Some discussion about why so much V6 in Europe. Comment that RIPE may have more small ISPs who qualify, so RIPE get more apps, but total addr space may well be larger in other regions.
Richard made a call for participation in any/all regions policy development
Brian Carptenter asks about influence of multi-region bodies and their effects on the policy development process.
Richard noted that there are many multinationals, and it was expected that they use one registry, and not ask all of them, and use the assigned resource anywhere. It is possible to use multiple registries, and the RIR have a HostMaster coordination group to keep track. In the policy real, yes, multi-national organizations can participate in multiple regional venues, and one response is to encourage more participation from the wider body.
This is a new service, started in February 2004. They surveyed market before deployment. The deployment depends on IDN aware browsers - non-aware browsers see odd things. URL visits by non-aware browser goes to a redirection page and offer of download to recode the browser. The approach uses an application level deny/4xx/5xx response to limit SMTP access etc.
Survey results: no problems with auth servers, bsd, windows as long as they are using UTF-8. There have been over 25 test environments.
dig can be used to introduce 3dig decimal arbitrary code. dig \230\150\230.jp form command. Notation in BIND zonefile is the same.
JP brewery used 8bit name in ad. campaign. posters in store, on vending machines, etc. graph of access count, shows flat load, then spikes during campaign then lift to new higher level.
Visualization of the history of the IPv4 and ASN deployment using assignement data and matching it with BGP routing data, presented in the format of a movie of daily snapshots spanning the past two decades.
MERIT/irdb has 41 mirrors. no formal presence/authority. The database contains some 304,000 routes, 203,200 unique, and 116,000 actually routed.
Historical security has been based on IRR filtering, statics (hand maintained) and max prefix limits and coarse aggregates. The filtering issues include: incompleteness, performance issues handling the filterlist, lack of dynamism. toolkit uncompilable with modern C++ and the .PM can't handle RIPE syntax. The V6 IRR should be more simple: less legacy, far fewer prefixes. (RPSLng nearly cooked, but still requires some process work)
An approach can use the IRR data, combined with BGP data such as route views or RIS to notice anomolous behaviour, alert people. eg RIPEs MyASN service GRADUS (commercial).
need better IRR security. mirroring signatures, certs etc.
Brian Carpenter: isps really not interested in security?
Larry: it could be the additional workload here.
Discussion on embedding, eg auto-traps when misconfig.
Discussion on why there is variance from prefixes in IRR, compared to real world: eg use of IRR to register fine-grained backup routes but really not used. Stuff sometimes doesn't scale to real world.
IRR is distributed, but the data model doesn't reflect the distribution well. not consistent at all points. Security has good model of the distributed data model. the fit is therefore not good. IRR is targetted at registering active, propagated routes. RPSL could be used to record blackholing of /32 but its not used that way
discussion of security, MD5 checksum values.
Rundown on US DoD plans. They expect to hand back existing v6 nets when they get their initial allocation.
Richard Jimmeson comment: information has been collected by speaking to entities that have or may be about to request information. None of the information comes from Registry (The registry has obvious sensitivities about NDA, and cannot make comments about justification for resources). The clarification is that the presented material is not directly based on RIR data.
Based on what is the believed initial TTL, can tell the approx. hopcount distance.
A graph of received TTLs shows spikes at 116, 48. first is windows (starts at 128) second is UNIX -both with path avg distances of around 12 hops away from site.