Exploring APNIC’s 2021 themes: Next Generation Registry

By on 31 Mar 2021

Categories: Community Development Tech matters

Tags: , , ,

Blog home

During the APNIC 51 AGM last month, Director General, Paul Wilson, introduced the Activity Plan for 2021 and the four themes of that plan. The themes were taken as priorities from the APNIC Survey 2020, and further highlighted by the APNIC Executive Council in their response to the Survey. They are:

  • Next Generation Registry
  • Online Participation
  • Capacity for Development
  • APNIC Agility

This is the first in a short series of blog posts describing each of these themes and what they mean for the APNIC membership, and community, in 2021 and beyond.

Since APNIC began, its public registry has been accessible as a ‘whois’ service. This has been implemented using the RIPE whois server software, and thanks to the development efforts of the RIPE NCC and its community, it has served well to provide flexible access to APNIC registration data.

Whois was originally specified in 1982 (RFC 812). It has since been improved, extended in its applications to carry more complete and useful information, and to perform completely new functions, such as an Internet Routing Registry (IRR). But even with these improvements, whois is not able to meet today’s needs because it was designed for manual human use and is without standards for query or response formats.

To address the shortcomings of whois, the Registration Data Access Protocol (RDAP) was developed (RFC 7483), supporting automated access via fully structured JSON query and response formats, as well as robust security, access control, and distribution functions. A feature of APNIC’s RDAP implementation is that it is suitable for cloud distribution — a process that started in 2020.

For security of registration data itself, the Resource Public Key Infrastructure (RPKI) has been defined (RFC 6483), allowing the digital certification of registry data with standard X.509-based certificates. RPKI, in turn, can support new security applications such as Route Origin Validation (ROV) using Route Original Authorizations (ROAs), digital signing of objects as Resource Tagged Attestations (RTAs), and more.

In addition to implementing these standards in recent years, APNIC staff have also been working with National Internet Registries (NIRs) in the region on the improvement of inter-registry operations through custom APIs. These APIs will also extend to interactions with APNIC Members to enable automation of functions that currently have to be performed manually via MyAPNIC.

Finally, behind APNIC’s publicly accessible services, the actual ‘Registry’ is a separate database containing the complete authoritative dataset for all resources managed within APNIC’s pools, and all related registry objects. This is an SQL-hosted database, which is populated and maintained by APNIC Members using MyAPNIC, and by APNIC staff using ARMS (the internal APNIC Registry Management System).

This platform is being upgraded to ensure a single and cohesive data model behind all registry services, implemented with robust modern (Agile) software engineering methods, and adhering to standards including ISO27001.

In conclusion, when we talk about Next Generation Registry Services at APNIC, we are referring to all the above: RDAP, RPKI and its applications, public APIs for access to APNIC services, and re-architecture of the internal Registry database and management systems.

These together are much more complex and diverse than ‘traditional’ registry services and have required a large investment in technical development and deployment, training, and support. In addition, the increased importance of automated registry services to Internet operations does require 24×7 NOC capability, which APNIC is now developing.

While the investments are large, and will continue for at least two more years, this collection of new services is helping to improve security, reliability, and efficiency of the APNIC registry, and will also support the development of new registry services and functions into the future, as required by the community.

If you’re interested in learning more about these investments, I would encourage you to tune into the Product and Services sessions at each APNIC conference, such as during the recent APNIC 51.

I’d also like to invite you to get directly involved in the product development process at APNIC by sharing your thoughts and feedback on work under development. APNIC’s User Feedback Group is a collaborative program, open to anyone in the community interested in helping improve products and services for the whole community.

You can sign up to the User Feedback Group here and the team will be in touch with opportunities to collaborate and provide your feedback.

In future instalments of this series, the other APNIC 2021 themes will be discussed. Please stay tuned!

Rate this article

The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.

Leave a Reply

Your email address will not be published. Required fields are marked *