RIPE NCC Services
22 May 2024
2 p.m.

BIJAL SANGHANI: Hello. Hello, and good afternoon everyone. And welcome to the RIPE NCC Services Working Group. I have just heard the bell ringing, I am wondering if I should wait a few more minutes or...?

Okay. So, welcome to the NCC Services Working Group. We are at RIPE 88. And this is actually the first time that I'm chairing the session from the beginning anyway, so as you all know we lost ‑‑ well, we didn't lose ‑‑ one of our Chairs stood down at the last meeting, and, you know, at the time some of you who have been been to the NCC Services Working Group would remember that the NCC Services Working Group is everyone's favourite Working Group, and it continues to be everyone's favourite Working Group. So I just want to put that out there. So thank you all for attending your faint Working Group.

Okay, on to serious things. We have a packed agenda today with lots of interesting talks. This is the welcome. We have an update from the RIPE NCC, technology update from Philippe, and an update on the RPKI operations, and a registry update, and James, unfortunately, isn't feeling too well today, so Marco will be doing his presentation later on today. And then we have open mic. And obviously the open mic is for everybody who has something to share or anything they want to add to, that's your opportunity. So if you have something you are thinking about, you have got about an hour or so to think further about that and then bring it up at the open mic.

So, admin matters: I have done the welcome.

We have a scribe, Antony, and we have a stenographer as well, so thank you to you.
The agenda, if there is no objections I would like to finalise the agenda. Does anyone have anything else to add? I'm seeing a thumbs up. Okay. So the agenda is now final. So thank you.

And then the approval of the minutes from RIPE 87. They were shared on the mailing list. There were no comments on the mailing list. Does anyone have anything to add or say about the RIPE 87 NCC Services Working Group minutes? Okay, so minutes are then approved.

Thank you. Okay. And then we will move on to the first presentation, which is Hans Petter Holen with an update on the RIPE NCC.

HANS PETTER HOLEN: Thank you very much. And good afternoon everybody. So, I am Hans Petter Holen, Managing Director of the RIPE NCC, and I have been so now for four years. Some of you have been here for a long time known that I have been part of this community for even longer. So, you may be ‑‑ you may recognise me from that.

So, what I'm doing today is to, rather than make a separate slides on what we have done since the last meeting, I have taken the annual report and showing you the highlights. We are using a lot of time to produce an annual report every year and would I like all of you to read it and reflect on what's in there. And give us feedback on what we should be doing.

The big change last year was after the GM, there was a clear feedback from the membership that we should be more cost conscious. So, after discussing with the Board, we pulled the brakes at the beginning of the year in May and reduced our activity to fit into ‑‑ and not to spend the full budget of 40 million, but ended up spending 37.3 million. That may not seem like a lot, but it was a stretch for the organisation and for all of us to see, you know, how do we start to think differently? The RIPE NCC has, over the years, been used to having more money than we were able to spend. Now we had to start to think about what we spent them on and spending the money carefully.

Our CEO left us and we decided to reorganise the technical department, so our CTO, Felipe, will present more on that later on, that's been a big internal change.

Also we have had a programme over several years, and a lot of efforts last year into strengthening the security. That's a theme for not only the RIPE NCC and all of you, I imagine, but also, you know, the whole world now. Security, cybersecurity has become way more important and we have also spent a lot of time on sanctions, because the RIPE NCC is subject to EU sanctions and we need to adhere to those.

So, our strategy and our plans are based on our five year strategy, is that the RIPE NCC has been established by the RIPE community to support the community. And then the community asked us to be original Internet registry and to maintain an accurate registry. And in addition to that, we want to enable you to be able to operate one secure stable and resilient Internet. So it's kind of three things that fit very closely together. You're dependent on the registry to make sure that your numbers are unique, and we are dependent on you to give us feedback how to do that, and we need a stable organisation to do this. And that means not only having a Board and a GM, but we also need to interact with governments and make sure that they understand what we do and defend the RIR system and defend this governance model. And none of this is possible without engaged staff. So that's our strategy in a nutshell. There was a BoF yesterday, and Remco shared these strategies and more detailed talks on that, and what might take away from that is there was great report in the room (my) for the direction that we have been going.

So, what did we do last year? Well we collated extensively on charging scheme. We had several meetings on that and we decided not to spend the same effort this year and that has all of you that are subscribed to membership, discussed ‑‑ resulted in a lot of discussion about that. We hear that but we consciously planned to spend all our energy on cost savings this year and not on reiterating the charging scheme. Maybe that was the wrong priority. So that will have to change before the next meeting. But more about that in the GM.

There was a change to not change the charging scheme last year, and that's what we have for our budget this year. But there is a vote in the GM later today to do that. But the result of last year was to not change t we did have a survey last year and it was a lot of interesting information there, and 92% of those that answered that survey were satisfied with the service level. And the NPS was 43, which is really incredible.

So, we have an Executive Board that guides me and sets the strategy. And I have with me a management team to lead the organisation.

There is also a page here with the highlights of what we have done through the year, you can see there is a lot of engagement with governments, with community, RIPE meetings, regional meetings and so on. It's a busy year. It's really amazing how we are able to fit all of this into the calendar and still get some vacation and do the work at home.

Membership overview:
I hear a lot of people talking declining membership. That's not true. The number of members stayed the same. It's around 20,000 members, but the number of LIRs, local Internet registries, that's declining. We had a peak of 25,000 LIRs, and that's now going down towards the number of members. And this is because we have this policy from the last /8 and from the waiting list that you can only get one chunk of address space per LIR. So why do we allow multiple LIRs per members? The RIPE NCC started as a project in, today GEANT and then got established as an organisation in '97. Before that all the policies were written local Internet registries when the membership organisation was started, the governing documents for the organisation was members, and nobody thought that that would be two different things. But then that happened over time. The Board stopped establishment of multiple LIRs and put it to a vote on a GM and the members said accuracy of the registry is more important. Let allow multiple LIRs. Therefore we have this construction that a member can set‑up multiple LIRs. That's, you know, the history in a nutshell.

So, the registry:
That's the core of the business for many. It's an important part. And you can see here that we still hand out some v4 addresses. There are, there is a waiting list. Marco presented on that in Address Policy this morning and you can, if you get on the list, get addresses in one‑and‑a‑half to two years, depending on how much is returned to us. But there is still a thriving market for v6, which is the future and where our attention really should be.

And the number of addresses that we hand out from one year to another is roughly the same. It changes a bit.

Now, this is an interesting thing because we have transfers between members for various reasons. They can can mergers and acquisitions or be policy transfer where somebody sells their right to registration in our database to somebody else. And there are transfers between the regions. And you can see here that we have eight and a half‑ish million addresses coming into the region, while 1.2‑ish millions going out of the regions. So stopping inter‑regional transfers as was suggested, that may not be a good idea. That would be a necessary loss for the region. Most of this towards ARIN, then APNIC and some LACNIC. APNIC ‑‑ AFRINIC does not have an Inter‑RIR Transfer Policy. So it's only with ARIN, APNIC and LACNIC this is possible.

