank you for that if you have been one of them. And an astonishing 87 percent of independent resources have a status set so we are talking about 23,600 out of 27,000.

Now if we look a little bit deeper in these numbers, we can see that 4,650 resources have been marked as been in use by the LIR only infrastructure. 6,700 of them have been selected as this is not my end user any more, we will not sign a contract with this organisation. And then we have 12,000 resource for which the LIR has selected the option "yes, this is my customer I will enter into a contractual relationship with them."

So, what is next? As I have said before, we will continue collecting contracts and company registration papers for end users until the end of the year. And then in 22010 we will start contacting the "orphaned" end users directly. We are currently assessing the best way forward on this based on the numbers that we have and we needed those numbers for this and based on the feedback that we have received from many LIRs so far during this process, and yes, I conclude in the same way I have concluded the last presentation, this will be a long, ongoing process. However, since the last RIPE meeting we have made great steps forward and we expect to be doing more between now and the coming RIPE meeting.

And that is it from me. Are there any questions?

GERT DOERING: Gert Doering. Speaking as one of the affected LIRs. Well, thanks very much for the effort you spent into this and I am quite impressed to see that the participation is so good and I am happy to see this because it means the process is working.

I am curious about something; have you seen an increased number of resources coming back from the membership and I am wondering about this because we, as an LIR, have looked at a few things and found at least one AS number that was definitely no longer in use and the customer who originally had that said, I am not going to pay anything for this, just give it back. So I gave it back. And I think with ?? the situation might be similar in other LIRs, so have you seen something?

SPEAKER: I have no exact numbers here. There have been more cases like you are saying where this has happened but not in such a way that we would really notice a big difference. What we expect though is once we will start contacting the orphaned resources, we might come across the situation more often and one of the things that we are looking at is also to see how many of these resource are actually announced, how many are not and then we can make a choice which ones to contact first and I am sure that we will get back some more. Thank you.

AUDIENCE SPEAKER: Neil O'Reilly University College Dublin. I am just wondering whether legacy resources are still out of scope.

ANDREA CIMA: According to policy proposal 2007?01, are out of scope were not part of this policy so I expect a separate policy would have to be made.

AUDIENCE SPEAKER: After 2010 then?

ANDREA CIMA: Yes, if the community wants us to of course.

CHAIR: Have you thought ?? have you discovered that you are running across a lot of resources that are actually used out of the RIPE region?

ANDREA CIMA: This is ?? it's a good point. It's a bit out of the scope of this specific, of this specific project implementation but yes, these are things that we look at every day in our daily work so if we encounter stuff like that we would investigate, of course.

AUDIENCE SPEAKER: Jabber question from Sebastian. How is the time frame for the orphan PI resources to be reclaimed if they don't respond and will you try to contact them?

ANDREA CIMA: There is not exact time frame yet for this. We are assessing the best possible time frame because we realise it will be really difficult to get in contact maybe with organisations which do not have updated contact in the RIPE database, we are still assessing what the best time frame is. What was the second question? The first one was time frame.

AUDIENCE SPEAKER: How will you try to contact them?

ANDREA CIMA: We are still looking into this. We want to make use of the information that we have in the RIPE database of course, that will be the first source, but we have many tools available so if that does not work, we will use our tools that we have available.

AUDIENCE SPEAKER: From Microsoft. You mentioned that there were like a top five of LIRs that requested the most, really the bulk of the ?? of this resources. Are they, those top ones, are they complying are they among the 70 percent that are complying with the contractual requirements?

ANDREA CIMA: We have been, we have done an additional effort of course to get in contact with what could be called the big players, to make sure to involve them into this. I don't know exactly how many of these top fives have participated but, yes, the participation in the top list of LIRs, with the highest number of resources has been there, they have been participating to this policy.

AUDIENCE SPEAKER: Second Jabber question: Does RIPE NCC have already sorted out the legal basis for pushing end users into contractual relations?

ANDREA CIMA: Yes. We have had legal advice on it, otherwise it would be really dangerous for us. We have had legal advice on this and it was positive advice, based on the decisions also taken by the community that we can go ahead and ask them to get into contractual relationship with a sponsored LIR.

AUDIENCE SPEAKER: About the LIR manager for the research network. I would like to suggest that we think about offering automated support to let the NCC know what the proper new local registry should be for an orphaned object, because the way it is set up right now, I can just let you know the binary information, it's mine or not. In our particular situation for those we have clicked away with almost 100 percent hit rate, we have already talked to the other relevant local registries and we have internally agreed that they would sort of adopt that space. I guess it would be much more efficient to let the NCC know that this is the proper party to talk to, instead of trying to find out by other ways whom to get in contact with and sort of just to shorten that.

ANDREA CIMA: Thank you for that Wilfried. One other thing is we also have a procedural document in place which informs end users or also LIRs about what the process is if they want to move independent resources between LIRs themselves but, yes, that is a really good point thank you.

GERT DOERING: I want to second what Wilfried said and tackle it from a different angle. It would be useful to have a mechanism to say this resource belongs in my LIR, because, for example, our own AS number was registered with some other LIR and it sort of not in the process right now so if I could just click there and say 5439, that is us, it would save us some work. We are not that hard to find but if we just tell you right away.

ANDREA CIMA: It would be seesier yes. Also, one thing is we are in the process of like Axel showed us before, to work on improvements to the members' portal and this would be one of the ideas to include this in there to make it easier for the LIRs to move resources between registries.

CHAIR: Can I add two comments: One would be maybe more Axel's presentation, maybe it's a good idea to send a mail out to ask people for feature requests and get it described a bit more, there were quite a lot of feedback in how people wanted to this interaction to work. The other comment I had was ?? and I am actually looking to Gert, the legal advice you got on the contractual status I think was brought up quite a few times in Address Policy when this was discussed, willing to share and send to the list?

ANDREA CIMA: Yes, I suppose that is not a problem at all yes.

CHAIR: Just have it for records when the discussion comes up again.

ANDREA CIMA: Yes.

CHAIR: Any other questions? No. All right. Thank you very much.

(Applause)

So next up is Alex.

