Routing Security in the Regulatory Spotlight

The second quarter of the year was so busy for MANRS that this newsletter is coming out in August! Let’s catch up on the latest:

• Since our last newsletter, we’ve welcomed?44 new participants?- 41 new Network Operators and 3 new IXPs, together serving 22 countries. Welcome aboard! This brings the current total up to 1,148 participants.
• Aside from participant growth,?a draft?by the Federal Communications Commission ?implied the intention to regulate BGP routing security?- a national decision with global implications.
• The original draft, published on April 4, caused an immediate series of reactions in the MANRS Community, for which the latest episode was?a?formal filing of comments?by the Global Cyber Alliance (GCA) before the FCC on July 17.
• The posts below, in reverse chronological order, offer a?good summary of what has happened?in the past four months and where the discussion is at now:
• July 23:?GCA Comments on Potential US Government Rules for Routing Security
• June 11:?MANRS as Fire Code
• June 4:?The US Government is Making Moves on Routing Security. So Should You.
• June 4:?Explainer: US Government Activity and BGP Security
• May 16:?The US Makes a Big Step Toward Better Routing Security
• May 1:?What’s Happening with the US FCC Potentially Regulating BGP
• April 22:?5 Reasons Regulating Border Gateway Protocol (BGP) Won’t Actually Help Improve Routing Security

Leaving the regulatory debate aside:

• The global state of routing security saw a?major milestone, as?RPKI ROV deployment in the IPv4 space went past the 50 percent barrier?(that figure exceeds 70 percent inside the MANRS Community, by the way ??).
• The?research highlight?for this issue is a methodological proposal to detect?suspicious IRR records?by Ben Du , a researcher of the University of California San Diego.
• In?Observatory news, we have?this post?by GCA’s Head of Engineering, Robert Thomas , describing the new version of the?ROA Stats Tool (ROAST).
• And, yes, no quarter without an?incident. This time, on June 27, an incident affected one of our biggest participants, Cloudflare .
• Good preparedness?helped them contain the incident pretty quickly and without any major outages (you can find their complete report about the issue?here) but it also left a clear conclusion: we need to work not only on our own protection, but also on the protection of our entire ecosystem, including our peers and clients.
• So, what if you helped the initiative grow by bringing all your peers and clients into it??We have?primers?and?outreach materials?available, and please?reach out to us?if we can help.

Have you got a story you’d like to share with the MANRS Community or a topic or research project you’d like us to cover on the MANRS Blog??Contact us.

MANRS in the Community

• On?April 8, the?MANRS Steering Committee?held its 21st regular meeting, and the second for 2024. You can find the minutes for this and previous meetings?in this link.
• On?April 18, in Brussels (Belgium), Andrei Robachevsky (GCA) presented the latest updates on MANRS to the European NREN community, at GéANT’s?31st STF gathering.
• On?May 15, the MANRS Community held the first of its two scheduled meetings for 2024,?in a double virtual session?that covered both the Eastern and the Western Hemisphere. You can see the recordings?here.
• On?May 20–24, Andrei Robachevsky represented the initiative at the RIPE 88 event in Krakow (Poland), where?he presented?an effort on extending MANRS based on a stronger business case—?MANRS+.
• One week later, from?June 3-6, Andrei went all the way to Vienna (Austria) to attend M3AAWG’s 61st General Meeting, where, on top of routing security, he also discussed domain abuse, one of the other core topics of GCA’s?Internet Integrity Program.
• On?June 10–12, MANRS was present at the NANOG 91 conference in Kansas City (US) - directly, by means of Leslie Daigle (GCA), and indirectly, thanks to a presentation on ICANN’s?KinDNS?initiative, a project that was originally inspired by MANRS, as described?here.
• From?July 20-26, Leslie Daigle visited Vancouver (Canada) to attend the?IETF 120 meeting. There, she offered an update on MANRS at the Internet Society (ISOC)’s policy guest program meeting.
• Finally, on?July 24, Andrei Robachevsky and Roberto Zambrana (ISOC) participated in technical training on routing security for public and private organizations in the Philippines facilitated by the?USAID BEACON Project?and in collaboration with?PhNOG. The session, “Enhancing Internet Security: Implementing MANRS to Strengthen Routing Resilience,” was held virtually and was very well attended (over 5,000 participants!).

Upcoming MANRS Community Meetings

Save the date for the?second MANRS Community Meeting?this year, on?November 13, to be held also in two virtual sessions, East and West.

We are planning our activities for the rest of 2024 and welcome ideas on MANRS Community Events and other events to attend.?Get in touch.

Can We Help?

We always welcome feedback on the MANRS initiative, the community, the Actions, and our partners. You can email?[email protected]?or submit feedback via the?updated form?on our website.

In the meantime, follow us on social media?@RoutingMANRS?for all the day-to-day updates. And if you know of another organization that should join us, send them here!?

If you'd like to get this newsletter directly to your inbox before it hits LinkedIn, make sure to?sign up?for future issues and help us spread the word— the newsletter is open to everyone interested in routing security, whether a MANRS participant or not.

Also, please help us reach further by trying to?bring as many peers and clients as possible to the initiative. Good routing security can only be achieved collectively!

We’ll see you next quarter!