RIPE NCC Services session
Wednesday, 22 May 2019
4 p.m.
KURTIS LINDQVIST: Welcome everyone. So, finally we have all travelled to Iceland, the NCC Services Working Group. And so, a few reminders before we start. If you haven't picked up your little GM sticker and you plan to attend the GM, now would be too late to do so because you are supposed to be in here and listen to me. If not, you might run out and get them. The GM will be in here afterwards, so when we do finish here, please try to empty the room as quick as possible so we can start the GM on time.
I think that was all of the admin matters.
So, anyway, if we imagine that the previous slide has the agenda on it, there is one addition to the agenda under the "any other business" is Ruediger wants to talk about the NRO data. With that I hope we can approve the agenda as is. And that brings us to the admin matters where we are now.
Where we have the scribe, actually we have got two scribes and Marco is the monitor. There is no comments on the the mailing list after sending the minutes out, so I hope they can be approved unless anyone objects. And we have one more topic that I wanted to cover, so we have two Working Group Chairs, there is me and Bijal ‑‑ so I am Kurtis Lindqvist, by the way. And Bijal, so, as you might know, I discussed this on the mailing list, I am standing for the RIPE NCC Board, and if elected, I will stand down being the NCC Services Working Group Chair, and for that reason, we needed to find a contingency plan and after a discussion on the mailing list and after a suggestion by Jim Reid, we decided to go search for a third co‑chair for NCC Services and we had one nomination, which is Rob Evans, who is sitting at the front. And that is currently, according to the selection process for NCC Services, that is currently in the discussion phase and that ends on Friday. So, the sequence of events would be that ‑‑ well, if anyone has any comments, support, or not, for Rob here, feel free to voice it, and otherwise, by close of business on Friday, Bijal will declare consensus on the matter, I will consider myself conflicted so I'll stay away from it. And if I'm elected to the Board I will stand down as Working Group Chair on Friday. If not, I will continue and we will have three Working Group Chairs until the next election, which will be in the autumn.
And that was all the admin matters we had for this session. Any questions, comments, additional thoughts?
If not, then we hand over to Axel and the RIPE NCC update.
AXEL PAWLIK: Thank you, Kurtis. Yes... this was not Icelandic and I'm not ‑‑ this popped into my mind this morning when I was thinking about remote participation and the people at home at the screens basically it says, ladies and gentlemen welcome in the hall and at home in front of your TV sets. With that, puts an age to me I am very sorry that the thing that the show master said on the Saturday evening shows typically after we were all freshly scrubbed from the bath and ready to engage in some family entertainment. You are acutely aware it's not yet Saturday because you are not that tired yet. Welcome, and I cannot promise that I will be entertaining but with the help of my colleagues I can give you an update on the RIPE NCC crew has been doing last year and just focussing on this year.
This is also, of course, part ‑‑ considered part of the General Meeting, the public part. So, back at the, a look back at the end report and the highlights there is maybe in order.
Looking at 2018, we gained 4401 members. When I started at the RIPE NCC, we had less than 2,500 I think so this is quite remarkable. More than 4,500 IPv4 allocations, /22s, little bits and pieces and nearly 2,500 IPv6 allocations, that's nice as well. We saw at RIPE NCC organised events around 2,000 of them, that's great. We did nearly 100 training courses for over 2,000 participants throughout various locations. We did 2,628 assisted registry checks, which is on one hand a good number and it's welcome and it does help us quite a lot and help our members also. But on the other hand, when we started this activity we said we wanted to touch every member, every three years and now we have so many members that number is on the low side there. But still very useful. We aim for more than 10,000 Atlas probes around the world that are active that we have achieved. Of course we are still doing this and then shipping out probes.
And we have not quite 500 RIPE Atlas anchors yet, but a sizable number. So that's I think a good resume of the here.
Financial report. No details here, they will come a bit later. But basically, yes, we have good and sustained relations with our members, which is lovely. And of course sending out invoices is part of that. Cost management goes well, we end up typically slightly under budget which is lovely. Capital liquidity management is up to scratch. Also good. And you'll hear more about that from our CFO in about two hours. And the transparency in all things that we're doing but also of course in financial operations is important to us.
Membership growth. As I say throughout this year, again it's quite dramatic. We have seen 8% growth already and we're not even half year. That's interesting. Since we announced last /8 long long time ago, if you remember, more than 13,000 new LIRs came and we maybe didn't see that coming at the time.
Right. But this is coming to an end. The end is near, repent, I heard earlier, I think yesterday. The end is near, we will run out of the current IPv4 pool and that is, of course, way past the last /8, probably early next year, probably early next year, maybe later this year depending on what is happening. So of course we see our role as in making sure that you are all well prepared, that you are in the know of what's happening, what we are doing. We have to change some of our processes, some of our software ahead of time ideally. And yeah, waiting lists and the like are in the ‑‑ are coming, so, we need to talk about this and make sure that we are all well prepared for this.
Right. Challenges. No real surprises possibly. We do see quite a strong increase in workload. Obviously due to the increase of membership coming in, members coming in. And the requests are also becoming a bit more complicated. We are looking at, how to formulate this to be right. What I think what we'll see is a drop in the membership growth. So, clearly, no /22s here, not that many new LIRs, that I think is fairly obvious. But there might also be some consolidation of membership but also there will be no members coming in so we'll see how that plays out but we have to think about that in terms of organisational stability.
Transfer market is going on. We see lots of brokers here. This is something that we support and say we need to make sure that the registry is accurate and up to date and we know who is using which IP addresses. So, yeah, that is something that we see happening quite a lot as well.
And, existing infrastructure, processes, things that we are doing need to be stable, predictable, safe, so we are looking at this as well.
Looking at 2019 and we of course are a good deal into 2019 already. Efficiency, improvements, agility to react to what is asked from us is important to us. Like I said, resilient, safe secure Internet is important. We are looking at making it even better and maintaining of course rather as well as improve it.
Accountability, we don't hear that much about like we heard about it a couple of years ago, but it is important that it remains important and we want to increase it, due diligence of course as well, and I know that sometimes we get in the way of your business processes a little bit with the due diligence and lots of tedious requests but it's also in order to achieve good registry accuracy, or to maintain it, protect it.
As an organisation that has quite a lot of data, quite a lot of datasets to work on to present, we're working on that, providing data, providing also access to that and visualisations to say that so that's something we also see as a core business of the organisation, to help you and your business processes and to help onlookers that might not be active as operators but are very interested in how the Internet works.
And yeah, engagement activities. Of course we have the RIPE meetings, we had them for a number of years. And we have regional meetings and we have national meetings and we have membership lunches and all those things, so working on those things as well.
All right. Greater efficiency and accuracy. Automation of processes, like I said simplification too. When we look at them after a couple of months, a couple of years, we occasionally see that they have grown into weird ways and we need to weed them out and make them better again, so we are currently going through the process of doing that again.
Basically to help also our staff internally not to do Byzantine back and forth processes but to spend IPv4 time and quality time on those complex requests that I mentioned. And due diligence I mentioned.
Simplifying the billing process, we have sent now invoices for once a year, we also have said we would accommodate, where needed, quarterly payments, there were a couple of requests there, not that many, so that is also more efficient than it was before. Looking at website content and figuring out how to make it configureable so in a way that you get the most out of it, and of course we are happy to hear feedback about that.
Evolution of the organisation. That sounds interesting. We are currently going through a process of internal restructuring, reorganisation to the goal of self‑organising, self‑management as an organisational structure. Something that we think mirrors somewhat what we are doing outside in a bottom‑up industry self‑regulation, but also to become more efficient and more nimble and more agile in reacting to the changing landscapes and to your needs as well. So that's something that we are going through this year. By the end of the year we should have all departments properly in the new system. At some point I talk about it in some more detail when we are through with it when we have some measurements done like what did it do to us or for us? In the meantime just grab me over a coffee and we can chat a little bit about what that precisely is.
Engagement at outreach. Like I said we are doing lots and lots of things and of course the details are not very visible for you, but you can see that we have been doing this pretty much throughout our service region. We take care that we spread ourselves not too thinly but that we reach most corners of our service region regularly with RIPE meetings and with regional meetings, like I said member lunches, typically attached to some other activity. Support for National Operators Group. National IGFs, the regional IGFs as well for instance. Face‑to‑face training courses. It's important that we meet people face‑to‑face and get that exchange going. Community building on RIPE Labs, lots of nice articles there. Cooperation with academic people, a little bit back to our routes that's good. Hackathons, deploy on this for RPKI for instance, we did, government round table meetings, things like that. Outreach is important. We need to know what's going on, what people want from us. Also we need to be able to contact people and tell them what is going on in here.
