Skip to main content


Thursday, 30 October 2008 9:00

Cooperation WG, Test Traffic WG

(Side hall)

The cooperation session commenced on the 30th October at 9 a.m..

CHAIRMAN: Good morning everyone, we have to wait another three minutes before we start the meeting because we have some confusion about what the name of the Jabber room is. We just need to announce the new name of the Jabber room; there has been a change.

So, welcome everybody. I am definitely not Maria. I am not Martin Boyle either. Payment Patrik Falstrom. I work for CISCO. I am one of the persons though that might be responsible for the creation of this working group because I have been advocating it for quite sometime although it was a collaborative effort from many people that wanted to have this done, not the least the chairs we have. Unfortunately, neither of them could come to this meeting, so they have asked us just as an you have seen the mailing list, have asked us to try to run a meeting in a way which I am pretty sure will work very well.

One small detail that also you in the room should know about is that there have been some confusion about the name of the Jabber room is. The name of the Jabber room is just co?op at the conference dot and not cooperation as an announced on the RIPE page. I sent an e?mail to the RIPE mailing list and the working group mailing list a few minutes ago but if it is the case that you, those of you who have laptops, if your friends out on the Internet have problems connecting to the Jabber server, that might be the reason.

It's also the case of course that we most certainly might have remote participation and we also have a transcriber, thank you very much, and for both of them it's very important that we use the microphones, try to speak clearly, not too fast, not faster than about a third of Curtis, and state our names.

First question is whether anyone has any issues with the agenda? We already, I can mention, have two items for the any other businesses. One is information from Daniel regarding address, IPv4 addressing.

He had a presentation on the the address working group the other day and asked for just mentioning what ?? mention that go that the. The
/*PT other thing is an update from the DNS working group on the NTIA open consultation on signing the route and I hope that Jim on the end of this session you are able to say a few words about that. Thank you.

Neither of those two was added to this agenda because this is the agenda that our chairs approved and so this is what we are using at the meeting.

Does anyone have anything to say about the agenda? Yes, Malcolm. And you need the use the microphone.

AUDIENCE SPEAKER: One of the things that this working group has been asked to do is maintain the report produced by the task on enhanced cooperation. Can you add whatever might be done on that, such as an my own suggestions, turning it go into a RIPE document and whatever processes there might be for that.

CHAIRMAN: Yes, absolutely. That is probably an oversight, my fault, I am sorry for not having it on the agenda. So we have that added, so the third item under Any Other Business. Any other issues?

Okay. Before we go into point B, I have got some requests from people in the room to quickly have people, and I hope we have ?? do you have a microphone that we could pass around ?? we'll just take one from the sound ?? I got a request from some people in the room that people actually in the room could present themselves. So I suggest that we take a microphone and just pass it around really quickly.
(Everyone in the room introduces themselves)
Thank you very much and one thing you saw, I stole the microphone. So we have one microphone over there. It was intentional.

So, the working group charter:
So you will have seen this before, but I wanted to see if anyone has any comments.
There: So, let me read this and anyone that has any comments or anything or questions, can you please go to the microphone and we can talk about it.

First bullet point: "The working group will primarily discuss outreach from the traditional RIPE community to everyone else, especially governments, regulators and NGOs, all of whom we are trying to bring into our community. Topics are not to duplicate issues discuss indicate other working groups. This working group should compliment the other working groups and help participants engage in in appropriate work."


"2. The RIPE NCC's current outreach activities will be reported and the RIPE NCC will seek advice and guidance on future activities. This is to make the discussions more focused ?? currently the only forum for these discussions is the RIPE list mailing list."

"3. The working group will develop and clarify the RIPE community's position on issues that are of relevance to the public sector or on which a community position has been sought."

Is it not enough coffee this morning or are you just like tired?

"4. The working group will be responsible for maintenance of the RIPE document produced by the Enhanced Cooperation Task Force, described in the RIPE community, existing policy, development processes and outreach programmes. The working group explicitly does not have change control over the RIPE policy development process itself."

And this is where I think your point, Malcolm, that we have completely forgot this on the agenda, is extremely valid because it's actually part of the charter and not having it on the agenda was not very good of us.

No questions, no issues, okay.

Good. In that case, because as an someone that has been in the RIPE for quite sometime, I like at the first meeting of a working group, I like actually going through the charter, that will probably not happen as an thoroughly in the future.

Point C: We have a presentation from Paul regarding addressing the rise of criminal service providers, so we have that here (/*.

SPEAKER: Good morning. I'd like to thank RIPE for letting me present here. Did I present at the RIPE NCC in Amsterdam, and they asked me to come present to a wider audience thanks for all getting up and belowing sand out of your hair to listen to this.

I see some faces in the audience who have heard this before and you might have been better off staying in bed. But, there you are.

I'd like to start by saying that I don't come here with definitive answers to the issues that I am intending to presented to. Instead, I want to appeal to this group to take sometime to consider the implications of what I am going to say and swiftly find a solution, which is to the acceptance of governments law enforcement and RIPE and its members.

I went to an Internet forum, Internet and parliament forum at the House of Commons a couple of weeks ago where someone described the Internet as an the greatest flowering of men's creativity and invention in history. The Internet does inspire creativity in all that are using it and ununfortunately also in the criminal fraternity. Criminals appreciate the opportunity presented by the anonymity of the net and its global reach to propagate crime.

And it being unconstrained by a legal jurisdictions due process and international protocols, criminals are in an excellent position to fully exploit the opportunities presented by the Internet and emerging technologies. The recent proliferation of criminal service providers and bullet proof hosting sites being extensively offered across the globe is a direct response to law enforcement success in building relationships with local Internet registrars, the ISPs and domain name registries and RIPE itself, which is why I am standing here in front of you.

More work needs to be done. As an a community, we must endeavour to address and plug the opportunities offered to criminals by governance policy and current legislation and we must pursue that with the same vigour as an the criminals pursue their exploitation of those opportunities that are presented to them. I'll explain the basic workings of an identified criminal service provider and describe how the RIPE policy was used to facilitate its existence.

These developments in criminal methodologieses present may now challenges for certainly us as an law enforcement but for all of us in reducing harm caused by Internet to visit companies, corporations, Government and indeed the Internet itself and its ability to self regulate. The last point on the slide is an appeal for a cooperative effort. Our layouts and objectives but the solutions are going to lie within all of us working together.

Traditional crime. If we first consider how the landscape before the rise of criminal service providers. Traditional criminal sites are easy to set up, they are located on legitimate ISPs and are temporary and transient. Many sites are located on botnets located across ledge ISPs. As an are the command and control servers. Under a criminal ISP the command and control service is still drop zones in the concept service are still identifiable by law enforcement but they are no longer approachable, they are no longer accessible. Law enforcement's perennial problems, could I spend hours on that really, but across, mainly the cross jurisdictional, the identification of real world identities. The incompassability of legal systems, and the international legal assistance versus the mobility of criminals is seriously to our detriment.

There are three, I think law enforcement officers in this room and they will regale you with stories ad nauseam I should imagine in you want them to. The location of websites on ledge ISPs allows law enforcement, the circumstance community, the financial community and Internet watch bodies to identify criminal IPs, directly approach the ISPs and remove and relocation of criminal websites. The development of fast flux methodology has obviously affected this as well.

In the UK, there is generally no requirement for judicial process for those things to happen. And criminal websites and their infrastructure is taken down on a voluntary basis by UK ISPs and this model is followed generally across the area.

Much of this work, especially due non law enforcement groupings is reliable upon the Whois database and the accuracy of it, Anti?Spoofing another /WHU which I think is ?? certainly Brian raised it under the anti abuse working group. And their work will be greatly improved if the accuracy and reliability was improved. (Whois)

But now the landscape has changed, as an the criminal becomes more organised and begins to utilise the infrastructure available. What we have seen is criminals registering as an LIRs and ISPs. They establish legitimate business models. Company with company formation and registration, certainly utilising the availability of company formation agents in the UK. They set up complex financial systems including numerous accounts worldwide and submission of business plans and complex network topology, certainly to RIPE in the setting up of at least one of these CSPs. The capability and benefits, their understanding of law enforcement tactics is obvious and the exploitation of legal and procedural opportunities as an I touched on before.

This gives them a greater life expectancy, which, you doubt you will appreciate, the nature of the infrastructure allows hosted criminal protection from law enforcement and fishing sites and botnets, it's a valuable commodity if you can keep a phishing site object a botnet up for nor than a few hours or days, if you can guarantee it's going to last for several weeks or months in some cases, then that's a very valuable commodity to a criminal. The maximise profit and host their own criminality and rent out space. And protection from law enforcement as an I touched on.

Abuse complaints have no impact. At most the website is moved to another IS within the same criminal range. It's thereby satisfying the Complainant and bypassing any blocking and they have evolutionary, as an they will change, they will change with it.

These things that I have touched on here, they are hallmarks of organised crime. We are no longer dealing with amateurs sitting in rooms. This is serious organised crime which is taking advantage of the opportunities that the Internet presents.

The case study of the Russian business network. If you haven't heard of it, any, looking at websites or blogs from any of the Internet security companies will more than inform you of the Russian business network and what they do.

All this material is available through open source. They were registered and established as an a two coin software in the UK. Bank accounts in Estonia and the UK. As an a LIR with RIPE in The Netherlands, with IP transit services in the UK, Germany and the US. They commenced routing through S B tell on that AS number Andy merged in late 2006 as an a host for the rock fish command and control server. They host a whole range of criminal content which I'll go into in a second and a subject of numerous law enforcement investigations globally. They became widely known to the IV companies and were extensively covered in the trade media, blogs and websites and were labelled by the trade media as an the darkest ISP on the planet.