That's something that is really important and we do a lot of efforts into making sure that the registry stays up to date. So, we do assisted registry checks where we sit down with the members and go through the registrations, we did more than 2,000 last year, and we're checking details like e‑mail addresses and abuse‑c and so on and a lot of that is automated but it still resulted in, you can see here, 649 manual interventions in this. So even if we can automate the hundred thousand of checks here, this also has manual work.

We receive reports, I personally get e‑mails: Can you stop this hacker? Can you stop this spammer? He is using your IP address and we tell them we are running a registry, you can look up in the registry who it is and you can contact them. Now Maria had a presentation yesterday on our role in handling illegal information on the Internet. And it's not our role to stop that. But we still have to handle those requests. We get hijack investigations. Luckily most of them are false positives, but we still have to deal with them.

And as you can see in a later presentations today, we unfortunately also have fraud attempts towards us which we then routinely report to the police. But investigation here takes a lot of time.

RIPE Database updates:
This is probably one of the more mature roadmaps and actions there you see on developments of the work items discussed in the Database Working Group, and implemented and also not only new stuff but also improvements. And when you look at the development effort we do, we're not developing software as any software development company, we are developing software for to run a service that we provide to the members. So the team also does the service delivery part of the operations part. We have an IT department that manges the infrastructure. But the data team or the other teams needs to maintain the service (database) and once operating systems needs upgrading and the middle wear and Java versions and PA P verses, we need to refactor the code in order to run. So it's not only about developing new features.

Very important addition to securing the routing system ‑‑ And of course, it's a heavy investment in the technology here in securing this. And the main focus this year is compliance here, to have externals auditing or control framework or checks to make sure that we can get a statement from an auditor saying that here are the checks and balances that the RIPE NCC has in place so they can be trusted. And that's not only technical checks, that's checks on the HR and on the whole organisation.

Information services:
We have a measurement service with more than 12,000 probes where you can measure anything in the Internet. A third of those measurements services measure the route names system and around 50 TLDs. Another third measures the anchor. So if you have rank in your network you can get incentive knowledge about how the rest of the Internet see us your network and vice versa. Then a third is individual measurements, both from members and users and from researchers that uses this system to do research. This is not only funded by members, it's also funded by sponsors and if some of you are interested in this, we are more than welcome to receive more sponsorships.

DNS and K‑root. Back in the days when there was a 2 meg line between Europe and the US, there were actually two or three, the DNS queries that needed access to the root would time‑out, so there were a couple of route servers being established in Europe and the RIPE NCC is one of them, K‑root if know the founder of the RIPE NCC, Daniel Kronenberg, you can imagine why it's K, and you can see here how these servers are distributed around. It's one letter, it used to be one server. But today, it's multiple instances. And it's 13 servers, 12 rot server operators, and more than 1700 instances. So this is a massively distributed system. Area we doing this? Because it's important for all ISPs to make sure that there is a route server system working for you (why are). Alt indefinitely, it could be run by just US companies. It's really important that this is diverse identified and not only run by US or hyper commercial companies that may or may not (diversified) interested in doing this for the future. So having non‑profits in here would like we have NetNod here, ISC that also does this, a couple of US universities, a couple of US military tree defence operations, so there is differs tee here, it's wide in APNIC, so it's important that it's, you know, diversity into this system.

RIPEstat, you can look into this this. RIS: We collect routes, these are systems that are mostly stable. We have invested a lot in the user face arched that /*E bringing that into a modern framework that's scalable to modern devices.

Community and engagement: We're here, we do two RIPE meetings a year and we do a lot of engagement around the recently because doing a meeting in Shengen makes it impossible for members outside the Shengen area to participate in some cases. It may be possible to get a visa and it may have been much more difficult to get a Visa to get into Shengen if you are from Iran, Syria, Russia, our countries like it, so we also do regional meetings in southeast Europe, central Asia and in the Middle East, the MENOG, and then we also sponsor local NOGs where we send speakers and we also give some support for them to organise.

So to some extent we have a lot of ambassadors out there in the regionals and so on that, you know, work with their community in order to make sure that the Internet works in their country and their region.

We also do in‑person training and webinars. This is a really important tool for us when we go and talk to governments outside the EU, you know, what can you do for us they ask, and we say, well, we can help you doing capacity building in RPKI, securing your Internet, and in v6. And that opens the doors to make sure that we can talk to them and be a partner.

The RIPE NCC Academy. It's not only in person any more, it's also online.

And you can round this off by with a certified professional so that you can actually document to your employer that you have this knowledge, and that is important in some companies and more so in some part of our service region than others.

Policy development:
So, we develop policies for us but there is a lot going on in developing policies for how to govern the Internet around the world. And we tried to participate in that. So, we do roundtables with the government in the Middle East, we did two in southeast Europe and one in western Europe. We do respond to public policy consultations, sometimes the RIPE NCC has an opinion that we submit. Sometimes the RIPE community coordination Working Group submits their opinion there, and we help facilitating that.

And there is also a lot of Internet governance events. You may know about the Internet governance forums established by the UN, but there is now a huge discussion in the UN on the future of this and the so‑called digital come pacts and we follow this closely. We don't engage in it for the sake of engaging in it, but to make sure that the technical community will have a space here and will be heard, because we're not any other stakeholder here. We are the experts that runs the Internet and we should be there in order to provide expertise before policies and decisions are made.

Supporting the community: I already mentioned these events, and the participants there. We also do open house events. We did ten of them. That's a concept that we developed more or less during Covid, where we arranged an open house, a virtual event where we have somebody on stage to discuss something or present something and members can, or community members can dial in an participate in the conversation.

For the NOGs and regional events, Here you can see all the nothings that we have participated in and sponsored. And we have here an overview of the different events that we have organised our self.

Looking at the two RIPE meetings we did last year, more than 1,000 attendees, 856 on site and 216 remotely in Rotterdam. So, you know, if we do it in a big city in north western Europe we get a lot of visitors. But we also did one in Rome and we got 732. But you can also then see that we get different demographics from different parts of Europe. And you may remember the year before we did one in Serbia and there we see lower numbers of participation, but we see other people coming in. But moving it around and not having all the events in Amsterdam is important for us and for you as a community I believe.

Community project funds: That's something that was established some years back when the RIPE NCC had a surplus and the Board discussed what can we do to contribute to the good of the Internet? There is donations to the IETF to make sure that there is stability there. And it's the community project fund. Where there is a committee, with community members, that picks out some projects, and to give them funding and in return they have to come and present and publish RIPE Labs articles for that.

And I believe that the call for proposals is still out, and I see Al nodding here and if you have questions for that you can grab Al who is hiding here on row 3.

RIPE Labs. If you have something that you want to publish and share with others, we have RIPE Labs, the Internet magazine for our community. We publish articles there ourselves. I think we published 12 or 14 articles, up to this meeting, I provided the list to the Board and it's kind of a two hour read to prepare for this week. There is a lot of good information there to stay up to date. And we take publications from others as well.

