SlideShare a Scribd company logo

LEA Workshop 11/12/2013

APNIC
APNIC

LEA Workshop dated 11/12/2013

Presentations & Public Speaking
1 of 74
Download to read offline
APNIC Workshop for Law Enforcement Agencies (LEAs) Manila, Philippines 11 December, 2013
Presenters Craig Ng General Counsel, APNIC Craig is the General Counsel of APNIC. He is a member of the executive team at APNIC, and has overall responsibility for the corporate governance and legal affairs at APNIC. Craig is also responsible for APNIC's engagement and collaboration program with law enforcement agencies in the Asia Pacific region. Contact: Email: craig@apnic.net
Presenters Champika Wijayatunga (Champ) Training Unit Manager, APNIC Champika is responsible for managing its training activities in the Asia Pacific region and brings several years of experience, having worked in a number of countries in the IT industry, academia, research, and training environments. Areas of interests: Internet Resource Management, IPv6, DNS/DNSSEC, Network Security Contact: Email: champika@apnic.net
Agenda •  Introduction to APNIC –  Know about APNIC •  Internet Policy Development –  How the Internet Policies are developed •  Internet Challenges Today –  How APNIC can assist LEAs •  Internet Resource Registration –  APNIC Whois Database •  Resource Public Key Infrastructure (RPKI) –  How to Secure Routing 4
Intro to APNIC 5
The Regional Internet Registry for the Asia Pacific region
What is APNIC? •  Regional Internet Registry (RIR) for the Asia Pacific region –  One of five RIRs currently operating around the world •  Membership based organisation –  Non-profit, Open, Consensus-based and Transparent 8
APNIC’s Vision: A global, open, stable, and secure Internet that serves the entire Asia Pacific community. How we achieve this: •  Serving Members •  Supporting the Asia Pacific Region •  Collaborating with the Internet Community 9
APNIC’s Mission •  Function as the Regional Internet Registry for the Asia Pacific, in the service of the community of Members and others •  Provide Internet registry services to the highest possible standards of trust, neutrality, and accuracy •  Provide information, training, and supporting services to assist the community in building and managing the Internet •  Support critical Internet infrastructure to assist in creating and maintaining a robust Internet environment •  Provide leadership and advocacy in support of its vision and the community •  Facilitate regional Internet development as needed throughout the APNIC community 10
How APNIC support the Internet community •  Distribution and Registration of Internet Resources •  Facilitate the policy development process –  Via mailing lists, conferences etc. •  Training services •  Information dissemination •  Collaboration & Liaison
APNIC Eco System 12
Assisting LEAs •  APNIC has a fundamental role to play in the stability and security of the Internet, ensuring that the services we provide such as the APNIC Whois Database and Reverse DNS zone delegations are accurate, reliable, and up-to-date. •  LEAs are an important segment of the APNIC community. We collaborate, cooperate, and work together with them to ensure the Internet remains an open, secure, and stable platform •  Data from the Whois may be a source of information for the LEAs in our community. •  APNIC encourages the LEAs to participate in the APNIC Policy Development Process, and have your voices heard on issues that are important to you! 13
Internet Policy Development 14
Internet Policies •  Policies are constantly changing the meet the needs of the Internet operation •  There is a system in place called the Policy Development Process –  Anyone can participate –  Anyone can propose a policy –  All decisions & policies documented & freely available to anyone
OPEN TRANSPARENTBOTTOM UP Implement Need Discuss Consensus Evaluate Anyone can participate All decisions & policies are documented & available Internet community proposes and approves policy 16 Policy Development Process
How APNIC can help you? 17
Internet Challenges Today •  Internet Security –  Unauthorized Intrusions –  Denial of Service (DoS) Attacks –  Internal Attacks –  Non-compliance etc. •  Spam –  Unsolicited Commercial Email (UCE) & Unsolicited Bulk Email (UBE) –  Spam volume is exploding •  Network abuse –  RIR’s do not regulate conduct of Internet activity –  Investigation possibilities •  Cooperation of the network administrators •  Law enforcement agencies
APNIC Service offerings •  Whois Database – an important resource! –  Troubleshooting –  Tracking source of abuse –  Protecting address space to prevent hijacking •  Information dissemination –  APNIC Conferences •  Technical talks & tutorials –  Publications & Research •  Education –  Training courses, Workshops and Seminars
Steps we take to ensure Whois accuracy •  Member account opening –  verification of corporate existence with corporate registries or regulators (where possible) •  Membership renewal –  once a year –  email to corporate contact, with payment record –  Internet resources revoked if account not paid or renewed •  Transfer policies –  encourage registration of resources –  “value” of Internet resources encourage registration
Efforts in Preventing Network Abuse •  As a registry, APNIC adopts and applies policies for it’s community which address network abuse. APNIC does not have the capacity to investigate abuse complaints or the legal powers to regulate Internet activity. •  APNIC seeks to raise awareness of the need for responsible network management in the Asia Pacific, through training and communication.
Why APNIC appear as the source in some abuse search reports? •  Some designed to search the ARIN Whois database and may refer to APNIC as the culprit •  Many websites with Whois lookup functions has the same limitations •  However the IP addresses are registered by five RIRs on a regional basis
•  If a standard search refers you to APNIC – It means only that the network in question is registered in the Asia Pacific region – Does not mean that APNIC is responsible or that the hacker/spammer is using APNIC network Detecting the Abuse
Can APNIC stop Abuse? •  No, because… –  APNIC is not an ISP and does not provide network connectivity to other networks –  APNIC does not control Internet routing –  APNIC is not a law enforcement agency –  APNIC has no industry regulatory power
Investigation of Complaints •  Laws relating to network abuse vary from country to country •  Investigation possibilities –  Cooperation of the network administrators –  Law enforcement agencies •  Local jurisdiction •  Jurisdiction where the problem originates
What can you do? •  Use the APNIC Whois Database to obtain network contact information •  APNIC Whois may or may not show specific customer assignments for the addresses in question –  But will show the ISP holding APNIC space •  Contact the network responsible and also its ISP/upstream •  Contact APNIC for help, advice, training or support •  Community discussions can be raised in the APNIC conferences, mailing lists, etc.
Managing Internet Resources 27
IPv4 Address Space 28
IPv6 Address Space
IPv4 vs IPv6 Internet Source: CAIDA
IPv6 Addressing Structure 0 127 ISP /32 32 128 bits Customer Site /48 16 Subnet /64 16 64 Device /128
How IP Addresses are Delegated APNIC Delegates to APNIC Member Member (ISP) Customer / End User Delegates to customers ISP customer /8 APNIC Allocation /22 Member Allocation Sub- Allocation/24 /26/27 /25 Customer Assignments /26 /27 RegistryRealmOperatorsRealm
IP Address Management •  Portable Allocations –  Allocations made by APNIC •  Non Portable Allocations –  Allocations made by APNIC Members •  Portable Assignments –  Customer addresses independent from ISP –  Keeps addresses when changing ISP –  Bad for size of routing tables –  Bad for QoS: routes may be filtered, flap- dampened •  Non-portable Assignments –  Customer uses ISP’s address space –  Must renumber if changing ISP –  Helps scale the Internet effectively ISP Allocation Customer assignments Customer assignments ISP 33
Address Management Hierarchy Describes “portability” of the address space Non-Portable /12 APNIC Allocation Portable /48Assignment /64 - /48 Assignment APNIC Allocation /64 - /48Assignment Non-Portable Sub-allocation /40 /32Member Allocation Portable Non-Portable /12 34
Transferring IP Addresses •  Transfers, Mergers, Acquisitions are possible •  There are transfer policies exists to transfer IP addresses –  In the APNIC region –  Inter-RIR IPv4 Transfers •  Conditions on the source and recipient RIR will apply •  APNIC will review the status of IP allocations 35
APNIC Resource Quality Assurance •  Community awareness •  Build relationships with reputable organizations that maintain bogon/black list •  Keep the WHOIS Database accurate –  Actively remind resource holders to update their data
