A Project to Improve RPKI Resilience and Security
The RIPE NCC has focused its efforts on increasing the resilience, security, and availability of RPKI, the Internet resource certification system. To do so, it has launched RPKI Resiliency, a project that integrates different areas of critical infrastructure, security, operations, cryptography and the legal framework in order to improve RPKI infrastructure.
Nathalie Künneke-Trenaman, Routing Security Program Manager for the RIPE NCC, noted that the initiative seeks to strengthen a key part of Internet operations, following concerns raised about the current state of the global RPKI infrastructure.
During her interview with LACNIC News, Trenaman said that the findings and improvements detected thanks to the RPKI Resiliency project will be presented to the community in the final quarter of 2020.
What is the project about?
The RPKI resiliency project is a holistic, multi-phased project which aims to increase the resiliency of our RPKI infrastructure by assessing and improving five different areas:
Technical infrastructure: have an infrastructure and software development processes that aim to provide world-class RPKI services. Examples of areas being evaluated: high availability, scalability, redundancy, quality assurance, DevOps, 24/7 support.
Security: ensure that the system is protected against digital attacks. Examples of areas being evaluated: penetration and vulnerability testing, regular security audits.
Operational procedures: ensure the integrity of the RPKI Trust Anchor by having reliable, transparent and trustworthy operational procedures. Examples of procedures are key signing and key rollover.
Cryptography: Increase the trust in our system by having a third-party assessing our code and making sure we are complying with the relevant IETF RFCs.
Legal framework: with increased RPKI deployment, organisations using the system want to have a clear understanding concerning liability issues. Therefore, it is important to have a strong legal framework. Areas being assessed: Terms & conditions and CPS (Certificate Practice Statement)
Why now? Why at this moment?
With RPKI experiencing a huge growth in its deployment and becoming a key part in the operations of the Internet, the RIPE NCC has been focusing on increasing its resiliency, security and availability. In order to achieve that, since August last year we have started the RPKI resiliency project, which has the goal of having a RPKI Trust Anchor and Certificate Authority that is secure, reliable, highly available and with transparent and trustworthy operational procedures.
Recent incidents ( https://labs.ripe.net/Members/nathalie_nathalie/lessons-learned-on-improving-rpki) have raised concerns about the current state of global RPKI infrastructure, given the increased dependency that network operators are having on the system and the potential impact that its unavailability or lack of integrity can cause. We are taking these incidents very seriously and, since then, have started an internal task force with the goal of reducing the risk of further outages.
What results have you achieved so far?
So far, we have started evaluating our DevOps implementation, in order to make sure operations and software side of RPKI are seamlessly streamlined. We are also improving our software monitoring and identifying different parties to help assess our RPKI infrastructure and procedures. Our legal team is reviewing the Certificate Practice Statement so we can have it reviewed by our community later this year. We expect most of the results of our effort later this year, in Q4 of 2020. By that time, we will present our findings and improvements to the community.
Now that the use of the service is becoming widespread, do you think it will continue to function properly?
There are many elements within RPKI. For example the repository, the RPKI core and the Trust Anchor.
We are making significant investments in our RPKI technical infrastructure and operational procedures in order to make sure that we can cope with a strong uptake in its usage.