Based in Amsterdam
Articles
Likes on articles
Director of Product Development at NLnet Labs
Website: https://nlnetlabs.nl
• 4 min read
To offer our members better local access to our tools and data sets, it is now possible to create API access keys in the LIR Portal. The keys can be used to grant applications and scripts access to your (private) LIR data. The Information will be fetched securely over HTTPS and can be used in your …
• 3 min read
The RIPE NCC is proud to introduce the IP Analyser. This is a brand new service accessible through the LIR Portal that gives our members an insight into their IPv4 and IPv6 allocations and assignments. The ultimate goal is to offer a complete overview of all the IP resources you hold, and inform yo…
• 3 min read
The amount of members requesting a Resource Certificate is steadily climbing, soon reaching 900. What is even more impressive is the amount of routing information these LIRs have entered in the system by creating Route Origin Authorisations (ROAs). But what is the quality of the data and is it used…
• 2 min read
Since the RIPE NCC launched its Resource Certification service, there is a steady increase in the number of prefixes covered by certificates.
• 4 min read
In addition to the regular method of using a username and password to log into the LIR Portal, we also offer users the option to log in with an X.509 identity certificate installed in a web browser. On Tuesday, 6 September, the RIPE NCC will deploy an update to this "Identity Certificate Login" s…
• 4 min read
We have implemented a new feature in the Resource Certification Service that compares the certified resources a Local Internet Registry (LIR) holds and the Route Origin Authorisations (ROAs) they have created with the BGP announcements seen by the RIPE NCC Remote Route Collectors. It will display t…
• 5 min read
In order to use the RIPE NCC Resource Certification (RPKI) Service, the only option up to now was to rely on the hosted system in the LIR Portal. Today we are releasing a proof of concept of the Local Certification Service. This allows RIPE NCC members to run Resource Certification on their own sys…
• 4 min read
In the resource certification system you specify your routing policy via Route Origin Authorization (ROA) objects. One of the options you can set is the ‘Maximum Length’, which specifies the maximum length of an IP address prefix that the AS is authorised to advertise. In this article we will analy…
• 3 min read
We have just released the RIPE NCC Resource Certification Web Validator. It will allow you to validate a Route Origin Authorisation (ROA) file against the RIPE NCC Trust Anchor through a web form, either online or locally.
• 5 min read
Since we started providing the certification service on 1 January 2011, many LIRs made use of the service. In this article you can see some graphs showing the number of certificates in place today, as well as certified address space.
This is brilliant! By the way, the RIPE NCC also has RIS beacons with each RPKI Validation state that can be used for this purpose: https://labs.ripe.net/Members/markd/routing-certification-beacons/
“If I understand correctly, the lack of IPv6 affects only the RIPE NCC, as the LIRs and other parties will use RIPE NCC's (IPv6 capable) website to create tickects and upload documents. Also, the e-mail replies will be sent to the NCC, who accept mail over IPv6. Did I misunderstand something?”
That’s spot on Janos.
When the ticketing system product selection was done, of course IPv6 and security were on the list of criteria. IPv6 support was in the must-have column for a long time, but it competes with other requirements. Of course we could have insisted on IPv6 support, but then we would have ended up with a product that simply doesn't fulfil all the other needs of our users and customers. Let's hope ZenDesk adds IPv6 support soon, we have certainly voiced this to them.
“How's the nicer dialog coming along? ;)”
Ah yes Johannes, this is one of those things that slowly slides down the priority list due to the ever increasing amount of the web interface users with SSO (currently almost 30,000 maintainers with SSO that are actively used) and the continuing decline of email for updates. It's on the list for sure, but there are many other things that are simply more valuable right now.
Showing 4 comment(s)