<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:10.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="en-NL" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt">I presume Global Routing is a wider scope than just Ripe.
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><br>
----------------------- FORM STARTS BELOW -----------------------<br>
<br>
Service Criticality Questionnaire Form - RPKI<br>
=============================================<br>
<br>
Introduction<br>
------------<br>
<br>
This form is used to gather input from the community on the service<br>
criticality of the RPKI Service from RIPE NCC. The framework is<br>
detailed in: </span><a href="https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flabs.ripe.net%2Fauthor%2Frazvano%2Fservice-criticality-framework%2F&data=05%7C01%7Cmbooth%40libertyglobal.com%7C49bd82c9d07b4b21914d08da5855e632%7C98fbb2314a934dee85a89c286ddfb92d%7C1%7C0%7C637919423243790490%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mexUm47VM3nyc0BJ3fg5n0H%2FNHp%2Foyv8%2BSVlbnKxxnM%3D&reserved=0"><span style="font-size:11.0pt">https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flabs.ripe.net%2Fauthor%2Frazvano%2Fservice-criticality-framework%2F&data=05%7C01%7Cmbooth%40libertyglobal.com%7C49bd82c9d07b4b21914d08da5855e632%7C98fbb2314a934dee85a89c286ddfb92d%7C1%7C0%7C637919423243790490%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mexUm47VM3nyc0BJ3fg5n0H%2FNHp%2Foyv8%2BSVlbnKxxnM%3D&reserved=0</span></a><span style="font-size:11.0pt"><br>
<br>
The service criticality has three components:<br>
<br>
* Confidentiality: What is the highest possible impact of a data<br>
confidentiality-related incident (e.g. data leak)?<br>
<br>
* Integrity: What is the highest possible impact of a data<br>
integrity-related incident (e.g. hacking)?<br>
<br>
* Availability: What is the highest possible impact of a service<br>
availability-related incident (e.g. outage)? (All RIPE NCC<br>
services are designed with at least 99% availability, so<br>
please consider outages of up to 22 hours.)<br>
<br>
Service purpose<br>
---------------<br>
<br>
The RIPE NCC RPKI Service is the RPKI Trust Anchor (TA) for the RIPE NCC<br>
service region, comprised of:<br>
* RPKI Dashboard (in the LIR portal)<br>
* Repositories (rsync/RRDP)<br>
* Certification Authorities (CAs)<br>
* RPKI Management API<br>
* Hardware Security Modules (HSMs)<br>
* Datasets<br>
<br>
Service Criticality<br>
-------------------<br>
<br>
Please review the following three areas.<br>
<br>
## (1) Global Routing<br>
<br>
Incident Serverity<br>
* Low (No / negligible impact)<br>
* Medium (One or a few ASes are unavailable)<br>
* High (Many ASes in a region are unavailable)<br>
* Very High (Global Internet routing disruptions)<br>
<br>
Please rate the incident serverity (Low to Very High) in the following<br>
three areas. Please explain why.<br>
<br>
(a) Confidentiality (Impact level of incidents such as data leaks)<br>
<br>
Answer 1a:</span><span lang="EN-GB" style="font-size:11.0pt"> Low � The Routing table is public.</span><span style="font-size:11.0pt"><br>
<br>
(b) Integrity (Impact level of incidents such as hack attempts)<br>
<br>
Answer 1b:</span><span lang="EN-GB" style="font-size:11.0pt"> Very High � If incorrect data is in the GRT we will incorrectly route traffic.
</span><span style="font-size:11.0pt"><br>
<br>
(c) Availability (Impact level of service outage incidents, up to 22 hours per quarter)<br>
<br>
Answer 1c:</span><span lang="EN-GB" style="font-size:11.0pt"> Very High � the GRT is key for our operation.
</span><span style="font-size:11.0pt"><br>
<br>
## (2) IP addresses and AS Numbers<br>
<br>
Incident Serverity<br>
* Low (No / negligible impact)<br>
* Medium (Local disruptions (registration information not being<br>
available for some entities))<br>
* High (Regional disruptions (registration information not being<br>
available for the RIPE NCC region))<br>
* Very High (Global disruptions (lack of registration information<br>
for all AS Numbers and IP addresses))<br>
<br>
Please rate the incident serverity (Low to Very High) in the following<br>
three areas. Please explain why.<br>
<br>
(a) Confidentiality (Impact level of incidents such as data leaks)<br>
<br>
Answer 2a:</span><span lang="EN-GB" style="font-size:11.0pt"> Low � This is public information</span><span style="font-size:11.0pt"><br>
<br>
(b) Integrity (Impact level of incidents such as hack attempts)<br>
<br>
Answer 2b:</span><span lang="EN-GB" style="font-size:11.0pt"> Very High � If incorrect data is in the IRR or RPKI repositories we will incorrectly route traffic.</span><span style="font-size:11.0pt"><br>
<br>
(c) Availability (Impact level of service outage incidents, up to 22 hours per quarter)<br>
<br>
Answer 2c:</span><span lang="EN-GB" style="font-size:11.0pt"> High � while most will not notice a short down time over a prolonged period this would lead to automated prefix list failures etc.</span><span style="font-size:11.0pt"><br>
<br>
## (3) Global DNS<br>
<br>
Incident Severity<br>
* Low (No / negligible impact)<br>
* Medium (Local disruptions)<br>
* High (Regional disruptions)<br>
* Very High (Global disruptions)<br>
<br>
Please rate the incident serverity (Low to Very High) in the following<br>
three areas. Please explain why.<br>
<br>
(a) Confidentiality (Impact level of incidents such as data leaks)<br>
<br>
Answer 3a:</span><span lang="EN-GB" style="font-size:11.0pt"> Low � DNS is public information.
</span><span style="font-size:11.0pt"><br>
<br>
(b) Integrity (Impact level of incidents such as hack attempts)<br>
<br>
Answer 3b:</span><span lang="EN-GB" style="font-size:11.0pt"> Very High - Ripe operate a trusted anchor, this would be propagated.
</span><span style="font-size:11.0pt"><br>
<br>
(c) Availability (Impact level of service outage incidents, up to 22 hours per quarter)<br>
<br>
Answer 3c:</span><span lang="EN-GB" style="font-size:11.0pt"> Low � There are other roots.</span><span style="font-size:11.0pt"><br>
<br>
---------------------------- FORM ENDS ------------------------------<br>
<br>
</span><span lang="EN-GB" style="font-size:11.0pt;mso-fareast-language:EN-US"><o:p></o:p></span></p>
</div>
</body>
</html>