ALEX BAND: Let's see if it actually works today. In a previous sessions I saw lots of screens back and forth. There we go. My name is Alex Band and I work at the RIPE NCC. You may know me from last Monday, I did an IPv6 duetorial, you may have seen me or not. I don't actually work in the business applications department; I am just, I am actually standing here as sort of a spokesperson, so I am speaking on behalf of them.

It was actually quite a lot of ground covered on certification this morning when Nigel Titley gave an update and Steve Kent was happy enough to tell us about the intricacy of running an RPKI set?up, so it's easy for me. I want to go through what we have achieved over the last couple of months since our last update at RIPE 58. So here we go:

So what are we talking about again. Certification, I copied and pasted this from the website. And it essentially says that certification is is a reliable method for proving the association between resource holders and Internet resources. So the key words here are reliable and proving. Because you would think, well, isn't that what we have the RIPE database for? It just says well, it has a couple of resources in there and it says who it belongs to, so I don't really see why we got this whole certification set up.

Well, resource holders and Internet resources, let me dive into that a little bit. We are talking about regional Internet registries and local and end users and the resources covered here is IPv4, IPv6 and anything, as well as AS numbers. It's as simple as that, really. But you go OK, why would I want that? Well, the important thing here and that is like the key difference between what the RIPE database system offers and what this offers is validation, is the added value here and that is what I want to stress.

What we can offer here is proof of holdership, so you can actually make attestations about who is the holder of certain address space and it could help and could be a basis for secure inter?domain routing.

To put this in perspective a little bit: Cisco invited us to do a talk in about two weeks where they are holding a day on secure inter?domain routing and they would love to hear what we have to say about the topic. So there is some interest there and they also know that we are working on the system. There is a lot going on there. There are systems like SOBGP out there that could also fulfil that role in the long?term.

So secure inter?domain routing, we chose to offer just a couple of features, just a couple of things you can do to offer immediate value. So one of them is route origin authorisation where you can say OK, I am going to allow this AS to originate certain prefixes, I will dive into the details later. And the other thing you could do is preferred certified routing. And lastly, if a market would occur for IPv4 after available pool has been depleted, the infrastructure we have here could aid in resource transfers.

So, the technical implementation that we have done, it started in the beginning of 2008 so we have covered like two years now. Quite a lot of time, quite a lot of resources and we covered a lot of ground, and what we set out to do was to involve our membership from day one. That was the most important thing, because this system will have to be used by you. There is no point in us spending all this time and resources in providing you with a system that in the end is a nice?to?have tool that could be interesting for some people. We want to have large scale deployment on this. And there are some key benefits there.

So, we set up a task force and that has been quite active, and there have been a couple of individual members in our community that had concerns especially from a legal standpoint we invited those people over, had long discussions with them and we are very sensitive to the feedback that we have gotten and we try to incorporate that in the implementation that we have done. We focused on offering immediate value, so something that you could actually go and use immediately, yes. We use open standards, strong authentication, I will come back to that later, how exactly we are going to implement that and what kind of failover system we have and how we set up security exactly. And another important part is that we interoperate with the solution that APNIC has got. So that is a possibility.

So all of the source code that we created, everything that was written by our Business Applications department, the source code that have has been given to ARIN and LACNIC because they have shown great interest in the solution that we have.

So, the only thing that ARIN and LACNIC would have to do is create a front end, so something for users to go to and something that would tie into the actual resources, so something like back but everything in between that is essentially code that they have and they could deploy. And as you have seen in the updates that the RIRs gave, ARIN and LACNIC, they have mentioned that they are working on certification.

So what is the system that we have? Well, the RIPE NCC sets itself up as a certificate authority, so that is, what we can do right now is one layer, one layer of issuing certificates. At a later point, this is something that we will be doing next year, we will be implementing the up/down protocol actually allowing the entire model to be contributed, allowing multiple CAs to exist.

Right now, an LAR can go to the LAR portal, have a look at their resources and actually have them certified by the RIPE NCC. Then they have that over their own ?? only provider aggregatable space and that is the only thing that we provide certification on right now. A little later on, hopefully, we will be able to do that quite smoothly, we will be looking at doing provider independent space and AS numbers as well, but currently we are just focusing on PI and we have one layer implemented at this point.

So, a certificate, yes. And it contains a couple of things: A public key, that was generated using the private key that is in the certificate authority; at least a couple of resources so what is the address space that we are talking about; and it has a signature, the signature that essentially puts a stamp on it and says we, the RIPE NCC, say that these resources belong to this particular member,

Now, what can you do with that? Well, you can create a root or ?? route origin authorisation object which lists a couple of prefixes. And you say, okay, I am going to allow a certain AS number to originate these prefixes and it has a signature which essentially says, okay, I am the holder of these resources and I am going to say officially using a certificate that this is allowed. So how would that be used in practice? Well, we have this big corporation on the right and LIR on the right and could you please route part of my network and they have a /24 they would like to have routed. "Okay, please sign using my AS number" so the person on the right is actually able to sign and publish a ROA and because they can do that and create a valid object you know that the request is valid. Okay. I can trust it. So that is something you can do right now.

The other thing is preferred certified routing. So, in case more than one autonomous system announces the same address space you could say, I am going accept one with the certificate and reject the other. How would that work? Well, right now, there is some filling involved so you start the validator and give it some flags, I am going to point the Trust Anchor and output all of that, all of the ROA data. How you implement that exactly in your own infrastructure is up to you and if people want to make like prettier front end for it or actually use it in a different way, maybe that will be like a nice implementation that could be done in RIPE labs, for example.

So, how does it work? We actually got something useable, I can't believe it. So as an admin, as an admin, you can log into the LIR Portal. So you type your password, you log in, you go to list users and you click on the user you want to edit and once you go to the edit screen you see that certification is now an available option so you can enable it right now and just click update and if you now log out and log in as that user that has certification. I will do that now, you see that certification has become an available option and if you click it you will be presented with X509 certificate. That is an entry point, so it's a secure way of getting into the system.

And the next screen is single sign?on screen. Why do I have to log in again? Single sign?on, doesn't that imply I have to log in just once? Just type my password. We are working on that. So once that is done we will actually have single sign?on and all of the activities that you do within the realm of RIPE NCC, you can just do that. And here you see we have entered the resource certification portal and you can create a ROA specification. This is something you can do and our members can do right now. It's as simple as that.