We have, as you probably know, the Community Projects Fund. And it's a quarter million euros per year that we give out for projects supporting ‑‑ not we ‑‑ supporting resilience and operation of the Internet. As I say, it's not us giving that out. It's the money that you, the members, have agreed that we could use for this. But we have a Selection Committee there, we have a couple of people, Mita, due to other engagements will have to drop out, we want to add another seat to that committee so we have an uneven number for obvious reasons. So there are two seats open. If you have an interest, or if you know somebody who could be interested, please nominate yourself or have somebody nominated by the 16th June. And there is a web page as well.
RIPE Atlas: I said we are still giving out the little probes, there was a bit of a hitch there for a while but we are continuing that. We also are looking at software based probes now. We have the virtual anchors that are available. Tools and data we are constantly working on so come get your probes, tell us that you ‑‑ well, I don't know ‑‑ maybe there are some in this room that don't have probes yet. Let us know if you want some. We want to grow the network; the goal is still to ‑‑ the measuring network, the goal is still to have a probe in every ASN more or less.
We are looking for sponsors. We said a good while ago that we would not invest membership money into building this measurement network for the time being, so this is done by sponsorship money. So if you know somebody that has an interest or benefits greatly from the Atlas network let them know that we are looking for this.
You asked us to look at Abuse‑C contacts and to make sure that quality is high in the database. We have started implementation in February of this year. We have done initial checks for 70,000 contacts there, validations e‑mails have been sent out. Now, we do manual follow‑up for those that have not been updated, and that's where the actual work done then starts.
The LIR organisation resource objects are complete. Now we are looking at end user entries there. Well, it's ongoing work.
Please, if you get a mail from us, do react to it. Don't just discard it, it's important.
Certified professionals. If you don't know that term, that was the training credentialing that we called it earlier. We switched the names. It's about to happen. We are putting together the material there, and we are preparing for the pilot exam, testing for the RIPE database badge, so if you have interest and if you are a little bit tolerant to maybe initial little bugs and hitches, then please let us know. We, of course, need people to pilot this for us.
Like I said, security internally is important to us also for our systems. So we looked at the way we're dealing with this. We are setting up now new approach to look at our internal security framework. In your interest, in our interest as well.
And there we go. The next RIPE NCC survey is coming up. We have done the last one about three years ago, that was very successful and very, very helpful to us, hopefully also to you. We had 4400 participants in that. That was a great number. But of course we want more, we want more this time. This, of course, is our last survey before runout of IPv4. Please... we kick it off by the end of this week, please participate in this and talk to your friends and colleagues that they see this as well and participate.
That's basically all I have to say. We will, of course, as usual, collect the input, third parties looking at this, we will look at the key results and present them to you again, what we took from it, and what we are going to do and then we'll report on this in the coming months and years. And that's basically all I have to say. My colleagues are going to add to this a little bit, if you have any questions to this, then I'm happy to answer them.
KURTIS LINDQVIST: Any questions for Axel? No. All right. Thank you.
(Applause)
So next is the operational update by Felipe
FELIPE SILVEIRA: Good afternoon everyone, my name is Felipe. I am the COO at the RIPE NCC, and this is the operational update.
I'll start by explaining the main challenges that are currently facing within operations.
It's no news for anyone here that we are reaching the end of our free pool of IPv4, as Axel just mentioned, the current forecast is that it just reach the complete exhaustion at some point early next year or perhaps even late this year. So, what this means for us, especially within operations, how does it impact our current work load.
Traditionally, the highest number of requests that we receive is resource requests, so the highest number of tickets to people come to us and ask for IPv4, IPv6 and so on. Over the last few years, we have been observing a trend of more updates to the registry rather than resource requests. So, what you are seeing here, the blue line represents resource requests, and the red line is updates to the registry. We normally have a spike at the around the end of the year, people are trying to close their accounts before the next year, so they don't get charged, so that's a normal trend. But if you look at this chart, since June, more or less, last year, the number of requests for registry updates has been higher than resource requests.
Another thing that's very important to note is that half of these resource requests are for /22s so once we reach the end of this free pool this basically is going to go down significantly.
Another thing that's important to note is that the amount of work that's required to process a registry update, so like things like transfers, mergers and acquisitions, sponsorship changes and so on, is way higher than the amount of work required for resource requests. So we currently have at around 38% of our staff within customer service and registration service working on registry updates. And at around 8%, so like three FTEs taking care of the resource requests. So actually five times more amount of work in average than resource requests.
On top of that, we have been facing quite a sharp increase in the number of frauds. I have reported about that in the last RIPE meeting, but since it's such an important topic, it's something that's so serious I'm going to repeat the point again. So there is a number of bad actors trying to get hold of the resources either in the free pool or resources that belong to our organisations. And they are trying to do this either by providing fake passport copies, fabricated end user agreements, just to name a few.
In order to catch that, we have performed a number of investigations. And the number of investigations has been growing exponentially. If you look at this chart, you are going to see that the number of investigations we performed last year was around actual 133, more than double the amount of investigations that we performed the year before that in 2017, which was around 111. And this also impacts very heavily on our work load. And is not proportional to the amount of LIRs in that being investigated. The total amount of LIRs that have been investigated so far is less than 1%. Something like 0.75%. However, the impact that it generates in our work load just we estimate at around 10%. So we have like three FTEs working basically on just investigations and plus a lot of other people that are indirectly working with either investigations or if there are closures, and that also impacts other departments within the NCC, like legal, for example, and ER or comps, either in investigations or with the fallout of the closure.
A number of those investigations they end up in closures, so since 2014, we have closed 69 members, so there are more LIR accounts associated. These closures are basically geographically spread across the service region. Early this year, we had the closure of two big Russian members and that generated quite a lot of concerns within the Russian community that we might ‑‑ yeah, their fear is that we might close an account without any warning and due to a small innocent mistake. And I can rest everyone assured here that's not how we work. We have a very lengthy process with lots of checks and balances, so when we decide to close an account, that's something we take very seriously and we are absolutely sure on what you are doing.
And also, we are ‑‑ if you disagree with the decision, we have an arbiters' panel that can hold us accountable, and in this specific case, both members requested an arbitration against us and the arbiter ruled that we had followed the procedures correctly.
So this is all adding quite a heavy burden both on our workload, but also on you guys that you have to jump through a number of hoops in order to have your requests fulfilled. And that's a situation that nobody wants. So, Artina is going to talk in the next presentation specific about the process, but what I want to talk about now is the actions that we are taking in order to mitigate these issues.
One of the key things is trying to find the right balance between applying a stronger due diligence and the ease of doing business. I have reported in the last RIPE meeting back in Amsterdam that we're looking into a professional trust model to manage the risk that each operation has. So, every time someone submits a request for a transfer, for example, there is a certain risk there is a fraud involved in that. And of course you cannot know this upfront. So far, we have been leaning towards playing safe, so, we apply stronger due diligence as a default, and that's an unsustainable situation as I explained before.
So, instead, what we're looking at is into measuring the risk of a certain operation using a defined set of risk indicators and in the presence of those risk indicators, we apply stronger due diligence; and in the absence of those risk indicators, we apply lesser due diligence. In other words, we want to apply stronger due diligence in the right places.
More specifically, we have been looking to applying a trust model into policy transfers. We had a framework back in October last year that when I reported this in the Services Working Group, since then we have tasked this framework in two pilots. One in November last year and another one in February this year. Based on the input of those pilots we have made adjustments to the model, and now we have a model that we are confident that's going to add a lot of value to the process. This model is still pending legal review and it should be presented to the Board next month. And then after that, if you have the blessing of both, we are going to start using it.
Now I want to report on some of the actions we have been taking over the last few years actually on how to increase efficiency, and I have some good news here.
One thing we have been looking at is to streamline and automate as much as of the work as possible. We are mainly focussing on a resource holdership change, if you remember my previous slides, that's where the bulk of our work is. So it makes sense to target these processes. Back in October last year, we have deployed an automation for policy transfers, and I'm very happy to report on some significant improvements that we have measured using some KPIs.
So what you're looking at here is the number of tickets for policy transfers ‑‑ this is the green line, and you can see there is a spike at around the end of the year. And the blue line is basically the full resolution time, so it's the total amount of time that how we take between the moment of submission of a certain request to the moment that the request is completed. And you can see that back in November/December 2017, we were taking an average of 160 hours to complete those requests. Last month, in April, we took 20 hours. So it's like eight times faster. It's a significant improvement.
So how did we do that? Back in March 2018, we had deployed a new wizard for the policy transfers, and the main goal here was to try to capture as much of the information as possible from the moment of submission to minimise the back and forth in the communication, because we identified that a lot of the time is wasted there. And then as I explained before, in October last year, we had deployed the automation for the policy transfers, and that also helped quite a lot to improve our full resolution time. And I'm going to borrow the words from one of our colleagues in RIS, he said back in December when I had like a huge amount of tickets he said that you'd never be able to have completed so many tickets without this automation.
