February 2014 - discuss - enog-apps-2.ripe.net

Приглашение принять участие в работе Программного Комитета ENOG7/ENOG 7 Programme Committee: Call for Volunteers
by Andrei Robachevsky 09 Dec '14

09 Dec '14

Dear colleagues, The ENOG Programme Committee (PC) is getting ready to start working on the programme for the ENOG7 meeting, which will take place in Moscow, Russia, 26-27 May 2014. The PC has already attracted a strong team of industry experts with diverse regional and international experience, and we are looking for new members to join us. What is expected from a PC member? ------------------------------- - To actively participate in forming the programme of the ENOG meeting. This implies active participation in the PC activities (teleconferences, on-site meetings, reviews, etc.) and working towards reaching consensus on decision points. - To actively seek content that is relevant and interesting to the ENOG community. This includes reaching out to presenters of interesting talks, people involved in projects, research or other activities that may be of interest to the community. - To stay aware of the topics that address the needs and interests of the ENOG community. This requires good knowledge of relevant regional and/or international issues and usually assumes attendance of ENOG meetings. - To actively publicize the meeting and its agenda to potential attendees, using both personal contacts and social networking. If you meet the above requirements and are willing to commit your expertise and energy to the work of the ENOG 7 PC, please send an email and tell us about yourself and your motivation to: <pc(a)enog.org>. Please do this no later than *December 1, 2013*. More information about ENOG: http://www.enog.org/ Kind Regards, Andrei Robachevsky for the ENOG 7 Programme Committee

2 3

IANA AS Numbers registry update
by Selina Harrington 28 Feb '14

28 Feb '14

The IANA AS Numbers registry has been updated to reflect the allocation of 2 blocks to the RIPE NCC in 2014-02-28: 200192-201215 201216-202239 You can find the IANA AS Numbers registry at: http://www.iana.org/assignments/as-numbers/as-numbers.xml Regards, Selina Harrington ******************************************* Internet Assigned Numbers Authority (IANA) Internet Corporation for Assigned Names & Numbers 12025 Waterfront Drive, Suite 300 Los Angeles, CA 90094 Phone: +1 310 301 5800 Fax: +1-310-823-8649 *******************************************

1 0

ENOG 7/RIPE NCC Regional Meeting Registration Now Open/ Открыта регистрация на ENOG 7/Региональную конференцию RIPE NCC
by ENOG 26 Feb '14

26 Feb '14

Dear colleagues, Registration is now open for the ENOG 7/RIPE NCC Regional Meeting in Moscow, 26-27 May 2014: http://www.enog.org/meetings/enog-7/registration The ENOG Meeting is an ideal place for network operators in Russia, as well as from other countries of Commonwealth of Independent States and Eastern Europe to discuss challenges, tools, experiences and best practices in the following areas: Peering and Internet exchange points: - Business, technical and social aspects of peering and interconnection Network operations and security - Operational experience and best current practices, security trends and technologies Key Internet technologies - Real-life IPv6 and DNSSEC deployment experience, trends and statistics Internet development trends - New technologies and applications, evolution of the Internet ecosystem Internet coordination, governance and regulatory practices - Internet-related legislation and its impact, multi-stakeholder model, challenges and opportunities - Public initiatives and projects in the areas of Internet governance and coordination, research and deployment of new technologies Content delivery - Technology, architecture and business models Registration is free of charge and open to all interested parties. Register now and become a part of this innovative community of network operators. Please share this message with your network. Visit www.enog.org for more information. See you in Moscow! Kind regards, Gergana Petrova Conference Coordinator RIPE NCC (On behalf of the ENOG Organising Committee) ______________________________________________________ Уважаемые коллеги! Открыта регистрация на ENOG 7/ Региональную конференцию RIPE NCC, которая пройдет в Москве 26-27 мая 2014 года: http://www.enog.org/ru/meropriiatii/enog-7/ryegistratsiya/ Конференции ENOG предоставляют сетевым операторам и сервис-провайдерам России, а также других стран СНГ и стран Восточной Европы идеальную возможность обсудить общие проблемы, инструментарий, опыт работы и передовую практику в следующих областях: Пиринг и точки обмена интернет-трафиком - Деловые, технические и социальные аспекты пиринга Вопросы безопасности и функционирования сетей - Операционный опыт и передовая практика обслуживания сетей, тенденции и технологии в области безопасности Ключевые технологии Интернета - Примеры и опыт реального внедрения и использования таких технологий как IPv6 и DNSSEC, тенденции и статистика Тенденции развития Интернета - Новые технологии и приложения, эволюция экосистемы Интернета Вопросы координации, регулирования и управления Интернетом - Нормативные правовые акты и практики, затрагивающие Интернет, вопросы самоуправления, проблемы и возможности - Общественные инициативы и проекты в областях координации и управления Интернетом, исследовательских работ и внедрения новых технологий Предоставление контента - Технологии, архитектура и бизнес-модели. Регистрация бесплатна и открыта для всех заинтересованных лиц. Зарегистрируйтесь и станьте частью инновационного сообщества сетевых операторов. Просьба также переслать это сообщение всем, кто по вашему мнению, может быть заинтересован в участии в конференции. Дополнительную информацию вы можете получить по адресу www.enog.org. До встречи в Москве! С уважением, Гергана Петрова Координатор конференции RIPE NCC (От имени организационного комитета ENOG)