APNIC also manages Reverse DNS •  ‘Forward DNS’ maps names to numbers –  svc00.apnic.net è202.12.28.131 •  ‘Reverse DNS’ maps numbers to names –  202.12.28.131 è svc00.apnic.net Person (Host) Address (IPv4/IPv6) 37
Reverse DNS - why bother? •  Service denials –  That only allow access when fully reverse delegated •  Diagnostics –  Assisting in network troubleshooting •  Spam prevention –  Reverse lookup to confirm the mail servers and source of the email –  Failed lookup adds to an email’s spam score •  Registration responsibilities 38
whois Root DNS Principles – DNS Tree net edu com nz whois apnic arpa 22 .64 .in-addr.202 .arpa Mapping numbers to names - ‘reverse DNS’ 203 210 211..202RIR 6464ISP 2222 Customer in-addr 39
The APNIC Whois Database 40
The APNIC Whois Database •  Holds IP address records within the AP region •  Can use this database to track down the source of the network abuse –  IP addresses, ASNs, Reverse Domains, Routing policies •  Can find contact details of the relevant network administrators –  not the individual users –  use administrators log files to contact the individual involved
Resource Registration •  As part of the membership agreement with APNIC, all members are required to register their resources in the APNIC Whois database. •  Members must keep records up to date: –  Whenever there is a change in contacts –  When new resources are received –  When resources are sub-allocated or assigned 42
Whois Object Types OBJECT PURPOSE person contact persons role contact groups/roles inetnum IPv4 addresses Inet6num IPv6 addresses aut-num Autonomous System number domain reverse domains route prefixes being announced mntner (maintainer) data protection mnt-irt Incident Response Team http://www.apnic.net/db/ 43
How to use APNIC Whois •  Web browser –  http://www.apnic.net/whois •  Whois client or query tool –  whois.apnic.net •  Identify network contacts from the registration records –  IRT (Incident Response Team) if present –  Contact persons: “tech-c” or “admin-c”
What if Whois info is invalid? •  Members (ISPs) are responsible for reporting changes to APNIC –  Under formal membership agreement •  Report invalid ISP contacts to APNIC –  http://www.apnic.net/invalidcontact –  APNIC will contact member and update registration details
What if Whois info is invalid? •  Customer assignment information is the responsibility of ISPs –  ISPs are responsible for updating their customer network registrations •  Tools such as ‘traceroute’, ‘looking glass’ and RIS may be used to track the upstream provider if needed –  More information available from APNIC
Inetnum / Inet6num Objects •  Contains IP allocation and assignment information •  APNIC creates an inetnum (or inet6num) object for each allocation or assignment they make to the Member •  All members must create inetnum (or inet6num) objects for each sub-allocation or assignment they make to customers 47
APNIC Whois Registration
APNIC Whois Registration
APNIC Whois Registration
APNIC Whois Registration
Maintainer Hierarchy Diagram 52 Allocated to APNIC: Maint-by can only be changed by IANA Allocated to Member: Maint-by can only be changed by APNIC Sub-allocated to Customer: Maint-by can only be changed by Member
inetnum: Allocation (Created by APNIC) 3 Using the Whois – step by step Customer Assignments (Created by Member) person: nic-hdl: KX17-AP Contact info 1 Data Protection mntner: 2 inetnum: ... KX17-AP ... mnt-by: ... 4 inetnum: ... KX17-AP ... mnt-by: ... 5 inetnum: ... KX17-AP ... mnt-by: ... 6
Whois Database Queries –  Flags used for inetnum queries None one level less specific matches - L find all less specific matches - m find first level more specific matches - M find all More specific matches - x find exact match (if no match, nothing) - d enables use of flags for reverse domains - r turn off recursive lookups
inetnum: 202.64.0.0 – 202.64.15.255 202.64.0.0/20 inetnum: 202.0.0.0 – 202.255.255.255 202.0.0.0/8 Whois Database Query - inetnum 202.64.12.128/25 inetnum: whois -L 202.64.0.0 /20 whois 202.64.0.0 /20 whois –m 202.64.0.0 /20 inetnum: 202.64.15.192/26 inetnum: 202.64.10.0/24 More specific (= smaller blocks) Less specific (= bigger block)
Recursive Lookups •  whois 202.12.29.0 à –  whois -r 202.12.29.0 à –  whois -T inetnum 202.12.29.0 à –  whois -r -T inetnum 202.12.29.0 à personinetnum route inetnum route person personinetnum inetnum recursion enabled by default recursion turned off ‘type’ of object specified ‘type’ of object specified & recursion turned off , & & &
Inverse Queries •  Inverse queries are performed on inverse keys •  See object template (whois –t) •  Returns all public objects that reference the object with the key specified as a query argument •  Practical when searching for objects in which a particular value is referenced, such as your nic-hdl •  Syntax: whois -i <attribute> <value>
Customer Privacy •  Public data –  Includes portable addresses (inetnum objects), and other objects e.g.route objects –  Public data: must be visible •  Private data –  Can include non-portable addresses (inetnum objects) –  Members have the option to make private data visible •  Customer assignments –  Can be changed to be public data (public data is an optional choice)
What needs to be visible? IANA range Non-APNIC range APNIC range NIR rangeAPNIC allocations & assignments NIR allocations & assignments Customer assignments Infrastructure Sub-allocations must be visible visibility optional LIR/ISP PORTABLE addresses NON-PORTABLE addresses
APNIC Whois Database & the Internet Routing Registry •  APNIC Whois Database –  Two databases in one •  Public Network Management Database –  “Whois” info about networks & contact persons •  IP addresses, AS numbers etc •  Routing Registry –  contains routing information •  routing policy, routes, filters, peers etc. –  APNIC RR is part of the global IRR
Benefits of APNIC RR integrated in Whois Database •  Facilitates network troubleshooting •  Registration of routing policies •  Generation of router configurations •  Provides global view of routing
RPKI 62
What is RPKI? •  Resource Public Key Infrastructure (RPKI) •  A robust security framework for verifying the association between resource holder and their Internet resources •  Created to address the issues in RFC 4593 •  Uses X.509 v3 certificates –  With RFC3779 extensions •  Helps to secure Internet routing by validating routes –  Proof that prefix announcements are coming from the legitimate holder of the resource •  A system to manage the creation and storage of digital certificates and the associated Route Origin Authorization documents
Benefits of RPKI - Routing •  Prevents “Route Hijacking” –  when an entity participating in Internet routing announces a prefix without authorization –  Reason: malicious attack or operational mistake
“Right” to Resources •  ISP gets their resources from the RIR •  ISP notifies its upstream of the prefixes to be announce •  Upstream _must_ check the Whois database if resource has been delegated to customer ISP.
X.509 Certificate •  Resource certificates are based on the X.509 certificate format - RFC 5280 •  Extended by RFC 3779 – this extension binds a list of resources (IP, ASN) to the subject of the certificate
X.509 Certificate with 3779 Extension •  SIA – Subject Information Access; contains a URI that references the directoryX.509 Certificate RFC 3779 Extension SIA Owner's Public Key
Two Components •  Certificate Authority (CA) –  Internet Registries (RIR, NIR, Large LIR) –  Issue certificates for customers –  Allow customers to use the CA’s GUI to issue ROAs for their prefixes •  Relying Party (RP) –  Software which gathers data from CAs
Route Origin Authorisations (ROA) •  Certificate holder uses its private key to sign an ROA •  Verifies that an AS has been given permission by an address block holder to advertise routes to one or more fpxies without a blog. •  RPKI in the RIRs –  APNIC implemented RPKI Resource Certification
APNIC Resource Certification •  A robust security framework for verifying the association between resource holders and their Internet resources. •  Initiative from APNIC aimed at –  improving the security of inter-domain routing, and –  augmenting the information published in the Whois database •  Verifies a holder’s current “right-of-use” over an Internet resource
Resource Certification (APNIC) •  Verify signed data using the signer’s public key •  Verify public key through a chain of interlocking certificates that connect a Trust Anchor to the signer’s public key certificate. –  This is what we refer to as RPKI •  Why it’s important: –  Routing advertisements is now verifiable
Summary •  Introduction to APNIC –  Know about APNIC •  Internet Policy Development –  How the Internet Policies are developed •  Internet Challenges Today –  How APNIC can assist LEAs •  Internet Resource Registration –  APNIC Whois Database •  Resource Public Key Infrastructure (RPKI) –  How to Secure Routing 72
Questions?
Thank you!

