This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/routing-wg@ripe.net/
[routing-wg] RPKI Service Criticality Questionnaire
- Previous message (by thread): [routing-wg] RPKI Outage on 23 June 2022 from 10:50 UTC - 12:00 UTC
- Next message (by thread): [routing-wg] RPKI Service Criticality Questionnaire
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Job Snijders
job at fastly.com
Mon Jun 27 17:58:20 CEST 2022
Dear all, RIPE NCC has asked the Routing WG Chairs to facilitate a working group conversation on framing RIPE NCC's RPKI services subcomponents in terms of criticality. At the bottom of this email is a form that focusses on three components: confidentiality, integrity and availability. Each component is split into three questions (a, b, and c), a total of 9 questions are being put forward to the working group. We envision this process to be a public consultation: WG participants can submit (free-form) responses, and also chime in by replying to each other's responses; hopefully bringing us to a degree of consensus in the coming weeks. I believe this is an unique opportunity to help RIPE NCC! Investing our time - in turn - will help ourselves rely on and integrate RIPE NCC's RPKI services in our production environments. The goal is to help RIPE NCC develop a deeper understanding of how the moving parts fit together, which in turn helps decide where and how to invest resources. >>> Your feedback is much appreciated! <<< NOTE: if you are *NOT* a RIPE NCC member, and use the RIPE NCC Trust Anchor (e.g. as Relying Party to make informed routing decisions, inside and outside the RIPE region), your feedback *also* is much appreciated. Kind regards, Job, Ignas, Paul Routing WG co-chairs ----------------------- FORM STARTS BELOW ----------------------- Service Criticality Questionnaire Form - RPKI ============================================= Introduction ------------ This form is used to gather input from the community on the service criticality of the RPKI Service from RIPE NCC. The framework is detailed in: https://labs.ripe.net/author/razvano/service-criticality-framework/ The service criticality has three components: * Confidentiality: What is the highest possible impact of a data confidentiality-related incident (e.g. data leak)? * Integrity: What is the highest possible impact of a data integrity-related incident (e.g. hacking)? * Availability: What is the highest possible impact of a service availability-related incident (e.g. outage)? (All RIPE NCC services are designed with at least 99% availability, so please consider outages of up to 22 hours.) Service purpose --------------- The RIPE NCC RPKI Service is the RPKI Trust Anchor (TA) for the RIPE NCC service region, comprised of: * RPKI Dashboard (in the LIR portal) * Repositories (rsync/RRDP) * Certification Authorities (CAs) * RPKI Management API * Hardware Security Modules (HSMs) * Datasets Service Criticality ------------------- Please review the following three areas. ## (1) Global Routing Incident Serverity * Low (No / negligible impact) * Medium (One or a few ASes are unavailable) * High (Many ASes in a region are unavailable) * Very High (Global Internet routing disruptions) Please rate the incident serverity (Low to Very High) in the following three areas. Please explain why. (a) Confidentiality (Impact level of incidents such as data leaks) Answer 1a: (b) Integrity (Impact level of incidents such as hack attempts) Answer 1b: (c) Availability (Impact level of service outage incidents, up to 22 hours per quarter) Answer 1c: ## (2) IP addresses and AS Numbers Incident Serverity * Low (No / negligible impact) * Medium (Local disruptions (registration information not being available for some entities)) * High (Regional disruptions (registration information not being available for the RIPE NCC region)) * Very High (Global disruptions (lack of registration information for all AS Numbers and IP addresses)) Please rate the incident serverity (Low to Very High) in the following three areas. Please explain why. (a) Confidentiality (Impact level of incidents such as data leaks) Answer 2a: (b) Integrity (Impact level of incidents such as hack attempts) Answer 2b: (c) Availability (Impact level of service outage incidents, up to 22 hours per quarter) Answer 2c: ## (3) Global DNS Incident Severity * Low (No / negligible impact) * Medium (Local disruptions) * High (Regional disruptions) * Very High (Global disruptions) Please rate the incident serverity (Low to Very High) in the following three areas. Please explain why. (a) Confidentiality (Impact level of incidents such as data leaks) Answer 3a: (b) Integrity (Impact level of incidents such as hack attempts) Answer 3b: (c) Availability (Impact level of service outage incidents, up to 22 hours per quarter) Answer 3c: ---------------------------- FORM ENDS ------------------------------
- Previous message (by thread): [routing-wg] RPKI Outage on 23 June 2022 from 10:50 UTC - 12:00 UTC
- Next message (by thread): [routing-wg] RPKI Service Criticality Questionnaire
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]