2023 was a productive year for the APNIC product development teams — Membership, Registry, APNIC Academy, Information Products, and our UX team. In this post, I will outline some of the key initiatives these teams concentrated on during the past year.
User Experience
As collecting, analysing, and acting upon feedback provided by the community informs a lot of the work the product teams undertake, it seems appropriate to start with User Experience (UX). This feedback is shared in many ways including during training and conferences, helpdesk surveys, social media comments and user research.
In total, we gathered 3,856 feedback items from Members and the community, 996 of which required action. Some of these items were resolved almost immediately, while the remaining items have been rolled into longer-term projects.
Some of the quick wins in 2023 included updating APNIC Academy online courses, improving time zone features and the registration process for APNIC conferences, and improving help options for APNIC Login issues.
Longer-term projects include membership application improvements, a comprehensive review of all training courses and materials, payment platform updates, fellowship platform improvements and updating the website structure so users can find information more easily.
Structured user research was conducted with Members, including 56 face-to-face interviews across two sub-regions. In total, 391 user research engagements occurred, comprising an interview or an online activity completion. In 2024, we expect to conduct face-to-face interviews across all sub-regions.
Membership Products
Changes to account contacts
APNIC’s current account contacts system primarily relies on email for verification and allows for separate APNIC logins but has shown limitations. Issues such as duplicate contact listings, inconsistency in permissions, and integration challenges between different databases have prompted us to rethink and revamp our approach.
Going forward, the primary objective will be to transition all account contacts to an integrated APNIC Login system, thereby phasing out standalone account contacts.
The project has unfolded in three strategic phases.
Phase 1: ARMS user management
We began by enhancing the user management capabilities within the APNIC Resource Management System (ARMS). By integrating all functionalities available in OKTA into ARMS, we centralized the management of all APNIC Login users. This step established ARMS as the singular platform for user management.
Phase 2: ARMS contact management
Next, we developed the administrative functionality managing the relationship between a user and a Member account. This phase was integral in linking individual users with the Member accounts they represent.
We introduced a system where users assigned as contacts for a Member account were recognized as account contacts. This development significantly improved the administration and security of our systems by enabling better management of permissions and roles within Member accounts.
Phase 3: MyAPNIC contact management (in progress)
The final phase involved updating MyAPNIC to reflect our backend improvements. The updates included:
- Clear user identification: We established a distinct classification between users with APNIC logins and those without, clarifying access levels and permissions for our Corporate Contacts.
- User and permission management: The new interface facilitates easy management of users and their permissions. This enhancement empowers Members to manage their access and roles within their accounts autonomously.
- Contact deprecation: We introduced a straightforward method for users to deprecate contacts lacking an APNIC login, maintaining the integrity and accuracy of the contact information.
While this phase is complete, we are strategically timing its release to ensure maximum impact for Members, so have scheduled the launch for after APNIC 57.
International GST/VAT overseas supplier registration
Certain economies in the APNIC region introduced requirements for overseas vendors to account for taxes such as GST or VAT in their invoicing. APNIC was required to update all systems to accommodate the collection and processing of information related to these types of taxes. In 2023, this was implemented for Singapore and Cambodia and we anticipate more economies will impose this requirement in the future.
Automating and improving account closure processes
APNIC’s processes for account closure and reactivation are time-consuming and require significant manual intervention. In the past, the numbers were manageable. Still, with increasing membership, the impact of ongoing global financial challenges on Members, and an increase in account consolidations led us to focus on this initiative.
The aim is to expedite account closure, simplify the reactivation process, and minimize human errors. We are in the final stages of designing and implementing an automated system to streamline Member account closure processes to reduce time and complexity. It will also enhance account reactivation and recovery mechanisms, laying the foundation for future improvements in MyAPNIC that will enable Members to manage account reactivation independently, reducing the need for support tickets.
Migrate workflow code off end-of-life OS servers
Parts of APNIC’s workflow code reside on legacy servers that will reach the end of life in 2024.
This deliverable included a thorough overhaul and migration of the workflow code, focusing on updating legacy components, rewriting outdated segments, and improving the efficiency of workflow processes. As part of the modernization effort, the updated code was migrated to more suitable servers or alternative architectures, resulting in enhanced performance and longevity. In the final phase, older servers were decommissioned, eliminating potential security risks and maintenance challenges associated with obsolete infrastructure. This has secured the sustainability and efficiency of the system.
Standardized authentication in application services
Amidst growing global online security concerns, work on the development and refinement of mechanisms such as token-based authentication, OAuth, and API keys to verify the identity of users and systems making requests was undertaken, thereby mitigating unauthorized access. The improvements also included implementing rate-limiting measures.
Now that there’s a standardized system in place, we have begun the process of updating each of our systems to adopt this new standard and will continue with these updates throughout 2024 across all other systems. This approach ensures consistency and aligns our entire infrastructure with the improved security, performance, and data integrity measures implemented in the enhanced internal API authentication system.
Election system updates
The APNIC voting system has been significantly improved and new mechanisms were introduced to accommodate voting on APNIC By-law changes. Further changes and enhancements have been made in response to policy changes, which now allows us to accommodate Member voting for all SIGs and IANA RC elections.
2023 fee changes
APNIC fees will increase for all account holders from 2025, following resolutions made by the Executive Council in Kyoto, Japan, on 10 September 2023. To facilitate this change and allow Members to calculate the new fees, APNIC’s fee calculator has been overhauled to adopt the new structure, including calculation by year and the ability to calculate the fee for Autonomous System Numbers (ASNs).