The R B N is known to be responsible for hosting multiple incidents ever criminal seen across the network. From rock fish, mall wear, money laundering, peed fill a, and add wear and spire wear.
In a snapshot of RBN activity. We identified 383 incidence reported across 345 IP addresses. That doesn't seem to be a huge number of IP addresses but it's a snapshot of what happens on RBN. What we try to do is locate any legitimate activity at all on Russian business network and we failed dismaley. There is much circular reporting in the trade media about RBN and a lot of it a POP reporting on singular reporting, where one group do it will report on a report that's already been put out actually proving that criminality is harder and if law enforcement is going to ask industry and yourself to take action we have got to provide data and evidence which is quantifiable and auditable.

The 345 is a small snapshot, but as an a snapshot, it's auditable, justifiable and accountable and could be delve defend indicate a court of law. That will provide WSIS protection from potential suit from the RBN and assertions that we make have got to be made on evidence and providenced.

This is the kind of criminality that we saw in the RBN in that snapshot. I draw your attention to the paedophile 33.5 percent and the mall wear distribution which made up most of what the RBN were behind. The majority of peed fill aacross the world comes either from the US or from Russia, and the RBN were responsible, according to COP and the Internet watch foundation for about 65 percent of the Russian peed fill athat was circumstance circulated around the globe. To we are not looking at a small amount here. (Circumstance lit lated (in this sun ISP is responsible for a good proportion of the world's paedophilia.

So, what do they do? Summer 2007, numerous articles were published in the media citing RBN as an a rogue I ISP and we were providing bullet proof hosting. This included the washing tonne post who outed the RBN and produced several articles which drew a lot wider attention to the RBN and the issues around criminal service providers.

In October 2007, some recognisable mall wear moved from the RBN IP ranges to had a Chinese Taiwan network. Which although on the surface inform Taiwan was Glen registered with RIPE.

It was very easy for them to do and it took them a couple of weeks to set up the infrastructure again and the whole thing flipped over to the Taiwan industrial network. It was ?? this was identified before it happened the the trade media and industry got hold of it and they were outed again and the RBN disappeared from view. There is still some activity on RBN network, but it's significantly reduced now.

Effectively, RBN became a victim of its own publicity, too many people knew who they were. A lot of blocking went out but it was the outing of the RBN that actually removed them. The average criminal site is up for several days. The RBN were up for the best part of three or four years.

The RBN had multiple IP transit arrangements and highly resilient infrastructure. This is the kind of thing we are looking at when we are dealing with CSPs of law enforcement. I don't expect any sympathy. By becoming an LIR they control their own ISP space and routing. Abuse complaints have no impact. As an I say, sometimes the IP range would move from one IP range within the RBN to another range within it. But what we we have seen in some bullet proof hosting sites, is the actual charges that they make for criminal hosting are based directly on a sliding scale as an to how many abuse complaints you actually get. The more your site is complained about, the more you get charged for the protection that the criminal service provider offers. Through capitalism.

They're only answerable to themselves and the terms and conditions of their RIPE registration. This is by no means and exhaustive list of the areas affect by this type of crime. But the theft of identiry alone impinges all all other types of crime, including human trafficking to a variety of crimes.

Some points: Technical performances is undermined by a criminal service providers. The Internet capacity and its performance is degraded. There is massive spam proliferation which emanates from these groups across the industry and huge unreachable botnets that result in legitimate ISP ranges being blocked.

Child protection is another reason for us to deal with this. Children are at risk. Please don't dismiss this as an being photographs of children. I can wheel out people from the F B I innocent images or COP from the UK who the talk about the brutality and murder in some cases that actually is behind the production of these images. In a civilised society, that should be reason enough for us to combat this kind of development.

There are all sorts of public expectation that people should be protected and that all citizens should activity seek ways of protecting those kids from this abuse and look unfavourably on those that don't support that kind of activity.

Commercial stability is important, make takes on major financial institutions which emanate from criminal service providers can exacerbate an already fragile environment. I am sure I don't need to tell anybody here. E commerce is the global market now. So long cert Internet a super highway of just information. Countries' economies are based on the E Commerce now and governments will take a lot more interest in the regulation of them. And there is reputational issues as well for challenging this kind of behaviour.

So the way forward: Governments and the Internet communities are meeting in December in hide he will best of my recollection to debate the future of the Internet and its governance. The level and impact of Internet crime will be discussed as an part of the agenda, I know it was because I was at a meeting in the UK a couple of weeks ago to discuss it. And directional level of future regulations should take.

Regulation will come. Whether it be light touch self regulation or that imposed by governments and the global community. There is a timely opportunity here to act before regulation is imposed. RIPE have the opportunity to take the lead and demonstrate that.

So, what's the way forward? In order to stimulate debate and provoke discussion, I submit to you my thoughts and these are my thoughts alone.

By partisan strategies developed between law enforcement, Government, regional, Internet registrars and ICANN, which is what I would imagine this group is for and certainly the anti abuse working group that Brian is involved in would be involved in. We working very closely with our Dutch colleagues and the Dutch national police and the prosecutor's office to explore some solution to say this. Soccer and RIPE have also taken first steps towards developing really good relationships and good relationships are the way forward. This is vital to law enforcement and Internet governance bodies as an will be much more effective as an partners than adversaries. It's preferable to us to consider ?? well this is much, a much more preferable route than considering legal compulsion and lobbying for regulation within the EU and beyond.

The commitment part: There got to be an acceptance and a commitment to combat Internet crime. In actions as well as words. I think this forum needs to produce something tangible (combat) as an does the abuse working policy group and there is a focus on Internet regulators to actually do something about this kind of crime and not this kind of crime, but all the effects of crime across the net.

Swift removal: I think a review and timely use of terms of RIPE, of RIR membership, audit and sanctions process to disrupt and degrade criminal ability, the documents that Brian is pro queuesing in the abuse working group is a good step for for this, but they have got to be ?? they have got to be enforced as well. That's what we are actually asking people to do is, there is got to be some sanction.

Terms and conditions is an option we are using many facets of our work, as an I discussed across, because the legal implications and across the jurisdictional issues, the use of criminal enablers, terms and conditions to deny criminals access to the net is one way that SOCA is working, it's been quite useful, quite impacted. (S O C A) we need to evolve fast with the criminal. We have got to watch how the criminal reacts and continually review the effectiveness of our work.

Some final thoughts before I get down, you'll be pleased to hear.

Law enforcement bodies are responsible for policing the Internet. There is no discussion ?? there is no discussion that Internet governance, LIRs or ISPs are responsible for this. This is our responsibility. Some criminals try an transcend national boundaries and against all national interest and legislation.

Criminal ISPs and LIRs may be RIPE customers but they are exploiters of RIPE policies, not respecters of it. I believe that effective processes and self regulation can disrupt and degrade this criminal activity substantially. The scope and level of this criminality necessitates that this may be dealt with through self regulation or Government regulation or criminal or civil judicial action or the enacting of new law if necessary. Which route is taken is dependent on our actions now.

I thank you for your attention now and I am happy to answer any questions.


CHAIRMAN: Thank you very much. Do we have any questions? Don't forget to tell people who you are.

AUDIENCE SPEAKER: Jim Reid, private citizen. Paul, I think you made some very good points. I am a little bit confused though at your suggestion that perhaps criminal ISPs could be, have a RIPE NCC membership terminated after some due process of some sort or another. I am not sure that's really going to be really an effective sanction. I don't think it's going to disrupt any kind of criminal activity that's going on, because at that point the LIR that's been the instigated all the crime has already got the Internet resources, they have got addresses, they have perhaps got an autonomous system number and I don't think the NCC is going to be in a position to recover that space or Internet resources and of course the bad guys are not going to be deterred by saying if you step out of line we are going to terminate your membership. So how do you think this would actually help the process?

SPEAKER: I think you are right. There are technical issues around actually taking IP ranges back from criminals, identified criminals. Obviously, not being the most technical person in the world, I am not going to suggest definitive strategies for doing that, but certainly the IP ranges that are in existence identified as an criminal and are removed and put into quarantine by RIPE and then remove the reverse DNS is done which RIPE. If those IP ranges were hand today another party, be it law enforcement, white hat company or whatever, who then began announcing those ranges as well, that would seriously degrade some of the activity, it's not going to cut off everything that happens that gets through to a criminal provider, but it would degrade their ability and what these service providers depend upon, is they guarantee connectivity and protection for their customers. If their customers' material is being diverted to another agency, that's seriously going to degrade the reputation of the provider that's actually hand it go over, which will stop them from working.

AUDIENCE SPEAKER: I'd like to sort of expand a little bit on this. Because, there is potential use for things like the routing database and routing security that could be two?way sort in some ways, because on the other hand, could you actually use this, as an you say, to set up alternate routes to, as an we said, dubious ISPs and have the traffic diverted somewhere else. But it could also work the other way too that you could then have it ?? you may not effective in doing that any more, because the regional holder of the address has got a token that certifies the router announcements. But it work work the other way around too, by withdrawing of that token or cancelling the certificate associated with it, that have something of more of an effect in actually disrupting their ability to get the router arrangements out and actually be able to carry their packets over the Internet.

SPEAKER: As an I said right at the very start, certainly I don't stand up here with all the answers to everything, but certainly what you are saying there and anybody else who has got any suggestions on how we could constructively deal with this might ?? my address supply there, I am quite happy to hand cards out. RIPE have got my contact details. I'll happy take any suggestions that anyone has got that we can work together and feedback into RIPE and the other RIRs, because this is one of those ?? this is one of those areas that I think Internet ?? the Internet governance bodies, and yourselves as an members of RIPE, light touch selfration is still available. If we can regulate ourselves so that this kind of crime is reduced, then it may prevent governments from regulating for us. But if ?? there was a British MP said to me a couple of weeks ago, when governments regulate, what happens with the regulation is the regulation sometimes is a lot more impact I have than it actually is intending to be. It has more wide ranging consequences than actually needs to be produced, which is counterproductive in certain aspects. I think this forum and the subject matter of experts within it are in the best position to actually design regulation for yourselves.