I mentioned a survey. Almost 4,000 responders. The survey was in ten languages and 52 of them were in ‑‑ 52% of the responses were in other languages than English. So we took answers in multiple languages and translated that.

Value for money: 69% of the respondents thinks that the RIPE NCC brings value for money. Unfortunately that number had dropped from, I think, 73% from the previous survey. So we need to look into that. But it's still an amazing number.

86% of the users of the database finds the data to be accurate, and 89% finds it to be useful. I think that's amazing numbers, although I would really like it to be a hundred percent accurate at any point in time. But that may not always be possible.

Security challenges: 40% of the people that responded to this survey thinks that security challenges is one of their biggest challenges. So, it's food for thought for us what can we or the community do for this, and I know that the Anti‑Abuse Working Group has been discussed whether they should extend their scope from just one aspect of the security of anti‑abuse to a wider spectre, that's a bit up to you in the community. For me as Managing Director of the RIPE NCC, it's to make sure that we secure the organisation, the information, the systems and services proposal, so that we can ‑‑ the information there can be trusted.

Inside the RIPE NCC. We have 180 FTEs. 35% female. I would love to see that grow to 60. But that's an issue with our industry, and it's an issue with our community. But this is something that's really important to us. When it comes to diversity, what we have been focusing on is to hire from all over our service region. So it's an amazing company to work for. We have 42 nationalities. Well, actually, now we have 43 or 45, different nationalities in the office working for us. Now over time, a lot of people have become Dutch citizens, so it may even be more than what it looks like in the statistics. The turnover, I am happy to say, has gone down from slightly above 10% to 6.7%. And the number of languages spoken are more than 30. English is the working language, but looking across all staff, they all understand and feel the need for multi‑lingual support, but it's also really difficult to run an operator registry where we need to have everything in one common language. This was a requirement that was set of by the community when the RIR system was started.

RIPE NCC management team. I briefly mentioned that earlier on. Felipe is going to present afterwards. He is the Chief Technology Officer. James is the Chief Registry Officer. Hisham is the Chief Community Officer. Elinora is the Chief Information Security Officer. Simon is the Chief Financial Officer and Caroline is the Chief HR Officer and Athina the Chief Legal Officer. And then Daniella, my executive assistant, keeps track on me and the whole exec team and supports the Board. So this is the team that looks after the RIPE NCC but it's really run by the 180 staff together, not by us.

General Meeting: There are some statistics in here on that. Compliance and transparency. I won't read this out to you but I just kept the page in there to demonstrate there is a lot of things going into that. We did an audit by EY of the registry, they looked particularly in transfer processes. We got a lot of recommendations back from them. We are doing a SOC 2 audit, they are still checking TTL evidence provided. The agreement was really with EY that they would provide a report last Friday, so that I could present it here. That's delayed, but I still hope that we will get the full report by the end of June.

Sanctions: You have heard presentations about that. And this is still not resolved. We are able to provide almost all services to sanction members. We cannot assign them new resources and we cannot allow transfers. Our banks won't allow us receive money from them and the banks do not allow us to receive money from ultra high‑risk countries such as Syria and Iran. This is still something that takes a lot of time from us.

You can also find the detailed breakdown on the cost her activity in the plan and a description of what's behind there and also nice graphics to see where we save money compared to the budget. And you can see here that we did not cut down in the registry spendings, but we did quite a lot in the administrative overhead in the organisation sustainability. You can say the office the Managing Director, but that was because I had a lot of reserves there. So that's what it is.

Now, if you, as members, would like more details in here, let us know. Now, obviously we cannot present, you know, individual salaries or individual amounts in contracts, because if we have negotiated a good deal, the contract, with the vendor, the contract is usually with a confidentiality clause. So we need to keep this on a fairly high level, but, you know, I'm committed to openness and transparency. That's it.

With that I have come to the end of my slide deck. I believe we have four minutes and 50 seconds left for questions.

BIJAL SANGHANI: Does anyone have any questions for Hans Petter?


JIM REID: Hans Petter I think it's good to put some statistics up there on how the money is being spent. But from my perspective I think that's the level of detail we need to stop at. If you go beyond that level of detail, we're going to get to the stage of individuals or members trying to micromanage how the NCC does things and I think that is just a path of madness. If there is concerns that members have about how money is being spent, the mechanisms they have to deal with that are to talk to the Board members and then have the Board members act on it. So I think the level of detail you are providing on the finances is great but please don't go beyond that at this stage because it's just going to open up a can of worms.

HANS PETTER HOLEN: Thank you for that feedback.

BIJAL SANGHANI: Are there any other questions? Anything on the Meetecho?

HANS PETTER HOLEN: Thank you so much.


With that, I'd like to invite Felipe on the stage to talk about the technology update.

FELIPE VICTOLLA SILVEIRA: Good afternoon everyone. My name is Felipe. I am the CTO with the RIPE NCC. Today I'd like to give an update what we are doing within technology.

In technology in 2024 we have two main objectives: Ensuring the security and compliance of our services and second to keep costs within budget. My presentation today I'll be covering those two objectives.

Starting with security and how we are ensuring a stable Internet.
So, why is there an increase relevance in security? One reason, is the contractual value of IPv4 addresses. And the fact that an unauthorised transfer can cause a significant financial harm to our members. And second, the potential large impact on network connectivity caused by by unauthorised access. For example, a misconfiguration in RPKI can have a severe impact on the Internet.

On the 24th April, this year, we have published a security investigation report. I have added a link here in case you want to have a look.

In a nutshell, we had leaked credentials earlier this year from our members that were published online and that was not detected during our monitoring. Furthermore there were brute force attempts to execute against the RIPE NCC access accounts. So in total the passwords of 870 accounts were identified in public data breaches. 104 of those were linked to LIR accounts. E‑mail addresses were changed for 270 accounts, and that was using a feature that's no longer available in RIPE NCC access where one could change the e‑mail address of the account.

Finally, there were eight accounts that are possibly compromised through brute force attacks.

So what we have done about this. First of all, we reset the password for all accounts that were either exposed through a data breach or that suffered a brute force attacks. We also closely monitored the resources for 104 accounts that were identified as vulnerable for any suspicious activity going on there.

For the accounts we recently updated e‑mail addresses we have reached out to the account holders and to confirm whether the change was legitimate. Finally, we checked that no unauthorised change had taken place for the accounts that suffered a brute force attempts.

We have also made improvements in our RIPE NCC access. The most important one was the introduction of monitoring traffic, that happens on the 2th March this year. That required a significant call changes following a replatform that implemented last year. And I have talked about that in RIPE 86, so you might want to refer to my slides there. But in a nutshell, we have migrated the back‑end engine to Keycloak and replatformed the who thing to run on Kubernetes.

We have then moved the 2FA implementation code from our own to the native key cloak one, and then it was a matter of enabling it directly in Keycloak.