Back to the presentation. What are we looking at? Well, we got a hardware security module so we are going to install in two different data centres and extensive testing on it and also regular testing, so we are going to pull the plug, see if the system falls over and make sure that it's a robust and reliable system. As I mentioned before, only provider aggregatable space can be signed so we are having to look at 2007?01 implementation. If that is all rolled out, then we can start looking at doing PI.

Well, currently in development, a CP, this is being developed in the IETF but what we really need is certification practice statement, and this is something that Nigel Titley touched on this morning. It is really, really important that we have this, so a document is going to be drafted by the RIPE NCC and the Certification Task Force.

And the goal, the goal, what we are looking at right now, is to have a production launch for all of the five RIRs, so the CEOs the RIRs have committed to that, that is their intention to have a live production system on the 1st of January 2011. Will that have a single route key? Well no, probably not. Do the five CEOs think that is the best way forward? Yes they do, actually. I am so happy that Axel is now nodding. That is it. Any questions?

AUDIENCE SPEAKER: A Jabber question. Assigning certificates is is a good thing but it also offers options as just revoking certificates. Does the RIPE NCC have a set of rules about when revoking is appropriate? It looks like the RIPE NCC will become some sort of Internet police on this matter.

ALEX BAND: Yes, this is the obvious discussion we are having. In being a certificate authority it has two things: You can provide information, there is validation, but it also implies control, and people just go, oh dear, there is an authority there and they issued a certificate and it automatically says that it can also be revoked. We have to be very careful, we haven't made a decision yet how we are going to move forward and there are a couple of options: We are looking at longer expiry times and in the presentation this morning one of the options was to only revoke if the holder of the resources agrees to that. There could also be a flag raised where you say, okay, apparently this certificate is revoked, I am going to put up a flag on the system and give the user of the resources the option to go ahead with the revocation or continue to use it. It's politically and, from a legislation point of view, very, very difficult, and this is why it's important that we get a lot of feedback from the community.

CHAIR: Daniel was first.

DANIEL KARRENBERG: Helpful person. In addition to that answer, the question was about the set of rules. The set of rules that the person was asking the question, means is qualified in what is called the certification practice statement which Alex just mentioned and that certification practice statement is currently being addressed in the Address Policy Working Group and I would suggest to the person who asked the question and to anybody who is interested, to go back to the proceedings of this morning, which are available where some of this has been discussed at length. And also if they have concerns then, if they want to participate in actually creating that set of rules, to join the Address Policy Working Group and take part in that process.

AUDIENCE SPEAKER: There is another Jabber question: The RIPE NCC could be ordered under Dutch law to revoke certificates. Is that correct?

ALEX BAND: I guess ?? you want to say something, Daniel?

DANIEL KARRENBERG: Helpful person. If Axel let's me ?? yes, he does, thank you ?? obviously, the RIPE NCC is a legal entity, actually an association and most of you are members, I guess, under Dutch law and if the Dutch legal system serves us with what Americans would call a subpoena, then we will obviously comply because there is no way we can sustain a position where we say we will not obey by the local law. And in fact, we are in contact with the Dutch Public Prosecution Service and a number of legal enforcement agencies in order to understand each other and in order to smooth that process which doesn't mean that we encourage them to come with subpoenas every other day, but just so we know what the process is, so we also make it clear to them and that is a hard thing, I can tell you from experience, that while you may want to achieve certain goals with serving us a subpoena and say delete something from the RIPE database, it will not have the effect that most of them think it has, of actually stopping connectivity that is a microsecond that they serve the subpoena on the door of the RIPE NCC. So maybe I already went to far. But to answer the question more succinctly ?? yes, if a valid and ?? valid legal instrument is presented to the RIPE NCC under Dutch law, which actually takes a judge or a ?? something that is a quasi?judge in Dutch, to do, then we will actually have to do what it says.

AUDIENCE SPEAKER: I think the answer that Daniel gave really begs the question whether we accept that consequence as a group or not; and if we do, then we will have to take it as it is. If we don't we might have made the wrong technology choice here.

ALEX BAND: I think it's good that you mentioned that because if you look at the discussion thus far, the amount of people actually being involved in the discussions, I know you have been very vocal, but in all honesty, you have been one of the few and this is something that affects a lot of people in a lot of different countries with a lot of different kinds of legislation, so it's important that we look at the individual situations in all countries and make sure that we look after all of those people.

RUDIGER VOLK: Also with some comments on this question. Well, okay, as far as we have to mostly act as law?abiding citizens everywhere, we kind of can't escape such circumstances. However, we can actually look closely into the technology and the rules that we are using and find precautions so that, indeed, such actions are essentially no ops, do not have effect and I am very happy that over the last two days, in particular including Steve Kent's presentation in the morning, the ways for finding and explaining the ways how to invalidate such threats, are becoming pretty clear and I think we will come out of this with a guide, how to use the technology so that essentially the threat is not there.

ALEX BAND: You are absolutely right, we have to make an informed decision and not go, oh, there is a certificate authority involved, that means re vocation, that means I don't want it. We have to deal with it in a reasonable way. Any other comments?

GEOFF HUSTON: APNIC. Bemused international observer.

ALEX BAND: I am sure you are.

GEOFF HUSTON: The question was asked, whether under law they could subpoena the RIPE NCC to revoke a certificate, and I am kind of thinking, under Dutch law, is it possible for a subpoena to the RIPE NCC to completely remove all registration records for a given party? Is this about certificates or is this about something far broader in terms of your ability to maintain the integrity of a registration system in the face of a legal system that might order you to do something that would be contrary to that registration system? My assumption in hearing things, and I am not a lawyer, you know, really says, if they can order you to revoke a certificate they can order you to remove a registration record. This is the same problem. And a certificate?based solution doesn't really address the fundamental problem that exists.

ALEX BAND: No, it's like Daniel said if we could get a subpoena and they would tell us to remove the route object, then yes, that is something we would have to do, but yes, just to repeat the effects of that.