1 0

FW: Trusted Community Representation for Root KSK
by Leo Vegoda 07 Feb '14

07 Feb '14

Hi, People on this list might also want to submit responses. Regards, Leo From: dns-operations-bounces(a)mail.dns-oarc.net [mailto:dns-operations-bounces@mail.dns-oarc.net] On Behalf Of Kim Davies Sent: Thursday, February 06, 2014 12:38 PM To: DNS Operations Subject: [dns-operations] Trusted Community Representation for Root KSK Hi folks, ICANN is currently performing a consultation on how to evolve the participation of Trusted Community Representatives in the management of the root key signing key. I think this consultation is of particular interest to this group as ultimately these TCRs are there to instill trust in the DNS operations community that the KSK is being managed in a proper fashion. I'd encourage you to provide feedback to this consultation - available at http://www.icann.org/en/news/public-comment/tcr-dnssec-key-signing-21jan 14-en.htm - by 11th February. It is important we have a model of TCR participation that is satisfactory to the community. For convenience, here are the terms of reference replicated: Background Since July 2010, the DNS Root Zone has been secured using DNSSEC[1]. The model of using DNSSEC in the DNS Root Zone revolves around a "key signing key" (KSK) that is managed by ICANN in two secure facilities. Four times a year, a ceremony is conducted at these facilities to perform operations involving the KSK. As a key part of this process, a minimum of three from a pool of 21 trusted community representatives (TCRs) attend each ceremony to enable access to the secure materials, to witness the procedure, and to attest that the ceremony was conducted properly[2]. Each ceremony is attended by ICANN staff, the TCRs, representatives of the Root Zone Maintainer (Verisign), representatives of an independent audit firm retained by ICANN to monitor the process, and often additional external witnesses. Ceremonies are recorded by three audit cameras and webcast online. A typical ceremony lasts approximately four hours, and involves a process of temporarily removing the key signing key from a safe and performing key-signing operations in a secure manner following a formal script. The script is designed to perform each operation in a transparent manner to ensure the key signing key is only used for its proper purpose, and there is no ability for its contents to be disclosed for other purposes. Materials from each ceremony - such as the scripts, video recordings, and system output - are posted online[3]. De-briefings and discussions are conducted post-ceremony, where participants discuss how to improve future ceremonies. This feedback helps inform the evolution of the KSK ceremony to be both efficient and effective, while ensuring maximum trust in how ceremonies are performed. The TCRs were selected[4] from the global community based on a number of criteria[5]. These selection criteria relate to the volunteers ability to travel to ceremonies, conscientiously oversee the process, ensure transparency in its operation, and ultimately contribute to the broader community's trust that the private component of the key signing key has not been compromised. The TCRs are privately funded volunteers who are not reimbursed or compensated by ICANN for their participation nor their expenses. The original TCR proposal was silent on the length of service of individual TCRs. Of the 21 TCRs, seven are credentialed as "crypto officers" (COs) for each of the two facilities, and the remaining seven act as "recovery key shareholders" who only participate in ceremonies in the event the requisite number of COs are unable to participate or there is a need to rebuild the KSK following an unforeseen event. Of the seven COs for each facility, ICANN aims to have four attend each ceremony, with an absolute minimum of three required to successfully perform a ceremony. Each facility hosts two ceremonies per year, approximately once every six months. In practice, a TCR will attend at minimum one ceremony per year, and some will attend two in order to ensure sufficient attendance. Of the initial pool of 21 TCRs, one has resigned and been replaced from the pool of recovery key shareholders. No TCR has been removed owing to the other three criteria for replacement in the TCR selection document, relating to lack of integrity or trustworthiness; assumption of a conflicting role within a root management organization; or being unable to serve in their position. Based on feedback from the current TCRs and our experience from the first 14 ceremonies, we are reviewing what changes, if any, should be made to the current model of TCR participation. Comments Comments are welcome on any aspect of the consultation, and specifically on the following questions: 1. Is the current TCR model effectively performing its function of ensuring trust in the KSK management process? 2. Is the current size of the TCR pool appropriate to ensure sufficient participation in the ceremonies, while not overburdening the availability of specific volunteers? 3. Should there be a minimum level of participation required of a TCR in order to be considered to be successfully discharging their duties? 4. There is no standard provision to refresh the list of TCRs except when they are replaced due to inability to effectively perform their function. Should there be a process to renew the pool of TCRs, such as using term limits or another rotation mechanism? 5. The current model does not compensate TCRs for their services in order to ensure their independence from ICANN. a. Should the model of TCRs paying the costs of their participation be retained? b. Would some form of compensation to offset the expenses incurred by the TCRs detract from their independence in performing the role? c. If you support compensating TCRs for their expenses, are there requirements or limitations on whom the funding organization should be? Please send your comments to comments-tcr-dnssec-key-signing-21jan14(a)icann.org <mailto:comments-tcr-dnssec-key-signing-21jan14@icann.org> References [1] http://www.root-dnssec.org [2] https://www.iana.org/dnssec/icann-dps.txt [3] http://data.iana.org/ksk-ceremony/ [4] http://www.root-dnssec.org/tcr/selection-2010/ [5] http://www.root-dnssec.org/wp-content/uploads/2010/04/ICANN-TCR-Proposal -20100408.pdf kim

1 0