I want to change the topic a bit and talk about our ticketing system. This was a project I have actually personally worked on back in 2017. Back then we had a very old and very loved ticketing system that was developed in‑house in the late nineties that worked quite deeply in our procedures so it was quite hard to have it replaced. Back then we did a cost‑analysis comparing how much it would cost developing something in‑house versus buying something off‑the‑shelf. And it was way more expensive to develop something in‑house, like more than double the amount. So we decided to go for something off‑the‑shelf and after an exhaustive product selection we have selected for Zendesk. We didn't want any personal identification documents to end up in the Cloud so we developed an integration with our document management system. So all the documents are uploaded through the portal directly through our document management system that's hosted within the RIPE NCC. We had been paying attention to feedback from the community, either in the RIPE meetings or in the mailing lists, and we are aware about a number of issues with the ticketing system, namely one about some documents being shared with the people that are in a specific ticket when this integration with the document management system is not used. And the other one is about the lack of functionality in the portal, so we can see things like, for example, the ticket history, or which attachments you have uploaded to a certain ticket.
We have been working to address those issues. The first one we have been mitigating by manually removing all the attachments from the ticketing system and moving them through the document management system. We have been doing this since the issue has been reported, and we are currently working on an automated solution to automatically remove all the attachments as soon as they reach the ticketing system. This should be done more or less within a month. And we are currently planning some usability improvements like to see the ticket history and to be able to see which attachments you uploaded to a certain ticket directly in the portal. We are planning to do that at some point this year.
Now I want to talk about RPKI and router security.
We have been observing very strong growth in the RPKI uptake worldwide. There is enormous growth in the number of certificates created, in the number of ROAs, a number of organisations are deploying origin validation like AT&T, CloudFlare, AMS‑IX, DE‑CIX, just to name a few. And there is a very strong interest in the community with routing security and RPKI.
So, I want to reinforce that I want to maintain our focus in RPKI and our main goal is to provide a stable system in which the network operators can fully rely on. We want to do that by doing a number of actions like, for example, replacing our HSMs, the hardware secure modules, we are scaling and protecting our publication servers against potential attacks, and we are also rearchitecturing our applications, so they can run in multiple VMs and have more resilience.
We also acknowledge that it's very important to have a strong ecosystem with different implementations of RPKI validators like Alex mentioned in his presentation yesterday. It's important to have diversity of implementations. There are a number of people developing RPKI validators out there, but we are committing to providing a strong implementation that's data centre great, so that can be fully relied on by network operators.
We are aware of stability issues within the RPKI validator tree and we are working really hard to have it fixed as soon as possible.
And in the long run we are looking to requirements from the network operators and are going to discuss with the board next month and with the community in general about what are going to be our next steps.
So just to wrap up my presentation.
One of the main goals within operations is to provide a strong registry. We understand that having a strong registry is the foundation for things like routing security and RPKI. And that contributes to our vision together, let's shape the future of the Internet.
So I invite you all to join us in our efforts to provide this foundation for it to be a safe and open Internet.
Thank you very much and I now open the floor for questions.
(Applause)
KURTIS LINDQVIST: Questions?
ALEXANDER: Could you return to slide number 9. I want to explain maybe to general audience ‑‑
KURTIS LINDQVIST: Can I say one thing. Athina is going to address a little bit about this in her presentation, so, I'd like to suggest you take the discussion of closures until after Athina's presentation because she is going to provide some more background on this.
AUDIENCE SPEAKER: Okay. Just a reminder. Closed members was closed to Articles of Association, two times misleading information and your closed, but actually at the General Meeting in Moscow I asked the representatives of RIPE NCC a few more questions about such closures, not exactly this the one about all closures, it was about mostly about spirit. Because we can understand that an LIR could be created especially for providing misleading information, and the question was, I hope you can prepare this information until the end of Athina's presentation. These members, how many times they provided you misleading information? What is the percentage of this misleading information? Because maybe they talk to you of sponsoring links for thousands of customers, two times ‑‑ two times is one thing, two times of thousand times is another thing.
And another question which was asked, and actually Petter from RIPE NCC said it was a weakness when I was talking to representatives of communication. Another question which was asked: How many LIRs have provided misleading information at least once and now when they can be closed if such information will pass to them again?
KURTIS LINDQVIST: Athina says she is going to address this in her presentation so you will get this in the next presentation.
AUDIENCE SPEAKER: Okay, statistics about all this one. We see an article from Axel, it doesn't answer this questions.
KURTIS LINDQVIST: Hold this this until Athina presents it.
AUDIENCE SPEAKER: A little question. Filippe, could you confirm that all information which RIPE NCC provides outside to its member also is not misleading?
KURTIS LINDQVIST: No, we are not ‑‑ of course not, of course we're not doing that.
AUDIENCE SPEAKER: So you are closing LIRs because they are providing misleading information about but you can provide us with misleading information. Thank you.
AUDIENCE SPEAKER: Marco from the RIPE NCC. A comment online from Elvis, there is a couple of comments here, one question is, what are the steps that the RIPE NCC is taking to avoid the creation of stale data in the RIPE databases and, two, ensure compliance with GDPR specifically when a new LIR is created, a POP up shows the following wording: "The RIPE NCC requires this information so it can create the relevant RIPE database objects and the RIPE database mandate to pursue the RIPE community's legitimate interests." And then question one, why is the RIPE NCC creating RIPE database objects by overriding existing maintainers? Why doesn't it request the LIR to create objects upfront and take responsibility for those objects, right now the RIPE NCC uses an existing maintainer of RIPE ‑‑ objects ‑‑ that's published in the RIPE databases and maintained by the existing maintainer.
Second question, is why is the RIPE NCC forcing the creation and publication of version objects when I believe the wrote objects may be enough?
FELIPE SILVEIRA: I don't think I remember all the question. I forgot half of it. So, about the GDPR compliance. Yes, we are GDPR compliant and I think there will be a discussion tomorrow in the Database Working Group about it, about more specifically about the person objects. There was other question about ‑‑
AUDIENCE SPEAKER: Overriding of maintainers, creating objects by overriding the maintainer. SIM SIM I will follow up with you later on on this one, if you don't mind.
KURTIS LINDQVIST: Which can probably take it on the mailing list. Then Filippe can answer them, if it goes to the mailing list.
Ruediger Volk: Actually, the previous question shows we should have a look at how we can actually get the remote contributions on to this place, that shall much easier to digest and hear than going over the audio channel.
FELIPE SILVEIRA: One question at a time would be easier.
RUDIGER VOLK: That too, what I wanted to ask perhaps suggest is you were talking about the new ticketing system. The old ticketing system was designed and worked essentially for LIR interactions. It was not usable and helpful for reporting operational failures, software bugs and so on, and my question would be: Is the new system a good framework for actually adding a branch of the ticketing system for dealing with that kind of requirements? Because obviously there are software bugs. There are operational failures and so on, and they should be treated with a good ticketing system and transparency there.
FELIPE SILVEIRA: I completely agree with you there. And to be very honest, I don't think the current ticketing system is a good fit for software bugs. I think we need a different tooling there, because it's mainly internal. So if someone reports a bug today, we have visibility of that and we are going to a track about but that's not visible outside and what you want to have in the end is a system where someone reports and issue that's public so everybody can see that, we can provide and update, maybe say here is a serious issue that will take a long time to fix, we had a discussion about this earlier and I appreciate that you bring this point now and we are going to look into it. But it will be something outside the ticketing system. Thank you.
AUDIENCE SPEAKER: Bagdana fury. I want to say Filippe a lot of Russian LIRs feel themselves uncomfortable because of closure of Russian members. And especially LIRs who have a lot of sponsoring projects. We know we'll work with the RIPE NCC a lot and for years and we know that time to time a mistake could happen and we know a lot of mistakes from the RIPE NCC side. But, no LIRs want to take the risk with the sponsoring object, like in two cases above. So, if you close LIR, it doesn't solve the problem. And a point of view of a lot of LIRs I talk to, if some mistake happen, this mistake should be corrected.
KURTIS LINDQVIST: Let's hold the closure discussion ‑‑
FELIPE SILVEIRA: I will take this one. Just I want to enforce that we don't close accounts because of a simple mistake. We always give warnings, if it's a small mistake we are always going to give warnings and we are always going to tell you like, you are making a mistake. And there is a difference between making a mistake and submitting falsified information. Someone submits a fake passport copy, I don't believe that's a mistake. I am sorry, it's not a mistake. Someone has to have done this on purpose. Any case, we do have a lot of checks and balances within our process to make sure that this can be a mistake, an innocent mistake, like a fat finger or there is something else behind it.
AUDIENCE SPEAKER: But why did you change in the document multiple violations to single violation?
KURTIS LINDQVIST: Let's take that discussion until Athina's presentation so she is going to go through all this. Let's take the closure discussion after Athina's presentation. So no more closure questions right now, please. Any other topics?
MARCO HOGEWONING: Clarification on behalf of Elvis. The question to the point was the RIPE NCC creates person objects in the RIPE database for each LIR. Why is it creating person objects and not Perl objects? R
FELIPE SILVEIRA: Let's have the discussion in the Database Working Group tomorrow.