GEOFF HUSTON: Where I was driving was that certificates neither add nor detract from the problem that you have identified.

ALEX BAND: I know, yes, but the fear I was describing, it's more of a psychological thing; people don't want it because they cant make an informed decision because they can't oversee all of the possible implications.

GEOFF HUSTON: But if I was that kind of person I would be equally concerned if such a court were to remove my registration record.

ALEX BAND: Surely.

CHAIR: Steve Daniel me.

STEVE KENT: I am not a lawyer either but I am a PKI guy and I don't believe I have ever heard of any instance, anywhere in the world, of any certification authority being required by a legal entity to revoke a certificate, except in a civil context where the certificate was attesting to information that in a court of law, after a trial, was determined to be inaccurate and, therefore, it was not consistent with the CPS which says we only issue certificates which have accurate data in them. This is a different PKI we are talking about, it doesn't exist anywhere, we are creating it from new. But based on what has happened in the past this seems like an extremely theoretical concern.

And I agree with Geoff's observation that it's a more general issue of law enforcement wanting to shut down something and the best answer is probably to tell them to go to the ISPs in question to shut them down, not to say, yes, we will remove certificates from repositories, we will revoke certificates, we will remove registration data, we will remove IRR data from our database, that, I think, is the preferred answer ultimately.

ALEX BAND: Yes, I have done several presentations for law enforcement agencies and they asked me this question, could I get a subpoena and remove data, that may be an interesting option but it hasn't happened and never actually happened that we got a Court Order to do something like that because I assumed they realised the effects are negligible and they are better off going somewhere else.

DANIEL KARRENBERG: I want to bring it out very clearly that we are faced with a ?? with some choices of substance. I don't quite agree with Geoff that the two things, if you ?? if we ?? suppose we have a certification system set up and suppose we have either sort of secure BGP or sort of automated provisioning that is really, really automatic and takes information from these certificates, the world will have materially changed because now we can say to these LEAs, yes you can get at us and we will remove the stuff and we will first fight it in the interests of our members. But if you really get legal instrument we will do it, but it will not achieve your desired purpose. If, in the hypothetical future, when we have a system that sort of automatically configures routing, then it may become much more attractive to actually do that, and while sort of I had this discussion with Steve at the last RIPE meeting when I said he was technically correct that there was not a difference like Geoff said but if it's easier and more automatic, then there is a material difference. On the other hand, there are benefits to automatic routing in terms of routing security and fighting, squatting and piracy and in terms of stability so that we are more secure against stupid mistakes and things like that. And this community knows very well and that is why we are having this discussion, that there is a trade off here and I think actually the discussion we had in the AP Working Group this morning was very good when Steve said okay maybe you want the tools that you use as a relying party as an ISP to have knobs where you can't automatically take the information that is in the RPKI and configure my routing but I retain a lot of authority about what I do and what I don't. And I think that is very good and I think we need that discussion and we need to be very vigilant always that we make the good trade?off and whether the benefits we get in terms of making routing more stable and secure and the kind of buttons that we give to people that ?? that become very attractive to people for all sorts of purposes that we do not want and that when we provide those buttons inadvertently we will be very sorry from a society aspect, not so much from a technical aspect.

AUDIENCE SPEAKER: Kurtis from NetNod. I want to disagree with something Steve said when he said this was unlikely to happen. I am more of a negativist than he is, not necessarily because law enforcement will do this, they are brighter than that, we see across Europe where certain rights holders are putting extremely hard pressure on providers to cut connectivity to certain sites, they seem pretty successful so far but to take this to the context of the RPKI, if this starts happening and Dutch courts start serving these subpoenas to RIPE, to have this revocations done, I believe the system will fail because the rest of the world will seem to loose faith in system from the Netherlands and we are back to where we are today. I think it is likely it will happen but I don't think it will affect the actual system.

ROB BLOKZIJL: Just a few words. I think it has been reported several times already. The RIPE NCC is having regular meetings with an increasing number of law enforcement agencies. In the beginning, they thought registration and IP addresses, something like domain names, you don't like how a domain name is being used, you take it out of zone file and cannot be used. I think in the course of a series of meetings we have made it clear to them they understand that IP addresses are different from domain names and I now tend to agree it is more important to have a full record of who uses which address block instead of having a fragmented registration ?? registry, where, ill?defined organisations via subpoenas take out registration information and that makes, for them, the whole registry much less valuable. Also, the nature of the thing is you take out the bad guys and I want to know information about the bad guys. They tend to become more and more reluctant to use this instrument ever. And again has nothing to do today with certificates.

AARON HUGHES: I think this is an interesting issue that people are focusing on that may be a little misguided in that, today, there is a good deal of automation that is based on IRR data which could be spoofed from a simple mail dash from address and main providers will take an announcement from you even without IRR data which is significantly scarier than saying maybe a central authority can have some kind of control over shutting down a prefix or ASN. I am sure we will have problems, run into some bugs and some outages related to it, it can't be any worse than the place we are today where you can create an outwage that doesn't take care of their customers or filter their announcements. It's amazing to me we don't filter today and anything like this that is a trusted authority is is a massive step forward.

CHAIR: All right. Thank you.

(Applause)

Next up we have two presentations.

PIOTR STRZYZEWSKI: Together with my colleague we want to test the waters under that subject. We both are from ??just to clarify something, this is not yet a formal proposal, what you are just listening to authors what do you think about that. We were not sure if this was policy or database topic and we ask Gert and Wilfried. They were not sure so this is the reason why I am here. The reason for this proposal is very simple: Right now the end user is able to obtain independent results through some sponsoring LIR and let's assume this is just PA addresses, no matter if they are v4 or v6 and its own AS number and this end user is able to announce under its own AS number, from the Whois database we can in this very simple example obtain about had is the data over the user. There is nothing more and nothing less and end users are sometimes very lazy and they do not update the data, no matter of what ?? I know that contractual relationship, there is that requirement about updating data but, you know, I I think that everybody here knows that end users are sometimes strange. And the end user is multihomed, we can go trace routes to find out who is an option provider, trace routes from different places could go to a different ways and the provider, ? company and moreover, this company could be in the situation that it's not responsible or not willing to take care about the abuse from the end user. So, the goal is, the goal of this proposal is to make yet another point of contact by linking the reference to either sponsoring LIR or in some cases to RIPE NCC, involving....which are independent resources.