CHAIRMAN: Thank you.

AUDIENCE SPEAKER: Daniel Karrenberg, private citizen, this time. I am trying to ?? I will try to speak three times slower than Daniel Karrenberg usually done.

I have two points: One is a more philosophical one that was triggered by Paul maybe in a lapse of language saying the words "Crime caused by the Internet." And that always rings a bell with me because I think it's dangerous F we think about crime caused by the Internet. Not because I want to be apologetic for the Internet and say it's not a bad thing, it's the greatest thing since sliced bread, but because it sets off wrong chains of thought. It sets off the chain of thought that by fixing the Internet, we will do something about fighting crime, and I don't think that's the right way to think about it. The right way to think about it is that the Internet is a prime tool for certain crimes, for certain criminals to certain crimes because it has enormous reach, because it can rapidly disseminate material of any kind throughout the world and not least importantly, because it transcends jurisdictions and that's the thing that gives you access, I can see it, and we all saw this a long time ago.

So, what I would caution everybody against, even thinking that way, that the Internet causes crime. We should think about the Internet as an a tool of the criminals and we should see how we can take away the tool from them as an part of a strategy of fighting the criminals, not as an the sole strategy. And also not get into the your, you could easily get into the thing that's called solution earing, so immediately go into a technical solution of something that is actually really not a technical problem where the technical solutions can just be a little part in the whole strategy. That was my thought number one that I just wanted to share and I am not accusing you of the wrong thinking, maybe it was a lapse, but if you'd like to respond to that.

SPEAKER: Absolutely it was a lapse the I certainly don't believe that there was no crime before the Internet and the Internet is the sole cause of crime. The Internet has provided opportunities for criminal groups to engage in wider crime and other types of crime, as an does any development in technology. If there is any development within our world. Criminals will exploit opportunities that are presented to them. Internet doesn't make them criminals and there are a lot of social logical issues around that which governments do try to address as well as legislating. But that can't derogate us from our responsibilities to actually try to reduce the opportunities for criminals, which the development of the Internet progressed. But I accept your point.

AUDIENCE SPEAKER: I agree. It's just the wrong train of thought. Just by fixing the Internet or in the extreme by switching off the Internet by turning everything back we will solve the problems. We won't.

My second one is much more to the point and if I understand you correctly, what you are saying is like we have seen criminals organising themselves as an ISPs and we'd like this community to make some policies to actually easily be able to shut them down as an ISPs and to take away the tools from them. That's all nice and well ?? sorry, second thing is that I think what you are saying between the lines here is that actually a tool for doing that would be the RIPE NCC doing certain actions like revoking address space, preventing routing and things like that.

I don't think that's the prime thing that we should be pursuing because actually the RIPE NCC's power in this area is rather limited. I think at least as an important if not more important is to actually use this forum as an an outreach towards the ISPs to do certain things, because they have the power actually to prevent routing and to do something about the criminals and they are, at least some of their departments are all here in RIPE and so, what I would caution you against is to you know, focus yourself on the RIPE NCC, let's fix the RIPE NCC stuff and totally forget about seeing what you can do with the ISPs and say hey, can you do something because they have the real power. They can really turn the knob.

That's number one, number two that comes to mind immediately of course is that the RIPE NCC always has to be very careful not to be judge and executioner at the same time. So we need some way and I know you are working with the Dutch, both the prosecutors and your law enforcement colleagues, so that we can find some ways, how the RIPE NCC can cooperate with you, but without judging whether something is criminal or not.

But my main point here is don't focus so much on the sort of nice hierarchal thing, thinking that the RIPE NN is at the top end and we can turn the knob. We can't.

SPEAKER: I have hit the nail right on the head there. It's not about the RIPE NCC. It's about the community and everybody being involved in actually dealing with this. Why I am here today is as an an appeal to you guys as an subject matter experts to give me some ideas or to produce some ideas of how we can actually deal with this. Whether it be the RIPE NCC, whether it be the main backbone providers, the ISPs, I am not protective about which way we actually go, but all I want is a reduction in the capability of these people to actually operate.

AUDIENCE SPEAKER: We all want that.

SPEAKER: Well... absolutely.

AUDIENCE SPEAKER: A little bit of the same talk as an Daniel. This movement is completely different forum, and that's in the name business, that there should be take down of domain names and other things and I think there should be a police watch dog put on the mail names, played like a mole more or less. I was just wondering, that's actually the same problem, because I mean, there is not a lot you can do as an a domain registry and it doesn't really help just moving stuff and a more coordinated way of dealing with that would be ?? are you talking to that part of the spectrum as well?

SPEAKER: The problem is, you have got, within RIPE, you have got 100 different countries represented. Crime means a different thing in a hundred different jurisdictions, so it's difficult to actually get everybody to agree that this, this is something that needs to be removed and it's not for the domain name registries, it's not for RIPE, it's not for the ISPs to be judge and executioner, absolutely not. It's a difficult one, because it's where do you ?? where does crime shall where does crime end and free speech begin? And that's where the judiciary come in and the judiciary make those decisions.

The problem with the Internet as an a whole, and again I don't want to get to the back to the Internet is a problem. But because it's cross jurisdictional and it exists in several jurisdictions, there is going to be at some stage some commonality around the crime. The distribution of paedophile material is a crime in every jurisdiction within the world. There may be some exceptions but certainly within the EU, the way the European Community work is there is certainly with the European arrest warrant, there are identified crimes that are accepted by all jurisdictions and that speeds the whole process up. I understand what you are saying about it being difficult for domain registries or for anybody to do to to be the full solution for this, but even if you can make it more difficult for people, if it means that for a week they don't get to operate, in that week, you save so much money, you save so much harm, there is no silver bullet, no panacea for removing crime from the Internet, but we just may need to make it harder for everybody.

CHAIRMAN: Last person at the micro and then we have to move on in the agenda.

AUDIENCE SPEAKER: Paul, I am not going to talk about ?? my name is Malcolm Hutty from Linx in London. I am not going to talk about the technical feasibility of knocking net blocks off the network or what RIPE might be able to do to help that happen. That's for others. But on the jurisdictional point, supposing it were able to do this and you, as an a British law enforcement officer, were to come along and say here is the Russian business network, please knock them off. Now, I know that you are well able to present ample evidence that the Russian business network is not actually a real business network. I am not so sure that you are able to present the evidence that they are not Russian.

SPEAKER: That's fair. Is that important?

AUDIENCE SPEAKER: Well, my question is: What kind of cooperation you would, and approve of even, you would think was necessary or appropriate to get from Russia and the Russian authorities before making such a request, because this kind of thing can come right back at you. You remember a few months, maybe a year or two ago, British CO E Os were being arrested in the United States for running gambling companies and these are of significant British companies listed on the stock market that were considered to be entirely lawful within the you recollect UK. It would be entirely feasible for the American authorities to take exactly the same view of the British gambling sites as an you are taking of the RBN and make a similar request and presumably I'd guess that you would want to have some sort of say in that before RIPE acted on T I tried to look up the name of the British companies in question, but actually, just doing a Google news for T because they were gambling company, the Dubai filter was blocking access to the stories. And I think it shows it's not just America, but there are actually countries within the RIPE NCC service region that would have these issues as well.

So what kind of approval and/or cooperation from the national authorities of the country in which the criminal network is based would you think was necessary before pursuing this?

SPEAKER: I think you make a very fair point. The Russian business network, because it's called the Russian business network is not necessarily Russian. It may be Russian it may not be Russian. Certainly the Russian authorities wouldn't accept it as an being a legitimate company or a legitimately operating company in Russia.

If we could prove that it was a Russian business, then obviously there are massive risk assessments to be made before we, as an a UK, would request a Russian company to be barred from trading on the Internet and we would make, I think it would be important to have that negotiation with Russia first of all, or with whichever jurisdiction in which the company was based. It's a British company. Unfortunately the RBN is a British company, it's registered as an two coin software as an at made stone in kent which lends some power to our elbow. But it's a very fair point and there are a lot of complex issues within that, certainly for us to request anybody to take, to bar somebody from the net, /AO*ED have to have pretty good reason to do so and we'd have to be on pretty strong ground with whichever jurisdiction that company was based in. What we would probably do is ask that company, if there was a vehicle, if there was a process to do T we would approach that country to actually make the representation themselves.

CHAIRMAN: Thank you very much. And with that I think we should thank Paul very much for the presentation.


And the next point on the agenda is Paul Rendek will give an update, 15 minute update max. On the RIPE NCC outreach activities.

SPEAKER: Good morning receiver, I am Paul Rendek from the RIPE NCC. I am going to give a fast, so I hear, update on the outreach activities that the RIPE NCC has been doing. I am going to touch on activities that are not only RIPE NCC based but activities that we also have been carrying out with our industry partners and also with the other RIRs. This kind of touches across a whole span of us.

(Kind of)
So just an overview of what I am going to actually address. I'll be giving you a bit of background on this, very fast. I will talk about the IGT, the OECD, the RIPE NCC round?table meetings, EU Commission and parliament. And various Government regulatory events that we attend and some next steps and some thoughts there.

Just some quick background. The RIRs have been activity in WSIS. That seems like a very far in the past now, the world summit on information society. This was really I think the beginning of the current multi?stakeholder approach to Internet governance, this is where we kind of saw a new area kind of emerging for us. I think we scampered quite quickly as an a technical community and we established ourselves as an a technical community as an and as an a legitimate stakeholder here in additional to civil society and business. Together with many of our industry partners we worked with the RIRs, of course, ISOC, ICANN, testify, I can go on, a list of organisations.

