►
From YouTube: Day 2: The MANRS of a Strong Internet
Description
Now more than ever, we need a more resilient Internet. Mutually Agreed Norms for Routing Security (MANRS) is a global initiative, supported by the Internet Society, that provides crucial fixes to reduce the most common routing threats. In this session, past and current MANRS Ambassadors and Fellows, in their role as leaders and emerging leaders in the routing security ecosystem, will have a conversation about the importance of the MANRS actions and programs to help the Internet to be stronger and more secure.
Speakers: Anirban Datta, Naveen K. Lakshman, Ben Scott, Ram Krishna Pariyar, MD Zobair Khan
A
Good
day
to
everybody,
so
welcome
to
our
today's
session
today
we're
going
to
have
a
discussion
on
the
manners
of
a
strong
internet,
we're
passing
the
second
day
of
community
week,
and
today
I
have
with
me
mr
anibandhatta,
who
is
a
2020
ambassador.
I
have
mr
ben
scott,
who
is
2020
manners.
Fellow
and
I
have
navin
k
lakshman,
who
is
2021
manners?
Fellow,
so
guys
I
will.
A
So
in
this
year's
manners
ambassador
and
fellowship
programs,
we
have
three
ambassadors
in
the
training
ground
and
we
have
six
fellows.
We
have
one
ambassador
in
the
research
field
with
four
fellows
and
we
have
one
in
the
policy
with
three
fellows,
as
you
can
see
that
these
are
the
fellows
and
ambassadors
for
training
track.
A
A
B
Confirm
that
it's
ready
to
go
hi
everybody
nice
to
be
here
with
my
manas
colleagues
little
bit
virtually
still
I'm
going
to
go
through
some
experiences
as
a
menace
2020
fellow,
I
was
obviously
part
of
the
menace
fellowship
program.
It
was
in
the
capacity
of
a
research
fellow,
my
day-to-day
work
involves
researching
internet
insecurities
internet
security.
B
Engineering
is
my
research
field
and
a
quick
shout
out
to
those
who
employ
me
day
to
day
as
well
at
the
security
research
institute
at
edith
cowen
university,
where
I
conduct
most
of
my
research
and
also
funded
through
a
cyber
security
crc
in
that
regard
as
well.
So
most
of
my
research
involves
what
we
consider
in
manners.
All
the
time
which
is
insecurities
in
the
internet
often
can
be
malicious
and
non-malicious
as
well
as
we
know
so.
B
Probably
the
primary
point
is
the
opportunity
to
contribute
to
a
safer,
more
secure,
pretty
major
piece
of
infrastructure,
one
of
the
more
profound
things
that
humans
have
invented
in
the
internet,
not
without
its
problems,
but
the
opportunity
to
contribute
to
improving
the
security
of
such
infrastructure
was
a
was
a
something
I
really
enjoyed
being
a
part
of
so
for
those
of
you
in
the
audience.
Who've
seen
this
sort
of
background
before
that's
great
and
I'm
apologizing,
if
you've
seen
this
before.
B
We
know
it
to
be
today,
so
we
have
this
internet,
this
network
of
networks
that
relies
on
essentially
some
fairly
critical
protocols,
some
fairly
critical
services,
but,
as
I
say,
those
are
have
been
and
still
are
at
times,
inherently
vulnerable,
open
to
malicious
attack,
open
to
misconfiguration
issues,
accidents
happen
and
when
they
happen
on
the
internet,
they
can
cause
a
bit
of
disruption,
to
say
the
least.
So
we
look
at
that
at
manners.
B
We
looked
at
that,
certainly
as
a
research
fellow
I
looked
at
that
particularly
focused
on
bgp,
which
is
often
described
well
described
in
many
ways.
It
can
be
described
as
the
glue
that
keeps
the
internet
together
has
been
described
as
everything
from
you
know,
post
offices
and
so
forth,
there's
all
sorts
of
metaphors.