I see few pros: Because of the 2007?01 contractual relationship between the end user and the sponsoring LIR or RIPE NCC, we all know what are the minimum requirements of this relationship, they are described in RIPE?452. And that is just another point of contact in case of any abuse. As I said, that could help in problematic situation.

And yes, there is cons: Proposed link, this link sponsoring LIR could be used in the wrong way. I see at least two things here: The first one is that another sponsoring LIR could find out users who are from company A and start to do kind of marketing just to, just to buy them, basically speaking, and the other thing, the other way of abusing that link is the guys like abusics.org this is someone who take care about the abuse.

There was an e?mail, I forgot on which mailing list, from Abusics case is on the anti?abuse tomorrow in the agenda, we know there are guys who are not using the contact details in the proper way. So are there any questions?

CHAIR: Questions, views, comments? Do we think this is a good idea?

SPEAKER: I need to say there will be no negative comments. I am going to propose into the database Working Group because that pretty much is the Working Group for that proposal because it doesn't treat in any way Address Policy. It's not influencing the way we are giving out or assigning the other space so it's only about implementation in the database.

CHAIR: The why it ended up here it will put a request into NCC and what you have to do to implement this and so it will end up here first otherwise to the database Working Group.

MARCO: Being involved multiple times in discussions on contact points in the database, there is already from time to time a huge fuss about which contact to use, we have seen recent example where people were actually chasing the top level domain or the top level object instead of going for more specifics or abuse compliance end up in the wrong place already loads of time and I have that concern that adding an extra link or an extra point of contact will only make the confusion even bigger so I wonder if it's how effective this would be. But it's something to take with us in a discussion and I do think it's worth having a discussion on connecting it because there are also pros on finding out what is responsible for what but I think in the end it's the end user and the end user has to be responsible for this connecting stuff or behaving and you could find the sponsoring LIR and kick them, but yes, whatever, that is good thing or not, I doubt it but ?? my main point of concern is that this will add to the confusion that is already there.

SPEAKER: That was set on the cons slide. I am aware about but the reason for putting the link to the sponsoring LIR is because the LIRs are in majority, they are responsible companies and they have up?to?date information in the database so this up?to?date information could help in contacting the end user in case of any information in the database about the end user or outdated and we can just simply say, hey, sponsoring LIR you have the contractual relationship and for the end user to put the up to date data so we can contact them in case of abuse.

MARCO: I understand, the more effective is to look at your routing table because the sponsoring LIR who is might be responsible might not be the guy who is carrying the traffic. Complaining to the upstream might give better results.

WILFRIED: And the first part speaking just as a user on the Internet. If you look at the bigger picture then for the PA address, it's implicitly obvious and publicly documented which party is actually responsible for managing the address space, not necessarily for providing connectivity, but it's implicitly documented which local registry is responsible, so from that point of view I think it's a good idea and it would make the whole system more complete and more transparent and also sort of more even if we would have the same functionality to also have that information in a public documentation base for the end user assignments.

In the long run we are probably going to have something equivalent with regard to the ERX, so from that point of view I think documenting that relationship not just within the RIPE NCC but to the general public to make it accessible, it is a good idea, full stop. As the database Working Group chair with that hat on, I am happy to take that forward into the database Working Group eventually but I do not agree that sort of it's just a matter of the database Working Group because it has definitely a policy and a services aspect because we have to find out how to actually maintain that data and we have to understand who is actually controlling that piece of data, is it the NCC, which after receiving the contract or after double?checking the legal and contractual relationship, putting that information in, is it sort of the maintainer of that object which sort of can claim the responsibility, so there are quite a few things which need ironing out before we can just go ahead and ask the NCC to implement. So I would really like to have that discussion first either on the mailing list or even Address Policy list and then take the implementation to the Working Group.

PIOTR STRZYZEWSKI: I need to justify myself. I have a chat with Andrea Cima today about this implementation and he raise that question, who will be responsible and I intentionally not talk about that because I was thinking that it's a kind of implementation problem and I was testing the waters about the fillings, if this is necessary or not, good proposal or not so. That was my intention, not to speak about that. Yes, of course this is a good idea to discuss all these later on in the mailing list.

RUDIGER VOLK: I am sorry, Wilfried I disagree with you and I agree with Marco. I think, first of all, this kind of relation doesn't really need to be documented publically for the ?? for the usual purposes of the RIPE DB. Furthermore, if there is a need to attach to a record a pointer who should be contacted first, well, okay, whatever regards the thing, there are plenty of ways and my understanding is that, say, the abuse tack, do we have something like that, and the IRT thing are not really used very effectively so far and I think creating more links that is obviously the user community, is not using right, is creating more confusion so I would say there may be a need for doing a little bit more outreach and a little bit of BCPs, explaining to people thousand do things, rather than increasing the complexity of the system and confuse people more.

PIOTR STRZYZEWSKI: Thank you for that comment. I need to respond. I think that IRT, this is not the same thing. IRT is under the influence of the PI space which is assigned to end user and that could be changes by end user and I want to have something which is controlled directly ?? that is of course my wish ?? something which is controlled directly and only by RIPE NCC so that information is very, very reliable.

CHAIR: So, I think we are going to have to cut the discussion here, from what I heard there is a lot of interest in discussing this. I think the right thing sup and maybe starting the discussion at RIPE NCC mailing list and moving to Working Group database when we have a better understanding of how to handle who is responsible for updating this and what other alternatives. What I heard was there is some interest in discussing this so I think it would be good to write this up and send it to the list and discuss it from there. Are you next on the agenda as well?

