23 May 2016

Thoughts on RIPE Chair Election

This note has been posted on RIPE Labs:
Draft RIPE Chair Election Procedure

When Rob Blokzijl stepped down, he handed over the role as Chair of RIPE to me in the closing plenary of RIPE 68 in Prague, 16 May 2014. Rob had been the RIPE Chair for 25 years since 1989 and there has not been any procedure for selecting the Chair. Rob tasked me to put in place a procedure to elect my successor.

It has also come up during the RIPE NCC Consultation Report
"In terms of transparency, respondents asked why there was no election to choose the new RIPE Chair. Respondents noted that they were very supportive of the new RIPE Chair but that they would have liked to have been involved in the process by which he was selected."
Looking back, the RIPE community have a couple election procedures already. The first one put in place was the procedure to elect the RIPE NCC Executive Board when RIPE NCC separated from TERENA and to become a separate legal entity.  See the RIPE NCC Articles of Association, Article 9.1 Executive  Board: Appointment, Suspension and Dismissal.

We are always careful to state that the RIPE community is bigger than the RIPE NCC membership - but the principles of the process has been established by the community - so we are not completely strangers to elections and voting.  

Since then, we have also introduced voting to select the NRO NC members (serving as ICANN ASO Address Council). First time in 1999 when I was elected to the first Address Council - done by paper ballot for those present in the room at the RIPE Meeting at the time of the election.
With the introduction of the Programme Committee, elections are done electronically, which draws more votes than the paper ballot in a room at the meeting. The introduction of electronic voting at the RIPE NCC General Assembly has also increased the number of votes significantly. 

The essence of the RIPE NCC Executive Board election procedure is that there is an open call for nominations for no less than six weeks and closes three weeks before the election, and you need written support by five others in order to be nominated.  

The remaining piece in the puzzle is to define “the RIPE community” in order to determine who can vote. As we are somewhat related to the IETF, we can go to their procedures and look at RFC 3777 which sets their  criteria for being elected to their NOMCOM to participating in three out of the five last IETF meetings. 

It is however possible to participate in the RIPE community without being present at meetings. We may want to consider adding a criteria to include those participating on mailing lists.  

In order to make the process well known in the community, I will suggest that we use the same process for both selecting the RIPE Chair and the NRO NC members. This has the advantage of reducing the number of different procedures to understand but it also gives us an opportunity to beta test the mechanics of the procedure before it is used for the RIPE Chair election.  

So, putting the pieces together, we get the following high level procedure:
  • Open call for nominations
  • Require support from five members of the community
  • Presentation of candidates at RIPE Meeting
  • Electronic vote open to the RIPE community
  • Oversight by a committee of trusted individuals
I have discussed this with the RIPE NCC staff involved in the other elections and they have been kind to write a more detailed proposal.

For the timeline, I propose the following:
  • Present the draft procedure at RIPE 72 in Copenhagen on 26 May 2016

  • Publish the proposal to the RIPE community on the ripe-list@ripe.net
  • Gather input and call for consensus
  • Use the process for selecting the NRO NC member at RIPE 73 in Madrid, October 2016
  • Use the process for electing RIPE Chair at RIPE 74 in May 2017

RIPE Chair Report May 2016

The RIPE 72 meeting in Copenhagen is starting in one hour and I wanted to share some of my experiences since the last RIPE meeting in Bucharest in November 2015.

Shortly after the RIPE Meeting, I got the sad message that Rob Blokzijl had passed away.

My thoughts go back to the first RIPE Meeting I attended at NIKHEF. Rob quickly put me to work as scribe in one of the working groups, and from then I was drawn into the community.  I will miss his concise interventions when discussions go off track, and cheerful chats in the corridors and at the social events.

"What would Rob have done" is a question I have found myself asking, and I could always get an answer from Rob.

But not any more.

Rob, you will be greatly missed in our community - but also remembered for a long time to come.

The Internet in our part of the world would not have been the same without you.

Internet New Year

After New Year's, I was invited to take part in the Chairpersons’ debate at the Internet New Year Event in Amsterdam.

After others pointed to the IANA stewardship transition and technological developments, my take on this was that the ruling by The Court of Justice declaring that the Commission’s US Safe Harbor Decision was invalid

is the event that will have the biggest impact on the Internet for Europeans. This ruling puts a limitation on the use of the open Internet across borders. This may present an opportunity for EU business to step up the competition against the US Cloud industry, and it may also bring back a more distributed computing model as a good alternative to the “Mainframe” style centralisation of the Cloud vendors.
Looking ahead, it is also interesting to look at the governments two faces. On one side, they want to protect us and our personal data. On the other side, they want to have full access to all our data through surveillance programmes.


Later in January, the RIPE NCC invited me to a Roundtable Meeting in Brussels. The topics covered included the evolving RIPE NCC membership, regulatory challenges surrounding the Internet of Things, the IANA stewardship transition, RIPE NCC coordination with law enforcement and government participation in the RIPE Policy Development Process (PDP).