Sometimes
they
get
mixed
up
the
glue
that
keeps
the
internet
together,
not
so
bad,
but
it
is,
as
I
say,
not
so
secure.
B
The
sort
of
glue
is
coming
apart.
If
we
want
to
look
at
that
as
a
metaphor,
and
that's
because
it
was
designed
at
a
time
when
security
wasn't
paramount,
wasn't
front
of
mind
and
we
look
at
that
every
day
and
the
challenges
with
that
every
day,
and
it's
certainly
in
our
in
the
program
the
manners
program,
it's
something
we
we
considered
closely
and
we
focus
on
when
things
go
wrong
with
bgp
and
other
important
protocols
and
services
on
the
internet.
B
You
tend
to
know
about
it,
maybe
not
always
quickly,
but
you
do
tend
to
know
about
it
and
it
tends
to
make
the
news
and
anyone
who
experienced
down
times
of
well.
Let's
say
critical
and
not
so
critical
services,
let's
consider
facebook
down
times,
let's
consider
other
services
that
people
tend
to
expect
when
they
wake
up
every
single
day
and
have,
but
perhaps
one
thing
we
don't
always
think
about.
Is
our
internet
traffic?
B
What
what
way
is
our
internet
traffic
going?
How
is
it
going
to
the
intended
recipient?
Is
it
reaching
the
intended
recipient?
How
does
the
intended
recipient
know
it's
coming
from
us
and
which
way
it's
traveled
for
those
of
you
in
the
audience
who
aren't
so
familiar
with
these
processes?
I'm
sure
you've
sent
parcels
to
someone
somewhere,
perhaps
on
the
other
side
of
the
world,
a
friend
or
a
family
member,
it's
akin
to
that
process.
If
we
want
to
look
at
it
like
that,
how
do
you
do
you
know
your
parcel
gets
to
the
recipient?
B
How
do
you
know
which
way
which
path
which
route
it
may
travel?
How
does
your
recipient
know
it
came
from
you?
We
can
look
at
these
challenges
with
bgp
in
a
rather
trivial,
I
guess
and
crude
way,
but
an
adequate
comparison,
and
when
things
go
wrong,
as
I
say,
it
becomes
fairly
obvious
to
most
people
that
use
the
internet.
So
this
is
where
menace
comes
in.
B
Many
of
the
major
stakeholders,
if
you
will
involved
with
the
internet
and
there's
many,
many
of
the
major
entities
that
you
would
be
aware
of,
they
know
exist
every
day,
may
not
know
exactly
what
they
do.
Many
of
them
are
partners
here
with
the
internet
society
and
manners
entities
such
as
major
cloud
providers,
amazon,
aws,
isps
tier
one
operators,
you
name
it.
B
These
are
now
entities
deploying
some,
if
not
all,
of
our
of
our
men
as
measures
we're
talking
about
today
and
what
we've
considered
in
our
fellowships
and
what
I
personally
got
to
do
as
a
research.
Fellow
and
I'm
sure
my
menace
colleagues
here
will
have
a
chat
about
this
further
soon
is
to
look
at
some
of
these
aspects
and
in
my
own
personal
experience,
we
looked
at
aspects
of
course
of
a
technical
nature,
so
origin
validation
and
path,
validation
that
is
validating
the
origin
of
internet
traffic.
B
If
you
will,
but
also
the
way
that
internet
traffic
goes
the
way,
the
path,
the
route
that
it
may
take.
How
do
we
validate
that
a
lot
of
technical
aspects
to
this,
but
what
I
want
to
speak
about,
albeit
very
briefly
here,
is
more
of
an
intersection
of
technology
and
governance
and
policy
as
well,
because
we
also
looked
at
what
has
been
some
recent
progress
with
the
united
nations
work
on
cyber
norms,
responsible
behaviour
in
cyberspace
and,
in
fact,
how
menace
can
help
operationalize
those
significant
outcomes
out
of
the
united
nations
process.