PIOTR STRZYZEWSKI: Yes. Sorry for boring you. 2007?01 implementation survey, and that is my own ?? kind of proposal. At the beginning, I need to say that I have also a chat with Andrea about that because Andrea is the project manager, as far as I remember, about 2007?01, and the reason for that, not yet a formal proposal or request. Me and some of my friends have very mixed feelings about or after and during 2007?01 implementation. Those mixed feelings are basically about results transfers. I am aware that implementing 2007?01 and enforcing people to pay or not for the independent resources, start the avalanche of resource transfers and as I said, me and a few of my colleagues, we have very mixed feelings about the link between the LIR, so basically speaking us, and RIPE NCC. There was a lot of problems, I think, including non?confirmations and a lot of other things and I was wondering if I am, I and my friends, we are quite unlucky persons or that is general problem which overhang the RIPE NCC. So that is the reason behind that proposal. And I think that we should ask RIPE NCC to take a survey and ask its members, which is the majority of this auditorium, about the experience with ?? not 2007?01 implementation directly, not about taking care about customers which left ten years ago and so on and so on, that is not the point. The point is about this link between the RIPE NCC and the LIRs, if they have a positive feelings, if they were dealt with very efficiently, quickly and so on, and I need to ?? I need to go back to the reasons. This mixed feelings was not about one or two transfers. Andrea was showing the table and my LIR and my friends at LIRs, we are at the bottom of the table, more than 10 independent resources so we are thinking that if we are treated as a big LIRs and have such problems, maybe other also have that problems, so this proposal came up and the goal, of course, is to take the feedback from the members and modify ? if it's necessary, because as I said I could be very unlucky this way.

And pros: Better procedures. And so to say I do not see cons. So if you have any questions, if we should ask or request the RIPE NCC to take that kind of survey or not, I am open to suggestions.

CHAIR: I am going to interject myself first maybe in saving some time. I think doing the survey is always a good thing because the NCC has recently done a lot of surveys and found impact from the members, I am looking at Axel. I guess you are planning to do a new membership survey at some point, maybe this could be included in that because I don't think that is that urgent to do the survey very closely but I do think it should be done, I personally think it's a good idea but I am not sure it's necessary to do a separate survey, knowing the RIPE community you get even less answers.

PIOTR STRZYZEWSKI: It not need to be done tomorrow; we can wait.

MARCO: Basically the same thing. We have that member survey already and I am sure they will be coming up the next member survey so I don't see a particular reason to go on a specific exercise to survey just this part of it with the risk that you are not only surveying the actual NCC responses to it but you are in fact, there is a slight risk that you are actually surveying what people think about 2007?01 and that survey has been done on the mailing list already before we implemented it.

AXEL PAWLIK: We have heard over the last couple of years, couple of comments on the various mailing lists and this could have been better and this could have been designed a little bit more community feedback or design. I hear that and we want to reach our limit more and help you, help us make it all easier on each other. Yes, certainly.

PIOTR STRZYZEWSKI: Yes, thank you.

CHAIR: Thank you very much.

(Applause.)

UWE MANUEL RASMUSSEN: And I am here to discuss about the possibility of looking at revoking IP address space or AS numbers that have been ?? that are used by entities for illegal activity. I think it's very interesting to see the discussions that we are having now, there is some more interaction between the Internet community and law enforcement and the rule of law. We hear that we don't want to provide buttons to law enforcement that may influence what we can do on the network or we want only to explain law enforcement, what we are doing, so that they can leave us alone and let us do what we do.

I want to speak about bulletproof hosting. It's about content, illegal content being hosted on servers that we have a lot of difficulties for removing. It's not about anti?piracy as such; there is a Microsoft has its anti?piracy team, I work on Internet safety and we look at internet threats, child pornography or crimes against computer systems, anything they perceive as a threat on the Internet and how it can be reduced. Fraud being increasingly common over the Internet. As the Internet is simply becoming more common and it's being used by all facets of society and by criminals. It's infinitely small part of the Internet users that use it for criminal activity so we shouldn't want to make things too difficult for ordinary users but recognise that it exists.

What is the legal situation? Hosting companies, of course, they don't want to be the judge of what is legal or not. When it spans so many jurisdictions it's impossible situation. The first type of legislation, DMCA from the United States reversed the liability so it was the requester that was liable, when he requested that content should be removed that he was the evaluating if it was illegal or not and if the questioner said please remove it and it wasn't, he would be the one that would be liable.

Hosting providers could be liable if they don't remove it. In some ways hosting companies don't want to comply with those requests. For example, the DMCA only covers copyright infringement and doesn't cover trademark infringement, which is intellectual property or like computer viruses or other type of malicious content. It can be used to analog. And in Europe we don't speak about copyright alone but also about other types of illegal content. But in some jurisdictions they may only have copyright for notice and take down. Or the hosting company may say this is not my space, I don't own the server, I am a re?seller. But we have a very different type of situation and this is the one that is interesting, is that sometimes the hosting company simply doesn't exist. We can go to ?? call the telephone number, it's disconnected, nobody replies on the e?mail, the postal address is fake, you can send investigator or the police can go to the address and may not even be a building or maybe a building but nobody has heard of this company before.

I will give you an example here: We are investigating a matter and we found that there was a company that didn't exist, we couldn't contact them, they wouldn't reply to take down requests, they were actually on the same ?? they were connected to the same transit provider as where you would make the payments so there was one that was providing the content, another one where you would buy the child pornography and on that same network there were many other companies, one of them is Russian business network and all being routed through SBTtel and the upstream providers were level 3, cogent, a lot of normal companies.

As we cannot request the hosting company to take it down, maybe we can ask the connectivity provider really do you want to provide connectivity to this very bad hosting company? They have nothing but bad content on their servers, on all IP addresses, they don't seem to have any normal customers. But connectivity providers they have no liability. And this is quite good of course. There is mere conduit, so they have no liability for what happened, what passes through their pipes.

Some transit providers may comply because they say, yes, indeed, this is very bad situation, maybe they trust a request also, also they want to cooperate with the police and they don't see any reason for them to be making money of providing connectivity but the majority, they simply rely on the rule of law, also say they would continue to provide connectivity and anyway, the connectivity is so abundant if you are at LINX or another Internet Exchange point, then there are hundreds, if not thousands, of ?? at least hundreds of connectivity providers there.

I think there is increased media focus on this. We see that RIPE is now working together with law enforcement, there is a Working Group, you go to meetings. There is some media attention like the Russian business network has been on a treatment by Brian Kreps for a couple of articles. This was the Russian business network was part, that we discovered they were part of the other bad company that we had found.