Today actually we continue to cooperate in the different areas of common interest. You can probably appreciate that it's quite difficult to pull together such a large group of peep when you have to come with a common set of positions or something that's relatively easy to understand that you are putting forward into a multi?stakeholder community, so this takes a lot of time but we are spending a lot of time with our industry partners and the RIRs to make this happen, so...

The Internet governance forum, there is three components to this. There is the public consultations on the agenda, any objectives that are being set for an upcoming IGF, there is a Multi?Stakeholder Advisory Group that pulse together all the different areas that need to be discussed at an IGF. This of course runs across the whole range of the stakeholders. And then there is the IGF meeting itself.

The MAG, which is the Multi?Stakeholder Advisory Group is made up of 50 members, that covers the whole range from technical to Government, bits business, so you can imagine that these 50 people have to come together and form an agenda that is going to be coherent and work for an IGF. Very difficult. I think initially this group was put together to set the logistics there but we see that they are driving the content of the programme.

We are happy in the RIR area that we have actually two of our managing directors on the MAG, that's AfriNIC and rule /SKWREU media were LACNIC so we have some good representations there so that's quite nice for us.

Passed IGF meetings that we have attended, we were all RIRs in full force in Athens and in Rio De Janeiro. Some of us were presenting there, some of us were participating and monitoring what was going on and bringing these things back home of course. But what we are seeing now actually is as an we go around and we do to regional meetings in the RIPE NCC region object, we do them in the Russia and the Middle East. We are seeing that we are starting to have local IGF meetings take place, for instance in the UK they have already had one. I think there is another one in November just to wrap?up on what they want to do in the IGF. I understand that the Germans are also having a local IGF forum that will take place in November. We were recently at a regional meeting in Russia and we had actually the head of the delegation for the IGF in Russia come to our meeting address our LIRs there, which was just brilliant actually they were and they were saying /TOEF going to have local IGF in Russia as well to pull together what they need today do for Russia to end up in hid err back.

We are seeing these local IGFs happening. It's more of the travelling circus that has to happen. We think it's important to be there. I did attend the UK IGT F, I have to say it was well organised and the input that they took from the community was great. So I think that that helps them form whatever they need to do to get themselves there.

So, there is an IGF that going to take place in /AOEUD err abad from 3 to 6 December. The RIRs will of course be there in full force together. There is something called critical Internet resources that is a dedicated stream in the programme that obviously is, you know, directly related to the RIRs business. So we will be there. We actually have two ?? there are two areas within the main programme that are being showcased. One on enhanced cooperation which will be a panel that Raul Echeberria will be on and there is a transition from IPv4 to IPv6 which is probably not surprising to you and a plug?in will be on that panel presenting as well. So it's good to see that we have some representation there.

And we have actually produced a document called continuing cooperation. I have put the URL up here for you. It's a document we put together to showcase two governments and any of the other stakeholders what we are actually doing as an RIRs and our part of dealing with the public and private sector dialogue and having relationships with other stakeholders. So we do update that document. We want to make sure that whatever we are doing is showcase and that people can see what the RIRs are up to.


And another point here in the kind of UN area is that there is something called the UN economic and social Council, eco SOC we actually, the RIPE NCC was awarded membership to this group which is really quite nice. It's basically gives us access to certain UN events and we mainly show up there as an an observer. But they have contacted us telling us that there may be some consultation where is they would use us as an experts in the field. Which is great. We are quite happy that we were award this had membership. I understand and somebody can correct me if somebody else has this here, but APNIC and RIPE NCC both have received awarded membership state to us this group. So that's quite nice.

And this forum really is a way for the UN to engage the private sector, so we are happy that we are involved there as well.

And just to give you an idea of what a day at the IGF looks like. I have actually just taken a snippet of day 3 of the IGF agenda. We think it's hard to come together as an a RIPE meeting to do a two track day. This is what day 3 of the IGF lookses like. Up there in the left?hand corner is a transition from IPv4 to IPv6. The stark green area it the main Plenary session, so that is being showcased as an one of the main themes inside the IGF, but as an you can see at the same time, there is a whole bunch of other stuff happening in that, so it's quite a busy and quite a hectic place if you haven't been there, if any of you haven't been there yourselves.

So moving onto the OECD, the organisation for economic cooperation and development. The RIPE NCC, about two years ago, struck up a relationship with the OECD on our own, we quickly were joined by a few other RIRs obviously that have OECD countries in them, ARIN and APNIC, we have worked closely with their staff. We have been been to their offices in Paris a few times and we have actually briefed them on the document they have produced called economics considerations in the management of IPv4 and in the deployment of IPv6. There are a lot of people from this community and from the other RIR regions that contributed to that paper. It was really great team work that was done there. This was actually presented by myself at one of the staff members of the OECD at the ICC P working party meeting in December of 2007. It was actually received very well. The member states that were represented there, the Government countries, were saying that it was about time that the OECD had reached out to this community, pulled us together and produced some work and showcase this had to the OECD members. This we were happy to hear that. We wanted to continue a relationship with them.

You know, we are now kind of working together with the OECD to see if we can set up some workshops to work together with them to be able to then bring more information to their OECD members. So that's a real positive step there.

Something else we have done, inside the OECD, I think some you are aware they had a ministerial meeting in June, basically spinning around the whole idea of telecoms and IT Internet. This only happens or this, the last time this agenda was brought up in the OECD was ten years ago, so this does not happen very often for them so it was a huge production that took place in soul in June, 2008. The RIRs were there in full force of course together with the Internet technical community stakeholders forum. That was organised by ISOC. They did a brilliant job in pulling us all together. You have to appreciate how difficult it is to produce a document when you have got so so many areas of the Internet technical community coming together and everybody wants to make sure they are showcasing what's important to bring forward to something like a ministerial meeting. So we did produce something called the memorandum on the future of the Internet in a global economy. It was a very nice and concise document of about three pages which took tonnes of time from the some 16 industry partners in addition to the RIRs that were showcase indicate this Internet technical community stakeholder forum. It was very well received there. We are happy about that.
In fact we received quite a lot of press coverage, I'd like to thank Race Point or R P company for that. The RIPE NCC donated the time of PR company to this and outside of what we had done, we received, or what we could see actually was that there was some 86 articles that flu around the world based on the work we had done there as an a technical community which is great. Actually we probably had from what I could see, more coverage than the business and the civil society people. So we actually were there, you know, we really took advantage of all the press and media that were there. So it was pretty big to organise.

So the next steps in our relation with the OECD. Currently we are working again with ISOC and a whole bunch of industry partners, 16 of them in fact. You can see this on ISOC's website. They are obviously going to be showcasing this. There is a proposal for the creation of a Internet technical advisory committee. ITAC. Inside the OECD. They have currently only one organisation that feeds them, that is the BAC, which is the business advisory committee. They want to bring in civil society and they want to bring in the technical community. This is something that jumps out of the OECD ministerial from June. ISOC was great. They jumped to the bat. Got us together again and pelf formed a proposal for that. I can say that there was solid input to that document from RIPE NCC, APNIC and ARIN, which was brilliant. We worked together. We got in what we thought had to be in the document. I am sure that we would have received the same from LACNIC and AfriNIC but really it is these three organisation that have the most OECD countries there so it's obvious we put more effort there.

Actually this document will be delivered to the OECD in November and it will be showcased in the ICC /P?P in December, so we are hoping if everything goes well and we have done our homework, that we could see Internet technical advisory committee inside the OECD, which is great.

RIPE NCC round?table meetings. We are quite proud of these, we have had six round?table meetings since 2005. The last one we had was in September. This was made up of obviously Government which is the main stakeholder group we are trying to reach here. But we also bring along some RIPE community members, it's great to get some support and also some of the expertise to be able to actually give some feedback to the governments on questions had a they have. The main topics that we have there, IS address registration, IPv4 exhaustion, quite obvious. IP policies were reviewed there. We brought our PD O officer there, Phylis gave an overview of what's happening globally. And we also had criminal activity on the Internet, Paul from SOCA it was fabulous for him to come and present there as well. So we were happy to have him here at the RIPE meeting as well.

So this was our largest show, well turn out from governments, we had 26 Government representatives from 11 countries, so that was a brilliant turn out. It was the most engaging conversations we had and we are happy to move forward with these relationships. What I can say is that we did pass around some questionnaires and everybody very diligently filled them out and so the governments are used to filling out paper I am sure. So they gave us a good feedback and actually it was overwhelmingly a request for us to hold more than one meeting a year. So we are going to be showcasing two meetings in 2009. We will have one in February and one in cement some of the other feedback we got is they wanted us to give them more, maybe hands on information on what's going on with v6, what is this thing all about? I think some people don't really understand that. We scampered about and we already have some great thoughts on what the agenda is going to look like. We have worked closely with Rob from RIPE and we will be pulling some people from the community to help us showcase this thing in February. So we look forward to that.

Again, we have been working on messages for Government and press coverage. We finally, together with Race Point again, figured out some great areas where information is picked up, that governments on wires that governments actually read and we have been showcasing round?table meetings and the kind of stuff that comes out of RIPE meetings and we have seen we have been getting coverage. This is interesting and we hope with a bit more targeted press we can actually wake some of the people up and get them into our round?table meetings, which is super.