Recommended

LEA Workshop dated 09052013
LEA Workshop dated 09052013LEA Workshop dated 09052013
LEA Workshop dated 09052013
APNIC
 
APNIC's role in stability and security - 4th APT Cybersecurity Forum
APNIC's role in stability and security - 4th APT Cybersecurity ForumAPNIC's role in stability and security - 4th APT Cybersecurity Forum
APNIC's role in stability and security - 4th APT Cybersecurity Forum
APNIC
 
ARIN on the Road
ARIN on the RoadARIN on the Road
ARIN on the Road
ARIN
 
APNIC IRM Tutorial, by Sheryl Hermoso [APRICOT 2015]
APNIC IRM Tutorial, by Sheryl Hermoso [APRICOT 2015]APNIC IRM Tutorial, by Sheryl Hermoso [APRICOT 2015]
APNIC IRM Tutorial, by Sheryl Hermoso [APRICOT 2015]
APNIC
 
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRTMMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
APNIC
 
Cybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNICCybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNIC
APNIC
 
Services Update ARM 3/bdNOG 1
Services Update ARM 3/bdNOG 1Services Update ARM 3/bdNOG 1
Services Update ARM 3/bdNOG 1
APNIC
 
What is APNIC: Infotel 2014
What is APNIC: Infotel 2014What is APNIC: Infotel 2014
What is APNIC: Infotel 2014
APNIC
 

Recommended

LEA Workshop dated 09052013
LEA Workshop dated 09052013LEA Workshop dated 09052013
LEA Workshop dated 09052013
APNIC
 
APNIC's role in stability and security - 4th APT Cybersecurity Forum
APNIC's role in stability and security - 4th APT Cybersecurity ForumAPNIC's role in stability and security - 4th APT Cybersecurity Forum
APNIC's role in stability and security - 4th APT Cybersecurity Forum
APNIC
 
ARIN on the Road
ARIN on the RoadARIN on the Road
ARIN on the Road
ARIN
 
APNIC IRM Tutorial, by Sheryl Hermoso [APRICOT 2015]
APNIC IRM Tutorial, by Sheryl Hermoso [APRICOT 2015]APNIC IRM Tutorial, by Sheryl Hermoso [APRICOT 2015]
APNIC IRM Tutorial, by Sheryl Hermoso [APRICOT 2015]
APNIC
 
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRTMMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
APNIC
 
Cybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNICCybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNIC
APNIC
 
Services Update ARM 3/bdNOG 1
Services Update ARM 3/bdNOG 1Services Update ARM 3/bdNOG 1
Services Update ARM 3/bdNOG 1
APNIC
 
What is APNIC: Infotel 2014
What is APNIC: Infotel 2014What is APNIC: Infotel 2014
What is APNIC: Infotel 2014
APNIC
 