In February, the Norwegian Internet Exchange held a meeting in Oslo where we heard about the lack of success with the regional Internet exchanges in Norway as an attempt to generate more interest for regional peering. There was also an interesting presentation from the Norwegian Government, DIFI, making IPv6 mandatory in the public sector.

My participation in the meeting was to facilitate a discussion to re establish a network operators group (NOG) in Norway. Jan Zorz gave an extensive presentation on his experiences in Slovenia. After a slow start on the following discussion, perhaps overwhelmed by the Slovenian NOG, it was clear that everybody was happy if NIX would put together two meetings a year, and in the end a couple of people volunteered to be part of the programme committee.

Mirjam Kühne from the RIPE NCC also gave a presentation on the RIPE NCC,Internet measurements and IXPs.


In March, I participated in ICANN 55 in Marrakech, Morocco as Chair Elect of the ICANN 2016 Nominating Committee. As Chair Elect appointed by the ICANN Board, I get to assist the Chair and learn how to manage the process in preparation for chairing the committee next year. If you are interested, you can follow the work through the “Report Cards”.


MENOG 16 took place in Istanbul, Turkey at the end of March. It was a good meeting with interesting presentations focusing on security topics such as DDOS protection and mitigation. Elvis Velea presented on IP transfers and made an interesting reference to a presentation at the last APNIC meeting, indicating that needs-based IPv4 policies do not prevent transfers that cannot satisfy the needs criteria when the transfer contract is made. The contracts are simply formulated as a future option contract.

This is important for the community to take into account when making policies. This is also the case with the ongoing discussion of the last /8 policy and the number of LIRs per member. It seems that no matter how we formulate the policy or membership rules, there will be ways to set up new legal entities to achieve the end result. While this will be against the intent of the current policy, it will be extremely difficult to prevent. There are policy proposals under discussion in the RIPE Address Policy Working Group, and the membership elements will be discussed in the RIPE NCC Services Working Group and in the RIPE NCC General Assembly.


I was unfortunately not able to go to the South East Europe (SEE) 5 in Tirana, Albania due to work commitments.


At the end of April, I went to LACNIC 25 in Havana, Cuba. It was interesting to observe the different meeting style with close cooperation between the RIR, TLDs and Internet exchanges. It brought back memories from RIPE Meetings before CENTR and EURO-IX were established. This meeting also had a strong focus on security-related issues. Hard to follow in Spanish, but the translation was excellent.

IANA Transition

Looking at the political landscape, it is worth mentioning that the SLA for the IANA numbering services has been completed and is ready for signing. At the ICANN meeting the ICANN Board Chair Steve Crocker sent the IANA Stewardship Transition Proposal and Enhancing ICANN AccountabilityRecommendations to the NTIA. The next steps of the process are now in hands of the US Government, but there is also more work to be done in ICANN to prepare the implementation of the proposed strengthening of their accountability mechanisms.


It is also worth mentioning that Fadi Chehadé stepped down as ICANN President and CEO and that his successor is Göran Marby from Sweden.

in the end

I have also been invited to the RIPE NCC Executive Board meetings and have met with RIPE NCC staff at the events and in their office. On top of this, I have taken some trips in my day job at Visma to Sweden,Lithuania, Romania and Bergen and Trondheim (Norway), so I am beginning to know my way around the airport in Oslo during the construction works to extend the airport. Now I am looking forward to a successful RIPE Meeting here in Copenhagen.


Hans Petter Holen
RIPE Chair

16 June 2015

Norwegian Internet Exchange - NIX 3

Kjetil Otter Olsen ved Universitetets Senter for Informasjonsteknologi ved Universitetet i Oslo inviterte til et møte for alle knyttet til de norske samtrafikkpunktene - Norwegian Internet Exchange (NIX) http://www.uio.no/tjenester/it/nett/fastnett/nix/. Jeg var invitert som RIPE Chair og mangeårig deltager i Internet fora i Norge og resten av verden.

Kjetil ønsket velkommen til det 3. møtet siden NIX ble etablert en gang i 1993. Etter å ha beskrevet eksisterende akritektur med to samtrafiikkpuntker i Oslo,  et i Stavanger, Bergen, Trondheim, og Tromsø, stilte han en del spørsmål til aktørene på NIX om hvordan sammtrafikkpunktet og tjenestene rundt dette skal utvikles videre.

Personlig mener jeg at 

  • NIX bør tilby tilknytning på datasentrene isteden for dagens løsning der alle aktørene må leie egen fiber til NIX
  • Etablere en referansegruppe der aktørene velger representanter som kan gi innspill til driften av NIX
  • Regelmessige møter med aktørene 1-2 ganger i året. Etter modell fra NETNOD, gjerne i samarbeid med en nettverksopperatør gruppe
  • NIX bør styres mest mulig åpent og transparent, i første omgang ved å publisere regnskap for drift av NIX senere bør det vurderes ved å etablere en styringsstruktur som ikke avhenger av Universitetet i Oslo

Et samarbeide med Netnod kan være en fornuftig vei å gå.