I am going to ?? I am here to look at possible solutions to this problem, solutions that would be workable also to the RIPE community.

This is not about creating a technical solution where legal action cannot be taken so it's not about we are not able to, what they are doing is not illegal, but we don't like it so we want to have a technical button to push on. Phantom ISPs, they provide fake identities because they want to avoid the rule of law. This is why they have created this fake identity. I don't want to create either additional bureaucracy about identity of it the ISP for RIPE. I think the RIPE cannot verify better than what it's already doing, the identity of the people that get assigned Internet resources. And it's not either about making the Internet community arbiters of what is legal and illegal activity.

Now, what is important to note is that RIPE assigns resources to legal entities or natural persons so people that have the legal capacity, it doesn't assign resources to e?mail addresses, it wouldn't assign Internet resources to my cat or to a tree. It has to be a legal entity, something that exists.

Now, how can we ensure that there is a legal entity behind the Internet resource that has been obtained? We can, as we have ?? as has been discussed previously, we can look at the Whois information because the Whois information is incorrect, and we can see how we can validate the Whois information to be sure that we find the right resource holder. Now, we have seen ?? I will go into that in the next slide but I think this is always a contentious topic. I was at Amsterdam also and I saw it raises a number of questions, the validation of the Whois information. Then it could be the validation of the original criteria that were laid to ground when providing the Internet resource.

Now, first on accurate Whois information, we have seen how some of the very valid assignments that were legacy assignments or just very old assignments, they have not been updated, there have been mergers, for other reasons that the Whois information is not updated even though it's a valid company so we don't want to push too strong, this is something that will take years to achieve.

The original criteria for the assignment of the Internet resources. I think this is quite important. We have seen situations, however, where the resource has changed usage, maybe first they required the IP resources because they wanted to provide dial?up services, now using same for IDSL or maybe some obtained addresses they wanted to provide VPN addresses to employees but now using the same addresses for mail servers. Resources can change their usage even though RIPE reserves the right to recover the IP addresses if they are used outside of what they were originally applied for.

Now, I am not proposing that they should be but I do think that resource should be revoked if they have been obtained through fraud or deceit if, it can be proven that an IP address that was requested by a company and that company doesn't exist and it provided false documentation, they provided company of registration documents of something that was obviously falsified, I think that, in those situations, there should be a possibility for revoking.

What we have now is RIPE allows for the revoking of IP addresses for incorrect Whois information, and this is actually something that we have in cooperation with RIPE, we have used to address those phantom ISPs, so the ones I mentioned earlier, the five companies, I think we are up to a total of seven or eight where we have discussed with RIPE and RIPE has tried to contact the holders of these Internet resources. They have not been able to receive a reply from them. And as such, after three months of trying to contact the person and not receiving a reply, the IP addresses can be revoked. However, if we look at another RIPE policy, it says that as long as the original criteria on which the assignment was based are still valid and is properly registered with RIPE, they can keep them but if it changes, then RIPE is allowed to revoke them. And I think this is where we would want to look at changing that RIPE policy and it could be a possibility like we have in domain names where there is arbitration, already RIPE today has arbiters, I don't know if they would be able to take on such a task. But if there is doubt about the existence of a company of IP address holder, then they cannot provide company registry; they may claim they are an unregistered association, which of course should be able to have IP addresses but if they cannot show that they have a utility bill or rental agreement or something else that shows that they exist, no evidence whatsoever, there is no address there, there is nothing behind it, it's really just a paper or air company then it would prove that the criteria have not been met, the original criteria for assigning the IP addresses have not been met. So we would like to see for having ?? what are your comments on proposing more precision in policy? It goes less far than what we have today because today IP addresses can be revoked. In any case if it's not being used for what it was ?? what was stated the usage when it was applied for but it would only be revoked if it has been applied for through fraud and through deceit, so providing false documents. Any questions or comments?

CHAIR: If you have questions and comments please go to the microphones. You have your chance now. Anyone? Any views? Comments?

RUDIGER VOLK: I have a very bad feeling about this presentation. What is the relation between ?? okay, we should clearly distinguish discussing actual criminal activity on the net and how to fight this from the administrative procedures. I don't have any problem with a phantom organisation owning address space that is not used for illegal activities, at least not in an urgency mode. And well, okay, if there are criminal activities, well okay, there may ?? then maybe robert armies that are doing it, well, okay, indeed it is really hard to find the responsible party because it is a phantom and all the owners of the systems that are used or abused actually do not know what is happening. But ?? well okay, that is not something well, okay, the RIPE ?? the RIPE administration comes in. If, for whatever reason, there are dedicated hosts that are doing evil things, well okay, the boxes are for real, the connections are for real, all this can be tracked down for real. And it doesn't really matter whether, well, okay, the address space is, well, okay, the address space is routed, that is essentially the thing that matters. And you have to track down what is actually operational.

UWE MANUEL RASMUSSEN: Absolutely you can track down the trace. For example we can see all the ones are providing connectivity they were in London and even though it was a Russian company, we could assume because it was multihomed, maybe it was located in LINX, but all we will be able to do is by subpoenaing different companies, identifying the boxes and maybe not even the boxes ??

RUDIGER VOLK: When the evil thing happens, it doesn't matter how it's registered; you actually have to get the box. And actually, and actually, and actually, well okay, in the end you may have to figure out who is paying the electricity bill for the box running. You may end up in a situation where you figure out that, actually, the box is owned as the black ?? as the black hats say, and you are in bad shape, then tracking down who did the thing is again something that doesn't have anything to do with the administrative data in the RIPE databases.

UWE MANUEL RASMUSSEN: You are absolutely right. And we don't want to used a ministertive data or RIPE as something to ?? as extra tool for law enforcement. However, if you have some RIPE policies in place, let's say you know you have to assign it to a legal entity or to a natural person then why start assigning resources to a cat, I mean it would be a very complicated database that you will ?? that you will accept other phantom ghost and that is why at least maintain your own database so it is natural persons for legal entities?

RUDIGER VOLK: Which cat actually qualified as an LIR?

UWE MANUEL RASMUSSEN: I don't think it's LIRs, this is really providing independent IP space.