ARM 7: ROA session
ARM 7: ROA sessionARM 7: ROA session
ARM 7: ROA session
APNIC
 
Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...
APNIC
 
APSIG 2016 - IANA Transition: Why do we care?
APSIG 2016 - IANA Transition: Why do we care?APSIG 2016 - IANA Transition: Why do we care?
APSIG 2016 - IANA Transition: Why do we care?
APNIC
 
IXP introduction
IXP introductionIXP introduction
IXP introduction
APNIC
 
Evolution Network
Evolution NetworkEvolution Network
Evolution Network
APNIC
 
IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38
APNIC
 
Policy Update ARM 3/bdNOG 1
Policy Update ARM 3/bdNOG 1Policy Update ARM 3/bdNOG 1
Policy Update ARM 3/bdNOG 1
APNIC
 
IPv6 Tutorial RIPE 60
IPv6 Tutorial RIPE 60IPv6 Tutorial RIPE 60
IPv6 Tutorial RIPE 60
RIPE Meetings
 
Internet measurement-ARM3/bdNOG1
Internet measurement-ARM3/bdNOG1Internet measurement-ARM3/bdNOG1
Internet measurement-ARM3/bdNOG1
APNIC
 
APT PRFP 11: IXPs
APT PRFP 11: IXPsAPT PRFP 11: IXPs
APT PRFP 11: IXPs
APNIC
 
Government Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionGovernment Policy and IPv6 Adoption
Government Policy and IPv6 Adoption
APNIC
 
CommuniCast 2014: APNIC Services Update
CommuniCast 2014: APNIC Services Update CommuniCast 2014: APNIC Services Update
CommuniCast 2014: APNIC Services Update
APNIC
 
APNIC Member Services
APNIC Member ServicesAPNIC Member Services
APNIC Member Services
APNIC
 
Jisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentationJisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentationJISC RSC Eastern
 
2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...
2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...
2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...
APNIC
 
IOT, It's the Internet...only bigger
IOT, It's the Internet...only biggerIOT, It's the Internet...only bigger
IOT, It's the Internet...only bigger
APNIC
 
Internet Operations and the RIRs
Internet Operations and the RIRsInternet Operations and the RIRs
Internet Operations and the RIRs
ARIN
 
APEC TEL 63: Building cyber resilience - Internet of communities
APEC TEL 63: Building cyber resilience - Internet of communitiesAPEC TEL 63: Building cyber resilience - Internet of communities
APEC TEL 63: Building cyber resilience - Internet of communities
APNIC
 
ARIN IP Address Stewardship
ARIN IP Address StewardshipARIN IP Address Stewardship
ARIN IP Address Stewardship
ARIN
 
IGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesIGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet Registries
APNIC
 
Whois - Addressing the Asia Pacifc
Whois - Addressing the Asia PacifcWhois - Addressing the Asia Pacifc
Whois - Addressing the Asia Pacifc
APNIC
 
UN INCB: RIRs and LEAs
UN INCB: RIRs and LEAsUN INCB: RIRs and LEAs
UN INCB: RIRs and LEAs
APNIC
 

More Related Content

What's hot

ARM 7: ROA session
ARM 7: ROA sessionARM 7: ROA session
ARM 7: ROA session
APNIC
 
Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...
APNIC
 
APSIG 2016 - IANA Transition: Why do we care?
APSIG 2016 - IANA Transition: Why do we care?APSIG 2016 - IANA Transition: Why do we care?
APSIG 2016 - IANA Transition: Why do we care?
APNIC
 
IXP introduction
IXP introductionIXP introduction
IXP introduction
APNIC
 
Evolution Network
Evolution NetworkEvolution Network
Evolution Network
APNIC
 
IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38
APNIC
 
Policy Update ARM 3/bdNOG 1
Policy Update ARM 3/bdNOG 1Policy Update ARM 3/bdNOG 1
Policy Update ARM 3/bdNOG 1
APNIC
 
IPv6 Tutorial RIPE 60
IPv6 Tutorial RIPE 60IPv6 Tutorial RIPE 60
IPv6 Tutorial RIPE 60
RIPE Meetings
 
Internet measurement-ARM3/bdNOG1
Internet measurement-ARM3/bdNOG1Internet measurement-ARM3/bdNOG1
Internet measurement-ARM3/bdNOG1
APNIC
 
APT PRFP 11: IXPs
APT PRFP 11: IXPsAPT PRFP 11: IXPs
APT PRFP 11: IXPs
APNIC
 
Government Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionGovernment Policy and IPv6 Adoption
Government Policy and IPv6 Adoption
APNIC
 
CommuniCast 2014: APNIC Services Update
CommuniCast 2014: APNIC Services Update CommuniCast 2014: APNIC Services Update
CommuniCast 2014: APNIC Services Update
APNIC
 
APNIC Member Services
APNIC Member ServicesAPNIC Member Services
APNIC Member Services
APNIC
 
Jisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentationJisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentationJISC RSC Eastern
 
2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...
2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...
2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...
APNIC
 
IOT, It's the Internet...only bigger
IOT, It's the Internet...only biggerIOT, It's the Internet...only bigger
IOT, It's the Internet...only bigger
APNIC
 
Internet Operations and the RIRs
Internet Operations and the RIRsInternet Operations and the RIRs
Internet Operations and the RIRs
ARIN
 
APEC TEL 63: Building cyber resilience - Internet of communities
APEC TEL 63: Building cyber resilience - Internet of communitiesAPEC TEL 63: Building cyber resilience - Internet of communities
APEC TEL 63: Building cyber resilience - Internet of communities
APNIC
 
ARIN IP Address Stewardship
ARIN IP Address StewardshipARIN IP Address Stewardship
ARIN IP Address Stewardship
ARIN
 
IGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesIGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet Registries
APNIC
 

What's hot (20)

ARM 7: ROA session
ARM 7: ROA sessionARM 7: ROA session
ARM 7: ROA session
 
Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...
 
APSIG 2016 - IANA Transition: Why do we care?
APSIG 2016 - IANA Transition: Why do we care?APSIG 2016 - IANA Transition: Why do we care?
APSIG 2016 - IANA Transition: Why do we care?
 