B
B
So
when
we
look
at
measures
involved
with
manners
and
how
that
process
of
manners
and
the
measures
involved
with
menace
can
help
something
like
the
united
nations
cyber
norms
be
operationalized
or
really
categorizing
measures
into
these
four
categories,
as
we
did
routing
security
policy
and
governance
measures,
rspg
measures,
almost
all
many
men
as
measures
fit
into
that
category.
We
look
at
route:
origin,
validation,
not
just
origin
validation,
because
that's
not
enough
to
improve
the
security
of
internet
and
bgp.
We
need
to
look
at
path,
validation
as
well
as
we
did.
B
I
need
to
look
at
detecting
when
things
are
going
wrong,
whether
malicious
or
non-malicious,
and
that
is
where
a
lot
of
the
anomaly
detection
work
comes
in
as
well,
and
research
that
personally
involved
in
every
day
as
well.
Coming
back
to
say
this
less
technical.
I
guess,
if
you
want
to
say
it
that
way,
aspect
of
what
I
personally
was
involved
in
with
manners
as
a
research.
B
You
can't
do
that
unless
you
address,
of
course,
insecurities
in
the
internet,
don't
have
much
of
a
chance
of
achieving
that
unless
you
operationalize
and
address
insecurities
the
internet
insecurities
in
bgp
and
so
forth.
So
that
was
the
point
of
that
project.
One
of
the
projects
that
I
was
involved
in
with
the
menace
fellowship
one
of
the
findings
was
that
not
every
norm
could
be
entirely
operationalized
by
our
men
as
measured.
B
There's
more
work
to
do
in
aspects
as
you
can
see
on
the
slide
there
of
path,
validation
and
anomaly,
detection,
for
example,
but
many
measures
are
definitely
assisting
with
cyber
norms.
Indeed,
the
majority
of
them
can
be
operationalized
by
current
manners
measures,
but
without
doubt,
let's
be
realistic,
still
quite
a
lot
of
work
to
do
in
this
regard.
B
A
quick
note
on
a
lot
of
that
is
the
menace
of
observatory,
if
you're
not
familiar
with
men
as
the
program
you're,
probably
not
familiar
with
the
observatory
of
something
in
assists,
certainly
assisted
myself
in
the
day-to-day
work
as
a
menace.
Fellow
research
fellow
assists
network
operators
assist
participants
in
the
menas
program,
really
urge
anyone
who's
not
familiar
with
this
program,
to
jump
on
manners
the
sitemates.org
and
even
have
a
look
at
the
observatory,
quite
an
interesting
exercise,
even
if
you're
not
so
familiar
with
manners.
B
A
B
Well,
path,
validation,
so
we
many
of
us
may
know
about,
of
course,
origin
validation
right
when
we're
talking
about
rpki
and
we're
talking
about
the
validation
of
origin.
That's
that's
certainly
been
a
massive,
significant
step
in
the
right
direction
for
securing
aspects
of
these
internet
vulnerabilities
weaknesses
that
I've
been
discussing,
but.
B
Enough,
so
to
validate
the
origin
of
something
worthwhile
pursuit.
Obviously,
when
we're
talking
about
internet
traffic
when
we're
talking
about
bgp
when
we're
talking
about
control
planes
and
data
planes,
not
to
descend
into
the
technical
nature
of
this
too
much,
but
we
must
work
out
a
way
to
to
as
efficiently
validate
the
path
traffic
takes.
As
as
we
do,
the
origin,
which
rpki
has
been
quite
effective
at
doing,
we
must
we
must
seek
to
validate
the
path
as
well,
and
there
are
a
number
of
measures
that
exist.
B
I
don't
believe
I
should
descend
into
perhaps
boring
some
ass
members
of
our
audience,
who
may
not
be
so
technically
inclined,
but
there
are
state-of-the-art
path,
validation
measures
that
exist,
there's
indeed
entire
proposals
to
overhaul
the
architecture
of
the
internet.
