The front page story of the September 13 2011 issue of the International Herald Tribune said it all: "Iranian activists feel the chill as hacker taps into e-mails." The news story relates how a hacker has "sneaked into the computer systems of a security firm on the outskirts of Amsterdam" and then "created credentials that could allow someone to spy on Internet connections that appeared to be secure." According to this news report this incident punched a hole in an online security mechanism that is trusted by hundreds of millions of Internet users all over the network.
In order to ensure accurate and up-to-date registration data, the RIPE NCC started to evaluate Registry Data Quality (RDQ) in 2009. The second phase has now been finalised and the results are encouraging.
Last year, we described how we were actively encouraging holders of unused or unannounced IPv4 address space to return it. In this article we report on the responses we have received.
This article summarises yesterday's RIPEstat demo session, including new features, changes and improvements. At the end of the article you can find the date of the next demo. Please also note the call for feedback about specific features we are planning to work on.
The beta version of the first public, open-source reference C implementation of the RPKI/RTR router end is available.
In addition to the regular method of using a username and password to log into the LIR Portal, we also offer users the option to log in with an X.509 identity certificate installed in a web browser. On Tuesday, 6 September, the RIPE NCC will deploy an update to this "Identity Certificate Login" system and at the same time implement some changes to user management.
The RIPE NCC has been signing its zones since 2005. Other operators waited for the root to be signed. And signing the root zone in June 2010 clearly encouraged others to deploy DNSSEC. In this article we describe the status of those zones maintained by the RIPE NCC and give an overview of the global deployment of DNSSEC.
Preliminary confirmation for outbound spam reputational rankings.
We have implemented a new feature in the Resource Certification Service that compares the certified resources a Local Internet Registry (LIR) holds and the Route Origin Authorisations (ROAs) they have created with the BGP announcements seen by the RIPE NCC Remote Route Collectors. It will display the validation results, and can notify the user of mismatches and potential hijacking attempts.
In order to use the RIPE NCC Resource Certification (RPKI) Service, the only option up to now was to rely on the hosted system in the LIR Portal. Today we are releasing a proof of concept of the Local Certification Service. This allows RIPE NCC members to run Resource Certification on their own systems.