EU Commission and parliaments. Some of the stuff we have been doing there. A long time ago and I know Patrick it one of the ones that helped me get this off the ground, we manage today get ourselves a meeting with the Commissioner, Ms. Vivian Redding, when she came in, well she was been there for quite a number years there, but when she first stepped into the position we thought it was smart to pull together again the technical community. We had ISOC there, we had ICANN there, it was a bunch of us you know industry partners. So, she is the commissioner for information society and media. We met with them. We wanted to establish that we were groups that were there and available for consultation, to help the EU if they have any issues they want to get from us. We have worked with ^/TKET will he ever Eckert on the the IPv6 communication, anybody in Berlin sought report that he gave there. That was delivered at RIPE 56. We participated in the IPv6 day that was organised by the Commission that. Took place in May of 2008. We will be presenting at the high level group on Internet governance in Geneva in November. We have received and invitation there. We have happy to go going to this because they normally don't invite external organisation to say showcase in there. Axel received an invitation directly to come to so naturally we will be going to Geneva in November and we are looking forward to giving some information on the v4 and v6 issue is what they are looking for.

RIPE NCC is a member of the European Internet forum. This is more of a parliament group ?? well, it's more, these meetings are attended by members of parliament more than anything else. They have regular meetings in Brussels. So we are on, we are a member. We do get all the invitation /TOGS any meetings that they have. We pick the ones that obviously are relevant to us and to our community. I know that we have gone through with also the RIPE Chair, with Rob, he has come with us a few times. And we obviously make sure that we are visible there as well.

EU telecoms directives. I know this is something that Patrick also gets involved in. We actually monitor the names and numbers issues that come up there making sure that our input is there wherever it needs to be for the EU. These are the kind of things we have been doing with EU and parliament there.

Jumping into some various Government regulatory events. RIPE NCC and some Government workshops. We had the first one in December of 2007. It was a joint meeting organised by the French ministry and the UK department for business, and what a nice meeting, about 15 governments showed up. It was just the RIPE NCC with these governments. We had some dialogue, and open discussions there. They have told us that they enjoyed that, they want to move on with this. We are now ?? I am busy working with a few of them to see where we are going to host the next one. I understand the Swedish Government is keen on having this kind of a workshop again. We might be ending up in Sweden sometime soon.

We have met with OPTA last year, the Dutch telecommunications regulator, we met them at IGF, we bought them a beer and they want today come and visit us. So we actually had their whole team come to our offices in The Netherlands and of this great, we talked about what we could do. We understood what their role was in regulating the Internet in the net err lands and what they are doing working with their other partners in Europe. So it was nice to have them there. There was a law enforcement session at ICANN that we attended in full forces RIRs in June, I hit the number 2 button a few too many times, there were 12 law enforcement agency that is showed up there, not 22, I apologise for that. This was organised by bobby flame from the F B I, he is actually here today, it was really great. He pulled all of our RIRs there. Axel presented there because it was our region T took place in Paris, it was probably right that the RIPE NCC took the ball there. It was super. We hope they will invite us again. That was good.

Just recently, before we came out here to Dubai, we had a huge team of about seven that came from the Dutch ministry of economic affairs to visit us at our offices in the Netherlands again. They want to keep a good relation with us. We had Rob representing RIPE. We had some fruitful discussions with them. We want to keep obviously the relationship moving there as well. So, we discuss add bit about what was going on with v6, we discussed the IGF that was coming in heed err abad and what the Dutch ministry was advantage on doing there.

Just some general IT workshops and events. We get invite today various ITU, Telecom or ITU development workshops. We invite ourselves as well to keep an eye on what's going on. We have had presence at Telecom world in Hong Kong, Telecom Asia bang cock. Telecom Africa, Cairo. I think the most successful turn out that we had was Telecom Africa in Cairo. All the RIR sent some staff there. We did some brilliant work together as an RIRs, massive work within the region what was happening. AfriNIC was showcasing that, and that was some great work together. So we'll continue to go to those on an as an needed basis. We see that the Telecom words aren't important for us to attend, but some of the other workshops and what have you, we certainly will keep an eye on.

Other things in the Government regulatory areas. We have attended the UK parliament and Internet event in 2007 and in 2008. Euro DIG, European dialogue, the Council of Europe. That was a meeting we attended in Strasbourg in October. We actually, we are helping them prepare for the Council of Europe session at the IGF, that was good, we gave them input wherever it was needed. It's great.

ICANN Government advisory committee. We continue to have a good relationship with the ICANN GAC, we do present at their meetings when we are invited we also have, get on to their mailing lists and have discussions with them on an as an needed basis. (G AC) so this was all moving quite nicely.

We are having a meeting now in the UK in November, another meeting with the BIR, the UK department for business, we are going to be showcasing again some IPv6, showing them some stats, seeing what's happening there. This is actually being organised a bit with one of our community members, Jim Reid, who is here today. So we had an invitation for the RIPE NCC to come and we are happy to go. We'll see new London in November.

Next steps. .
Basically, the RIPE NCC would like to continue to expand its relations with local Government and of course any other governments, even outside of our region.

We have start today target our information a bit more. We are seeing that we are understanding the roles ships we are having and how we can communicate a bit with governments. So we are taking advantage of that.

We naturally, want to make sure that anywhere we can, the RIPE NCC is consulted as an an expert and where we need, we will also come into this community and pull people to help us bring the message forward that they want to see. So that's great.

The RIPE NCC definitely wants us to be seen as an a leader in the public and private sector dialogue in the various Government initiatives that are around. So our board is firmly behind this as well which is nice to see and we'll continue to see if we can be a lead another that area.

The last point is that we are going to be coordinating the positionings of the RIPE community for input into Government. And this is why we have set up this working group so the RIPE NCC will want to be bouncing back from one to the other and we hope that we can do this and category ate some good relations.
(Applause (in

CHAIRMAN: I think per definition the time is now 15 minutes past ten.

So, I am sorry, it might be the case that we actually will move a few minutes into the coffee break. But I think just because this is the first meeting for this working group, I think it's important that we are actually talking about what we want to talk about.

So the next point on the agenda is actually me, because I have started to, well not me, I blame Geoff Huston, started talking about the fact that the market is not deploying IPv6. So I was just going to talk a little bit about that. Because both Geoff and I agree that we actually have to work a little bit more together, well not just a little bit more together, and to come back to what Paul said about security, we also think that we need to work more together also regarding actual operations and make sure that the Internet works, because to a certain degree, if the Internet stops working, we think that actually might create even more tools for the people that want to do bad things. They might start to use the low poles and stuff in the architecture. So things are not looking very good.

And it's also the case that I personally very strongly think that, for example, when we talk about IGF, the kind of thing for me, Internet governance is not about how governments like how they take care of the Internet. It's about how all of us together is governing the Internet, which is a very big difference. But for the IPv6, it doesn't look very good.

Just very very short. What Geoff and I start today talk about is what kind of options do we have if it is the case that IPv6 does not deploy? So, okay. Do we have a plan B and we claim that there really is no plan B, and the problem is that what is happening here is that the Internet as an it is paid by the end users, all the alternatives that exist to IPv6 is much more expensive, much more complicated, doesn't give the features needed, so all the various different kind of examples ?? sorry, alternatives exist are just worse. So we just have to ?? there is a plan A and we have some plan Bs but we really need to make sure that plan A is the one that is happening. And the problem here is that everyone is waiting for everyone else. And we think that we need to work much much more together and do things in a much more, much, much more coordinated way.

One thing specifically now when we are in the RIPE region, a large part of the RIPE region is of course also the area which is covered by the European Union. Definitely much smaller piece, but a piece at least. And the European Union, through deck /HREF Eckert, as an we heard Paul talk about, issued a communication on IPv6 this summer, where encouraged specifically the public sector to be a good user and procure errand this is something which I have seen working quite well, but the problem is that we should probably be able to see this a lot more. I know many countries that actually are planning to do something in that direction, which is trying to actually buy IPv6 and I think that is one way of moving things forward.

But, I think a really large kick in the butt is actually needed here to get things moving and we don't have as much time.

Because, if it is the case that ?? because it is the case that IPv6 is still the lowest risk option, both economical and technical, but we are running out of time as an everyone else has been seeing.

So, what might be needed is actually some more encouragement, so I think personally that all the work that can be done from all sectors, including governments, to actually encourage deployment of IPv6 is good, and maybe some more coordinated documents is needed. I know that there were some IPv6 work in Stockholm last week and deck /HREF Eckert was there and we'll see what's coming out of that.

So that was very short. The only thing that I wanted to say that there is some work going on and we ?? yeah ?? thank you for that.

Next thing, Daniel, you want to say something?

SPEAKER: What I want to do is, since we are not doing, repeating work that's ?? repeating work that's been done in other working groups, I just want to point all of you to some work that's going on in the Address Policy Working Group (repeating) and I am not going to give you a full presentation here. I just want to point out what this work is about.

It's about IPv4 running out actually the day when IPv4 runs out. So, this is a representation of the queue of requests that comes into RIPE NCC at the day that the IPv4 runs out, we have no free pool addresses any more. The ones to the left of the finish line will actually be fulfilled, if they get address space and the ones to the right of the finish line will not get address space. That's how we all think about T

Now, what this work is about is actually that what might really happen is something that, it doesn't quite look like that. It looks more like this, where the actually there is a really large request that's complying with all the policies and hence, it will be assigned and then the people to the right of the finish line suddenly don't get anything any more, while they were expecting to. This of course unpredictable and the perception of it would be that it's very unfair.

And our concern here is that it discredits our industry regulation process.

The even more frightening scenario is this one when there is actually a number of big requests in the queue and one of them is fulfilled and one that's quite close queue afterwards is not fulfilled. That would be perceived probably as an very unfair. And if they both of the requests come from the same market, there is certainly an issue here, once this hits the streets and maybe the one that didn't get it, chooses to employ public opinion, regulation and policy level.