AUDIENCE SPEAKER: Mikhail nail on from BlackKnight. I'm not going to talk about the closures, don't worry.
A couple of things, first off, I thought the presentation was really fascinating both yours and Axel's previously was very interesting and enlightening, for someone like me who doesn't come to RIPE meetings that often but does rely on the services you provide. Just a couple of things. On the more kind of met an issue around fraud, I am glad you're doing work on this. I applaud that. Keep it up. Because I think if that isn't done, then we're all screwed, because ultimately the entire system works on trust and if that trust is not throughout the entire system we're all doomed.
On the choice of your help desk software, I applaud you again for taking a pragmatic approach. It makes perfect sense. My own company, we have done the same thing. And I mean some of the issues you are having around other systems, I mean feel free to ping me or someone else who uses it. There is a lot of ways to get it it talk to other ISPs. Thanks.
AUDIENCE SPEAKER: Just a quick clarification, we talk about this fraud. I think it's very important to understand from the legal perspective it may not be the LIR that broke the law and provided falsified information, but the end customer. Many people can falsify legitimate looking documents with just a change of a letter. Maybe RIPE just keep in mind which entities I'm talking about, say peer resource holders had provided this falsified information and keep that because if you want to do the full KYC you really want to go under, I mean at the final party, let me refer you the to the recent ARIN case that went after certain structures, so that means that I do applaud your efforts but keep in mind that LIR may not necessarily willingly provide you with false information. They may have been lied to themselves. And if they do correct the mistake quickly she shouldn't be punished for that.
FELIPE SILVEIRA: Athina is going to address exactly this point in her presentation.
AUDIENCE SPEAKER: Marco from the RIPE NCC again, a comment online from Mark Vee. Regarding the transfer of resources into a merger, it's become too bureaucratic. The question is can we please change the procedure to allow the transfer when the resources will be out of two years halt and the yearly membership fee has been paid?
FELIPE SILVEIRA: Okay, I will take that into account.
KURTIS LINDQVIST: Okay. Thank you very much.
(Applause)
KURT LINDQVIST: So next up is Athina to present the due diligence the NCC does and talk a lot about the issues.
ATHINA FRAGKOULI: Hello everyone, I am Athina from the RIPE NCC, and I'm going to touch upon a couple of things that were brought up.
I'm going to talk though in general about our due diligence efforts, and well the reason why we have this presentation at that point is, well, because the last, I must say ten years, at least as long as I have been in the RIPE NCC, we have been improving our due diligence a lot. Why? Because we have seen many fraudulent cases. We have seen that people are trying to claim holdership of resources under false pretences, they are trying to become members with fake documents and get assignments. So, through this due diligence, process will improve, we want to help and protect the legitimate resource holders every time.
Now, lately, of course, we have many questions and comments in the mailing list, but this was just an example. Like, we are asking for too many documents, we're very bureaucratic or some members are wondering well I can do that under my local legislation, why I cannot do this with the RIPE NCC? Why are they so difficult? Even is the RIPE NCC recognises organisations that are in areas under the ‑‑ so, does the RIPE NCC have a say in geopolitical discussions?
So, this is the reason why we say okay, let's bring everything up, let's discuss how we are doing due diligence and why.
We cannot have this conversation without first understanding what our responsibilities are as the RIPE NCC. The RIPE NCC has a mandate to maintain an accurate registry; to know who is the holder of the resources at all times; and to have an accurate record of the chain of custody every time of the resource holdership. And we also have the mandate to enforce and implement the RIPE policies. So we need to have agreements with the resource holders that they will comply with the RIPE policies, otherwise what's the point of having policies. And in this agreement to have like the rights and liabilities clearly stated.
So it's important that we have valid contracts with the resource holders, and therefore, due diligence checks are very important.
Due diligence checks happen before the signing of the contract. This is one category where we want to make sure we want to make sure who we are signing the contract with, who is actually the holder of the resources, so that we know who has the rights and liabilities. And also, especially when we talk about ‑‑ when the holder is a company, is a legal person, who are we talking to? Who is the authorised representative for this organisation?
After the contract is signed, we may receive requests for updates. So, we will only comply with such requests for updates when we have enough proof of these updates. It's important that we know, we understand, we have proof who is the legitimate successor of the resources, and that the agreements that we have with the holder are valid at all times.
Because, again, we must make sure that the resources are registered with a legitimate holder and that the liabilities and the obligations from the RIPE policies are enforceable. This is part of our mandate.
It sounds simple. It is not. Why? Because we have a huge service region that goes beyond Europe and we have to deal with different customs, different legal frameworks and at the same time we have to be neutral towards all of our members, so cannot apply different rules to members from different countries. And let's go into specifics every time.
So we said due diligence before the signing of the contract. We need to have proof that the person we have a contract with exists. If we're dealing with a legal person, we ask for registration papers. If we're dealing with a natural person we ask for identificaiton papers. Now with legal persons, with we want to double check that this registration documents are indeed valid. This is difficult, because not all countries have online registries. And even if they do have online registries, they may have a disclaimer saying, well, this is for your information only and you shouldn't take decisions based on this information. And as we said before, we have some organisations that are located in areas under dispute. What kind of registration documents are we going to check at this point?
And when we're talking about identification purpose of natural persons, again we do have challenges, because not all countries have the same standardisation of IDs, so it's very difficult to spot if something is fake or not. And also, different countries have different means of identification, we should take this into account as well.
And we also face this question again and again about partnerships that are not legal persons. Now, we have difficulty with entering into an agreement with such partnerships because there aren't any standard rules regarding their liability, as it is the case with Thatcher or legal persons. So that's why we don't want to take this risk and enter into agreement with an entity we don't know if they will be liable in the end and comply with the policies.
Also, the presentation. We always must make sure that we talk to the person that is authorised to talk on behalf of the member. And that's not always straightforward, because there is no clear chain of authorisation, and also online registries or registries in particular don't give information about that.
Now, updates of the registry, this is actually ‑‑ this takes a lot of time for us. It is very challenging many times to establish that the successor, the legitimate successor of the resources, because when you have a situation of merger acquisitions, liquidation, bankruptcy, you always have to take into account the national legislation every time of the member, and we had many cases where within the member there were disputes between the partners or the liquidator and the director over who is the one that has the authority to request this and that from us.
On top of everything else, we're always the last to know when there is a change in a business structure. We are only informed maybe years after this change took place, and it's very challenging to get all the paperwork that gives this proof that gives the chain of authorisation and establishes the successor. And we see many, many fraud attempts. People really try to fake documents in order to claim the holdership of the resources.
How do we handle these challenges? It is very difficult to give ‑‑ to have like a how‑to book and rules, because every case is unique. We cannot make big rules about it. But, we do have principles which we adhere to every time.
First of all, it is our responsibility to perform due diligence. We must do that. We are an authority, a legitimate and accountable authority, we must perform due diligence.
We do deliver services to everyone, but we also have legal obligations as an organisation, under Dutch law. We do not deny services for political reasons to everyone. But, if we are obliged under national legislation to comply with sanctions, then we have to comply with the sanctions.
We have one set of rules for everyone. Yes, we understand that members have their own national law obligations, but with we do not have the obligation to comply with every single national legislation. We try to keep a balance between performing due diligence, being bureaucratic and being neutral. So, this is a very delicate balance to handle, but how we do it is that we are asking everyone the same minimum set of documents for the same request. Only if we have doubts, then we ask for more.
And as an organisation, we want to limit our liability. If there is no proof, if there is no evidence, it's too risky to perform the updates or to accept the requests. We don't take sides. If there are disputes between the liquidator or the managing director or between the partners, we're not involved with that. They should solve this themselves and then come to us with a resolution and we will follow up. If there is a dispute in court, we're not going to update anything until we have either a final ruling or a settlement. And if there is a national court ruling, this will be part of our evaluation, as any national authority document. We will take this into account.
And in the end, we must maintain and accurate registry and implement the RIPE policies and members have their own obligations under this policies, so they must also comply with their obligations.
And now the closure bit. We have many reasons why an SSA can be terminated. The member can terminate at any time for any reason, but we have certain reasons that are well defined. I don't expect you to read them, but this is the article, the relevant article of the SSA 9.4. We are focussing here. "The RIPE NCC has the right to terminate the SSA with immediate effect if the member provides the NCC with falsified or misleading data, or with repeatedly incorrect data."
This whole discussion is about the first bit, the falsified or misleading data. And here, we have two categories, two main categories. And the first category we have the provision of falsified and misleading data from the member about the member itself, and in the other category, we have the provision of falsified information from the member, but about a third‑party. Now, the first category, well, it's when actually a member provides their own information, their own ID, their own registration papers and so on. Well, they should know it's fake, it's their own data, and this will result in closure, this is very straightforward for us.
Now, the other bit. This is more complicated. If a member provides falsified documents on behalf of an end user, for example. That's more complicated. So let's focus on that.