IXP introduction
IXP introductionIXP introduction
IXP introduction
 
Evolution Network
Evolution NetworkEvolution Network
Evolution Network
 
IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38
 
Policy Update ARM 3/bdNOG 1
Policy Update ARM 3/bdNOG 1Policy Update ARM 3/bdNOG 1
Policy Update ARM 3/bdNOG 1
 
IPv6 Tutorial RIPE 60
IPv6 Tutorial RIPE 60IPv6 Tutorial RIPE 60
IPv6 Tutorial RIPE 60
 
Internet measurement-ARM3/bdNOG1
Internet measurement-ARM3/bdNOG1Internet measurement-ARM3/bdNOG1
Internet measurement-ARM3/bdNOG1
 
APT PRFP 11: IXPs
APT PRFP 11: IXPsAPT PRFP 11: IXPs
APT PRFP 11: IXPs
 
Government Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionGovernment Policy and IPv6 Adoption
Government Policy and IPv6 Adoption
 
CommuniCast 2014: APNIC Services Update
CommuniCast 2014: APNIC Services Update CommuniCast 2014: APNIC Services Update
CommuniCast 2014: APNIC Services Update
 
APNIC Member Services
APNIC Member ServicesAPNIC Member Services
APNIC Member Services
 
Jisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentationJisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentation
 
2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...
2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...
2nd ICANN APAC-TWNIC Engagement Forum: APNIC Policy Framework and Development...
 
IOT, It's the Internet...only bigger
IOT, It's the Internet...only biggerIOT, It's the Internet...only bigger
IOT, It's the Internet...only bigger
 
Internet Operations and the RIRs
Internet Operations and the RIRsInternet Operations and the RIRs
Internet Operations and the RIRs
 
APEC TEL 63: Building cyber resilience - Internet of communities
APEC TEL 63: Building cyber resilience - Internet of communitiesAPEC TEL 63: Building cyber resilience - Internet of communities
APEC TEL 63: Building cyber resilience - Internet of communities
 
ARIN IP Address Stewardship
ARIN IP Address StewardshipARIN IP Address Stewardship
ARIN IP Address Stewardship
 
IGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesIGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet Registries
 

Similar to LEA Workshop 11/12/2013

Whois - Addressing the Asia Pacifc
Whois - Addressing the Asia PacifcWhois - Addressing the Asia Pacifc
Whois - Addressing the Asia Pacifc
APNIC
 
UN INCB: RIRs and LEAs
UN INCB: RIRs and LEAsUN INCB: RIRs and LEAs
UN INCB: RIRs and LEAs
APNIC
 
How APNIC can support law enforcement agencies in cybercrime investigtaion
How APNIC can support law enforcement agencies in cybercrime investigtaionHow APNIC can support law enforcement agencies in cybercrime investigtaion
How APNIC can support law enforcement agencies in cybercrime investigtaion
APNIC
 
PacNOG 23: APNIC Regional Update
PacNOG 23: APNIC Regional UpdatePacNOG 23: APNIC Regional Update
PacNOG 23: APNIC Regional Update
APNIC
 
apnic handling-network-abuse
apnic handling-network-abuseapnic handling-network-abuse
apnic handling-network-abuseAPNIC
 
APNIC Policy Webinar
APNIC Policy Webinar APNIC Policy Webinar
APNIC Policy Webinar
Siena Perry
 
KHNOG 5: APNIC Services
KHNOG 5: APNIC ServicesKHNOG 5: APNIC Services
KHNOG 5: APNIC Services
APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC
 
Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24
APNIC
 
ISCR2013
ISCR2013ISCR2013
ISCR2013
APNIC
 
Apnic-irme
Apnic-irmeApnic-irme
Apnic-irme
Nguyen Minh Thu
 
APNIC Report - APStar retreat
APNIC Report - APStar retreatAPNIC Report - APStar retreat
APNIC Report - APStar retreat
APNIC
 
Policy Development Process/Internet Eco System by Adam Gosling
Policy Development Process/Internet Eco System by Adam GoslingPolicy Development Process/Internet Eco System by Adam Gosling
Policy Development Process/Internet Eco System by Adam Gosling
MyNOG
 
IP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation ForumIP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation Forum
APNIC
 
APNIC Regional Update: PacINET 2014
APNIC Regional Update: PacINET 2014APNIC Regional Update: PacINET 2014
APNIC Regional Update: PacINET 2014
APNIC
 
40th TWNIC Open Policy Meeting: APNIC PDP update
40th TWNIC Open Policy Meeting: APNIC PDP update40th TWNIC Open Policy Meeting: APNIC PDP update
40th TWNIC Open Policy Meeting: APNIC PDP update
APNIC
 
IDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry SystemIDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry System
APNIC
 
Nznog2014 apnic updates
Nznog2014 apnic updatesNznog2014 apnic updates
Nznog2014 apnic updates
APNIC
 
APNIC Update - Member Briefing
APNIC Update - Member BriefingAPNIC Update - Member Briefing
APNIC Update - Member Briefing
APNIC
 

Similar to LEA Workshop 11/12/2013 (20)

Whois - Addressing the Asia Pacifc
Whois - Addressing the Asia PacifcWhois - Addressing the Asia Pacifc
Whois - Addressing the Asia Pacifc
 
UN INCB: RIRs and LEAs
UN INCB: RIRs and LEAsUN INCB: RIRs and LEAs
UN INCB: RIRs and LEAs
 
How APNIC can support law enforcement agencies in cybercrime investigtaion
How APNIC can support law enforcement agencies in cybercrime investigtaionHow APNIC can support law enforcement agencies in cybercrime investigtaion
How APNIC can support law enforcement agencies in cybercrime investigtaion
 
PacNOG 23: APNIC Regional Update
PacNOG 23: APNIC Regional UpdatePacNOG 23: APNIC Regional Update
PacNOG 23: APNIC Regional Update
 
apnic handling-network-abuse
apnic handling-network-abuseapnic handling-network-abuse
apnic handling-network-abuse
 
09 (IDNOG01) Introduction about APNIC by Wita Laksono
09 (IDNOG01) Introduction about APNIC by Wita Laksono09 (IDNOG01) Introduction about APNIC by Wita Laksono
09 (IDNOG01) Introduction about APNIC by Wita Laksono
 
APNIC Policy Webinar
APNIC Policy Webinar APNIC Policy Webinar
APNIC Policy Webinar
 
KHNOG 5: APNIC Services
KHNOG 5: APNIC ServicesKHNOG 5: APNIC Services
KHNOG 5: APNIC Services
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24Internet Resource Management Tutorial at SANOG 24
Internet Resource Management Tutorial at SANOG 24
 