We're currently implementing support, FIDO2 keys and other authentication matters, I have written a Labs article about it so you want to refer to that.

Now, changing topics, ISA E 3,000 compliance and ensuring trust in RPKI.

I am pretty sure that most of the room knows this, but RPKI, the RIPE NCC is one of the five trust anchors for RPKI, and we issue certificates to Zorz holders and that's a key element for router security.

So, our goal here is to enhance the security and integrity of RPKI by doing two things. First, to build our members trust and confidence that they are doing the right thing. Second, to ease compliance efforts should any new regulatory requirement arise.

So the goal here is to develop and implement an internal control framework that contains all the important IT security elements but also can be tailored towards specific RPKI needs.

There are five areas covered in this control framework. Security, availability, confidentiality and processing integrity. And we have left privacy out because there is no personal information in RPKI.

So as Hans Petter just mentioned, this was a huge undertaking involving the whole organisation not just your usual IT controls, also HR and facilities for things like security distributing, background screening for new staff etc.
So the goal here is to ensure that we have sufficient controls in place and that those controls are implemented through relevant policies and procedures and there is also an audit trail that can be verified by a neutral third party, like by an auditor.
So where we are in this process? We're actually in the middle of an audit. So EY is the auditor that we have selected. They started the audit last month. And I was really hoping to be here today and say that the audit is completed and this is the result. However, they still need a couple of weeks more. We have 76 controls being tested by EY and the final report is expected over the next couple of weeks.

And then this report can only be disclosed to members on request under an NDA.

And then one year from now we are planning to do the Type II audit which is more thorough than the Type I.

Now, I think there is many people waiting for this part of my presentation about what they are doing to reduce costs, especially reducing our data centre footprint.

We have a relatively large data centre footprint in the RIPE NCC. So we have 46 racks, spread across two different data centres in Amsterdam and the cost for housing and power alone is just shy from 1 million euros per year. Half of that space is used for our Internet measurement services, for Atlas, RIS and stat dataset. So the underlying technology is a cluster and these are very large AS‑SETs. I think beta bytes worth of data basically telling the history of the Internet.

So, our goal here is to reduce that footprint by half before the end of this year, and by more than 70% by the end of 2025. And we want to achieve that while at the same time preserving all the historical data and maintaining the service levels.

And I have also written a Labs article about it. So in case you are interested, I suggest a read.

So this is the current situation in our data centres. I have two data centres and AM3 and AM5. And you might have guessed each square represents a rack, and I have colour coded them. So the red one is about the network, so switches, routers, etc. The blue one is used by JI, So DNS for example. Then the purple part is basically the Hadoop cluster, that's used by RIS stat and SLAs data sets. Then you have the yellow one that's used by IT. So that's RPKI, the RIPE Database and so on.

So, our goal here is reduce that by half before the end of this year, and we are well on track to do that.

And by 78% by the end of next year. So going down from 46 down to 10 racks.

Now there is no magic here. We're not just reducing all this rack space. But there is some movement through the Cloud. So there is an increase Cloud cost; however, at a much reduced rate.

So, to explain a bit how we're doing this. So it's mostly to the RIPE Atlas back‑end migration. So since last year, we have started migrating the RIPE Atlas data sets from our own infrastructure to a hybrid solution. That's composed of two parts. The first one uses a smaller cluster that's used rented bare metal. That can be seen as a cache. And then for the historical data, we are planning to use AWS S3, so that's a cheap object storage from AWS.

And this new solution only costs a fraction of the current one, while maintaining the same service levels and also being futureproof, because one of our worries was about the data growth.

This chart basically says what I just explained on the left side. On the right side you have the hot storage, so that's and the cache built on rented bare melt al and then on the left side, you have the historical data that's in the object storage. We're using AWS S3 but it's also possible to use other options. There is a lot of money saved in part on the historical data.

So, there was a question yesterday on Robert's presentation about whether it's cheaper to go to the Cloud or not. I think that depends a lot on the use case. In this specific case it proved to be significantly cheaper to use AWS S3 as opposed to running this on premise or to just have a bigger cluster using a rented bare metal. The cost of both solutions like for the hot storage and the cold storage are roughly the same and we have budgeted at €100,000 per year. So to have an idea.
And these parameters are all adjustable. So we could make a smaller, cluster for example, for the hot storage, we could change the tiering in AWS and so on. And then we can optimise for cost, performance, or find a good balance between both.
Going through the migration time lines now. We have finalised the data extraction, so exporting the data from the old cluster into S3. We are currently migrating data sets from RIS and stat into a different cluster, so it's now between the Atlas cluster moving to a different one. We have finalised building a new cluster. And we are going to start consuming data into this new cluster. So once we have sufficient data there, we can then switch over production to this new cluster, and then start decommissioning the old one and removing the hardware from the data centre.

Now, that was basically my presentation for today.

A couple of takeaways. The first one is that security is our top priority in technology. And our goal is to contribute to the stability of the Internet. And second, cost‑effectiveness is our second priority, and we are aiming to have significant cost reductions by modernising the infrastructure of our Internet measurement services.

And I now open the floor for questions.


BIJAL SANGHANI: Thanks Felipe. Are there any questions? There is one on ‑‑

ROB EVANS: There is a question from Maximilian: Did you evaluate other S3 providers?

FELIPE VICTOLLA SILVEIRA: We have an option with CloudFlare, but it proved to be more beneficial S3 for now, but we are still reconsidering that. It's possible that we might use R 3 in the future.

AUDIENCE SPEAKER: Jim Reid, speaking for myself again. An interesting presentation. And thank you for the updates to what's going on. My question is about the use of the Cloud service providers. Have you given any thoughts into edit strategies from these providers, I'm particularly concerned about the possibility that a crowd provider either goes bust or decides for some other reason you cannot get access to the data that you submitted to them, so do you have backups for some of this data, do you have the ability to recover that data in the event of something really bad happening that's not in the best interests of the NCC or the RIPE's membership?

FELIPE VICTOLLA SILVEIRA: Yes, we all have concerns about all of these topics. We also think about if something goes wrong that we can quickly redeploy in a different provider. So that's why we aim to use standards like Kubernetes, for example. If you have something running on AWS and Kubernetes, it's very easy to move that to either OnPremise where you also have a cluster but you can could also use for OVH or other providers.

AUDIENCE SPEAKER: Okay. What motivated this question for me is it's not a comparable situation but it does have similarities, is that there is one case of an organisation which is dependent on a database service and it's impossible to move away from that database service because of the terms and conditions and there is no possibility of migrating to another provider because the cost of trying to do is that are far far in excess of the cost of using the existing service they have got. I want to know if you have got some mechanisms that be used in the event of something bad happening. Thank you.

FELIPE VICTOLLA SILVEIRA: You are more worried about the legal aspects of it.

AUDIENCE SPEAKER: Well not so much. Just playing devil's advocate for a moment. Just say your Cloud provider says I'm not playing ball any more and you can't get your data from us ever again, Have a nice day; then what?

