This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ncc-services-wg@ripe.net/
[ncc-services-wg] Policy update request on certification of transferred IPv4 allocations
- Previous message (by thread): [ncc-services-wg] Internet Governance and the RIPE NCC: The Year Ahead
- Next message (by thread): [ncc-services-wg] Redevelopment of the RIPE Database software is complete
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andrew de la Haye
ripencc-management at ripe.net
Thu Feb 21 10:25:48 CET 2013
[Apologies for duplicate emails] Dear colleagues, Based on recent discussions on the RIPE Address Policy WG mailing list, the RIPE NCC is now seeking policy related action from the RIPE community with regards to clear guidelines on how it should proceed with certifying transferred IPv4 allocations. It has recently come to our notice, via two of the policy authors, that the original intention (in 2007) of the sentence "Re-allocated blocks will be signed to establish the current allocation owner" was that the transferred block *must* be signed *after* the transfer in order to completely establish holdership. This sentence can be found under section 5.5 of "IPv4 Address Allocation and Assignment Policies for the RIPE NCC Service Region" here: http://www.ripe.net/ripe/docs/ripe-582#Transfers-of-Allocations Because the RIPE community provided guidance saying that certification should be an opt-in system, the RIPE NCC built an RPKI Certification system based on this opt-in notion, therefore it is not currently possible for the RIPE NCC to issue certificates without the resource holder initiating the process. Therefore, the RIPE NCC's interpretation and implementation of this specific sentence has been: Registration Services verifies and reflects the change in holdership of the re-allocated blocks by updating the database objects and internal records following the transfer. Any certificates that had been attached to these number resources before the transfer automatically become invalid/revoked due to the holdership change. The transfer recipient can then request a new certificate for the address space and the RIPE NCC will proceed to sign these resources to establish the current allocation holder. Therefore, the RIPE NCC does not make certification of any resources mandatory. As the sentence in section 5.5 of "IPv4 Address Allocation and Assignment Policies for the RIPE NCC Service Region" is open to interpretation, the RIPE NCC is seeking representative(s) from the RIPE community to submit an update to ripe-582 that will replace this sentence with more accurate and appropriate wording or perhaps remove it completely. Kind regards, Andrew de la Haye Chief Operations Officer RIPE NCC -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/ncc-services-wg/attachments/20130221/8905340f/attachment.html>
- Previous message (by thread): [ncc-services-wg] Internet Governance and the RIPE NCC: The Year Ahead
- Next message (by thread): [ncc-services-wg] Redevelopment of the RIPE Database software is complete
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]