If they come from sort of what I euphemistically call antagonistic societies, it can get worse, again it's about perceived fairness, it's not about absolute fairness, and our concern is that it really discredits, could really discredit the RIPE policy if it were to happen and it could also discredit the RIPE NCC as an an institution.

So, at the end, we discussed the following question: Are these realistic and everybody in the room said, everybody who spoke up said yes, they can happen, they are realistic.

Would they cause competitors to fight in the courts by regulators, by Government, public opinion? Everybody who spoke up said yes.

And what this working group is about is really the third question: Are governments and regulators concerned about such scenarios? And I'd like you to point all of you to the work that's going in the Address Policy Working Group that's going on in this, if you are concerned about it, bring your concerns there.

The upshot of the meeting yesterday was that we will indeed look at possible policies to address this.

Was that short enough? Are there any questions?

CHAIRMAN: Any questions on what Daniel presented or what maybe Daniel and I said?

AUDIENCE SPEAKER: Jim Reid: It's not a question. It's just a statement. You talk about perceived unfairness. Some governments that are actually part of the RIPE NCC service region are as an a matter of routine making statements that there is an unfairness of IP address allocation.

SPEAKER: Okay. This is not what I want to address here. It's enough if there is perception of unfairness, then it's a problem.

AUDIENCE SPEAKER: I just thought I'd point out that there are also, I am sure, I know you are aware of this, but that there are policy proposals in place that actually address some of these things. So I think the discussion here is valid but it's important to be aware that this is not something that's been neglected by the community. We are all aware of this and there are policy proposals I think that have been accepted now that actually address this, how do we deal with the last in this case, /8 of the IPv4 address pool. So I think that should be something that governments are aware of as well, that we are discussing these things.

SPEAKER: Definitely we are discussing these things and there are policy proposals, formal policy proposals on the way that address part of this issue but not the whole issue and we'd like to address the whole issue.

Thank you.

CHAIRMAN: Thank you very much.

CHAIRMAN: We have two points left on the agenda. First, Jim, want to explain what's going on in the DNS working group? You can do it from back there.

Jim Reid, DNS working group co?chair hat. There is an exercise going on by the NTIA, which is part of the United States Department of Commerce and they have issued a notice of intent asking for comments on various proposals to do with signing the DNS root zone. The DNS working group has decided or trying to formulate a response to this N E I, this consultation exercise (NOI) and I think in my capacity as an chair of the working group, this is something that the working group needs to do because of the fact that I think we were, we had a role in starting that particular ball rolling, as it were, when we signed the root declaration back at the /TALen meeting. Hopefully /RAOET consensus on a statement and I think we are just about there inside the DNS working group right now. I think we are going to have to do a little bit more word Smithing but not very much, hopefully we can have that presented to the Plenary this afternoon and have this accepted as an a RIPE community statement and then sent as an a response to the RIPE community to the US Department of Commerce. It just goes into the usual mud and apple pie stuff, that nobody would reasonably object so that any introduction of DNSSEC is going to per /SURB the existing set up. We don't expect the exists security and stability and we avert some fundamental principles that this exercise is not about control, it's essentially about authenticity and valid of the DNS data that's in the root. The statement has been circulated to the DNS working group. I think we have a little bit more work to do on it and hopefully we can get this sorted out in the next hour or so and then have it go for inspection at the Plenary this afternoon. Thanks. Any questions?

CHAIRMAN: If people have more questions or want to know more, what's currently happening, please contact Jim directly.

Last bullet on the agenda. The document that has been, that was created in the ?? that Malcolm pointed about.

Malcolm: The document that was created by the taskforce that preceded this working group consisted of two main parts: One part was to recommend that ongoing work in this area be done by a working group like this and recommended setting this up. But the bulk of the report by number of words, if that's in any way a significant measure, was actually an explanation of how the RIPE community works for those that aren't members of the RIPE community, in particular describing what bottomup governance is for Internet resource governance and how that works and why it is that we have bottomup processes rather than top down processes in this area and how the need for policy and implementation is matched and met by a bottomup process rather than a top down process. So this is essentially, in a way, a communications document.

Now, communications in its nature is really done by the NCC and it wasn't at all our intention to supplant or step on toes there, but when the NCC is explaining that, it is also explaining the bottomup process. It needs to show that the community ?? the community has asked for it and that this bottom /*UP process is indeed truly bottom up and is supported by the community and it is shout the best way of doing that is to have the RIPE community itself put its own statement of this, so that that could then act as an the supporting and underpinning for that communications effort.

And so, the taskforce produced this report which did this and that report was formally accepted by the Plenary for at the beginning of the week.

Now, what I would like to suggest is that that report, I wouldn't like to see it sit on a shelf shelf not be used any more, because I think it's important to communicate that message. I'd like to there is a way of returning that report or relevant content of that report into a RIPE document that could go through a formal RIPE PDP type process so that it could be demonstrated to the outside world that this really is the community's view on bottom up governments.

CHAIRMAN: Thank you Malcolm, for a good summary. Anyone want to say anything?

AUDIENCE SPEAKER: Rob: Just a matter of procedure. I think it was a RIPE taskforce and the taskforce reported and the Chairman concluded that it was a true community effort and the community supports the document so it will be published as an a RIPE document. There is no need for any further formalities.

CHAIRMAN: In that case, it was very easy.

AUDIENCE SPEAKER: Paul: We will publish that as an a RIPE document ASAP. What I think needs to happen is that obviously it will probably live within this working group so whenever it does needs to be revised or something is there, it probably should be showcased here but we'll get it up as an a RIPE document.

Malcolm: Is there any need to change the form, based on what Rob has just said, it goes as an it is. Okay.

AUDIENCE SPEAKER: /ROP: I think technical details we can take off line.

CHAIRMAN: But still, I think it's fun if it is the case that we can actually have the first action point of the working group.

So, I want to check whether there is anyone that has any objection to have an action item on the RIPE NCC to ensure that this document ends up published, because this document is part of a charter of this working group so the working group is concerned over and want to make sure and keep track that that is it actually happens and then that way I think that we also, this working group would like to know when it actually like announcement in the mailing list, it's actually up there and published. So the action point on RIPE NCC and I also would like to appoint Malcolm as an the appointee F it is the case that you have some technical details on things that he would like to sort out. And you accept that I presume, Malcolm? Thank you very much.

So, with that, I declare this first meeting of this working group concluded and I'll try to do a summary later on if that's needed and happening. So thank you very much for coming.

(Coffee break)


Test traffic is test traffic

The test traffic working group session commenced on the 30th October at 11 a.m..

CHAIRMAN: This is going to be the test traffic working group in about five minutes. Give people a chance to finish their coffee. If you don't want to be in test traffic, now might be a good time to leave.

Ed in is delete space ending ED and then the word in.

And indicate is indicate. Bench.
All right I think everybody that wants to be in here is probably in here now.

So, welcome to the test traffic working group this morning. I am from the RIPE NCC for those of you who don't know me.

I wasn't supposed to be standing up here. We have a different chair, I had Michael from NOMINET /?RBGTS but he had an emergency at work and he couldn't be here this week.

We have a few practical details.
This group still has a web page. The URL is on the slide.
We have a mailing list. It isn't very active but it has something on it that's quite good. Finally this session is being recorded and broadcasted, so if you want to say something, please go to the micro and state your name to the folks elsewhere so they'll know who you are.

Another point is I may sound a bit incoherent at the moment, that's because my general state of health, it's about as an good add stock markets are doing in the last couple of months. But it's getting better. The health that is.

Next item is selecting a scribe. I think we have somebody ?? Fergal recollect thank you. I think I think Ingrid is doing the Jabber. Thanks.

Minutes from the previous working group session, they were sent out on the list sometime ago. I haven't see any comments, so I suggest that we approve them. Yeah, we'll approve them

Now for the agenda, we have a fairly light agenda this morning. I'll be doing a quick update on what's happening in the ITF IPPM working group.

There will be an update on what's happening with the TTM service over the last couple of months.

And Franz with address future developments.

And then we have Any Other Business for anything else we want to discuss.

So any comments on the agenda? No, well then we'll stick to it as an is.

Let me switch presentations to the first slide. What's happening in ITF

As an you may or may not not know the they have the working group relating to Internet performance, it has been around for ten years and the charter has gone to various revisions but this is still (through) the basic part of this has been around for the last ten years. It's a working group to define matrix that can be applied to quality, performance or reliability of Internet data delivery service and it sets metrics so that anybody can do a measurement of something.

What the group doesn't do is define good or bad. It has a metric for example to measure delay. It will tell you for example it's 100 milliseconds. The group won't give you recommendations that the 100 millisecond is good or bad or it should be 80 or whatever.

In that respect, it differs a little bit from the equivalent working group in ITU T, where they also measure data services but also giving recommendations on what is good or bad.

So, some details about this group. It's in the transport area, as an you may have guessed. The group has a mailing list. You can subscribe and you can list the IETF meetings. We meet physically three times a years at the IETF meeting. The next meeting will be in Minneapolis, mid?November, and the group is chaired by Matt Zaccaucus and myself.

For those of new to this, I'll go through this fairly quickly, seeing as an I don't see too many new faces.

We have done a lot of work over the last ten years. We have defined a couple of framework documents. The generic one which describes all the common things you have to define when you want to do measurements on the Internet. That's RFC 2330. We have a framework for a bulk capacity metrics and the definition for network capacity. The last document tells if you you want to measure capacity, what is meant exactly by what, so we can at least discuss it.

The interesting thing here is that measure network capacity was one of the original goals of the group. We now have the definitions but we still don't know how to do this, but this is an area where we we can work on but nobody has real ideas to do it.

Then we have a whole bunch of metrics, connectivity, one way round trip delay, packet loss, which is also known as an jitter, re?ordering, one way loss patterns, the RFCs are there, you can read up on it.