BIJAL SANGHANI: I think that would be a bigger problem then.

AUDIENCE SPEAKER: Marco. This is strictly related. Did you calculate how much it will cost to take the historical data outside of S3?

FELIPE VICTOLLA SILVEIRA: We calculated how much it would cost to fix the current cluster. So keep it on premises. And it was basically double the price.

AUDIENCE SPEAKER: Sorry, it's a different question. You will not have a lock on the cap any more of the historical data, Is that correct, it will object S3?

FELIPE VICTOLLA SILVEIRA: For now in S3 and we currently have it in the current clusters. But yes it will be only in S3.

AUDIENCE SPEAKER: Okay and in that future, how much will it cost to take the data outside from S3 if it were needed for any random reason?

FELIPE VICTOLLA SILVEIRA: I mean, I don't have a number to give to you. However, I do believe that the most of the effort would be from an engineering point of view and I think we could reuse a lot of scripts that we wrote to extract data from the current cluster ‑‑

AUDIENCE SPEAKER: This is not a technical question. This is a business question, because taking that outside of S3 is extremely expensive.

FELIPE VICTOLLA SILVEIRA: Yes. And now I see your point. We didn't calculate. We can follow up after that.

AUDIENCE SPEAKER: Okay. Thank you.

AUDIENCE SPEAKER: Ben, from work online. I think that you said, if I heard you correctly, that the access to the results of the RPKI audit were available under NDA to members. Is that correct or is it subject to NDA for whoever is interested in seeing that data and is willing to enter into the NDA?

FELIPE VICTOLLA SILVEIRA: To the best of my knowledge it's just for members. They would make a request and then sign an NDA.

AUDIENCE SPEAKER: I'd suggest that that's a much wider audience that has a legitimate interest in seeing the results of that audit. The group of people that are relying on you to operate that infrastructure in a secure fashion is much broader than the NCC's membership. I'd encourage to you rethink that.

HANS PETTER HOLEN: Thanks for that feedback. We will definitely take that into consideration. We also have another roadmap, a SOC 3 report or type 3 report which will be available to everybody. The reason that we want to be limiting distribution of the SOC 2 report is, as, you know, SOC 2 report includes all technical details of all vulnerabilities currently, so that can be a security risk in itself to share that. Now, hopefully, we don't have any of those. So then it's a clean report, it's not a problem. But it's not something that the provider automatically will pass out. We are also aiming for an ISO 2021 where the certificate will be available, but, you know, having ‑‑ being part of the supply chain of vendors that have compliance requirements, that puts us in the situation, and they are members our customers, but yeah, ideally this should be public but that has consequences, so yeah.

AUDIENCE SPEAKER: To be clear, I'm not for a second suggesting that you stick it on the website. I think that whatever mechanisms you see fit to put in place to ensure that it's going to remain confidential, are completely legitimate. I just don't think that an arbitrary restriction that it has to be the member base is appropriate.

AUDIENCE SPEAKER: Peter Hessler: I want to strongly echo what Marco was saying earlier about the costs of leaving S3. There's been a number of relatively famous cases where it was sensitive data, millions to take it out, and it could bankrupt organisations by trying to leave the service. And I have to say, frankly, I am disappointed that you haven't looked at it and considered it. But it's something that we have brought to the NCC when the entire Cloud discussion started. So, it's a little frustrating that that part was ignored when that was a big concern for a lot of us. That could be the entire budget for the year.

FELIPE VICTOLLA SILVEIRA: Thanks for the feedback. And I do understand. It's the whole egress cost from S3 and I will get the numbers.

BIJAL SANGHANI: Okay. Two more comments, questions,

AUDIENCE SPEAKER: From a remote participant, Randy Bush: "Why is the RPKI audit NDA at all?"

FELIPE VICTOLLA SILVEIRA: Well, because the format of this audit report, maybe Hans Petter wants to say more about it, is not something we can just disclose because it includes a lot of security information.

HANS PETTER HOLEN: Hi Randy. As I tried to say, a SOC 2 report lists all the controls that we have in place and whether they have been effective or not. So, if that report says that we have this control in place and the control was not effective, that's demonstrating a vulnerability this can be used to attack us. Ideally, there would be no deviations or no such finding, that's our goal, and then we could theoretically make it public, I would love to do that, but I can't promise to do that.


AUDIENCE SPEAKER: Ben, BGP tools. I feel like it's important to tell everybody else from ‑‑ I'm not advocating for Cloud migrations here ‑‑ but since March Amazon announced if you basically are saying that you are permanently leaving Amazon then they will waive egress fees to leave. It's a slightly moot point. But that's only Amazon I believe.

BIJAL SANGHANI: That wasn't the last question, we have got two more. And the last question on the floor after that. Sorry, one.

AUDIENCE SPEAKER: Hi. So I would like to address two of the questions that have been asked before. My name is Razvan, I am the IT engineering manager in the RIPE NCC. I have been deeply involved in this, of course, data centre migrations and some of these movements. To the question regarding whether we looked at other S3 providers as an industry standard, yes. We chose AWS S3 this time because of previous experience with its performance. We had tests done before. We had existing buy plains for DOH employment where the infrastructure code and also the security controls that we have integrated in the landing zone with the security tools that we are use internally. So that was also due to the urgency of the entire project. That was the decision being taken. And the financials checked out. That being said, as Felipe mentioned, we are constantly looking and comparing other options, and we'll consider them as soon as all this integrations have had time to test them and see what would make sense in the future. This was on the SWS history. On the egress it was indeed what has been said previously. In case you decide to leave the Cloud AWS entirely, the egress fees are being waived. So that also gives a bit of insurance that you do not run into millions as mentioned. Thank you.

BIJAL SANGHANI: Thanks Razvan for that clarification.

AUDIENCE SPEAKER: So, Tobias. I would like to remind everyone of the principle in cryptography and I would like to note that given our large membership, I would not be surprised if a document obtained on the NDA started with one member might become ultimately public due to a misconfiguration, oversight or a simple human error. So, given Kirkoff's principle, I would organise that deciding to publish it from the beginning is just anticipating an incident which will ultimately happen if it can be obtained by members.


BIJAL SANGHANI: Thank you. Okay. That's all the questions we have for you. So thank you.

Next up we have Tim Bruijnzeels, who is going to talk some more about the RPKI operations at the RIPE NCC.

TIM BRUIJNZEELS: Hi. Thanks for having me. My name is Tim, you might know me from when I used to work for the RIPE NCC until 2018 I think. I joined NLnet Labs and worked on the RPKI software there and since January 1, I joined RIPE NCC again.

So in that capacity I want to give you an update.

Let me just dive straight into the details because time is short.

What have we been doing? We have been doing a lot of work on the user interface for RPKI, the dashboard. And the reasons why? Well, the current interface works well, we believe. But some processes are a bit suboptimal. For example, when you create a ROA, there is a red button that appears in the bottom right of your screen. You have to notice that, click that and say yes, I want to create this thing. That's an example of a process that we want to improve.

