Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 1 RIPE NCC Certification Task Force Update Presented by Nigel Titley RIPE NCC.

Slides:

Advertisements

Similar presentations

LACNIC Policy Update Roque Gagliano LACNIC. Current Policies Proposals - LACNIC As a result of the Open Policy Forum at LACNIC XI four policy proposals.

Advertisements

Axel Pawlik. LACNIC III, November 2002, Mexico City. 1 6bone Address Registry Proposal Axel Pawlik / Mirjam Kühne RIPE NCC.

Copyright © 2007 JPNIC All Rights Reserved. IPv4 Countdown Policy Proposal (LAC ) Toshiyuki Hosaka Working Group on the policy for IPv4 address.

Axel Pawlik. LACNIC VI, March 2004, Montevideo. An RIR in 2010 History, Continuity and Future presented by: Axel Pawlik.

1 Axel Pawlik LACNIC IX, May 2006, Guatemala RIPE NCC Update.

Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.

Erik Bais, May 15 th 2013 PP Resource Certification for non-RIPE NCC Members Presenter : Erik Bais –

Registration Services Feedback Andrea Cima RIPE NCC RIPE 66 - Dublin.

Current Policy Topics Emilio Madaio Policy Development Officer RIPE NCC RIPE May 2013, Dublin.

RPKI Standards Activity Geoff Huston APNIC February 2010.

National HIT Agenda and HIE John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Work Plan 2000 APNIC Annual Member Meeting Seoul, 3 March 2000.

1 APNIC Resource Certification Service Project Routing SIG 7 Sep 2005 APNIC20, Hanoi, Vietnam George Michaelson.

ARIN Update NANOG 55 – 6 June 2012 Mark Kosters Chief Technology Officer, ARIN.

Introduction to ARIN and the Internet Registry System.

RIPE Network Coordination Centre AfriNIC-10, 20 May 2009, Cairo Andrei Robachevsky 1 Update from the RIPE NCC.

The RIPE NCC Update Ingrid Wijte Registration Services Assistant Manager.

APNIC Update AfriNIC 11 November Overview Services status Policy developments Priority activities Next meetings.

RIPE Network Coordination Centre Afrinic-9, November 2008, Mauritius Filiz Yilmaz 1 Update from the RIPE NCC ArtistServer.com/Brillman.

1 Service Oriented Architectures (SOA): What Users Need to Know. OGF 19: January 31, 2007 Charlotte, NC John Salasin, Ph.D, Visiting Researcher National.

RPKI Certificate Policy Status Update Stephen Kent.

DRIVER Building a worldwide scientific data repository infrastructure in support of scholarly communication 1 JISC/CNI Conference, Belfast, July.

DG INFSO- Grid Research & Infrastructures: W. Boch, M. Campolargo 1 Delivery of Industrial-strength Grid Middleware: establishing an effective European.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

R I P E N e t w o r k C o o r d i n a t i o n C e n t r e. h t t p : / / w w w. r i p e. n e t. n c r i p e. n e t 1 The Internet Registry System IPv4.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

CSC 101 Fall 2012 Felicia Furino December 13, 2012.

1 News from APNIC AfriNIC 9 27 November Coming up Some numbers Some service updates Some policy news 2.

(dead) Inter-RIR Transfers to become 2014-xx (new text) Sandra Brown IPv4 Market Group.

Update about the “SHOULDs Analysing Project” in RIPE Policy Documents “Should” we use the RFC 2119 Defined Language in RIPE Policy Documents? Jan Žorž,

ARIN Update Aaron Hughes ARIN Board of Trustees Focus IPv4 Depletion & IPv6 Uptake Developing, adapting, and enhancing processes and procedures.

Mirjam Kühne 1 RIPE 34, September 1999 RIPE NCC Status RIPE NCC Staff presented by Mirjam Kühne.

RPKI and Routing Security ICANN 44 June Today’s Routing Environment is Insecure Routing is built on mutual trust models Routing auditing requires.

An Introduction to Routing Security (and RPKI Tools) Geoff Huston May 2013.

Validation Algorithms for a Secure Internet Routing PKI David Montana Mark Reynolds BBN Technologies.

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.

Summary Report on Resource Certification February 2007 Geoff Huston Chief Scientist APNIC.

APNIC Trial of Certification of IP Addresses and ASes RIPE 52 Plenary George Michaelson Geoff Huston.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.

Resource Certification What it means for LIRs Alain P. AINA Special Project Manager.

Progress Report on APNIC Trial of Certification of IP Addresses and ASes APNIC 22 September 2006 Geoff Huston.

The Resource Public Key Infrastructure Geoff Huston APNIC.

Update on RIPE NCC Inter- RIR Transfer proposal Adam Gosling APNIC 38 Policy SIG Meeting 18 September 2014.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

APNIC eLearning: Intro to RPKI 10 December :30 PM AEST Brisbane (UTC+10)

Presentation to: Name: Date: ICAO Asia-Pacific AMHS Activities & Status ICAO Asia-Pacific AMHS Activities & Status ATS Message Handling System (AMHS )

1 San Diego, California 25 February Securing Routing: RPKI Overview Mark Kosters Chief Technology Officer.

APNIC Update Paul Wilson Director General. APNIC RIR for Asia Pacific –IP address allocation and management –Open policy development Support for Internet.

