An Open Internet Remains the Goal

Let me start by saying that all of us at the RIPE NCC are deeply affected by the war in Ukraine. Clearly, this is personal for us. Over the years, we have made friends in our work across a wide region that is currently mobilising and being devastated. This is aside from the impact the war is having on our Ukrainian staff, which has been truly heartbreaking to witness.

We can therefore understand that many people feel the need to do something. We can also appreciate that our operations might seem like an attractive source of leverage at times like this. It is precisely for this reason that the RIPE NCC Executive Board recently issued a statement repeating that we must remain neutral in all political disputes or wars. We further elaborated on this message in our response to the Ukrainian government’s request that we de-register the IP addresses of Russian organisations.

I wish to caution in the strongest possible terms against any actions that risk undermining Internet stability. I also want to explain why the RIPE NCC as an institution and many of my colleagues in the technical community believe it is crucial that we preserve the integrity of the RIPE Registry and that we continue to support all of our members, including those in Russia.

The Internet is a complex system that is closely intertwined with all aspects of modern society. It’s not just our social media and email accounts – civic engagement, hospitals and emergency services, humanitarian efforts, and much more – all rely on the Internet in ways that are not always obvious. While we might think we can take targeted actions to isolate specific aspects of this system, there are risks in assuming we can anticipate all of the technical and human impacts that might result, and it might be everyday people who suffer the worst consequences.

With all of this in mind, I would like to present a brief analysis that is concerned above all with global Internet stability in the near term.

The Internet Runs on Consensus

In many ways, the RIPE NCC has a straightforward administrative task. We allocate IP resources to networks, provided they meet a few basic criteria, and we record these allocations in the RIPE Registry. This is the authoritative source of truth about who holds these resources, which is vital because it ensures that each IP address and AS Number has global uniqueness. Computers have no way of knowing where to send packets if there are conflicting claims about which networks are using which IP addresses, and so the Internet starts to break very quickly if this uniqueness is ever lost.

When we say that the Internet runs on consensus, we are not being idealistic. We mean it in a very specific and literal sense. For decades now, competing nation-states and business interests have shared a single, global Internet. Maintaining this has been the need for at least some base layer of cooperation. While a country or business is free to switch to a new routing protocol, this would practically amount to cutting itself off from the global Internet unless it can convince its peers to do the same. Similarly, there is nothing preventing someone from creating a competing registry to the RIPE Registry and insisting that theirs is now the authoritative source of information. Nothing that is, aside from the uphill task of establishing a broad consensus that this new registry is the one to trust.

What has helped to preserve the status quo has been the relatively lightweight and unintrusive nature of the registry system, which has always prioritised enabling Internet operations over gatekeeping access. As the Internet has become more integrated with our societies, some are increasingly seeing its core functions like the DNS or IP address registries as a means of policing others to achieve non-technical aims – from protecting copyright to removing obscene content, enforcing religious views, and much more.

Attempting to use this system to break connectivity for an entire population would be the most extreme expression of this tendency, and it is something we have never seen before in the history of the Internet. It is also unlikely that it would be very effective if it was attempted.

It is important to understand the relation between the registration of IP addresses and what happens in global routing. The two are highly correlated, especially given the consensus that our registry is the authoritative source of information. Any network can announce conflicting information into global routing, and the legitimacy of this announcement will ultimately depend on whether a majority decides to believe these claims. In other words, the consensus that we are the authoritative source of truth has always been open to challenge. We preserve this consensus by working to maintain the trust of network operators. But we can only be trusted for as long as we remain neutral.

The Internet Runs on Trust

A Russian participant in the RIPE community would sometimes remark on the change in thinking this required of him. The idea that, as a network operator, he could broadly trust an institution like the RIPE NCC, or the community behind it, was hard for him to accept because he had his own understanding of institutions in a Russian context.

While we do not claim to be perfect, the fact that we are generally trusted by the technical community is no small feat. We had to earn this trust over many years. We also had to gain it back at various points where we seemed to be in danger of losing it. This is also why we have a clear mandate, a robust governance structure and a culture of transparency about our activities and plans. All of this requires a great deal of care and attention to manage properly. Remaining trustworthy might seem easy in the abstract, but it can quickly become complicated for an organisation like ours, operating in a space that has become increasingly politicised in recent years.

