RIPE 75: IoT & Routing Security Thumbnail
Deploy360 1 November 2017

RIPE 75: IoT & Routing Security

By Kevin MeynellFormer Senior Manager, Technical and Operational Engagement

RIPE 75 was held on 22-26 October 2017 in Dubai, United Arab Emirates, and was the second time the meeting has come to the Middle East. 483 participants from 54 countries including 175 newcomers came together to discuss operational issues and share expertise about the Internet, with a particular focus on the RIPE region that covers Europe, the Middle East and Central Asia.

Jan Žorž and Kevin Meynell from the Deploy360 team, along with Salam Yamout from the Middle East Bureau were also actively involved in the launch of a new Internet-of-Things Working Group, hosting a Routing Security BoF, and raising awareness of IRTF work on Human Rights Protocol Considerations.

The BoF session on ‘Internet Routing Health’ was organised by the Internet Society, and chaired by Jan and Benno Overreinder (NLnet Labs). The BoF attracted 20 participants variously drawn from commercial network operators and cloud providers, Regional Internet Registries (RIRs), and academia, with the aim of discussing ideas for measuring the health of the Internet routing system in order to obtain empirical data to strengthen the case for collaborative routing security.

The IoT session aimed to build on the RIPE IoT Roundtable meeting that was held on 21 September 2017 in Leeds, UK, and featured a presentation on the Online Trust Alliance’s IoT Security & Privacy Trust Framework given by Kevin. OTA is an Internet Society initiative to promote best practices in protection of user security, privacy and identity, and has developed these recommendations in consultation with over 100 device manufacturers, major retailers, security and private experts, consumer testing and advocacy organisations, and governments.

Other presentations in the session included one on Trusted Routing in IoT from Ivana Tomić (Imperial College London) who discussed sensor networks, the security risks involved with them, and how to establish trusted routing. The remaining talk was on key factors for successful entry into the IoT from Farzad Ibrahim (IoT Academy), following which it was agreed to establish an new RIPE IoT Working Group.

The proposed chartered activities are to serve as a focal point for the RIPE NCC regarding community input to their IoT activities; to establish a dialogue on matters of operational relevance including security, the numbering system, and applicability of standards; and develop the positions of the RIPE community on IoT. Jim Reid volunteered as interim chair to get the working group up-and-running, and until permanent co-chairs can be agreed.

Finally, it’s not a subject that Deploy360 normally covers, but Salam presented an update on the Internet Research Task Force initiative on Human Rights Protocols Considerations. This is researching the human rights threats on the Internet, whether standards and protocols can enable or threaten these, and is developing recommendations on developing Internet protocols around this. There are currently four drafts under consideration that can be found on the HRPC RG website.

The next RIPE meeting will be held on 14-18 May 2018 in Marseille, France. This will in fact be only the second time a RIPE meeting has been held in France – the first time being in Paris way back in 1992 – so we look forward to this long awaited return.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...