This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[routing-wg] RPKI Service Criticality Questionnaire

Previous message (by thread): [routing-wg] RPKI Service Criticality Questionnaire
Next message (by thread): [routing-wg] RPKI Quarterly Planning Q3 2022

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Booth, Mike mbooth at libertyglobal.com
Tue Jun 28 09:40:37 CEST 2022

I presume Global Routing is a wider scope than just Ripe.

----------------------- FORM STARTS BELOW -----------------------

Service Criticality Questionnaire Form - RPKI
=============================================

Introduction
------------

This form is used to gather input from the community on the service
criticality of the RPKI Service from RIPE NCC. The framework is
detailed in: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flabs.ripe.net%2Fauthor%2Frazvano%2Fservice-criticality-framework%2F&data=05%7C01%7Cmbooth%40libertyglobal.com%7C49bd82c9d07b4b21914d08da5855e632%7C98fbb2314a934dee85a89c286ddfb92d%7C1%7C0%7C637919423243790490%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mexUm47VM3nyc0BJ3fg5n0H%2FNHp%2Foyv8%2BSVlbnKxxnM%3D&reserved=0

The service criticality has three components:

* Confidentiality: What is the highest possible impact of a data
                   confidentiality-related incident (e.g. data leak)?

* Integrity:       What is the highest possible impact of a data
                   integrity-related incident (e.g. hacking)?

* Availability:    What is the highest possible impact of a service
                   availability-related incident (e.g. outage)? (All RIPE NCC
                   services are designed with at least 99% availability, so
                   please consider outages of up to 22 hours.)

Service purpose
---------------

The RIPE NCC RPKI Service is the RPKI Trust Anchor (TA) for the RIPE NCC
service region, comprised of:
    * RPKI Dashboard (in the LIR portal)
    * Repositories (rsync/RRDP)
    * Certification Authorities (CAs)
    * RPKI Management API
    * Hardware Security Modules (HSMs)
    * Datasets

Service Criticality
-------------------

Please review the following three areas.

## (1) Global Routing

Incident Serverity
    * Low        (No / negligible impact)
    * Medium     (One or a few ASes are unavailable)
    * High       (Many ASes in a region are unavailable)
    * Very High  (Global Internet routing disruptions)

Please rate the incident serverity (Low to Very High) in the following
three areas. Please explain why.

(a) Confidentiality (Impact level of incidents such as data leaks)

Answer 1a: Low – The Routing table is public.

(b) Integrity (Impact level of incidents such as hack attempts)

Answer 1b: Very High – If incorrect data is in the GRT we will incorrectly route traffic.

(c) Availability (Impact level of service outage incidents, up to 22 hours per quarter)

Answer 1c: Very High – the GRT is key for our operation.

## (2) IP addresses and AS Numbers

Incident Serverity
    * Low       (No / negligible impact)
    * Medium    (Local disruptions (registration information not being
                 available for some entities))
    * High      (Regional disruptions (registration information not being
                 available for the RIPE NCC region))
    * Very High (Global disruptions (lack of registration information
                 for all AS Numbers and IP addresses))

Please rate the incident serverity (Low to Very High) in the following
three areas. Please explain why.

(a) Confidentiality (Impact level of incidents such as data leaks)

Answer 2a: Low – This is public information

(b) Integrity (Impact level of incidents such as hack attempts)

Answer 2b: Very High – If incorrect data is in the IRR or RPKI repositories we will incorrectly route traffic.

(c) Availability (Impact level of service outage incidents, up to 22 hours per quarter)

Answer 2c: High – while most will not notice a short down time over a prolonged period this would lead to automated prefix list failures etc.

## (3) Global DNS

Incident Severity
    * Low       (No / negligible impact)
    * Medium    (Local disruptions)
    * High      (Regional disruptions)
    * Very High (Global disruptions)

Please rate the incident serverity (Low to Very High) in the following
three areas. Please explain why.

(a) Confidentiality (Impact level of incidents such as data leaks)

Answer 3a: Low – DNS is public information.

(b) Integrity (Impact level of incidents such as hack attempts)

Answer 3b: Very High - Ripe operate a trusted anchor, this would be propagated.

(c) Availability (Impact level of service outage incidents, up to 22 hours per quarter)

Answer 3c: Low – There are other roots.

---------------------------- FORM ENDS ------------------------------

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/routing-wg/attachments/20220628/352de922/attachment-0001.html>

Previous message (by thread): [routing-wg] RPKI Service Criticality Questionnaire
Next message (by thread): [routing-wg] RPKI Quarterly Planning Q3 2022

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ routing-wg Archives ]