But, I mean, theoretically, you could also improve that in the stack but we also wanted to replace the grain stack because of maintainability and to make it easier to add new functionality to it.

So a user feedback was got by an UX expert in Rome at the RIPE meeting, and in one‑on‑one sessions afterwards; that led to a design we are implementing now.

I also mentioned this in my e‑mail to the Routing Working Group that I sent this week, so you might have seen it there as well. We're not quite ready yet but we will be soon ready for beta testing this functionality, and if anybody is interested in that let me know.

To give you a small example. The thing I mentioned earlier. So now when you create a new ROA, you get an explicit question that says: Do you want to apply this now? Or essentially do you want to keep making changes? If you apply now, then it's applied. If you keep making changes then you enter a flow where essentially you can stage multiple pending changes, then taken to an overview page where you see the effect of those changes based on the information that we have RIS Whois dumps.

Now, switching subjects a bit. Future functionality:
We want to work on new RPKI object types. So in my mind, the most promising and important one would be ASPA, because I think that has a lot of potential to further secure routing. But there are also other things such as resource signed checklists, BGPSec router certificates. I just show you in a previous slide we give you information about what we see in BGP and how your ROAs would affect that. But that information can be quite old, it can be up to eight hours old. We could also look into making that feedback faster, because we have that information, we can get to it, it's work, but... and therefore, you know it's also a question of priority.

We think that new object times are probably nor important at this time. But if you feel differently, then please do let us know.

Similarly, there have been questions in the past about IRR integration, like why do you need to maintain both ROAs and route objects separately. It's a lot of work for you. But the short of it is that integrating that into one system is not trivial and you need to make choices about how you do that and we need to have a discussion about that essentially before we can pick up that work.

In one minute ‑‑ I am going to skip this one for the minute,because, well, I thought it was important to include it because if you download a PDF you have a bunch of links that you can follow to learn more about it, but I don't think time permits to really go into the details now.

Other work that we have been doing:

Hardware security modules. HSMs. Essentially used to keep keys private and to provide a good source of random. We use them extensively, our trust anchor uses them, but also our online system relies on HSMs, meaning for example that the keys in the database and backups are not usable by others.

We needed to replace the hardware for the online system. We needed to replace the laptop that we use for the offline signing. And that also involves a lot of testing with the USB based HSM that we use.

Felipe already talked about this quite a bit. I just wanted to make it a bit more tangible. So what is the work on the audits mean, except for, you know, being able to show you do your work well? I think it also really helps us because it forces us to really look at our processes and make improvements where we see possibilities to improve things. It has taken quite a serious effort from the team, but I think what I'm trying to say is that that's worth it. Also from a perspective of, you know, purely improving what we do.

So for example, a business continuity plan, we have that, we didn't have a formal plan, let's say, but we did have documentation and we did have ideas and our engineers knew what to do in case of certain outages. Being forced to write that down is helpful.
One of the things we came across is that the database backups were done less frequently than we would like, so we improved that.

And, yeah, last but not least, the Certification Practice Statement, you might have seen that, an update was sent to the Routing Working Group about this. That document hadn't been updated in a while and now it has been.

What I want to end with is quickly mention to you that the NRO has an RPKI programme as well. The RIRs have been meeting at IETF's mainly, well, since as far as I can look back. But that was usually informal gathers where ideas were shared and exchangend and they would learn lessons from each other but there was no formal goal setting or collaboration in that sense. It was useful but it was not that.

Now, however, there is an NRO RPKI programme with a programme manager, Sophia, who you might know, she used to work for LACNIC, and later APNIC, she is still based there, but now her focus is on this.

Here the links if you are interested. This I copy and pasted from one of those documents. Essentially, the overarching goal of the whole programme is to see where the RIRs can improve things by collaborating.

So, what are the main obstacles that should be solved by the RIRs together, right?
And if you have ideas about this, then please you can talk to us, you can talk to Sophia, we are very happy to know about it.

For the moment, we did do some our own goal setting. And key objectives. They are quite high level. And, well, that's just the stage where we are. We hope to make them more tangible in the time to come.

But essentially, it's a definition of what a single global RPKI system looks like. We want to have a better understanding and improved transparency of robustness, so is the system available. How quickly do we publish, for example? We want to look at things from a security angle, like are we all doing, handling security well enough, or are there gaps? Because they might affect the system as a whole. And of course, cross cutting concern, as they sometimes say in software engineering, is that we ought to engage with the technical community, which is you and others.

The short‑term of that is that, well, we are meeting, we are trying to make these goals more tangible, but we are essentially establishing where we are now, and then we hope to get real tangible work items out of this, going into next year.

And that brings me to the end.


BIJAL SANGHANI: Thank you. Are there ‑‑ we have one question on the chat.

ROB EVANS: There is an online question, it's not really to do with RPKI. Maximilian asks: "I am still missing the search draft, the database on the new There is still enough free space in the mini bar. What is advantage of the extra steps compared to the before state?"

TIM BRUIJNZEELS: Sorry, there's an echo.

BIJAL SANGHANI: It's more of a ‑‑

ROB EVANS: It's about the website.

BIJAL SANGHANI: About a search.

TIM BRUIJNZEELS: I don't think I'm the one to answer that question to be honest. I know it has been discussion about that when there was a new website was launched. But do we have somebody in the room who can answer that? So the search on the main website I think it used to be easier to search the RIPE Database immediately? I think I have to defer that question to somebody else because it's... well, I'm not part of that.

HANS PETTER HOLEN: Our web services manager Phil is here by the services desk so go and talk to him, he will give input on improvements to the website. We are using ‑‑ user experience research methods into looking at the changes we're doing, testing them and seeing what's working and what's not working so he is really interested to hear input and looking on how we can improve it.

BIJAL SANGHANI: Thanks, I think it's always useful to get feedback from users on the website. So, feel free to ‑‑ if you are ‑‑ obviously you are not here, you are not going to see Phil on the registration desk, but I'm sure he'll be more than happy to receive an e‑mail from you about this.

Any other questions or comments? Okay. Thanks Tim.

Okay, next up we have Marco to give the registry update. Thanks Marco.

MARCO SCHMIDT: Good afternoon. As already mentioned my name is not James Kennedy, which is a shame because then my English would be much better. But I will try to do my best. The slides are still from James and apologies upfront that I might be a bit bumpy going through the flow. But my name is Marco Schmidt, I'm manager of Registration Services and I am happy to give you some insights in the activities of the registry division.

As a registry, we actually have three commitments we want to maintain, of course an accurate registry as much as possible. We want to provide a world‑class service to our members. And we want to protect the resources that we are giving and under our control and that we provide to our members and to our end users.

Looking a bit deeper into those commitments, and first registry accuracy. We have some goals there to help us to achieve this accuracy. We want to verify all our members at least every five years, preferably less. The same for the the end users. There is an as strikes there we talk about when we use end users in this context, about independent resource holders, so people that have IPv4 PI, IPv6 PI or IS numbers. And we also want to perform 2400 ARCs per year. And to the people that don't the term it's assisted registry check, it's like an audit where we want to contact our members and verify that everything is in an a good position with them.

