[Apologies for duplicate emails]
Dear colleagues,
Based on recent discussions on the RIPE Address Policy WG mailing list,
the RIPE NCC is now seeking policy related action from the RIPE
community with regards to clear guidelines on how it should proceed with
certifying transferred IPv4 allocations.
It has recently come to our notice, via two of the policy authors, that
the original intention (in 2007) of the sentence "Re-allocated blocks
will be signed to establish the current allocation owner" was that the
transferred block *must* be signed *after* the transfer in order to
completely establish holdership.
This sentence can be found under section 5.5 of "IPv4 Address Allocation
and Assignment Policies for the RIPE NCC Service Region" here:
http://www.ripe.net/ripe/docs/ripe-582#Transfers-of-Allocations
Because the RIPE community provided guidance saying that certification
should be an opt-in system, the RIPE NCC built an RPKI Certification
system based on this opt-in notion, therefore it is not currently
possible for the RIPE NCC to issue certificates without the resource
holder initiating the process.
Therefore, the RIPE NCC's interpretation and implementation of this
specific sentence has been:
Registration Services verifies and reflects the change in holdership of
the re-allocated blocks by updating the database objects and internal
records following the transfer. Any certificates that had been attached
to these number resources before the transfer automatically become
invalid/revoked due to the holdership change. The transfer recipient can
then request a new certificate for the address space and the RIPE NCC
will proceed to sign these resources to establish the current allocation
holder.
Therefore, the RIPE NCC does not make certification of any resources
mandatory.
As the sentence in section 5.5 of "IPv4 Address Allocation and
Assignment Policies for the RIPE NCC Service Region" is open to
interpretation, the RIPE NCC is seeking representative(s) from the RIPE
community to submit an update to ripe-582 that will replace this
sentence with more accurate and appropriate wording or perhaps remove it
completely.
Kind regards,
Andrew de la Haye
Chief Operations Officer
RIPE NCC