RUDIGER VOLK: The other question is, which legal entity signed that up and, yes, but ??

UWE MANUEL RASMUSSEN: This is why we are the other topic. Maybe we should have the LIR before that, is that a good idea, to include that in the address database? There can be many things but if the policy is not to assign address space to company that don't exist, well, then, let's not do it. Let's not have all these things should we also put the LIR in or ?? I think it's a more simple and more elegant solution to not allow companies that are not identified, why revoke IP space as is being done today simply because the Whois information is incorrect?

CHAIR: I am going to let Nick come in.

NICK HILLIARD: I am going to pull the rug from underneath Alex by saying if you want to register a provider independent address resources at the moment, you have to provide supporting documentation as to what you are. If you are a limited company or any other sort of organisation like that, you have to provide company registration papers. So to a certain extent, maybe there were situations in the past where it happened that you know registration papers weren't issued because that wasn't the right procedure at the time, but I really don't think that is happening any longer.

The second point is that RIPE is not really in a position to determine what is and what is not a corporation. If RIPE receives what appear to be legal documents asserting that a company exists or the natural person exists by means of a passport, there is only a very limited amount it can do in order to authenticate those.

And the third point is that even if it finds out in retrospect that, okay, well, look, some company or something doesn't exist, it can revoke the assignment, but that is not actually going to stop the hosting company or the company using the address space from actually routing it on the Internet, they can still do that, and, you know, the address space will still be used.

So the principle that kind of has been used so far by RIPE is they are not the routing police and they can't really do a whole lot about this problem and as Rudiger said, if you want to trace a problem like this, once you have a route to a particular device on the Internet, that can actually be physically traced, once it's gone, you know it's gone and that is the end of it.

UWE MANUEL RASMUSSEN: You are right, this also, of course, goes together with the certification to avoid it still being announced, so that part, and I fully agree, RIPE cannot know what else a company registration or association registration or identity card looks like in all of the different jurisdictions that you have, it would be impossible. That why there should seem to be a possibility of challenging to say this does not exist, we have called the phone number, we went to the address, there is no company there, and once this is challenged then also the other company, the one that is being challenged should be able to say, but look, I have got all of these other documents that prove me and it would be simply like happens in any other situation where it's arbitration, where you have to look at the evidence presented. And the only thing, it would be very easy for the owner of the ?? providing the independent address space, all he has to do is prove that he exists in some way or another whereas the one that challenges this has approved but really he doesn't exist in any way, I think there is a safeguards for owners of PI space it would have to be a very strong proof that he doesn't exist.

AUDIENCE SPEAKER: Maybe you could do me a favour and bring up the slide with the Whois part again because reading this and also listening to what you had to say, it's sort of reminded me to a discussion that goes on since last century in the ICANN for TLDs in particular, for GTLDs and a solution to Whois accuracy has not been found in that area at least, so I just wondered to what extent you have taken into account what has been found so far, not a final solution or the solution but what has been defining in that area so far because maybe, I don't know ?? I am not saying that the problems are identical, but it seems to me that they are at least similar enough, so yes.

UWE MANUEL RASMUSSEN: What I am looking for is much less than what people are looking for with Whois accuracy. I am not looking for ?? that the phone number has to be correct, the e?mail address has to be correct, all the contact details. All I want is somebody exists behind it; it's not really necessary that the phone number is correct, so it's not really, what has already been discussed here and the efforts that you are making on getting the Whois database as clean as possible, as up?to?date as possible; it's simply to find a solution that would allow to remove the people that have been assigned resources that in no way exist, not that they have not been good at updating their Whois information but simply they don't exist.

CHAIR: John.

JOHN CURRAN: John Curran, president and CEO of ARIN. I thought it might be useful to know how we handle this in the ARIN service region, and matters of law and violation of law and the various criminal items, we don't really deal with; we do have a government Working Group, we talk to law enforcement quite a bit, but we leave that to matters of law enforcement and courts to handle. I don't want to judge a crime per se. And it's very hard to verify, as someone pointed out, it's not easy to verify whether or not someone's application is correct, and that is true, it is very difficult, but it's actually very easy to figure out when it's wrong, so as it turns out, we handle this very simply by saying, you can't engage in fraudulent acts with ARIN per se in our contract, so when you submit your information to ARIN, we presume it's accurate and we do some verification, we do quite a bit of verification actually, but if it should turn out what you told us was wrong and that is uncovered because someone brings that to our attention, then once we have determined that we have a fraudulent application for information, we do actually, as part of our review policy, we do act, and we invalidate the appropriate records and revoke the resources but it's not, per se, anything to relate to criminal activity other than the fact that someone violated the contract in applying for resources either at that point or at a subsequent time. I don't know if it's helpful or not, it's how we have had to handle it in the ARIN region.

UWE MANUEL RASMUSSEN: I fully agree we cannot start making decisions on its legal activity or not, it's not RIPE community's job to do so because there is so many different jurisdictions. It's simply to see that RIPE has not been defrauded to obtain these addresses. We don't know if it's going to be used for illegal activity or not, but, however, if you allow somebody that obtains these Internet resources but he cannot be identified, then he is virtually outside of the rule of law. If it was illegal what he did he cannot be brought to justice because we don't know who it is. He can find a way to hide his identity in many different ways. It can be, as it was suggested before, it has been owned or paid by credit card that was stolen. There is so many ways that people can hide their identity even though there is the physical link to the real world with the Internet box we have found out this is not enough to be able to identify the person because they are very good at hiding their tracks.

CHAIR: All right. Thank you very much.

(Applause)

UWE MANUEL RASMUSSEN: What I will suggest, make a couple of suggestions on how the language could be adjusted in RIPE policy 452, so the idea is currently we are only looking for revoking addresses for inaccurate information but not only inaccurate information because that is so broad but it should be really for companies that don't exist and I will put that on the mailing list.

CHAIR: Thank you all. Sorry we overran slightly. The AGM is ??

NIGEL TITLEY: The AGM will start at 25 past 6 on the dot, please, if you are coming.

CHAIR: This was actually the first time we had quite a few community presentations in the Working Group which we thought was quite good and wanted to give it some time. See you all at the AGM and then at the dinner.