Quite
bold
proposals,
how
achievable
debatable,
but
they
do
exist,
but
I'd
say
that
the
maturity
levels
of
varying
path,
validation
technologies-
are
still
being
worked
on.
Some
not
so
proven
some
more
proven
than
others
to
answer
the
question,
so
the
pursuit
continues.
B
It's
just
to
make
that
distinction.
That
path.
Validation
is
is
something
that
we
need
to
work
on
more
there's
more
work
to
be
done,
and
not
surprisingly,
when
you
saw
on
that
slide,
some
of
the
norms
cannot
be
operationalized
really
to
the
extent
they
should
be.
Unless
we
achieve
that
path,
validation
measure
as
we
seek
to
do
with
origin
validation.
A
Cool
thanks
for
your
observation
on
that.
So
now
I
would
like
to
have
a
discussion
with
on
urban
so
uneven.
As
you
can
see,
the
whole
manners
team
is
running
the
program
of
fellows
and
ambassadors
to
spread
the
knowledge
or
idea
of
manners
into
the
operators
or
cdn
operators
or
isps
right
and
we
are
pursuing
each
and
every
technical
team
to
make
them
understand
the
importance
of
manners
and
how
they
can
secure
their
internet
or
their
network
with
the
implementation
of
manners.
A
A
D
Yeah,
thank
you.
Yes
ben
pointed
an
excellent
point
here.
That
is
about
the
path,
validation,
yeah,
it's
it's
it's
currently,
it's
a
challenge
because
there
is
no
the
specific
rules
or
any
guideline
we
need
to
follow.
But
right
now
we
have
the
only
the
origin,
validation
right,
so
router
is
invalidation.
D
D
Over
there
and
we
did
like
58
trainings,
and
there
was
like
around
1400
attendees
and
from
that
I
have
found
that,
like
from
november
2020
to
november
2021,
I
have
seen
there's
a
little
bit
of
change
in
the
rpki
validation
bogon
announcement
like
on
2012
unity.
I
found
from
the
observatory,
of
course,
that
the
bogan
announcement
number
was
like
around
154,
and
this
year
it
is
107.,
so
it's
decreasing
right
and
the
path
validation
rpki.
D
If
it
is
about
the
origin
validation
it
was
like
around
for
the
asia,
it
was
like
around
36
percent
to
be
specific
35.9
percent,
and
today
it
is
like
around
42
percent,
so
the
validation
percentage
is
also
increasing.
This
is
very
good
and,
as
the
validation
percentage
is
increasing,
so
the
unknown
percentage
is
also
decreasing.
A
Thank
you
honeybun
for
for
for
for
taking
part
in
this
discussion.
So
now
I
will
go
to
naveen
navin.
You
were
working
as
a
fellow
in
in
this
year
in
the
manners
fellowship
program,
and
you
have
conducted
a
lot
of
training
so
far
in
this
program
and
you
you
have
also
been
working
to
enrich
the
status
of
manners
in
inside
india
as
well.
A
C
Yeah,
thank
you
myself.
Naveen
lakshman,
I'm
a
2021
minus
training.
Fellow
so
most
of
my
manners
activity
was
focused
on
outreach,
so
we
were
delivering
sessions
at
a
network
operators
group
the
internet
society
hosted
a
local
internet
society,
hosted
meetings
and
research
and
education
network.
So
we
targeted
a
lot
of
operators
in
the
asia
pacific,
most
specifically
specifically
in
the
south
asian
region,
and
so
most
of
the
participants
who
attended
the
sessions
were
new
to
manus.
They
do
implement
apk,
they
validate
the
roots
using
apk
and
irr.
C
They
do
filters,
but
they
don't
do
the
best
practices.
That's
what
the
problem
is.