RPKI Tutorial Andy Newton Chief Engineer, ARIN. Agenda Resource Public Key Infrastructure(RPKI) Route Origin Authorizations (ROAs) Certificate Authorities.

Transboundary Trust Space September 19, 2012 Development trends of legal acts in forming valid transboundary electronic interaction Alexander Sazonov Regional.

The RIPE NCC Planning for Transformation Axel Pawlik Managing Director.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Update RIPE 40 Prague, 1-5 October, 2001.

Update from the RIPE NCC Axel Pawlik ARIN XXIX, Vancouver.

Feedback from RIPE NCC Registration Services Alex Le Heux, RIPE NCC RIPE64 Ljubljana.

1 Madison, Wisconsin 9 September14. 2 Security Overlays on Core Internet Protocols – DNSSEC and RPKI Mark Kosters ARIN Engineering.

The RIPE NCC Update Axel Pawlik Managing Director.

Erik Bais, Nov 5 th 2014 PP Allow IPv6 Transfers Presenter : Erik Bais –

1 APNIC Trial of Certification of IP Addresses and ASes RIPE October 2005 Geoff Huston.

Rob Blokzijl. RIPE 61 Rome, November RIPE Réseaux IP Européens Rob Blokzijl RIPE Chairman

Current Policy Topics Emilio Madaio RIPE NCC RIPE November 2010, Rome.

Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.

RPKI implementation experiences in the LAC Region Carlos M. Martínez – Arturo Servín LACSEC 2012 – LACNIC XVIII.

Post IPv4 “completion” Making IPv6 incrementally deployable by making it backward compatible with IPv4. Alain Durand.

RIPE Network Coordination Centre 26, August 2008, Christchurch 1 Axel Pawlik Update from the RIPE NCC ArtistServer.com/Brillman.

Whois & Data Accuracy Across the RIRs. Terms ISP – An Internet Service Provider is allocated address space by an RIR for the purpose of providing connectivity.

SWIM Common PKI and policies & procedures for establishing a Trust Framework Kick-off meeting Patrick MANA Project lead 29 November.

RPKI Trust Anchor Geoff Huston APNIC.

Internet Governance Hui

APNIC Trial of Certification of IP Addresses and ASes

Presentation transcript:

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 1 RIPE NCC Certification Task Force Update Presented by Nigel Titley RIPE NCC Services WG May 9, 2007

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 2 Content History –Why Resource Certification? –Complexity of Project –Task Force Set-up Scope of the Certification Task Force Current Status Impacted Areas Next Steps

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 3 Why Resource Certification? Improve stability of the Internet Higher quality of allocation data Assertion validation procedure –Resource allocation: “RIPE NCC has allocated this resource to this party” Helpful to ensure routing security –Check route injection authority –Automate trust relationship Strengthen relationship between RIPE NCC and its members

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 4 Complexity of Project The certification project extends through all parts of the RIPE NCC, and so is a difficult and complicated challenge.

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 5 Task Force Set-up Certification TF assembled at RIPE 53 Six RIPE community members Good representation of region Set-up to be part of the trial deployment in the RIPE region during 2007 Tasked to formulate report for RIPE 55 for community discussion on way forward

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 6 Task Force Scope Identify requirements for a number resource certification service Follow developments and raise awareness among network operators Advise on impact –Service infrastructure, operational procedures –Utility of the authentication model –Policy considerations –Business relation between LIRs and RIPE NCC Provide recommendations for production development

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 7 Current Status The CA-TF defined a picture of the landscape The certification prototype has been delivered to support the identification of impacted areas To simplify the project five main areas will be the focus of research and discussion: –Business area (including impact on policies) –Services area –Technical area –RIR wide area –Application area

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 8 Business Area Changes in the registration services related to the Registration Authority function –authentication –business relationship (throughout the whole chain) Including end-users and PI space Resource transfers –role of the RIR Liability issues –Repository –certificate revocation and impact on end-users –certification of ERX space

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 9 Business Area – Impact on Policies How certificates are issued For ERX/legacy resource holders A transfer policy –Transfers are going to be possible –Within an RIR region from one party to another and between RIR regions –Policy to ensure: Avoiding transfer of the same resource to several parties at a time

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia Services Area Certificate repository –Interoperability between repositories (RIRs) Validation service Hosted certification services –implication of hosted resource management systems Shared certificate repositories –reliability requirements

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia Technical Area Specific areas for attention –Repository architecture –Performance implications

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia RIR-wide Area Specific areas for attention –Trust anchor(s) –Inter-RIR resource transfers –Deployment plan

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia Application Area Use for routing authorisation –Backward compatibility with RPSL database? –ROAs –Future secure routing protocols Automating provisioning Resource transfers

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia Next steps Make available documentation and code Report at RIPE 55