Quarterly Planning

This page details the work we'll do on RPKI in the coming quarter, how you can give your input on that work and our reaction to that input.

We have three objectives in publishing our quarterly planning:

  1. We want to be transparent about the work we are doing with RPKI
  2. We want your input on that work and our planning, and we want to document that input, and let you know if and when we can add your suggestions to our planning
  3. We want an open dialogue with members and community on developments around RPKI

We launched this initiative in Q3 2021, and we are open to improving what we publish here and how we do that. So let us know if there are ways we can better present our plans.

We will update this page as our activities progress and continue to share updates on RIPE Labs, on the Routing Working Group (WG) mailing list and at RIPE Meetings and other events.

Q1 2023 Plans

Last Updated: 15 December 2022

Item Activity Description Status
1 Create multiple parallel internal test environments for RPKI

Currently, the RPKI team shares one environment used for Quality Assurance. This shared environment leads to longer release cycles as we can not independently evaluate multiple features in parallel. We will set up multiple independent environments (with one environment per feature if possible). Having more environments available will allow us to evaluate features independently and improve our Q&A and release process.

In progress

Work continues from Q1 2022.



2

Request to implement "Publish in Parent" RFC 8181 support.

ARIN and APNIC have already indicated that they would offer this service to Delegated RPKI users. We are now working on offering this service too. Organisations that choose to run their own CA will have the option to publish their RPKI objects in repositories provided by the RIPE NCC. We believe this will help improve the resiliency of the RPKI ecosystem.

This feature was requested by Benno Overeinder in the Routing WG session of RIPE 82 as well as by Job Snijders on the routing-wg mailing list in September 2021.

We are currently doing an "open beta trial", and the full launch will be in mid-January 2023.

We have marked this with reference RPKI-2021-#3 in the table below.

 In progress

Work continues from Q1 2022.

3

RPKI compliance project (ISAE3000)

We needed a well-recognised audit framework that both encompasses all important IT security elements and can be tailored towards the design principals and RFCs of RPKI. For this purpose, we want to develop an RPKI audit framework that can potentially also be used by other Trust Anchors. This is now an ISAE3000/SOC 2 Type II audit framework.

We are now in the process of gathering evidence for our audit. In 2023, we will first start with an assessment of the framework by a third party. Because ISAE3000/SOC 2 Type II frameworks are free-form by nature, we want to ensure that we have the right controls and evidence in place.
In progress

Items completed in the last quarter

  1. Support a Red Team security exercise
  2. Pilot ASPA support

More information can be found on the archived plans page.

Community Input on Planning

We want the community to contribute to our plans and suggest additional work items. Please share your comments with us or post them on the Routing Working Group mailing list. And we will be monitoring all the other channels where people talk RPKI.

We will be adding your feedback on this page as we progress with our plans.

Reference Input RIPE NCC Reaction
RPKI-2021-#02

Request to add BGPsec support in Hosted RPKI.

For more information, check the Routing WG mailing list archives.

We are investigating possibilities here and will add a reaction when ready.

RPKI-2021-#03

Request to implement "Publish in Parent" RFC 8181 support.

For more information, check the Routing WG mailing list archives.

The activity was on hold and will launch in mid-January 2023.

RPKI-2021-#04

Request to add real-time metrics and status updates of alerts or subsections to a feed.

For more information, read the Q&A section of the RIPE NCC RPKI Update at RIPE 83 (presentation no.4).

We are investigating possibilities here and will add a reaction when ready.

RPKI-2021-#05

Suggestion to allow 3rd party access to the LIR Portal to make RPKI changes.

We are waiting for an internal SSO project to be completed, and we will add a reaction when ready.

Archived Quarterly Plans

You can find our plans from previous quarters on this page. The Q1 2023 plan will be archived once we publish the Q2 2023 planning.

Please contact us if you need more information.

Stay up to date!

Follow the #RPKI hashtag on Twitter.