Most
of
the
operators
in
the
south
asia
have
massive
because
they
have
been
leaking
routes
as
well
as
hijacking
prefixes
because
of
misconfigurations
flat
fingers
are
due
to
bugs
in
the
operating
network
operating
systems.
C
So
we
reached
out
to
the
operators
and
when
they
attended
the
session,
we
gave
them
a
clear
picture
how
how
to
implement
manage
action
as
a
best
practice.
So
mostly,
we
focused
on
filtering
because
india's
old
was
already
at
least
the
south.
Asia
was
already
picking
up
pace
in
terms
of
rpk
validation,
so
that
was
easy
for
us
and
all
we
need
we
needed
to
reach
out
to
them
was
our
undoing
best
practices
on
filtering
from
the
customers
to
years
and
transit.
So
we
taught
them
how
to
automate.
C
C
A
So
do
you
think
there
are
any
better
ways
to
convince
the
management
team
who
are
non-technical
to
make
them
understand
that
this
manners
actions
are
very
much
important
and
significant
for
the
sake
of
the
security
of
the
network?
It
can
ruin
their
business
and
it
can
make
them
a
very,
very
disaster
condition.
So
I
do
think
there
are
any
better
ways
to
handle
these
situations.
B
B
B
You
might
want
to
mention,
but
I
think
there's
a
lot
to
be
said
about
education
and
a
lot
to
be
said
about
how
we
might
best
help
education
providers
in
this
space.
Those
who
educate
those
who
train
and
skill
those
people
who
are
essentially
on
the
front
line
every
day
here
and-
and
many
of
us
have
been
ourselves
or
still
are.
D
Yeah
see
from
the
very
beginning,
manor
said
actions
for
network
operators,
then
they
included
ixp,
and
currently
we
have
more
like
for
the
actions
for
the
cdns
and
also
right
now,
currently
working
with
the
vendors.
So
the
major
challenges,
if
I'm
talking
about
the
not
only
a
south,
asia
or
asia,
but
also
some
other
regions,
also
that
they
cannot
do
the
always
what
main
the
measure
the
focused
word,
the
validation.
They
cannot
do
it
in
the
very
well-known
device.
That
is
the
vendor.
D
D
That
will
be
very
much
helpful
for
the
operators
as
well,
that
that
navin
already
told
us
the
challenges
for
the
management
team
that
they
can.
They
don't
need
to
that
much
understandable
to
implement
these
actions
in
the
network
if
the
vendors
can
easily
or
the
predefined
actions
are
there
in
their
devices
or
if
it's,
if
it
will
be
very
much
user
friendly
for
the
operators
or
the
engineers
who
are
working
24x7,
then
it
will
be
very
much
helpful
for
all
the
network
operators
and
as
well
as
for
the
cdns
operators
right.
D
So
I
think
right.
Currently
the
programs
with
the
vendors
it's
its
own
process
and
also
we
are
working
with
some
major
vendors
as
well,
the
junipers,
the
cisco
they
are
already
working
with
us,
so
nokia.
In
essence,
all
the
all
the
vendors,
the
major
vendors
in
the
world
globally
they're
working
with
us-
and
we
are
very
much
hopeful.
We,
I
think
we
will
get
a
very
good
output
within
a
very
short
time.
A
B
B
B
So
I
I
think
manners
is
very
well
positioned
already
to
achieve
that
and
I
think
the
further
work
that
will
be
done
in
research
circles
and
in
the
practical
implementation
through
the
partners
of
manners.
As
we've
spoken
about
nogs
network
operators,
tier
ones
isps,
ixps
cdns,
you
name
it
that
menas
is
well
positioned
with
those
non-state
actors
because
remember
a
lot
of
the
united
nations.
Work
is
done
with
state-based
actors
very,
very
important
for
non-state
actors
now
to
be
involved
and
the
operationalization
of
those
norms.
A
C
An
extent
enough,
but
again
path,
validation
is
something
that
is
missing.
