[ncc-services-wg] New on RIPE Labs: RPKI Repositories and the RIPE Database in the Cloud

Friends,

On 10/05/2021 13.40, Alun Davies wrote:
> 
> The mission critical services the RIPE NCC provides to the Internet community require a solid technical foundation. In this new article on RIPE Labs, Felipe Silveira looks at plans to use cloud infrastructure as a means to that end. The full article is available here:
> 
> https://labs.ripe.net/author/felipe_victolla_silveira/rpki-repositories-and-the-ripe-database-in-the-cloud/

I am unable to attend the NCC Services Working Group session at RIPE 82, 
so I thought that I would say something here.


My main concern with moving RPKI repositories and the RIPE Database to 
the cloud is with the choice of AWS as provider, basically because 
Amazon is a US-based company. We know that tech companies in the US have 
handed over data to the US government - sometimes without a warrant, 
sometimes with. We know that the US law has provisions for secret 
subpoenas, where a service provider cannot reveal that subpoenas were 
issued. Using any US-based cloud provider means basically hoping that 
none of the data that RIPE puts there or the meta-data derived from 
usage of the service is interesting for any part of the US government.

I know all of the big cloud providers are US-based, except for Alibaba 
Cloud. I would not feel a lot safer with a Chinese-based cloud provider 
for RIPE data and associated services. Not using one of the big cloud 
providers means going with smaller cloud providers. I think that's 
probably fine - the RIPE NCC's requirements are surely quite small, and 
can surely be met by at least two cloud vendors in Europe.

I realize that using a European vendor might not be especially 
comforting for people outside of the EU sphere of influence. I don't 
think this can be completely resolved, although since the RIPE NCC is 
already a Dutch-based member association it should not add much extra 
legal or technical risk.


A separate concern is with vendor lock-in. If the RIPE NCC really 
deploys their stuff to multiple cloud providers, then this won't be a 
problem, but the very real, seemingly firm choice of AWS and the 
hand-waving about what a second provider might look like doesn't fill me 
with confidence. My own suggestion would be to not use a second provider 
as a back-up but to run two cloud providers at all times (not 
necessarily with an equal split of load though).


I wasn't sure whether I should bother sending this mail, because I worry 
that this effort is being run like a Dutch government project. That 
means that people are fully informed, their opinions are listened to, 
and then the project proceeds exactly as the government planned without 
change. 😉 Hopefully that is not the case here.

Cheers,

--
Shane
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x3732979CF967B306.asc
Type: application/pgp-keys
Size: 11589 bytes
Desc: not available
URL: </ripe/mail/archives/ncc-services-wg/attachments/20210519/b3e46490/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: </ripe/mail/archives/ncc-services-wg/attachments/20210519/b3e46490/attachment.sig>