How do we verify registry information? We do that in a way that we verify certain data from our members and our end users against official sources. And this data are the legal name and the address, the legal address. The registration number in case our member end user is the natural person, and the ID. And also the status of a legal company, if they are open, active, or closed. And again for natural persons, we rely on the ID, which we by the way process in a GDPR compliant way.

The member data is monitored and we get information from them if we see that ‑‑ if they see that a status of a certain company has changed. By the way, if you happen to know that consumer company will go for a merger, through a name change and so on, we always welcome that you inform us proactively, because then we can be ahead of time and we don't have to bother you later with some reversecation.

We want to extend this activity to our end users, to also monitor them more proactively and we expect to later this year have this implemented.

And how do we do this? Every time we verify a resource holder, a member, an end user, we put a time stamp on it and currently we put them in category groups that we have verified within the last two years, between two years and five years and then more than five years. And of course especially the last group we want to reduce to zero.

I have here some data, how this is going. So we have measuring this now since around three years, and if you see the members at the beginning, three years ago, around one quarter, 25%, verification was more than five years ago, and now actually we have it, this almost down to zero and we are very busy getting it completed to zero. And that's especially an important task and a challenging task, because the verification ages of course, somebody who was not very fright for three years three years ago now falls basically into the last category. But we are on a good track. You'll see two thirds of our members have been recently verified within the last twoers Yahoo.

For TTL end users it looks quite similar. For the beginning it was more end users not verified a long time ago. That was due to the fact that we had the registration papers but they were not yet in our systems for monitoring, and then we had some temporary colleagues that helped us to enter all this data in the system. This, you see this deep decline at the beginning, 2021, 2022. Then we still had a couple of complicated cases that especially members of my team clarified, and we are currently just 0.5% of end users are not verified within the last five years. And you see there is an increase on the green part, this is mostly due to the fact that there was this big activity two to three years ago. We were actually busy to keep that number down and you see it's been reduced a bit.

So, how do we actually verify members and end users? We use different ways. Whenever we have a request coming in where we need to verify the result anyhow, you can think about the transfer request for end users or the resource request, it's automatically marked as verified. We also do ARCs for example and then we (A) verify manually after this is confirmed. A couple of other difficulties. Members of course when they become new members when we do a verification, and also via any other methods that's available to us. And for end users, you have a similar picture and they are of course, if there is a sponsorship change, we use this opportunity as well:

Talking a bit more about ARCs, so we have the role of 2400 per year, and we focus mostly or especially on members that have talked for a long time that they are not verified for five years or almost five years, one aim is of course that we see that the information that we have from them is still accurate and up to date. And of course we also want to use the opportunity to get in touch with them because they might not be aware about recent policy and procedure changes. They might not know all the servers that are available to them. And one recent example was the mandatory two factor authentication, which is not easy for everyone, so we use also ARC to support our members there.

In 2023, we almost reached the target. We were short by a couple of dozen ARCs. But overall, it was a very good achievement. And actually we are currently working on some ARC automatisation that hopefully will make the work for our colleagues but also for the members easier, because the most prompt part of an ARC is of course the phone call that we have with our member, but before doing that there is a lot of work needed in preparing for that phone call. We are looking into what data we have on our files, what looks outdated what needs to be doublechecked, and then we send this preparation e‑mail to our members and they have to counter‑check and we actually positive once automatisation is in place that we have passed this preparation and we can do more ARCs and have more chance to talk to our members.

Talking about service levels, Hans Petter mentioned it already earlier in his update. We, as a registry, we have metrics there that we want to have a net promoter score of 80, a customer effort score of 6.5 and we want to respond to every incoming request within one working day. And I will go into more detail on each one of those.

I think it is important to know that the net promoter score can be also negative. And probably all of you get occasionally after you met an online purchaser, if you had a flight or something, and people, those providers or those companies ask you to give feedback, and it is really useful, and I really want to ask you if you had a request with us and you get the survey, take the one two minute and fill it in because we take it seriously and we always want to see what people like and where we can improve.

And actually, every score above zero is already good because it means more people would recommend the RIPE NCC than ‑‑ to their friends and colleagues, than not. So, like, Hans Petter said, doing the survey last year the whole company reached a result of 42, I believe, which is already very good. Then scores of above 70 and highest percentile, and a score of 80 is actually world class. And that's what we put ourselves as a target. And I am very happy to report that we are achieving it for the last eight months in a row, which is a very good result, and it shows that our service is appreciated and we value this feedback.

Similar story for customer effort scores. We were asked the question how easy it made the RIPE NCC to handle your issue, that's a score from 1 to 7, with the 7 the highest, and there our target is a 6.5, which is also considered world class. And again, actually, we are doing very good, so the majority of the requesters feel that we handled the issues well. Since about ten months we are achieving or target of 6.5. We are very proud of that.

Then the last metrics that we have is to respond to the tickets within one business day. This is, this can be a bit conflicting with the other two goals, because a good service means that we sent you, if there is a question, a clear response, a personalised response, that you know what is needed. And that sometimes needs time. But still considering these measurements since January last year, we hand more than 70,000 tickets and we managed to respond within one business day to almost 98% of them. You see here a minimum and maximum, this is for different months and some months even we managed to respond to all tickets. Sometimes the lowest score was 87.5, which is usually related to special events. You can think about there was a Dutch bank holiday that is not celebrated much else in the world, and then the next working day, well many requests came in and the workload is double as high, or my colleagues from member services relating to invoices when there is a billing reminder, they know already the next day they are coming there are many questions because people have questions. And while we try to shift resources to those activities, sometimes it's just too much that we can respond all on the same day but we are on a good path and we are also very happy with these results.

Now, talking about the last of our commitments to protect the resources. Fraud handling is also one of our important activities because we do receive falsified documents, we do receive misleading and wrong information, intentionally wrong information. And they are a risk for the registry. And we take them seriously and we follow‑up on on them. And it's good to point out that there will be consequences if we identify such manipulated documents. So it can be eventually just a warning, but ultimately it can lead to closure for membership, it can lead to deregistration, even to blacklisting to become a member for a certain period, and we also do report cases to the police, to the Dutch police. And I have some here some statistics how many cases we have reported in the last years to the Dutch police.

Registry investigations: That's something that Felipe already touched upon in his presentation from the technical perspective, so I will keep it short on this side and talk more about registry part of it. So related to all those SS IO hijacks that were out there, people tried to manipulate, submit requests and why we actually identified those trends rather fast, two transfer requests actually proceeded, which maybe one of down sides of a fast response time on tickets, but we identified them, it was one /24 IPv4 and two IPv6 allocations, and we took actions, we ran a deep due diligence check to identify the patterns, what exactly happened, who is behind what, we identified who is the rightful owner with whom we are talking and we reverted all the unauthorised changes and not only for transfers but there was other changes.