We Support ALL of Our Members

Actions speak louder than words, and while statements from our board can help to reassure members about our intentions, I think our long history of working to support all members is what really makes this clear. We are fully aware of the real-world implications of our administrative work – a member that loses their account and IP resources is essentially unable to maintain connectivity. This is why we invest a lot of effort each year to contact members with unpaid bills because we do not want to see their services disrupted due to a missed invoice. This is also why we allowed members to apply for a payment extension when we moved to annual billing and why we gave a similar extension in the early stages of the COVID-19 pandemic, understanding that the resulting economic disruption could affect members’ ability to pay their fees.

This is also why we have reassured our members in Syria and Iran that they do not have to worry about losing their memberships or IP resources because our bank is unwilling to accept payments from either country. And this same logic is why we recently told both our Ukrainian and Russian members that they will not face closure if they cannot pay their invoices on time. Some members have claimed that this offer is unfair to the rest of the membership. That would only be true if we did not apply the same principles consistently to all our members in the face of comparable disasters.

Some people have also remarked that our position is not totally neutral. Neutrality is indeed a difficult concept to pin down with any precision. But if we do have a bias, it is towards supporting our members equally and ensuring stable Internet operations.

The Registry Must Remain Accurate as the Internet Changes

I noted earlier that using the registry system to break connectivity for an entire population is not likely to be very effective. But that does not mean it would not be damaging. Removing entries from our registry will make it harder to identify the source of Internet traffic. In practice, this will make it harder for network operators to decide who they should accept or block traffic from. This is important in peacetime, but it becomes even more critical in times of war. As we have already mentioned, any ‘power’ or ‘control’ that the RIPE NCC possesses in this context is a product of the consensus among network operators that it is better to trust us than to develop an alternative, which would likely have all of the same risks and limitations.

In recent years we have seen some states take measures to protect what they view as their critical infrastructure. One example we have seen is the creation of national registries that mirror the RIPE Registry. The Russian Federation has implemented such a registry, ostensibly to protect the integrity of its Internet from outside interference, and it is not the only country to have done this. The thinking here is that, in the event of actions being taken to destabilise the Russian Internet (for instance, de-registering Russian-held IP addresses or preventing Russian access to RIPE NCC services), network operators can be instructed to use this alternate registry as the basis for their routing decisions. This means they will turn to a competing authority on who holds specific IP resources, which in turn makes it impossible to ensure the uniqueness of these resources in global routing. The truth, in this case, will not be determined by any announcement from us or anyone else but rather by the individual decisions of network operators. This could quickly lead to a breakdown in network operations and fragmentation of the Internet as we currently know it.

Who Decides?

Those of us who have been engaged with Internet governance will know that there is a fundamental question underlying many of these discussions: who should control the core administrative functions of the global Internet?

I strongly believe these functions, including the global registry system, are best managed through multistakeholder processes like the open and inclusive approach of the RIPE community. This has worked wonders in growing the Internet so far. The opposing view is that Internet governance is so critical that it should be managed by nation-states directly via institutions such as the United Nations. However, such an approach would make the Internet into a bargaining chip and may result in politics taking priority over finding the best technical solution.

It is for the reasons I have outlined above that we believe any independent actions on our part to de-register a country’s IP resources would be incredibly destabilising to the wider Internet system. Not only will this have technical impacts and likely be ineffective over the long term, but it will signal that the technical community is no longer up to the task of performing its job on a neutral and impartial basis. And in fact, stakeholders might start to wonder why they should bother engaging in Internet governance debates at all if they can simply pressure the RIPE NCC or one of our counterparts to achieve their aims. Certainly, we can expect that the assessment of some nation-states would be that their nation’s connectivity is subject to the decisions of a small company based in Amsterdam, and they will implement corrective measures that have important technical implications.

Our True North

If some of what I have described in this article sounds familiar, it might be because we published our five-year strategy and mission statement only a few months ago. This document notes conflicts between countries as a key factor with the potential to impact us in areas such as sanctions, engagement, due diligence and financial stability. It gives me no pleasure to report that these impacts have manifested so strongly so soon after we published our strategy. However, recognising that conflict potentially lay in our future, we nevertheless produced a mission statement that we believed in then and continue to believe in now. Our mission statement says that we enable people to operate and develop the Internet. It says we are a trusted steward of the open, inclusive, collaborative Internet model. It says that we actively contribute to the stability and evolution of the Internet. It is by holding to our mission that we maintain the trust of our members and community, and it is a mission that we will defend in the interests of a single, stable and resilient Internet.

This is why we take this position. Not because it is the easy path, but because we think the alternatives risk bringing this global project to an end. We therefore urge all stakeholders to think very carefully about what they are advocating for and what they want our shared Internet to become. It is unlikely that we will get a second chance at this.