We also developed a couple of protocols. These protocols are to control measurement devices. There is O?amp and 2?amp, one way and two?way active measurement protocol. That's a protocol you can use if you have two devices and you want to set up a measurement session, you can fully automate T we have a metrics registry, that's a thing you need if you want to start a database.

We have a document on periodic streams. Most of the traffic we deal with is fairly random in nature but the rest of the periodic traffic and these documents basically discusses that.

Then we have work which is ongoing, and it's close to being finished. First the document passed last call is the delay variation applicability statement. The delay variation or jitter is the situation if you have sent a stream of packets and you want to know the differences between the packets rather than the absolute value. And that's important, for example, in video streams, things like that, you don't really care if the frames is all right with 10 millisecond or 20 millisecond delay, but you do want to arrive them at regular intervals so you can watch a movie and you don't see a little bit of your movie, then nothing and then again a little bit.

The metrics, we have document describing the metrics for delay variations. There are some optional things you can tune to in there. This documents describes what you have to opportune to and the specific way if you want to do specific measurements. (Tune)

The next document finished is a document describing storing data. I think most of you are familiar with trace routes, the tool that tells you which hops you pass when going from one point in the Internet to another.

This is a fairly common used tool in the measurements and we found out that people are doing trade routes all over the place and they want to share the data and this document describes an XML seem athat you can use to transfer the data and exchange it with others.

The next document is packet duplication. If you go back to this set of metrics at the bottom, you see we covered all the cases but one. We covered a case where the packet is LoST, that's RFC 2680. We haven't got to the case where one packet is sent and two packets arrived. That's the packet implication drafts. I am not going into detail, but if you want to know what it is, then you should go back to the slides from RIPE 56.

And the final document that's finished is the so?called multi?metrics draft. This is a draft that deals with doing measurements for broadcast or for multiple, so one source sending data to lots of places or the other way around. Again you can use the metrics, but you need some special cases, you can play with statistics a bit and that's described in these documents.

All these documents have passed last call. So you will be seeing them as an RFCs in the next couple of months and I think the NCC will pick up one or two of them to add to the TTM.

Then, there is a document in,, some work in progress. One set of documents deals with the composition of metrics. For example, you have three devices, one that measures delay from A to B and the other measures from C to D. Now, how do you combine these things, can you just add it up, how do you do this? This is described in these documents. It actually consists of a set of documents that a framework draft, at the URL below, and in there there are some references to discuss specific cases in which I dealt with in other documents. This work is sort of stuck (draft) the authors are happy with the work, but before we can publish the documents, we need more readership, so if this is of interest to you, please read those drafts and provide comments to the list.

More work in progress. The so?called reporting drafts. If you go back a couple of slides you will see that we have defined metrics for everything. A problem with all these metrics is you can set lots of parameters inside the metric. Packet size, packet rate. Stream type. Measurement intervals, whatever. And the settings in those strongly depends on what you want to use, what you want to know from the metrics.

So that's good, but then you have a problem. Since the thing people always want to know is how good is my connection. So you want to have a short integrated view over a relatively short period and and that's easy to compare with other results.

So what this document does is take the metrics, described in the other documents and come up with a set of common parameters to report a 5 tuple. The 5 tuple is delay, loss, re?ordering, duplication and jitter. Then you have one number which you can report over set it to minutes, well, you have one set of five numbers, you can report over a set as an to minutes. You can use that to compare the results from one measurement to another and you can bring up your phone and call your fellow ISP and ask for his results without having to discuss the parameters.

So, the group thinks this is a good idea. The results are in a draft at this URL. This is a document we can really use comments from operators and users. So if this is of interest to you, please pick up the draft, read and comment.

And then we are also thinking about the future of the group. As an you can see, we have two work items left. I hope they are done within the next six to twelve months and we have slowly start today think about is there anything we have to do next? So, the question we are putting out to the community, and that includes you, is: What measurements do you need in daily operations and would you like to see standardised?

I asked for comments in Berlin, I got some things on and off line. We had a meeting about this in Dublin in July of this year.

Basically we ended up with four areas where we think there is interest in work.

Well, first is a practical one, it's known as an metrics advancement along the standards track. The IETF has different levels for its standards, right now everything is proposed standards and we want to have the metrics as an standard, so everybody can say this is the way that you measure delay or loss or whatever.

The next ?? so this is probably a practical thing and it does require work, but it's something the group can do.

Next one is multi?provider use for metrics. Yeah, you can measure delay but you also want to have some ideas about how can I use delay measures between A and B where A and B sit in different ASs and there are two or three different ASs in between, how can I use that to use trouble shooting or pinpointing of performance?

People have found ways to use these metrics. ID S have some sort of documents vying these are the best practice, these are the ways you can use them.

Related to that is validation of SLAs. People write SLAs all of the time and they include things like delay and loss and whatever. But, that's usually a number and how should you interpret the metrics so that you can say that the SLA has been met or not.

And the final topic that came up is application of current metrics for passive measurements. So far, IP P N has only been dealing with active measurements, so the sending device generates a packet in a fairly controlled environment, sends it, he measures something about the properties of the transport.

You can also do the measurements you have lots of traffic say flowing from a website to users, you can do packet sniffing or something, you can look at the packets and leave one site and arrive in another and you can say something about it. The metrics can be used there, but that needs annumability statement, how you should do these things.

So, what's going to happen here? Well, suggestions and contributions are still welcome.

In Minneapolis, next time we meet, middle of November, we will have further discussion on this and find out, we have a list of four topics and we cannot tackle them all so we want to prioritise and see who is interested in actually doing the work.

It also means that our charter will have to be adjusted, that's a practical idea.

So, people are invited to come to this meeting. If cannot make it, just post to the list or post to me privately.

And that's all I wanted to say. I think this basically gives an idea of what we did in IPPM over the last nicks months and with that, are there any questions? (IPPM) no? Okay.

Then next up is is Ruben.

SPEAKER: Good morning everyone, if we haven't met yet, my name is Ruben van staff earn, amongst other things I am the service manager for test traffic and this is my update, so that's the status of our grid in the last half year? Currently we have some 100 boxes enlisted and three quarters of them currently is running, so the these are figures yesterday.

The installation since last update, we deployed additional new systems. 3 were complete kits. And 4 of them were just the antenna kits where the hosts facilitate their own hardware.

The new boxes include a box in Sweden by Nordnet Bank. We got additional coverage in down under, in Brisbane, APNIC. More on that later. There was an additional node installed at the DE?CIX in Frankfurt for their measurement set up for their service level agreement. Additional in Latin America in saw Paul owe, and also additional coverage in the Russian federation and this time in Ross to have on done.

We also had a couple of replacements. Some of the really old boxes that broke down at Linx got replaced. And ^HEAnet decided to replace their box pre?emptive.

There was also one decommissioned box thins CERN is moving towards a data centre, they didn't have the possibility any more to host test traffic box over there. So that's a bit unfortunate.

Current running projects: TTM in South America. That has been running since 2005, and we finally have only one to go and we also are starting up some new routes in the APNIC area and we currently are talking with them about the details.

Pending new installs at this time of writing. There was a box originally destined for easy net in London but that will be redeployed in Paris. There is a box for Turk Telecom, sponsor of RIPE 52, in Istanbul. Also in the making is a box at the Kenya Internet exchange that will sit there together with a remote router collector. IPHH, the Internet at Hamburg that is been shipped. We are waiting to deploy the box over there. Some new orders for which I don't have text?box numbers for, which is a new box for easy net in London and for LACNIC in Montevideo.

(Montevideo. /STPH?P /STPH?P

The grip looks like this. We have an ongoing trend in the boxes that are on. Unfortunately at this time we had a slight amount of text?boxes that did suffer antenna problems. So they are temporarily removed for measurements. We will chase them again when we are back from Dubai (antenna)

Let's see, the number of setup boxes, they also increased. So they are likely to be deployed into production really soon and the number of boxes that were removed is fairly constant with the deCommission of the CERN box as an the exception.

Okay, so what's happening for the next half year? You height remember the slide from the previous update. Unfortunately this has been on our back burner. We will spend more effort in this for the coming half year, so that we are revamping the installation procedure, support for custom hardware, the clear requirements for antennakit users.

Also start upgrading boxes in the field. So we can consolidate all the versions that we have in the field.

We have a tentative first run starting somewhere in quarter 4 of this year and we will run to quarter 2 of next year. It will probably be a combination of a parallel test inquiry develop a means of remote upgrading and contacting the host as long as that isn't in place, and at the end of quarter 2, we will evaluate on that amount of boxes at that stage behind and make additional arrangements for that.

Which brings me to the question slides.

AUDIENCE SPEAKER: Brian: It's not so much a question as an a thank you. Those of you who may have been in the routing working group yesterday may have been the presentation from my colleague Dave Wilson about some of the ASN 32 work and research that he was doing for which the TTM project was invaluable, but I would like to note here the help that was given to us by the information services people in the NCC involving switching IP addresses, switching ASs and all sorts of other things without whom we certainly wouldn't have been able to do the work. So thank you very much for that.

SPEAKER: Okay. You are welcome. Any more questions?

CHAIRMAN: No. Then thank you Ruben.

And next up is Franz.

Franz: Hi, my name is Franz from the information services department. You might have seen me yesterday here at the same position in the routing working group already, or at the demo stand outside.

First of all, the title is slightly changed here. I want to show you a little bit more, not only about the development in the test traffic project but also who are the people behind it, where information services, we are a bit more than just test traffic.

So, information services is first of all test traffic. Then we also have the routing information service. DNSMON and Hostcount.

The Routing Information Service, I have talked about it yesterday, and the routing working group, it's basically a looking glass are history. We collect BGP information from 620 peers all over the world and have 15 collectors that do this for us.