In that case, even in that case we believe that the member has the obligation to provide us with correct and true information in any time. So, we expect from them to perform some basic due diligence and have some unfettered process about any documents they submit to us before they submit them to us; they should know who are their customers, who they are dealing with. However, we understand, yes, mistakes can happen, and yes, some fraud can be very sophisticated, and a member might miss it. This is fair enough. So in this case, if we realise that a member provided to us a fake information, we flag this to the member and we remind them of their responsibilities. This is what we do every time.
But if this is a pattern ‑‑ we're not talking about like mistakes. You can tell like if this becomes a pattern, then the member doesn't comply with their obligations. And for us, it doesn't matter if this is like ‑‑ we don't care about the intent, either if it's ‑‑ if it's deliberate or if it's just a negligence, because it's a negligence if it happens ‑‑ if a mistake happens all the time, it's a gross negligence, then it is a violation. If we accept that, we will undermine the accuracy of the registry. So, yes, it is important that there is a vetting process when the members provide third‑party information.
Finally, the RIPE NCC is the registry and it serves the member. We have no interest in closing down members for mistakes. We don't want to punish members. And in the end, all this due diligence checks are for the benefit of the resource holders, of the legitimate resource holders, and it's for the benefit of the RIPE community because we respect the RIPE policies and their enforcement. Otherwise, they are just an empty piece of paper. And in the end we want to remain an accountable and legitimate authority. And with that, I'm ready for your questions.
(Applause)
AUDIENCE SPEAKER: Alexander: Okay, now do we have time for discussion? So, I will repeat my questions which I asked again a month ago at regional meeting. You provided a number of closed LIRs, Mr. Pawlik in his article provided a number of closed LIRs for misleading information. Simple question, how many of them were providing misleading information about themselves and how many were providing misleading information provided by third parties?
ATHINA FRAGKOULI: I don't have these numbers right now.
AUDIENCE SPEAKER: Again to your community and members, one month ago RIPE NCC staff was asked in Russian and in English in the witness of board member such simple question. We do not have answer. Another question, which was asked at the time, you just said when mistakes can happen, but it's really bad when mistakes becomes a trend and tradition and whatever else. The same thing: What was the rate of mistakes for this, or two arbitrated parties? Because maybe yes you closed four LIRs and just two of them was arbitrating. Again, I want to make a little clarification for the audience, one of two closed a repute LIRs, well known company, known for independent company, known for 20 years, and well Russian community will raise this question again and again, because it looks like, well, Imagine that NLnet Labs will be closed in Netherlands you'll be really, really wondering what happened.
So, again, another question: It's a simple question, it may be answerable, but you are still not answering such simple questions, maybe something wrong, yes, I confirm I can read all documents, official documents, even I tried to translate it myself from Dutch. You are right, you have right to close members in this case because two times they provided misleading information, at least two times. And another one they provided just two times, yes. Two times, in two‑year frame, we had this information from a member, but we do not have any comments from RIPE NCC on this.
ATHINA FRAGKOULI: Okay. It is true that when we talk about specific cases that are upon us, let's say ‑‑ we do not ‑‑ we are not very vocal about the details of the case because we have a confidentiality clause ‑‑ hang on ‑‑ however, this case went ‑‑ both of these cases went for arbitration. The arbiter's ruling, a summary of the arbiter's ruling is online. In both cases the arbiters, in their ruling, they say the RIPE NCC has reminded them multiple times of their obligations.
AUDIENCE SPEAKER: Two times is multiple?
ATHINA FRAGKOULI: So the arbitration ruling doesn't say two times.
AUDIENCE SPEAKER: It says multiple. Two times can also be multiple. They are no longer LIRs
KURTIS LINDQVIST: Let Athina finish answering your first question before starting this one.
AUDIENCE SPEAKER: As RIPE Chair I'd like to intervene because I do not think it's fair to discuss concrete cases for members. I would really hate it if you started to address concrete cases between me and the RIPE NCC, me as an LIR, and that is not a public matter. Giving detailed statistics on specific cases that's something I that would regard as being confidential in that case.
In this case there are two arbitrations, and there is information in those, and I think we should leave it at that.
Now, should the RIPE NCC provide more statistics in this area? That's a good question. But having that request just from you as a member and requiring the RIPE NCC to respond to all your requests, that's not necessarily something that you can repeat and repeat and repeat because if you get true data information, you will reveal details about the cases. I mean if you have the statistics of two cases, you can't really give statistics here. So I think we need to be very careful about how we deal with these cases. Is what is presented here trustworthy? Do we believe in that? If not we need to ask the RIPE NCC Executive Board to address this.
AUDIENCE SPEAKER: Thank you very much Hans Petter for reminding me of that.
KURTIS LINDQVIST: I want to add something. I want to remind you something about one thing. We are here to discuss the processes of the NCCs and the services they provide.
In these two cases there was an arbitration, which is according to the processes that we have, and they upheld the decision by the NCC. Now we can have an opinion on whether the arbitration is up for appeal or not. The purpose here is not to be a second court above the arbitration. So let's ‑‑ again we're not here to over approve the ruling of the arbiters. So we can have a discussion ‑‑ we can have a discussion about the process Athina just presented and whether we can improve that or do it differently or what we want it to be, that's what we're here for. We're not here to try and second guess the arbitration.
AUDIENCE SPEAKER: Thank you.
ATHINA FRAGKOULI: Thank you, Alexander.
AUDIENCE SPEAKER: Bogdana. I want to tell you the point of view from the LIR's side. We tried to manage with the sponsoring objects and we want to have the complete list what kind of checks should we do, because LIRs, they are quite small than the RIPE NCC, you have a lot of lawyers, you have a lot of representatives from different countries. But usually LIRs they don't have such power to do a lot of checks. Of course we try to do checks as much as possible, but there are situations when it's not possible to check completely because in cases when we try to work on the Internet national market, we not have like possibilities to conduct, let's say, a law enforcement from other countries like RIPE NCC has.
So point of view from LIRs is that we get the documents from the customers, and we send them to RIPE, and RIPE NCC checks this, and it's okay or not okay, yeah, so we tried to ‑‑ we are doing some part of the job of the RIPE NCC, for sponsoring objects. And we don't want to have a lot of risks.
ATHINA FRAGKOULI: I get that. I think if you are having a contract with someone, you should know who that person is. This is one thing we expect from you.
And a second thing is that any documents this person forwards and you forward these documents to us, must be true and correct. I think this is something that you can do if you want ‑‑ it's part of your business. I don't think, we don't ask for anything sophisticated. We don't have any liaisons with Interpol or anything like that. We do also very simple checks.
AUDIENCE SPEAKER: Okay. That's one question. You mentioned in your presentation that you have to comply with sanctions. Can you give some maybe examples of when you have to do this?
ATHINA FRAGKOULI: Yeah, definitely. In general, there are two types of sanctions. Some sanctions are about services. We're not supposed to ‑‑ like, in general, like they restrict companies in the area in Europe or in the Netherlands to provide specific services. The other type of sanctions is the restriction of organisations to provide services to specific legal entities or natural persons.
Now, the first type of sanctions have nothing to do with us. Our services are not part of any of the sanction services.
The second bit, it has happened that, yes, we had some membership obligations from people that were listed in the sanctions. It has happened, I don't know how many times, but yes, this is ‑‑ the sanctions were complied with.
AUDIENCE SPEAKER: Marco, I am actually here on behalf of three people. I'll take them one by one. The first question ‑‑ I will return back ‑‑ the first question on behalf of Sacha lack is: Which law is the RIPE NCC constituted as an authority as stated on the slide?
ATHINA FRAGKOULI: The authority of the RIPE community.
AUDIENCE SPEAKER: Sergei, talking in my personal capacity. You said there is ‑‑ there are two types of sanctions. And the sanctions restriction providing services to specific area is not related to the RIPE NCC.
So, may I ask you, there is strictly ‑‑ well, there is probably no need to provide any services or goods or technical help in area of transport to telecommunications, energy whatever else, that the direct ‑‑ this is something by the Europe commission, how do you try to avoid the criminal prosecution in this field.
ATHINA FRAGKOULI: I reiterate we do not fall under the scope of any sanctions at the moment. I assure you we do not.
AUDIENCE SPEAKER: I asked the competitive authority in my country, and the Minister of Finance whether a specific LIR can provide a service ‑‑ well, the typical registration services providing let's say peer registration or PA region or something like that I got a definite answer, it will be violation of sanction regime. Have you heard about this?
ATHINA FRAGKOULI: Is this about sanctions that your country impose?
AUDIENCE SPEAKER: It's EU sanctions.
ATHINA FRAGKOULI: EU sanctions right now do not cover our services. They don't. And we have asked our authorities.
AUDIENCE SPEAKER: Okay. So we have different opinions of the authorities within the EU. Okay. Thank you.
MARCO HOGEWONING: This time Elvis from V 4 escroe, first of all statement: I believe the RIPE NCC should provide more statistics on number of fraud attempts reports to LEAs, arbitrations and the reasons for close users.