At this moment I also want to say that we have to be careful what we share with the public, because we don't want to give, let's say, some indications to not so nice actors what happened there.

We identified the offender, and it resulted, actually, in the termination of this membership according to our RIPE NCC procedures.

While, of course, we do everything that we can to protect your resources, our resources, I think it's also a good moment to remind you that you also can do your part. Just make sure that your credentials are always protected; that you use strong passwords. Also, keep your LIR contacts up to date, maintain them. It has happened in the past that a disgruntled ex‑employee tried to be nasty to their previous employer. It's good to be alerted on that end. Whenever you would see something suspicious, let us know immediately, we have a process in place that we can immediately flag certain accounts and resources as vulnerable and this will prevent anything happening to these resources until the situation is clarified.

And I included ‑‑ James actually included here the link to the investigation report that we have published. This is the information that we can share on those incidents with the public.

The topic of external auditing came up already. Hans Petter mentioned it. And just to give a bit more detail on the most recent one. There was an audit completed by Ernst & Young on the registry, on the integrity of transfers, and actually, I am very happy and proud to report that there were no major vulnerabilities found. There were a couple of recommendations that we are following up. It's mostly to put certain things, formalise them more, have a better documentation, where possible automatisation and we have added all those recommendations to our regularly optimisation plan and we already have implemented some of them are and are busy to act upon all those recommendations.

Some other registry insights. The sanction compliance, the topic came up a couple of times already in previous presentations, so I'll keep it short. We screen all our resource holders memebers, and end users for EU sanctions and OFAC sanction ‑‑ it's important to clarify this is ‑‑ this is only related to the invoicing to the financial parts because our banks is where we concerned about OFAC requirements.

All resource holders are screened and soon we identify a potential hit, the resources are frozen and we investigate if there is an actual sanction that applies to us because there are many different sanctions out there, not all are really relevant to us. And once it is confirmed that a member
Or end user is on a sanction list, we freeze the account. We freeze the resources and they cannot request more resources from us any more.

All this actually costs quite some work. We get every month around 1300 alerts from our automatic monitoring. A lot of them are false positives. But still, we have to look at them and exclude those false positives and see if there is any real match. This has to do that we're not only directly monitoring our members, but also who is the major shareholder, who is the owner, who is the Managing Director, and there are sometimes matches of names on the sanction list and we have to exclude them.

And we published this in a quarterly sanction report and the last one was just published in February.

I am at the end of the time I want to quickly use the opportunity to refer to some interesting web labs articles. One was published by James last week, and that's very interesting, I think it's very interesting article to see the trends and observations on the workload, what we see in our area.

Another RIPE Database Labs article on IPv6 stockpiling was published by somebody. And it was intensely discussed this morning in the Address Policy Working Group, so if you are interested in that one, you can read it there.

And actually, I want to also hear, or pose a question whenever you would like to get more insights on something and like to have, we can make a RIPE Labs article about something, let us know and we are happy to do that.

I'm almost at the end of my time. But I think also I'm at my last slide. So, I'm actually really glad to say that our registry accuracy and integrity is very good, and we still look how we can keep that level for sure and even improve. The same applies to the world‑class service that we provide. And we have proven to be robust and effective in our due diligence framework against potential attacks. And I believe this is a good moment to thank the whole registry team for their hard work and I think it deserves a round of applause.

You see the picture up there and the chances are high, if you had a request recently, one of those colleagues hand them with pleasure, and...

This is the end of my presentation.

BIJAL SANGHANI: I know we have one question online. Do we have any ‑‑ let's go first online.

ROB EVANS: This is from Robert Scheck of ETES: "On the members mailing list it was recently mentioned that identity is now involved for the verification of members or end users being natural persons. Could you comment why this happens using an external company please? Sending an ID card, passport copy scanned to the RIPE NCC is one thing, sending it to somewhere, another. It's unclear where identity is legally and physically located."

MARCO SCHMIDT: The reason is indeed GDPR because having those IDs and so on in our records is not GDPR compliant, so we were looking for a solution that is according to European requirements, and this third party does this and they are based in the European Union, they comply with GDPR and we don't see those passports any more and nothing can happen to those IDs.

AUDIENCE SPEAKER: I wanted to ask, you mentioned that there is now a last checked metadata for members and end users object. As was visible in Whois or such, because as a network operator, I would actually be interested in, you know, saying okay, can RIPE actually check that our records are up to date when it comes to organisational data, and if not, how can I keep those up to date?

MARCO SCHMIDT: Some of the data is in the RIPE Database in particular the legal company name and the legal address, and that's also something that cannot be changed without informing us. Other information like the company registration number is not in the RIPE Database, that's in our internal records.

AUDIENCE SPEAKER: Okay. But as there is no way I can check where the RIPE database can currently easily check that our records are up to date.

MARCO SCHMIDT: The best way is probably to reach out to us especially if you happen to know something has changed or might have changed. We might have outdated data, and we welcome this to let us know as soon as possible.

SANDER STEFFANN: Basically, rerequesting what was asked during Address Policy where you said like the policy allows more strict checks than the NCC was currently doing, so these ‑‑ do what you said during Address Policy because I think it's good to put a bit more attention to that.

The other one that I was thinking about was the one where you said that people were selling AS numbers online for a one‑off fee, which is not compliant with what the requirements are for keeping ‑‑ them keeping in touch with their customer where you said they were selling them without asking about multi‑homing or stuff like that, but the request you get all perfectly comply with the policy. So, where does this data come from? And I'm a bit worried that, about organisations becoming like a commercial RIR where they get resource from the NCC and then reselling them and we lose track of it. So as part of NCC services, I would like to ask you to pay some extra attention there because I think this affects the stability of the system.

I know you have the tools to do it, but please put a bit of extra focus there.

MARCO SCHMIDT: Thank you, we will definitely do that.

BIJAL SANGHANI: Thank you. Are there any other comments? I was pleased to see ARCs going ahead and increasing. That was one the requests from the Database Task Force, so that's always good to hear that.

If there is nothing else, then thank you.


Okay, so now we have Open Mic. No, we don't. But seriously, first of all, I want to say that I'm actually ‑‑ regarding the Chair, I am actually standing down next meeting. So if you are interested in standing for the position of co‑chair of everybody's favourite Working Group, then please, if you have any questions, come and speak to me, the other two Chairs are here as well. So, something to think about for everybody listening and here. Sander.

SANDER STEFFANN: I think I speak for many of us when I say thank you for all the years of hard work you put into this Working Group.

BIJAL SANGHANI: Thank you. It's a great role. You know, if you want to hear more about it, I really encourage people to stand. It brings you a little closer to the RIPE NCC, which is always nice, because you get to work with some fabulous people. So, something to consider for the next meeting.

And if there are no other comments, then this Working Group session is closed. Thank you.

The General Meeting is taking place in this room, so we need everybody to leave and then you can come back in if you are joining for the GM. Thank you.