We have the last three months of data in a sequel database and it can be queried with very powerful tools such as an the dashboard that you see here in the small picture. And we have automated notescations with MyASN, I think I talked about extensively yesterday in the routing working group about that.

Then there is Hostcount. What we do there is counting hosting hosting in the RIPE region by using DNS records. The procedure is fairly simple. We transfer top level domain, count the unique host that is we see there. Transfer any sub domains, and again, count the unique hosts and so on and so on.

This is carried out once per month and all the data is freely available on the RIPE NCC web page.

We also have a brand new user interface, mark told you about that yesterday, I think it was, in the NCC services working group, the day before yesterday. And it is available here.

Then there is DNSMON, as an the name implies, it's monitoring DNS service. We have about 80 probes around the world and monitoring more than 200 ccTLD /gTLD servers worldwide.

This is how one of our plots looks like. And I would like to highlight a few things here.

First of all, each line that you see is one of the boxes monitoring, and on the other axis you see the time. And this is very nice because this gives you the ability to see two things very nicely: First of all, when a local error occurs, that means one of your DNS server, if you have Anycast DNS servers, you can easily see in that part of the world it's not reachable. And another nice thing about this tack plot is if you see a red line like this, then you can be sure that it is not workable from anywhere in the world.

That was DNSMON. Let's go to test traffic measurement, the main thing here.

What is it? I guess everybody of you knows, but it is a distributed measurement system. We have boxes all over the world. Ruben said a bit more about this, all the green dots that you see here are currently on line boxes.

What does it do? First of all we do trace routes in a full mesh, we do one way delay in loss measurement, again in a full mesh and we have something new and very nice, it's called ad hoc measurement, I'll go into a bit more detail right now.

I picked out one example to show you there. It is between Amsterdam and Moscow. This is one of our new user interfaces using Google maps, it's quite nice, you can select two boxes and it will instantly show you delay graphs and also as an we see here, the trace routes between the two boxes and you can click on this later or earlier patterns here and you instantly see the changes reflected on the map. This is another view of the trace route. It is a bit more detailed. Here we also see the host names and the occurrences of each of these trace routes. But in the end, it's again, the same thing and you see the changes that occurred over time.

Then we can go to the delay and loss plots, they are all nicely linked to each other. And here we see that the change occurred, that the change in the red line here is the number of hops and the black line is the one way delay. And here we can see that approximately at the same time, for a short period of time, some loss occurred and then some other router took over apparently and we see that approximately at the same time, the delay changed.

And what we can also do, since we are doing one way delay measurements here, we can see the effect in both directions. So we can turn source and destination around and in this case, we see ?? we have a symmetric effect on the network.

How would this be useful? To demonstrate network reliability to your stakeholders. You can efficiently try to pinpoint and trouble shoot any problems that you have in your network. Discover and analyse asymmetric effects. It continuous measurements. You don't have so say I want this measured. It is done for you all the time. We have data dating back to 1999 and measurements are there whenever you need them.

The next big thing is ad hoc measurement. It's fairly new, maybe you don't know it yet. The thing with TTM, it only measures within, so one text?box to one text?box. Then again network operators usually have the web servers, e?mail servers whatever, outside of this TTM, they are not really part of the TTM network. So what we wanted to do is we wanted to provide with you a way of measuring from the TTM network towards your own servers and that's what we are to go here with the top ad hoc measurements.

This is a bit of the architecture we have deployed there. On the left side we have the configuration interface with you, you type in there what kind of measurements you want to run, then these test procedures are distributed on the measurement network and as soon as the measurements are carried out, they will be pushed back to the database server at the RIPE NCC and we present it to you in a nice user interface again.

What features do we have there?

It's a framework to run a variety of measurements on the TTM Nesbitt work. It is easy for us to extend this to new protocols using a plug?in system. You can configure a custom subset of TTM nodes, a custom mesh to run your measurements on so you don't have to do this from all the boxes but only from those that you are interested in.

And we really want to maintain a common look and feel for the user.

What advantages does this give you? You can see how your service performs around the world. You can study effect of system maintenance, for instance, consider replacing your e?mail server and you want to see how much down time there was while you have been doing that you can now see that from many different points in the world. It can debug network problems in real time. I'll show that you in a bit, what's really in real time you schedule a test and it works.

And you can compare the performance of different protocols easily and I am going to show you a small example in a bit of IPv4 and IPv6.

Before that a quick peak at the user interface. This is the interface where you can add a new /?Z measurement. You give it a title, you select a measurement type. In this case it shows http, we have ping as well and trace routes and Whois. You give it a start time and end time and select a region where you want your measurements to be carried out.

This is then the data presentation part. Here you see a nice graph and an overview about your measurement. And you also have the raw data available there and you can download so you can import it into another programme and do some more analysis on it.

And this is one measurement that we did sometime ago. We were comparing the IPv6 and IPv4 performance of the RIPE NCC website around the world, and as an you see, the blue part, the performance of IPv6 is not quite as an good as an IPv4 yet. We have is here from USA, Japan and Ireland.

So, I'll try to do a live demo here, I hope it will work. So this is the interface where you can add a new measurement, let me refresh that quickly. We can give it a title, let's say test traffic working group, select a test type. I will do http request here. You set a start time, we'll make it 11:45. End time: 11:50. Into all ten second you can also select minutes or hours. Select the region. Either you select Europe or North America or whatever, or you can select a custom region. I'll select this one that we have prepared for this. And then you enter the URL. And the test, a measurement will be distributed over the network and here you see it under your, appearing under your scheduled tests. And the nice thing, this is real time. So now it is 11:45. We click on it, and we already have our first two measurements here. You can see it's from Japan and Redwood city, just now that has been measured and presented life to you in the user interface. If we give it a little bit of time and refresh it, we can see a few more measurement points and you could refresh it over and over again and see how your team of engineers are doing while replacing an e?mail server, for instance.

So this is quite nice.

Let me go back to my presentation.

That was the demo.

How can you get all of this cool stuff? Well, you can sign up at /TTM. The cost of it is 1,800 yours owe per year or you can have a contract for three years for 5,000 euros, that safes you a little bit. And the nice thing is it includes all the hardware shipping, we completely take carry care that. We install the box and we give you the GPS antenna and everything that comes with it and we ship it. We fully maintain the box for you and you get access to all the tools and features and any feature oft swear updates will of course be free of charge. (Antenna)

A look inside the box: This is one of the servers you will get. It's a dell box, the nice thing here is the green wire on the right side that goes to a GPS antenna. Why do we need it? Because we want to do one way delay measurements and those antennas guarantee us an accuracy of at least 10 micro seconds. And to give you an idea how nice of an accuracy. This is a typical camera flash usually has 1 thousand micro seconds. So when you flash your cameras, we can already measure 100 times. And another nice goodey it gives you a Stratum 1 NTP server on your network.

How to get in touch with us? More information is available at this URL address.
Technical contact is IS [email protected] or you can e?mail me directly [email protected]. And after this session, I'll be outside at the demo stand and you are more than welcome to join me there and I'll show you these things in a little bit more detail.

Usually I would be finished here but today I am not. I have got one more thing for you. We are currently developing a completely new alarms framework and I have been talk ago little bit about it yet in the routing working group but since it has an application for all our information services, I would like to mention it here as well.

So, currently alarms in TTM are a little bit painful. We have an alarm system on every single text?box and each of one sends e?mail notification to the user. If you have more than one text?box you have to configure the alarm on all of the systems. It's not very nice to use, but we have got something new and something better coming there.

We built a very innovative three?stage alarm system. And it works like that. We have an input that can TTM or the routing information service or DNSMON. Then we have a filter stage, where you can define how the information that comes from the input should be analysed. And then you have an output that, an output stage where you can be alarmed via Syslog, maybe Jabber or SMS and e?mail.

As an I said we have these three stages, I am going to take one of these TTM inputs, the TTM input will supply the system with a delay value and a time value. And I want to be alarmed as soon as my delay goes over 30 milliseconds so I put in more than 0 milliseconds filter and connect toth to delay. On the bottom I want to be alarmed via e?mail as soon as something like that happens and I connected connect it it the more than filter. Of course we could also have another output mechanism like SMS. It is not available yet but just to show you how flexible the system is. We could have something like that in the future if there is demand for it and you can also connect it it it the more than filter. Then again some people don't want to be paged in the middle of the night and receive the text messages while they are sleeping, so we could put another filter in place, 9 a.m. to 5 p.m., I want to be also alerted via text messages. Connect it to the time and to the SMS output and you are done.

So, you can probably see how flexible that system is and how many possibilities you have there.

So, what is it all together? It will ab unified alarm system for all information services. At the moment we support RIS, and DNSMON for DNSMON customers, TTM will follow in the future. We have got full IPv6 support there recollect that's very nice. Possibility for new notifications, somebody yesterday requested already Jabber, other things might be responsible, I have heard some people talking about SNMP trap.

We have much improved response time for the system. We hope to have all of that real time in the future.

And it is available [email protected] /IS /alarms.

If you have old cots from MyASN or DNSMON, then you can migrate them at this URL.

And that's it. Any questions or comments?

CHAIRMAN: Questions or comments for Franz.

No? Then, thank you Franz.

Right. And that brings us to the last topic of the agenda, the Any Other Business.

There anything else people want to bring up this morning? Comments from Jabber? No? Going once... going twice... gone.

Okay. This concludes this fairly light weight session of the test traffic working group. I hope to see you all back in Amsterdam at the next RIPE meeting, RIPE 58, and as an usual, if you think you have something of interest to present on any of these topics, it doesn't have to be ?? it can be measurements in general, it doesn't have to be TTM, please contact Ian or myself.

Thank you.