And he then comes back with the question: Will the RIPE NCC close any LIR that provides the RIPE NCC documentation from an end user that later is proven to be falsified by the end user?
ATHINA FRAGKOULI: Excuse me, so if the end user themselves says oh, I submitted falsified information, is that the case we're talking about?
MARCO HOGEWONING: I don't know. I am kind of waiting for Elvis to come back.
ATHINA FRAGKOULI: In general, it's very difficult to now talk about imaginary cases and scenarios, we can talk about tomorrow about that. It would be good if we had a particular case and the merits of it. Because every case we evaluate it and we investigate it and on its own merits and this is a serious and ‑‑ serious work and it takes a lot of time. So it's very difficult. I would refrain from giving answers like that.
KURTIS LINDQVIST: I think I maybe understood the question is: If the LIR contacts you and discloses that information was fraudulent, how do you deal with that? Is that counted towards them?
ATHINA FRAGKOULI: Again every case we handle differently. It has happened, of course, that the LIRs realises they submitted fraudulent information and then they tell us, yes. It has happened.
AUDIENCE SPEAKER: The question about I asked already, about the document change from multiple violations to single violation. Could you please explain this?
ATHINA FRAGKOULI: Yes. The document that changed was a procedural document that explained ‑‑ that was referring to the standard service agreement to the article I showed you. The article didn't change. But the procedure had a mistake. So we changed this mistake in the procedure. The standard service agreement was always like that.
MARCO HOGEWONING: The third question is on behalf of Yvonne from OSnet. If you have reviewed the possibility to move the arbitration procedure to respectful bodies such, for example, the international UDRIP and not some arbiters physical persons? Thank you.
ATHINA FRAGKOULI: Right now, this is ‑‑ yes of course we have... we are reviewing, we are evaluating the arbitration procedure every time. Right now, this is the process. It is approved by the GM. The arbiters are also approved by the GM. If we see the need with the arbiters of changing this, we will bring it forward to the GM.
AUDIENCE SPEAKER: I have such kind of a question. Who is responsible to update the documents to the RIPE? One time we provide, for example, the agreement with the end user and we are the sponsor clear for them. But maybe after two or three months, they close and we don't know about it. It means that we provide to you false information at the moment when you will do the check for our ‑‑
ATHINA FRAGKOULI: No, no, if it's true, the information at the time you provide it, it's true at the time you provide it. If the situation has changed, that doesn't make the document fake.
AUDIENCE SPEAKER: Okay. How often this information should be updated because we provide it one time and it is not updated any more?
ATHINA FRAGKOULI: There is a procedure about it. And I can point you to it.
AUDIENCE SPEAKER: Okay. Thank you.
KURTIS LINDQVIST: Okay. Thank you very much Athina.
(Applause)
Next is Fergal with the NCC survey.
FERGAL CUNNINGHAM: I am Fergal from the RIPE NCC and I'm here to talk about a very important project that we're doing this year. And it's the RIPE NCC survey 2019. Now, we obviously have many ways that we get feedback from our members, from the community. We have meetings like these where we talk to you. We have member lunches, we have other events. We have training courses, and lots of online interaction with you.
But this survey that we do every three years is by far the biggest reach in terms of getting feedback from people. And it delivers reclear input because we get statistical information and very clear direct answers to the questions that we ask. So we find it very useful.
The goal of this survey. We want to find out how we can do better as the RIPE NCC, how we can do better as an organisation. And also, how we can improve specific services and activities that we provide for you. The results of these surveys are also tremendously useful in guiding the RIPE NCC in letting the board and management know what do our members think? What does the community think, and where we need to be moving in the next few years.
This is the last big survey that we are going to do before IPv4 runout probably, so getting this information at this time it's going to be really useful for the RIPE NCC.
And also, because we get a lot of input from people that we don't normally hear from, there are issues all across our service region that we think the NCC should know about it. If there is things happening in your community or in your industry, we'd really like to know what that is, so that we can see if we can help, if we can help you to connect with people who can help you.
So three years ago, we did the 2016 survey. We had well over 4,000 respondents from well over 100 countries, and in terms of participation with with things that the RIPE NCC does, this is quite huge. We came up with 40 key findings. We investigated all of them, and we acted where we could. All of these actions are documented and published. We are very transparent with the survey, and in fact, we publish all the statistics, all the comments, everything to do with the survey is published so we're fully transparent and you can read it all for yourself. And many of the improvements we have made as an organisation in the last three years, they have come directly as a result of this survey.
So you might have heard that the membership is growing. I think every presentation from the NCC mentions that in one way or another. In 2016, we had over 13,000 members and now we have around 20,000, which is quite an increase. So, this year we're really keen to hear from all those members who have joined since our last survey; what are they experiencing as members of the RIPE NCC and how can we help them? But we also have 14,000 more established members, and it's hugely important for us to hear what you think because you have seen the NCC change over the years, you have seen how we have grown, you have seen how our services have changed and you have some insight into whether that's been good or bad, and we'd like to hear that.
And the last thing we want to hear from everybody else. I mean, our membership is important, but we try to serve the RIPE community, the wider Internet community, we have members outside our service region, we have people, lots of people here from ‑‑ who are not members from outside our service region and we want to hear from you too.
So, yes, to every survey we do like this, we use a third‑party, and we do this for two main reasons: That's so you can be assured that your responses won't be tied to you and that the RIPE NCC won't know who is saying what, so you can be very honest if you want. And it's also to ensure that there is no bias in the analysis of those results. We feel that's very important.
This year we have a new survey company who is carrying out the survey on our behalf. They are called Survey Matters, and they carried out APNIC's surveys in 2016 and 2018, which we found very useful. When we were working with them we didn't have to explain the industry or terminology, they were already up and running on all these matters, which was very useful and when they are analysing the results, they'll know what they are reading. So they also specialise in doing surveys for membership organisations, which is obviously very appropriate for us. And before we engaged them, we asked them to ensure that they were GDPR compliant and they managed to do that, which is great.
This is something that will probably please you. The 2019 survey is much much much much shorter than in previous years. I still can't believe we did 91 questions in 2013. I am flabbergasted. We have 37 questions, but most people won't have to answer even close to 37 questions because there is logic and you skip from one section to another, it will be much less than that. So we really think it will take about ten minutes to do the survey. If you are very opinionated and you want to tell us a lot about what we're doing, we have free text questions all thru the survey so you can speak at length and go into great detail and we're very happy to get that.
Here is another new thing for 2019, which has been requested a lot in previous surveys, is languages. So Survey Matters did this for APNIC. They gave them the option to translate the survey and they saw a great uptake in those countries where those languages were spoken. These are the eight that we have chosen. And these are the people who did the translation. This is very much a best effort basis on behalf of the RIPE NCC. These are all staff members nearly, we have 13 staff here and one of our board members who translated into Polish, thank you very much, and a big thank you to all the staff. It's a lot of work to do this translation stuff and they took it on themselves to do this aside from regular duties. The translation of thank you was my work so don't let that be a reflection of the work of our staff in translating this.
This is not new. But we do promise to act on the findings of the survey. We're going to put a detailed findings document on the website. We'll make sure they are all investigated and acted upon and if we're not able to act upon it, we'll explain why we're not able to act upon it. So all our results there be will be reported back to you. So that's what we have done.
Now I'm going to move to what you can do with the survey.
As I say it's open to absolutely everyone. We often get questions whether more than one person in an organisation should fill out the survey. And we say please do. In fact, tell your colleagues about it, if they are involved in operations or the Internet in any way, let them know about it. So, I'm going to apologise in advance for the mails you are going to see over the next month, but I ask you please share that link with people in your communities, in your networks, in your companies, retweet the tweets, share the Facebook posts, do whatever you can to get the word around.
So we're going to launch this Friday at the Closing Plenary and it's going to stay open until the end of June, 23:59 UTC in case you are interested. And we know you are all going to do your part and take the survey for the good of the Internet, but as an added incentive we are going to be giving five iPads away during the course of the survey. We'll give one every week, so if you take the survey early you'll have five chances to win an iPad. And so on. I suggest if you have time in the airport on the way home, maybe you want to do it then.
And that's it. This is where the survey will be, it will be open from eleven o'clock on Friday, and I really do encourage you to take part and because we publish all these results, it's going to give you insight if you want to go in there, if you want to see what people in your country or your community are saying, you can go in there and check that out. You don't need to wait for the NCC to look at this and I hope you find it all very interesting. Thank you very much. And if you have questions, I am happy to answer them.
(Applause)
AUDIENCE SPEAKER: Peter Koch, it's more a request than a question. Whenever I fill out these surveys I like to sneak what the next question is and when that is not available I fill out a fake response and so on and so forth. So to avoid that, it would be great if you could make all the questions available in advance in the survey if the survey software allows that.
FERGAL CUNNINGHAM: The software does allow you to go back to previous questions and change your answers if you prefer. So you can go right the way to the end of the survey and until you hit "complete" at the end, you can go right back to the start and see what's ahead.
