Dear colleagues, Ahead of today’s BoF, we would like to share with you a working document listing the RIPE Database purpose and other usage. Please note that this is still a draft and that we are sharing it now only to facilitate the discussion during the BoF. You can register to the BoF at (no Zoom account required): https://ripe.zoom.us/meeting/register/tJMkd-yhrz4uHNDuOIBm8hGvcj8DSDK1Ybog See you soon online! Cheers, -- Shane *RIPE Database Purpose (draft)* -- Provide registration information of Internet number resources The RIPE Database contains various data sets for all Internet number resources administered by the RIPE NCC. This information is vital for the stability and growth of the global Internet system and allows users to find information for network troubleshooting and Internet coordination. As the Internet grows in scale and importance, it is imperative that resource holders maintain their information in the database to avoid inaccurate information which can slow down communication and misdirects investigations. All resource holders have agreed to adhere to the RIPE NCC policies which include keeping registration information up to date. -- Facilitating communication about usage of the resources The RIPE community has tasked the RIPE NCC to manage the RIPE Database as a public service, therefore the RIPE Internet Number Registry (RIPE INR) is designed to contain all of the needed information from the Internet number resources managed by the RIPE NCC within its service region. These details in the RIPE Database are maintained jointly by the RIPE NCC together with the resource holders and can easily be consulted at any time by community members. The members, through the availability of the RIPE Database, are facilitated in their tasks of coordinating between network operators (network problem resolution, outage notification etc.). The accuracy and availability of the RIPE Database ensure the correct availability of information related to the resources and their holders and maintainers (RIPE INR) and the uniqueness of Internet number resources usage through registration. The registry plays an important part in the operational coordination between Internet operators, because the design of the RIPE Database has to provide accurate registration information of the Internet number resources in order to meet a variety of operational requirements. Transparency and accountability of the administration of Internet number resources has always been very important, and the correct publication of the registry is an essential element of this transparency and accountability. -- Publishing routing policies by network operators (RIPE IRR) An important subset of the RIPE Database is the RIPE Routing Registry which holds information about routing on the Internet. The routing information is stored in routing policy information described in Autonomous System (AS) objects. The information in these AS objects shows how a particular network is routed on the internet. Announcing routing policies in the routing registry gives network operators an opportunity to configure their routers and filters accordingly. The RIPE Routing Registry is a part of the Internet Routing Registry (IRR), a collection of databases that mirror each other. The IRR is a globally distributed routing information database purposed to ensure the stability and consistency of Internet-wide routing by sharing information between network operators. -- Reverse Domain Name System (rDNS) The DNS Reverse Mapping is a DNS based service to map IP addresses back to domain names. The reverse DNS tree is structured to follow the address 'hierarchy' for both IPv4 (on octet boundaries) and IPv6 (on nibble boundaries). There is no formalised DNS mapping service for ASNs. Since the DNS reverse mapping is closely tied to the address space, delegations usually go to the party registered as holder for that particular address space. Providing DNS reverse mapping management functions (which do not include DNS name service itself) can be seen as a genuine function of both an RIR and an LIR. The RIPE Database is used as a provisioning and documentation tool for reverse DNS for IP addresses under RIPE NCC management. This enables the use of the core address registry for provisioning authorisation purposes (reverse mapping follows inetnum: and inet6num:). There are operational procedures, including technical checks, that guide the operation of the reverse DNS by the RIPE NCC. Those have been developed and maintained under guidance from the DNS and Database working groups. Other, non DNS specific, general rules apply to the objects used for provisioning reverse DNS to the database. -- The RPKI Database The Resource Public Key Infrastructure (RPKI) allows digital certificates to be associated to number resources, thereby providing resource holders with proof of holdership. Each LIR operates its own Certificate Authority (CA) or CA hierarchy, which is signed by the RIPE NCC's CA. The RIPE NCC acts as a root CA for RPKI, and provides the option both to host CA services for each LIR, and also the option to delegate this authority to a CA operated by the LIR. Although it has not traditionally been considered to be part of the RIPE Database, the portion of the RPKI hosted by the RIPE NCC relates to registration information for networks in the RIPE NCC service region. As such, it references and complements the RIPE Database. ------------------- Other Usage ------------------- -- Research into network operations and topology The RIPE Database provides researchers insight into the existing state of the internet and allows them to explore ways in which it can be improved. -- ENUM The ENUM Tier 0 registry is run by the RIPE NCC in response to a request from the Internet Architecture Board (IAB). The RIPE Database is used as a provisioning tool for the technical part of the DNS delegations under E164.ARPA. Registrations are approved by the ITU-T TSB, other decisions (e.g. introduction of DNSSEC) are coming from the IAB. While the ENUM has been subject of a specialised RIPE working group (ENUM WG, topic later inherited by the DNS WG), policy making was and is not a matter of these WGs. While ENUM is DNS based and not a genuine RIR function, when the task was assigned to the NCC, "domain:" objects were in much wider use in the RIPE Database - back then also several ccTLDs had used the RIPE Database as their "whois" repository. The naming structure of E164.ARPA is remotely comparable to the DNS reverse tree and the RIPE NCC as a neutral party fit in the role of a technical operations provider. -- Geolocation The RIPE Database provides functionality that allows resource holders to provide information about where IP addresses are used. Users can query the database directly for this information, and in addition software tools exist which in turn query the database or download the information regularly from database dumps. -- Enabling transfer of IP resources The RIPE Database is used to identify official holders of Internet number resources and their contact information which may be used for transfer purposes. The transfer of an Internet number resource from one party to another must abide by the RIPE Resource Transfer Policies and is not valid unless it is correctly reflected in the RIPE Database. The original resource holder remains responsible for an Internet number resource until the transfer to a receiving party is completed.