Kurtis Lindkivst fra Netnod http://www.netnod.se/ presenterte, på Ålandska, først Netnod og samarbeidet som er inngått med NIX. Netnod har samtrafikkpunkt i Stockholm, Malmø+København, Göteborg, Sundsvall og Luleå. Dagens arkitektur er en sentral switch i PTS sin fjellhall og Netnods eget DWDM nett på topp av leiet mørk fiber - der NetNod står som leietager.
Netnod vurderer å distribuere switchene til datasenterene - noe som vil være mer kostnadeseffektivt enn dagens akritektur.

Kurtis fortsatte deretter med en presentasjon av Euro-IX

Tore Andersson fra Linpro fortalte om forskjellige teknikker for å implementer IPv6 og fordeler og ulemper med disse.

Her kom det spørsmål fra salen om holdinger til aktører som ikke tilbyr IPv6 og bruker NAT, samt synspunkter på kjøp og salg av IPv4 adresser. Det ble poengtert at det ikke var noe “gråmakred” men at kjøp og salg skjer i henhold til gjeldende policy og registreres hos RIPE NCC.

Elise Lindeberg fra Norsk Kommunikasjonsmyndighet - Nkom nkom.no - tidligere Post og Teletilsynet fortalte om prosessen med overføring av styring av IANA funksjonen hos ICANN  fra amerikanske myndigheter til en “Multistakeholder” modell der myndigheter ikke er enerådende. Elise har deltatt i "Cross Community Working Group (CWG) on Naming Relating Functions”,  som har utarbeidet en rapport på over 200 sider og nå sist fredag publiserte sitt forslag. Den foreslåtte modellen er å skille ut IANA i et eget selskap som styres separat fra ICANN.

Undertegnede la til at IANA har 3 funksjonsområder, Protokollparametre for IETF, Nummer for Regionale Internett Registere, slik som RIPE NCC og topp-nivå domenenavn som har vært fokus for Elises arbeide i CWG.

Merte Asak, leder i styret i Internet Society Norge satte fokus på sårbarhet og spurte aktørene om hvor mange som visste hva som kom til å skje i deres nett dersom NIXene sluttet å fungere. Hun påpekte at det er færre aktører på NIX 2 slik at denne ikke ville fungere som alternativ vei for annet enn de 7(?) aktørene som er tilknyttet både NIX1 og NIX2. Hennes forslag var å kartlegge dette sammen, og gjennomføre en øvelse. (Netnod deltar i beredskapsøvelser i Sverige, men så vidt jeg forstod Kurtis har de ikke gjennomført faktiske tester, annet enn når de har oppgradert infrastrukturen)

Frode Storvik fra Uninett presenterte forskningsnettet i Norge. UNINETTs arkitektur er etter bruddet på begge forbindelser nor for Saltfjellet i 2007 3 alternative fiberveier til hver region. Til Nord-Norge er den ene av de alternative veiene igjennom Sverige. Denne forbindelsen var det bruk for senest for et par uker siden - riktignok kun i noen få minutter. Til alle institusjonene er det to uavhengige tilknytninger. Forbindelse mellom Oslo og Trondheim var verdens første 100Gb forbindelse når denne ble etablert. I disse dager oppgraderes forbindelsene til Nordunet.

Johan Foldøy Nkom fortalte om infrastrukturen til Nettfart, treder og åpne APIer. Nkoms fremtidige planer innen målinger i Internett for å tilfredsstille europeiske krav om målinger. De har i den forbindelse vurdert RIPE Atlas, men den dekker ikke kravene pr idag.

Presentasjonene finnes på http://www.uio.no/tjenester/it/nett/fastnett/nix/nix-mote-juni-2015/

04 June 2015

EuroDIG 15

I was invited to EuroDIG 15 in Sofia, Bulgaria, to participate in the opening panel on a  Common digital market in Europe, representing the technical community. 

The other panelists represented the Bulgarian Government, the EU commission, End Users and, I was representing the technical community. 

The arguments I made was:

Building a common digital market has some interesting technical aspects. First of all we want new players to be able to enter the market in the future. Both suppliers and consumers will need IP addresses to connect to the network. In the current IPv4 Internet this is getting increasingly difficult as there are very few IP addresses available for new players. This is solved by letting users share IP addresses. For both suppliers and consumers this will increase the cost and limit the services that can be provided. 

In government circles there is focus on broadband incentives, for instance for building fibre infrastructure. It is important that governments on all levels makes IPv6 a requirement for receiving governments funds. 

One of the questions from the audience was how we could trust services provided from other countries. This must largely be solved by common regulations and consumer protection mechanisms, but again there are technical solutions that can help increase trust and reduce fraud. One such technology is DNSSec. A solution where responses to name queries are signed to reduce the risk of man-in-the-middle attacks. 

One of the challenges in introducing new technology like IPv6 or DNSSec is to communicate the advantages in a way that the users understand and request the service from their service providers. In some countries like Sweden the country code registry has promoted the use of DNSSec in order to speed up deployment. 

For more details on the whole event, you may want to read the RIPE NCC report from the EuroDIG 2015