Orbit
The Orbit online community continues to grow. Now, all posts can include rich text and images, elevating user experience beyond plain text. To address privacy concerns, a toggle option for images has been introduced. A modern WYSIWYG editor, replacing the old form input field, was introduced in late 2023 allowing users to publish posts with rich text formatting, images, and attachments.
Additionally, there have been various usability enhancements to labels, help text, and infinite scrolling, along with bug fixes. For list administrators, we revamped the management interface, making it more user-friendly for finding and handling lists. Navigation for admins has also been improved, ensuring easier access to the management interface.
Registry Products
RPKI
Route management
In RPKI, users sometimes create ROAs that cause some of their announcements to become invalid. To address this issue, enhancements have been made to the MyAPNIC route management page. The updates now include a pre-validation process to prevent users from creating ROAs that could lead to the invalidation of announcements. Additionally, users will be notified about problematic ROAs to ensure awareness and prompt correction.
This functionality verifies all changes made via route management to ensure they will not adversely affect the validity of RPKI announcements made via BGP.
RPKI Signed Checklists
Aside from the projects that are currently in progress (including the registry API), in 2024 APNIC will be working on RPKI Signed Checklists (deferred from 2023), RDAP re-architecture (to reduce memory use and ongoing cost of service provision), National Internet Registry (NIR) updates (to improve data quality for NIR registry records), and various internal security and resilience improvements.
ROA Publication Service
As part of enhancing the RPKI service, APNIC deployed updates to the ROA publication process, which has helped reduce publication time from an average of fifteen minutes to an average of three minutes. Reducing the time required for publication makes things simpler and quicker for operators, particularly in situations where ROAs are being used to address routing inconsistencies or problems.
Policy proposal work
The implementation work associated with prop-150 and prop-151 is now complete. Prop-150 is about preventing the use of non-public ASNs in route objects and ROAs, helping to limit misuse and mistakes in practice. Prop-151 requires that all new AS-SET objects be hierarchical, rather than non-hierarchical, helping to reduce the risk of the APNIC Whois Database being used in a way that may be misleading to operators.
Whois
Based on feedback we received from various community members via training and the APINC Helpdesk, the ‘geofeed’ attribute was added to the APNIC whois server, in accordance with RFC 9092. This attribute can be used to record geolocation information about an address range and is gaining momentum as the standard way to record this sort of information (see Geolocate Much? for example).
The core work to update the APNIC Whois Database to deprecate password hashes has been completed, but not deployed. This is because it will require client-side changes for users who make use of the whois mail gateway, and it will be better to have the registry API available as an option for transition for those users before deploying this work. This work will be released after the APNIC Registry API is deployed in 2024.
Deployment of an updated Near Real Time Mirroring (NRTM) service based on IRRd is currently in progress. This will help to make APNIC’s NRTM service more resilient and robust, adding the benefit of new features that are implemented in IRRd from time to time, like NRTMv4.
APNIC Academy Product
Training content on the APNIC Academy website was updated and improved in 2023, including the addition of eleven new virtual labs, a new Cybersecurity Fundamentals course and a new Introduction to BGP course.
Migration from the ‘Training Wiki’ to the APNIC Academy was completed in 2023, with the Training Wiki website fully decommissioned. Training Wiki content pages are now redirected to the APNIC Academy events pages dating back to 2017.
The integration of the Technical Assistance Platform (TAP) on the APNIC Academy to APNIC’s case management tool (Salesforce) is now complete, enhancing the reporting and documentation of APNIC’s TAP.
Extra work on the APNIC Academy was made possible in 2023 thanks to the support of the APNIC Foundation.
Information Products
NetOX
In 2023, APNIC and JPNIC worked together to make the Network Operator Toolbox (NetOX), available in Japanese. NetOX is a public service provided in collaboration with RIPE that provides a set of tools in the form of widgets, enabling anyone to analyse networks. It’s particularly useful to investigate and solve routing issues. With the Japanese translation provided by JPNIC, we expect that NetOX will become more accessible to the Japanese Internet community.
REx
A new version of APNIC’s Resource Explorer (REx), was released in 2023 providing worldwide delegation and measurement data. It involved several improvements to its architecture, and it now relies entirely on publicly available data sources. We introduced new features such as visualizing and filtering data by RIR and have included information about transfers into its delegation page.
At the end of 2023, RPKI and DNSSEC measurements were integrated into REx. This data is generated by APNIC Labs and can now be conveniently accessed directly from REx.
DASH
APNIC’s Dashboard for Autonomous System Health (DASH) has proven popular among APNIC Members who are interested in visualizing and monitoring the health of their networks relating to routing status and suspicious traffic. The number of users that have subscribed to receive alerts has increased by 74% to 174 users. At the beginning of 2023, we improved the alert for suspicious traffic by adding two new notification channels in addition to emails, SMS and Slack messages.
At the end of 2023, a DASH widget was added to the MyAPNIC dashboard, allowing APNIC Members to have a quick overview of any routing inconsistencies and suspicious traffic in their network by logging into MyAPNIC. In response to community requests, WhatsApp and Webhooks were added to the notification channels for DASH alerts, which will be released to APNIC Members in the coming weeks.
What’s coming in 2024?
APNIC will discuss the 2024 plan for all APNIC Products during the Products and Services session at APRICOT 2024 and will reveal a new online roadmap detailing product deliverables for the next 12 months and beyond.
APNIC welcomes all suggestions from community members to help us improve our products and services. Please join the APNIC User Feedback Group, use the feedback form, or post on the User Feedback Group on Orbit.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.