ISCR2013
ISCR2013ISCR2013
ISCR2013
 
Apnic-irme
Apnic-irmeApnic-irme
Apnic-irme
 
APNIC Report - APStar retreat
APNIC Report - APStar retreatAPNIC Report - APStar retreat
APNIC Report - APStar retreat
 
Policy Development Process/Internet Eco System by Adam Gosling
Policy Development Process/Internet Eco System by Adam GoslingPolicy Development Process/Internet Eco System by Adam Gosling
Policy Development Process/Internet Eco System by Adam Gosling
 
IP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation ForumIP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation Forum
 
APNIC Regional Update: PacINET 2014
APNIC Regional Update: PacINET 2014APNIC Regional Update: PacINET 2014
APNIC Regional Update: PacINET 2014
 
40th TWNIC Open Policy Meeting: APNIC PDP update
40th TWNIC Open Policy Meeting: APNIC PDP update40th TWNIC Open Policy Meeting: APNIC PDP update
40th TWNIC Open Policy Meeting: APNIC PDP update
 
IDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry SystemIDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry System
 
Nznog2014 apnic updates
Nznog2014 apnic updatesNznog2014 apnic updates
Nznog2014 apnic updates
 
APNIC Update - Member Briefing
APNIC Update - Member BriefingAPNIC Update - Member Briefing
APNIC Update - Member Briefing
 

More from APNIC

APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
APNIC
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
APNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
APNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
APNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
APNIC
 

More from APNIC (20)

APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 

Recently uploaded

Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Sebastiano Panichella
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Matjaž Lipuš
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
Sebastiano Panichella
 
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
OECD Directorate for Financial and Enterprise Affairs
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
khadija278284
 
Eureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 PresentationEureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 Presentation
Access Innovations, Inc.
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
Howard Spence
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
Faculty of Medicine And Health Sciences
 
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Orkestra
 
Getting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control TowerGetting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control Tower
Vladimir Samoylov
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Sebastiano Panichella
 
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
OWASP Beja
 
Acorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutesAcorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutes
IP ServerOne
 

Recently uploaded (13)

Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
 
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
Competition and Regulation in Professional Services – KLEINER – June 2024 OEC...
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
 
Eureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 PresentationEureka, I found it! - Special Libraries Association 2021 Presentation
Eureka, I found it! - Special Libraries Association 2021 Presentation
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
 
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...
 
Getting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control TowerGetting started with Amazon Bedrock Studio and Control Tower
Getting started with Amazon Bedrock Studio and Control Tower
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
 
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers0x01 - Newton's Third Law: Static vs. Dynamic Abusers
0x01 - Newton's Third Law: Static vs. Dynamic Abusers
 
Acorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutesAcorn Recovery: Restore IT infra within minutes
Acorn Recovery: Restore IT infra within minutes
 