PETER KOCH: Okay. Thank you.
RUDIGER VOLK: And ‑‑
AUDIENCE SPEAKER: Julian. One important question. Which end of the iPad are you giving away? Which version of the iPad are you giving away?
FERGAL CUNNINGHAM: I know it's grey. It's just ‑‑ not cellular, it's just Wi‑Fi and it's 128 gigs. That's it and it's great. Yeah.
AUDIENCE SPEAKER: Are you translating the comments back from every language in English?
FERGAL CUNNINGHAM: This is the first time we're doing it and we're willing to look at what we get back. There was quite a lot of work translating 37 questions. If we get tens of thousands of open comments back, we'll need to see how we can do that in the time given that we need to come back to Rotterdam next time and present. But that's something we'd certainly like to do.
AUDIENCE SPEAKER: Perhaps could you call for some more translators for this?
FERGAL CUNNINGHAM: If I ask again inside the company I might be in trouble but we can definitely look at that. We are still trying to figure out what we will do there. It might be a very simple Google translation if we do it
RUDIGER VOLK: Hanging on on Peter's requests, actually it would also be nice to collect one's answers when one submits. The last time they were essentially gone unless you collected 20 screen shots.
FERGAL CUNNINGHAM: I was actually going to suggest you screen shot ‑‑ sorry, Ruediger, but you won't be able to download your answers individually, I am sorry.
AUDIENCE SPEAKER: Lars Lehmann. Promise me that none of these question is how does X match your expectations of ‑‑ because you have no idea what my expectations are.
FERGAL CUNNINGHAM: I am mentally running through the survey but I am pretty sure we don't ask that.
(Applause)
KURTIS LINDQVIST: We have got 20 minutes to the GM, next is Sergei with the ten years of 2007‑01. For those of you who don't get starting something 2007 is ten years later he will explain that.
Sergei: I would like to tell you about ten years of my observations on how the due diligence was implemented in the RIPE NCC. I will refer to the document called 2007‑01. So, my history started in 2007 when the policy proposal was submitted. This policy proposal was about the for provider independent assignments and the discussion was held in the Address Policy Working Group and after a consensus the RIPE NCC has started to implement the policy in March 2019. So, it's exactly ten years of this policy.
So, the idea of the proposal was to set up the clear rules on how the IP assignments data in the RIPE database and to have a contractual obligation on ‑‑ between the PI assignment holder and LIR or directly with the RIPE NCC.
And of course, the RIPE database data should be improved. That's ‑‑ well, I hope it was the main goal.
And at the same point, the feed was introduced. A lot of people didn't understand the daemon for the fees and it was a long discussion.
But the contractual requirements were set. And the sponsoring LIR was responsible for the relationship between ‑‑ with the path holder and keeping the database records up to date. The exists PI holders have to be conducted by the RIPE NCC in 2009 and informed about the requirement to to sign a contract with a sponsoring LIR. So, there were about 25,000 of such assignments, and today, we can see that most of PIs are registered in Russia, in Germany, Poland, Ukraine and the United Kingdom. So, the implementation of 2007‑01, didn't solve the problem of the IP hijacking, but allowed the NCC to manage the IP space with the rules that have been set up.
This is an overview from my point of course what was changed since this time. The quality of the database, by the way, is still not ideal, but it's improving. And then I can ‑‑ I would like to tell a bit about the IP hijacking.
Since the IPv4 addresses are considered as a good, there are attempts to steal the addresses and the people who are stealing the IPs is doing it through the RIPE NCC by submitting them with falsified documents, transfer agreements or just by company they cover. The documents can be ID cards, passport, certificates or trade register extracts. But, personally I don't have ‑‑ I have a feeling that PI networks hijacking does not correlate with the obligations set by 2007‑01.
In the years 2009 to 2010, my company had done a big amount of a paperwork with the PI holders. It was hundreds of contracts need to be sent to the RIPE NCC. And it was predicted and the NCC was allocating resources. I mean, technical or human resources for this work.
But after this was done, we didn't do this again. But the RIPE NCC was forced to continue this work just because transfers were implemented and all the documents have to be checked. With some audits, and difficult transfer or change in the ownership of the networks, I heard different things about how the new rules are working. So, it's more or less clear that the sponsoring LIR is responsible for the data. But it's also true that LIR can be cheated as well as the RIPE NCC.
You never know who is actually signing the contract, either sponsor contract or the SSA implementation of the RIPE NCC. There is a possibility to register exactly the same name company with the same legal address in some countries like my home country Russia. And if you are running an LIR as a registry, not a customer of the IP space, there is always a chance that you will make the mistake by providing untruthful information to RIPE NCC.
RIPE NCC can punish you by terminating your membership of course. But, to be sure what is untruthful information or else falsified document, I prepared a picture. So here it is.
This is a forged Israeli passport obtained in Argentina by border police. How can I recognise this forged document? Can you any one of you find a mistake in the English text? "Expire" correct. There is only one typo, and I will not find it very quickly when I have a look at this passport. I'm not a document expert, and I cannot easily recognise the fraud. What I can do is to report the local police every time I face such document. I also cannot read Greek or Georgian or Armenian alphabet for example, but does it mean I cannot provide a registered service in these countries? Well, I also cannot be certain if the service agreement is signed ‑‑ well, I mean the SSA is signed by the general manager of the RIPE NCC, and actually it's not signed, and some of my customers were thinking that all that actions are a simple enforcement of the PI holders to become an LIR or stop using them at all. Thank you to the world hidden government, I am convinced that there should be a faster and simpler way to do so.
With all that stuff, I would like to remind that LIR is, by definition, a registry, not a customer of the RIPE NCC. And I know cases when the bet people were presenting forged documents with the RIPE NCC without serious consequences. But for the member, it's always a risk to be punished because the SSA ‑‑ because of the SSA violation even if LIR acts in a good faith. The RIPE NCC will not dissolve if they will provide services to non‑registered companies, but the LIR membership probably will be terminated. And the definition of the falsified data is just mission. Let's say the document was signed with the power of attorney, when you learn that the power of attorney was withdrawn, or the SSA or the sponsoring contractor or the transfer contract isn't signed by CEO, but the person who is authorised to sign the document, and the RIPE NCC probably will not accept and not recognise the signature.
And even if the member was warned not to submit the misleading document to the RIPE NCC, there is no statute of limitations after this warning that will, like, forgive your mistake.
There is always a chance to go for arbitration. But during 15 years of the arbiters existing, there are no arbitration rulings made in the favour of members. Zero. All the arbitrations were confirmed that the RIPE NCC is doing very well.
So, I'm almost finished. The arbiters said that the sponsoring LIR should be a certain, whether the information is correct. I'm just thinking ‑‑ I think that this is not a serious approach, but this is like a liability shift. The RIPE NCC will not be liable for its member but the member will take all the responsibility of its action.
This unpredictability makes people nervous and losing the faith that the RIPE NCC is really for members not for governments, not for law enforcements and maybe not for their own careers.
So, if you think there is a solution can be suitable for everyone, please go to mic. Thank you.
(Applause)
AUDIENCE SPEAKER: Bogdana. Sergei, what do you think, how RIPE NCC should change its own procedures for checking this object so it will be comfortable for most LIRs who has sponsored objects, in your opinion?
AUDIENCE SPEAKER: I don't think they should cancel the checks. The checks should be implemented, but consequences should be different maybe.
AUDIENCE SPEAKER: I see from your presentation and I support there are a lot of situations where we are ‑‑ we can't be sure in our customers, so this is a risk for all LIRs.
SERGEY MYASOEDOV: : Maybe.
KURTIS LINDQVIST: I think next is Nick.
NICK HILLIARD: Okay. Ten years on it's interesting to see what some of the consequences are, and these consequences were not obvious when writing the policy proposal. The conclusion that you draw on this slide here, I'm very concerned about because it's suffers from exactly the same problems that you defined in the previous slide. One of which is that the term isn't defined, so I think you need to be very careful before recommending a conclusion like this. You need to be very careful about adding in a term like "Deliberate" because that puts the onus on the RIPE NCC to ascribe the intent, and proving intent is something which is very difficult I'm not saying this is a right or a wrong thing to do but just pointing out that it changes the balance of the determination of fraud to be very different to what it is at the moment.
SERGEY MYASOEDOV: Thank you, but may I ask you, what do you think is more important? The ‑‑ if the members are convinced the RIPE NCC is doing the right thing, or do you keep the by‑laws in the same state as right now?
NICK HILLIARD: I think that some of the ‑‑ I have just read through the arbitration cases recently. If the organisations who were the subject of the arbitration cases have a difficulty with the outcome of the arbitration cases, then they should take this up with the legal court system in the Netherlands.
SERGEY MYASOEDOV: Yeah, but there are 19 arbitration rulings by now, and zero in favour of member. I'm fine with the proposal to go and have ruling from the judge, but I don't like the arbitration cannot be solved in the favour of the member and I don't think this is justice.