LEA Workshop 11/12/2013

  • 1. APNIC Workshop for Law Enforcement Agencies (LEAs) Manila, Philippines 11 December, 2013
  • 2. Presenters Craig Ng General Counsel, APNIC Craig is the General Counsel of APNIC. He is a member of the executive team at APNIC, and has overall responsibility for the corporate governance and legal affairs at APNIC. Craig is also responsible for APNIC's engagement and collaboration program with law enforcement agencies in the Asia Pacific region. Contact: Email: craig@apnic.net
  • 3. Presenters Champika Wijayatunga (Champ) Training Unit Manager, APNIC Champika is responsible for managing its training activities in the Asia Pacific region and brings several years of experience, having worked in a number of countries in the IT industry, academia, research, and training environments. Areas of interests: Internet Resource Management, IPv6, DNS/DNSSEC, Network Security Contact: Email: champika@apnic.net
  • 4. Agenda •  Introduction to APNIC –  Know about APNIC •  Internet Policy Development –  How the Internet Policies are developed •  Internet Challenges Today –  How APNIC can assist LEAs •  Internet Resource Registration –  APNIC Whois Database •  Resource Public Key Infrastructure (RPKI) –  How to Secure Routing 4
  • 6.
  • 8. What is APNIC? •  Regional Internet Registry (RIR) for the Asia Pacific region –  One of five RIRs currently operating around the world •  Membership based organisation –  Non-profit, Open, Consensus-based and Transparent 8
  • 9. APNIC’s Vision: A global, open, stable, and secure Internet that serves the entire Asia Pacific community. How we achieve this: •  Serving Members •  Supporting the Asia Pacific Region •  Collaborating with the Internet Community 9
  • 10. APNIC’s Mission •  Function as the Regional Internet Registry for the Asia Pacific, in the service of the community of Members and others •  Provide Internet registry services to the highest possible standards of trust, neutrality, and accuracy •  Provide information, training, and supporting services to assist the community in building and managing the Internet •  Support critical Internet infrastructure to assist in creating and maintaining a robust Internet environment •  Provide leadership and advocacy in support of its vision and the community •  Facilitate regional Internet development as needed throughout the APNIC community 10
  • 11. How APNIC support the Internet community •  Distribution and Registration of Internet Resources •  Facilitate the policy development process –  Via mailing lists, conferences etc. •  Training services •  Information dissemination •  Collaboration & Liaison
  • 13. Assisting LEAs •  APNIC has a fundamental role to play in the stability and security of the Internet, ensuring that the services we provide such as the APNIC Whois Database and Reverse DNS zone delegations are accurate, reliable, and up-to-date. •  LEAs are an important segment of the APNIC community. We collaborate, cooperate, and work together with them to ensure the Internet remains an open, secure, and stable platform •  Data from the Whois may be a source of information for the LEAs in our community. •  APNIC encourages the LEAs to participate in the APNIC Policy Development Process, and have your voices heard on issues that are important to you! 13
  • 15. Internet Policies •  Policies are constantly changing the meet the needs of the Internet operation •  There is a system in place called the Policy Development Process –  Anyone can participate –  Anyone can propose a policy –  All decisions & policies documented & freely available to anyone
  • 16. OPEN TRANSPARENTBOTTOM UP Implement Need Discuss Consensus Evaluate Anyone can participate All decisions & policies are documented & available Internet community proposes and approves policy 16 Policy Development Process
  • 18. Internet Challenges Today •  Internet Security –  Unauthorized Intrusions –  Denial of Service (DoS) Attacks –  Internal Attacks –  Non-compliance etc. •  Spam –  Unsolicited Commercial Email (UCE) & Unsolicited Bulk Email (UBE) –  Spam volume is exploding •  Network abuse –  RIR’s do not regulate conduct of Internet activity –  Investigation possibilities •  Cooperation of the network administrators •  Law enforcement agencies
  • 19. APNIC Service offerings •  Whois Database – an important resource! –  Troubleshooting –  Tracking source of abuse –  Protecting address space to prevent hijacking •  Information dissemination –  APNIC Conferences •  Technical talks & tutorials –  Publications & Research •  Education –  Training courses, Workshops and Seminars
  • 20. Steps we take to ensure Whois accuracy •  Member account opening –  verification of corporate existence with corporate registries or regulators (where possible) •  Membership renewal –  once a year –  email to corporate contact, with payment record –  Internet resources revoked if account not paid or renewed •  Transfer policies –  encourage registration of resources –  “value” of Internet resources encourage registration
  • 21. Efforts in Preventing Network Abuse •  As a registry, APNIC adopts and applies policies for it’s community which address network abuse. APNIC does not have the capacity to investigate abuse complaints or the legal powers to regulate Internet activity. •  APNIC seeks to raise awareness of the need for responsible network management in the Asia Pacific, through training and communication.
  • 22. Why APNIC appear as the source in some abuse search reports? •  Some designed to search the ARIN Whois database and may refer to APNIC as the culprit •  Many websites with Whois lookup functions has the same limitations •  However the IP addresses are registered by five RIRs on a regional basis
  • 23. •  If a standard search refers you to APNIC – It means only that the network in question is registered in the Asia Pacific region – Does not mean that APNIC is responsible or that the hacker/spammer is using APNIC network Detecting the Abuse
  • 24. Can APNIC stop Abuse? •  No, because… –  APNIC is not an ISP and does not provide network connectivity to other networks –  APNIC does not control Internet routing –  APNIC is not a law enforcement agency –  APNIC has no industry regulatory power
  • 25. Investigation of Complaints •  Laws relating to network abuse vary from country to country •  Investigation possibilities –  Cooperation of the network administrators –  Law enforcement agencies •  Local jurisdiction •  Jurisdiction where the problem originates
  • 26. What can you do? •  Use the APNIC Whois Database to obtain network contact information •  APNIC Whois may or may not show specific customer assignments for the addresses in question –  But will show the ISP holding APNIC space •  Contact the network responsible and also its ISP/upstream •  Contact APNIC for help, advice, training or support •  Community discussions can be raised in the APNIC conferences, mailing lists, etc.
  • 30. IPv4 vs IPv6 Internet Source: CAIDA
  • 31. IPv6 Addressing Structure 0 127 ISP /32 32 128 bits Customer Site /48 16 Subnet /64 16 64 Device /128
  • 32. How IP Addresses are Delegated APNIC Delegates to APNIC Member Member (ISP) Customer / End User Delegates to customers ISP customer /8 APNIC Allocation /22 Member Allocation Sub- Allocation/24 /26/27 /25 Customer Assignments /26 /27 RegistryRealmOperatorsRealm
  • 33. IP Address Management •  Portable Allocations –  Allocations made by APNIC •  Non Portable Allocations –  Allocations made by APNIC Members •  Portable Assignments –  Customer addresses independent from ISP –  Keeps addresses when changing ISP –  Bad for size of routing tables –  Bad for QoS: routes may be filtered, flap- dampened •  Non-portable Assignments –  Customer uses ISP’s address space –  Must renumber if changing ISP –  Helps scale the Internet effectively ISP Allocation Customer assignments Customer assignments ISP 33
  • 34. Address Management Hierarchy Describes “portability” of the address space Non-Portable /12 APNIC Allocation Portable /48Assignment /64 - /48 Assignment APNIC Allocation /64 - /48Assignment Non-Portable Sub-allocation /40 /32Member Allocation Portable Non-Portable /12 34
  • 35. Transferring IP Addresses •  Transfers, Mergers, Acquisitions are possible •  There are transfer policies exists to transfer IP addresses –  In the APNIC region –  Inter-RIR IPv4 Transfers •  Conditions on the source and recipient RIR will apply •  APNIC will review the status of IP allocations 35
  • 36. APNIC Resource Quality Assurance •  Community awareness •  Build relationships with reputable organizations that maintain bogon/black list •  Keep the WHOIS Database accurate –  Actively remind resource holders to update their data
  • 37. APNIC also manages Reverse DNS •  ‘Forward DNS’ maps names to numbers –  svc00.apnic.net è202.12.28.131 •  ‘Reverse DNS’ maps numbers to names –  202.12.28.131 è svc00.apnic.net Person (Host) Address (IPv4/IPv6) 37