NICK HILLIARD: It's a very difficult situation to resolve. Because none of us has access to the full details of any of the cases. The only people who have access to that are the RIPE NCC and the arbitration panel. We see the outcome of the sausage factory, but we don't see what goes into it, and without actually having a full visibility of everything that's happened, it's impossible to make an assessment about whether these are reasonable cases or not.
So, we can conclude that because there is 100% agreement by the arbitration panel in terms of what the RIPE NCC is doing, that either the RIPE NCC and the arbitration panel have something very badly messed up, and the arbitration panel is effectively agreeing with everything that the RIPE NCC is doing for whatever reasons they are doing, or alternatively the RIPE NCC is actually doing a pretty good job and simply that the arbitration panel agrees that the RIPE NCC is doing a good job. We don't have the information to determine that. And if the organisations which were the subject of the rather noisy closures recently have an issue with this, as I said I presume they do, they really should consider taking legal action here.
SERGEY MYASOEDOV: I agree.
KURTIS LINDQVIST: I think it was Randy and then Lehmann.
AUDIENCE SPEAKER: Lars Liman, but speaking my own opinions. I would like to offer my view of some of these things. To be begin with when you do business in a country and you're under an obligation to provide correct information written in that country's language I at least would make darn sure that I understand what's going on. So I would look at making sure that someone in my company or a consultant can verify what's going on there first. That comes at a cost, I am sorry.
Second, you note that we're not customers of the RIPE NCC. No we are members. This is an association to me. This is a group of people that try to work together. That means that when we do arbitration, it's members of these groups as representatives on the panel doing arbitration between members. So, that's my view of it. So it's vis‑a‑vis a legal system or some other legal system in a country or something that's generally just ‑‑ we are members of the same club, we have rules of this membership and the arbitration panel is all about that.
Then again for closure, I will focus very much on what Athina said about patterns. One time is, in my gut feeling is not a problem. If it happens once it's not a problem. If it happens twice ‑‑ if I received complaints three times from Athina saying hey, this is not working well, you have to shape up, you have to really look at your procedures, then I would. And that was actually what I wanted to same.
SERGEY MYASOEDOV: I do not have a chance to make three mistakes in a row. That's not possible, because probably after the second one, your LIR country will be terminated.
AUDIENCE SPEAKER: Okay. Then I suggest as a general suggestion, we look into that, because twice is not a pattern to me, but... once is an accident, twice is bad procedure, three times is... that's why I say, we then should take up that in our policy developments where the appropriate place it within this club to make sure that ‑‑
KURTIS LINDQVIST: There is nowhere that Athina said there was two cases. This was an inference. We have no basis for that discussion, she said a pattern, the arbitrator said multiple times. So let's stop the discussion there.
RANDY BUSH: Luckily I never make mistakes. I'm sure no one else here does either. Could you go forward I believe one slide. That was it. We have been talking too much about blame. Blame does not move packets. I'm supposed to move packets. Okay. In this ‑‑ and our goal here is an accurate database. I am getting boring with the same, but that is our principal responsibility. So, I don't care about who is at fault here. I want to know what can we do about this to get more accurate data? Okay. How could we make it easier for the sponsoring LIR to get and give the NCC more accurate data? And if that has to do with saying hey, give us what you have and put under it "I'm not really sure," whatever. But you know, let's get focussed on getting accurate data.
SERGEY MYASOEDOV: There is a solution. We need just to kill all the bad people.
RANDY BUSH: I was raised by somebody who was a pacifist in World War II. So I don't think that's a very good solution.
AUDIENCE SPEAKER: Hello, I am just speaking for myself. Tomorrow I will have a presentation about the identity theft for a lot of British companies which have been registered as LIRs either by them unknowingly taking their identity or completely generated fictitious companies and then obtaining RIRs credentials or getting sub assignments as PAs. I think the problem is, we'll probably need softer sanctions because if I am a network operator I want to seize cyber attacks immediately. If we can impose some sanctions on the LIRs as no more sub allocations for six months or twelve months and take actions immediately which is a quicker route than probably taking the decision to completely terminate the LIR is a hard decision to take. So, probably we need more range of softer actions that can be taken immediately in order to seize such activities. That's just one idea. The Anti‑abuse Working Group.
AUDIENCE SPEAKER: Well, you know, when you say killing the bad people, well it's a bad job but here we say basically as a legal entity, the LIR relationship built ‑‑ as well, say that kills their business, to me that's a bad practice. And by the way an LIR that unwillingly submitted bad data and later they corrected seems to be under the same punishment than the one that was submitted willingly. Therefore, I think we're not getting the right data. In my opinion it should be done like the banks do with a customers, if lied to your bank and you are found ‑‑ let's say you are sending in fraud via transfer, you are getting terminated, your money goes somewhere. So in my opinion, there should be the only penalty you can think of, which in my opinion would be effective, is a financial one. Maybe we can also withdraw the wording rights for the LIR in question but just seems to be either we let it go or it's some multiply some unspecified number relations terminate. That doesn't really work. In my opinion that LIR that would discover a bad subcontract that would give them the false information would immediately notify the RIPE NCC, these resources would be removed and maybe even reclaimed, the LIR itself would have a strike on its licence again going to the problem with the driving licence, that maybe after getting a certain percentage of your data being, let's say you had created 100 of customer objects and they have two of the bad ones, that's okay, you have 50 out of 100 that's a problem. We should quantify the things. Again, we can't solve it right now. We don't have a solution that would work and I don't know maybe some of you don't have any, we have like three or four customers that we represent and we don't have an issue. But I would imagine for somebody with 100 it would be a big issue.
KURTIS LINDQVIST: Thank you. Very, very short.
AUDIENCE SPEAKER: Apologies, I have got two people on the queue remote. Sacha is very short and a comment to Nick where he says: Fraud requires intent in every legal definition I have ever read.
And then secondly, there was a question /suggestion from Elvis, maybe when an arbitration is requested, the member or end user should accept the arbitration to be public both in its details and its outcome. Thank you.
KURTIS LINDQVIST: Thank you.
(Applause)
We have got one blast presentation by Ruediger, we have got one minute, literally. So...
RUDIGER VOLK: Thanks. I did a longer version in the morning in address, but this is about services provided by the RIRs, including RIPE as they could think great as the NRO, and I unfortunately have to remind people that we are seeing a pattern of failure in data provision there.
Okay. So, what data am I talking about and the significance is going to be first slide. Second slide, what I did observe. Third slide conclusions and all the rest has been delegated into backup.
There is and has been for quite sometime a file called "delegated extended" provided by the NRO and essentially providing a unified aggregated presentation of all the resources, how they are distributed. There is documentation by the NRO about the format and the content. That file was used as a normative researches in an Internet draft published in 2016. The draft did not ‑‑ did not trigger very enthusiastic response at the time. Nevertheless, the NRO in 2017, put out an official announcement about something they did not RPKI and the technical basis for that announcement was referencing that ID.
So, taking the first bullets together, I conclude the NRO actually kind of committed to produce and maintain that data as something authoritative. The actual content in the Internet draft is telling people if you find something inconsistent in what the RIRs are doing in the RPKI, you can go to that file to disambiguate. So that is actually something fairly significant.
And even if it wasn't that kind of significant this way, providing an aggregated unified view of all the resource distribution, I think, on itself, is a useful service of a well‑run registry or, in this case, actually of a well‑run and well cooperating registry system.
So, the ‑‑ what I have been looking for and evaluating since late 2017 is the part of the AS numbers there, and my use case was identify the AS numbers that occur in the actual routing system or in the routing registry databases or in the RPKI that are actually not legitimate to show up in the public space. So that is actually an operational, interesting and useful thing to do. Not so many people are looking into this dataset I did. We have been seeing incidents of bad consistency and bad content there, once in a while small things that I could kind of catch. I'm not going into the details, except for on Monday, I found out, oh, bang, for one of the RIRs, essentially all the ASes disappeared into garbage and I got really alarmed and started to do slides.
KURTIS LINDQVIST: Can we please move to the conclusions because we are really out of time.
RUDIGER VOLK: Where are the conclusions? So after that observation, would I trust ‑‑ would any operator trust the database in particular for the more complex addressing folk? Well, okay, I think NRO really needs to explain the joint responsibility for providing that unified data and how that is going to be done. And also, they should consider why is that data still periodically inaccurate even after years of experiencing producing that data? The data has been around for at least a decade, probably much longer. So thanks.
KURTIS LINDQVIST: Thank you.
(Applause)
I also think for those of us who wasn't in Address Policy at least two of the CEOs of the NROs said they will address this.
RUDIGER VOLK: That was the intended response.
KURTIS LINDQVIST: I just want to let you know. Thank you Rudiger, thank you all for coming. Now please get out quickly. We'll see you next time and we'll start the GM.
LIVE CAPTIONING BY
MARY McKEON, RMR, CRR, CBC
DUBLIN, IRELAND.