  • 38. Reverse DNS - why bother? •  Service denials –  That only allow access when fully reverse delegated •  Diagnostics –  Assisting in network troubleshooting •  Spam prevention –  Reverse lookup to confirm the mail servers and source of the email –  Failed lookup adds to an email’s spam score •  Registration responsibilities 38
  • 39. whois Root DNS Principles – DNS Tree net edu com nz whois apnic arpa 22 .64 .in-addr.202 .arpa Mapping numbers to names - ‘reverse DNS’ 203 210 211..202RIR 6464ISP 2222 Customer in-addr 39
  • 41. The APNIC Whois Database •  Holds IP address records within the AP region •  Can use this database to track down the source of the network abuse –  IP addresses, ASNs, Reverse Domains, Routing policies •  Can find contact details of the relevant network administrators –  not the individual users –  use administrators log files to contact the individual involved
  • 42. Resource Registration •  As part of the membership agreement with APNIC, all members are required to register their resources in the APNIC Whois database. •  Members must keep records up to date: –  Whenever there is a change in contacts –  When new resources are received –  When resources are sub-allocated or assigned 42
  • 43. Whois Object Types OBJECT PURPOSE person contact persons role contact groups/roles inetnum IPv4 addresses Inet6num IPv6 addresses aut-num Autonomous System number domain reverse domains route prefixes being announced mntner (maintainer) data protection mnt-irt Incident Response Team http://www.apnic.net/db/ 43
  • 44. How to use APNIC Whois •  Web browser –  http://www.apnic.net/whois •  Whois client or query tool –  whois.apnic.net •  Identify network contacts from the registration records –  IRT (Incident Response Team) if present –  Contact persons: “tech-c” or “admin-c”
  • 45. What if Whois info is invalid? •  Members (ISPs) are responsible for reporting changes to APNIC –  Under formal membership agreement •  Report invalid ISP contacts to APNIC –  http://www.apnic.net/invalidcontact –  APNIC will contact member and update registration details
  • 46. What if Whois info is invalid? •  Customer assignment information is the responsibility of ISPs –  ISPs are responsible for updating their customer network registrations •  Tools such as ‘traceroute’, ‘looking glass’ and RIS may be used to track the upstream provider if needed –  More information available from APNIC
  • 47. Inetnum / Inet6num Objects •  Contains IP allocation and assignment information •  APNIC creates an inetnum (or inet6num) object for each allocation or assignment they make to the Member •  All members must create inetnum (or inet6num) objects for each sub-allocation or assignment they make to customers 47
  • 52. Maintainer Hierarchy Diagram 52 Allocated to APNIC: Maint-by can only be changed by IANA Allocated to Member: Maint-by can only be changed by APNIC Sub-allocated to Customer: Maint-by can only be changed by Member
  • 53. inetnum: Allocation (Created by APNIC) 3 Using the Whois – step by step Customer Assignments (Created by Member) person: nic-hdl: KX17-AP Contact info 1 Data Protection mntner: 2 inetnum: ... KX17-AP ... mnt-by: ... 4 inetnum: ... KX17-AP ... mnt-by: ... 5 inetnum: ... KX17-AP ... mnt-by: ... 6
  • 54. Whois Database Queries –  Flags used for inetnum queries None one level less specific matches - L find all less specific matches - m find first level more specific matches - M find all More specific matches - x find exact match (if no match, nothing) - d enables use of flags for reverse domains - r turn off recursive lookups
  • 55. inetnum: 202.64.0.0 – 202.64.15.255 202.64.0.0/20 inetnum: 202.0.0.0 – 202.255.255.255 202.0.0.0/8 Whois Database Query - inetnum 202.64.12.128/25 inetnum: whois -L 202.64.0.0 /20 whois 202.64.0.0 /20 whois –m 202.64.0.0 /20 inetnum: 202.64.15.192/26 inetnum: 202.64.10.0/24 More specific (= smaller blocks) Less specific (= bigger block)
  • 56. Recursive Lookups •  whois 202.12.29.0 à –  whois -r 202.12.29.0 à –  whois -T inetnum 202.12.29.0 à –  whois -r -T inetnum 202.12.29.0 à personinetnum route inetnum route person personinetnum inetnum recursion enabled by default recursion turned off ‘type’ of object specified ‘type’ of object specified & recursion turned off , & & &
  • 57. Inverse Queries •  Inverse queries are performed on inverse keys •  See object template (whois –t) •  Returns all public objects that reference the object with the key specified as a query argument •  Practical when searching for objects in which a particular value is referenced, such as your nic-hdl •  Syntax: whois -i <attribute> <value>
  • 58. Customer Privacy •  Public data –  Includes portable addresses (inetnum objects), and other objects e.g.route objects –  Public data: must be visible •  Private data –  Can include non-portable addresses (inetnum objects) –  Members have the option to make private data visible •  Customer assignments –  Can be changed to be public data (public data is an optional choice)
  • 59. What needs to be visible? IANA range Non-APNIC range APNIC range NIR rangeAPNIC allocations & assignments NIR allocations & assignments Customer assignments Infrastructure Sub-allocations must be visible visibility optional LIR/ISP PORTABLE addresses NON-PORTABLE addresses
  • 60. APNIC Whois Database & the Internet Routing Registry •  APNIC Whois Database –  Two databases in one •  Public Network Management Database –  “Whois” info about networks & contact persons •  IP addresses, AS numbers etc •  Routing Registry –  contains routing information •  routing policy, routes, filters, peers etc. –  APNIC RR is part of the global IRR
  • 61. Benefits of APNIC RR integrated in Whois Database •  Facilitates network troubleshooting •  Registration of routing policies •  Generation of router configurations •  Provides global view of routing
  • 63. What is RPKI? •  Resource Public Key Infrastructure (RPKI) •  A robust security framework for verifying the association between resource holder and their Internet resources •  Created to address the issues in RFC 4593 •  Uses X.509 v3 certificates –  With RFC3779 extensions •  Helps to secure Internet routing by validating routes –  Proof that prefix announcements are coming from the legitimate holder of the resource •  A system to manage the creation and storage of digital certificates and the associated Route Origin Authorization documents
  • 64. Benefits of RPKI - Routing •  Prevents “Route Hijacking” –  when an entity participating in Internet routing announces a prefix without authorization –  Reason: malicious attack or operational mistake
  • 65. “Right” to Resources •  ISP gets their resources from the RIR •  ISP notifies its upstream of the prefixes to be announce •  Upstream _must_ check the Whois database if resource has been delegated to customer ISP.
  • 66. X.509 Certificate •  Resource certificates are based on the X.509 certificate format - RFC 5280 •  Extended by RFC 3779 – this extension binds a list of resources (IP, ASN) to the subject of the certificate
  • 67. X.509 Certificate with 3779 Extension •  SIA – Subject Information Access; contains a URI that references the directoryX.509 Certificate RFC 3779 Extension SIA Owner's Public Key
  • 68. Two Components •  Certificate Authority (CA) –  Internet Registries (RIR, NIR, Large LIR) –  Issue certificates for customers –  Allow customers to use the CA’s GUI to issue ROAs for their prefixes •  Relying Party (RP) –  Software which gathers data from CAs
  • 69. Route Origin Authorisations (ROA) •  Certificate holder uses its private key to sign an ROA •  Verifies that an AS has been given permission by an address block holder to advertise routes to one or more fpxies without a blog. •  RPKI in the RIRs –  APNIC implemented RPKI Resource Certification
  • 70. APNIC Resource Certification •  A robust security framework for verifying the association between resource holders and their Internet resources. •  Initiative from APNIC aimed at –  improving the security of inter-domain routing, and –  augmenting the information published in the Whois database •  Verifies a holder’s current “right-of-use” over an Internet resource
  • 71. Resource Certification (APNIC) •  Verify signed data using the signer’s public key •  Verify public key through a chain of interlocking certificates that connect a Trust Anchor to the signer’s public key certificate. –  This is what we refer to as RPKI •  Why it’s important: –  Routing advertisements is now verifiable
  • 72. Summary •  Introduction to APNIC –  Know about APNIC •  Internet Policy Development –  How the Internet Policies are developed •  Internet Challenges Today –  How APNIC can assist LEAs •  Internet Resource Registration –  APNIC Whois Database •  Resource Public Key Infrastructure (RPKI) –  How to Secure Routing 72