So
there's
a
draft
in
ietf
sidrops
that
is
focused
on
asp,
that
is
autonomous
system
provider
authorization.
So
I
think
once
it
gets
a
standard
it
gets
standardized,
maybe
possibly
manager
should
start
adopting
aspa
into
the
path.
Validation
as
well,
so
bgp
sec
is,
is
not
going
to
happen
in
in
few
years,
at
least
so.
Asp
is
a
good
candidate
other
than
that.
I
think
most
of
the
actions
to
an
extent
should
should
stop.
B
A
Great
thanks
ben
next.
The
the
next
thing
I
would
like
to
discuss
is
about
the
policy.
So
it's
an
open
one.
Anyone
from
three
of
you
can
actually
answer
that.
So
do
you
think
that
we
can
we
can
work
with
local
communities
or
with
specific
countries
or
regulatory
affairs
of
those
countries
to
enforce
policies
to
make
sure
that
manners
is
adopted
by
all
the
network
operators
of
that
country
or
of
that
locality?
Do
you
think
it's
a
good
idea,
or
do
you
think
it
will
be?
A
B
It's
going
to
require
just
not
just
non-state
actors,
which
is
what
we
tend
to
deal
with
a
lot
of
manners,
and
quite
rightly,
but
there
is
a
need
for
for
government.
There
is
a
need
for
some
discussions
from
regulators
to
have
not,
of
course,
at
all,
proposing
heavy-handed
regulation
in
this
space.
What
I'm
saying
is
what
assists
a
lot
of
the
time
I've
found
personally
with
progress
in
that
way
is
the
presence
of
both
state
and
non-state
actors
in
those
discussions.
So
I
think
sometimes
we
tip
the
balance
too
much
either
way.
B
I
think
sometimes
the
united
nations
process,
for
example,
is
obviously
dominated
by
state-based
actors,
but
have
the
realization
now
is.
It
requires
non-state
actors,
like
penis
participants,
partners
and
manners
to
assist
to
operationalize
on
the
flip
side.
To
that
I
think
sometimes
we
we
leave
a
lot
of
this
at
the
fee
at
the
at
the
door
of
the
non-state-based
actors,
the
the
nogs,
the
network
operators
and
so
forth,
when
I
think
actually,
there's
probably
more
of
a
input
required
from
state-based
actors
there
as
well.
A
Thanks
ben
navin,
we
are
into
the
last
four
minutes
of
this
stream.
So
a
quick
answer
from
you.
So,
as
ben
stated
about
making
a
balance
among
the
all,
the
participants
like
state
or
non-state
participants
like
like,
there
are
syrian
operators.
There
are
network
operators,
there
are
vendors,
there
are
policy
makers,
so
also
other
management
bodies
who
actually
doesn't
want
to
understand
that.
A
C
So
we
what
we
do
is
like
we
mix
audiences.
We
talk
to
the
government
agencies
as
well,
but
the
problem
is,
the
lack
of
participation
is
what
the
problem
is.
Unless
they
come
out
and
participate
in
sessions
and
open
meetings
or
open
discussions
or
or
attend
webinars,
it
will
be
a
little
bit
tough
task
for
the
miners
community
to
penetrate
into
the
regulatory.
But
I
am
not
very
much
of
I'm
not
very
much
a
person
who
supports
regulatory
impositions
on
manners.
They
can
have
it
as
a
recommendation.
C
That
would
be
the
best
option
rather
than
making
it
as
a
mandatory
regulatory
action.
So
maybe
a
suggestion,
or
it
can
be
a
recommendation
for
the
operators,
because
we
we
don't
want
because
considering
the
internet
community,
there
is
nothing
like
we
don't
want
something
to
be
imposed
right,
so
it
can
be
unoptional.
A
Yeah,
I
mean
absolutely
right:
the
the
force
force
enforcement
of
any
kind
is
not
actually
be
welcomed
by
anybody,
so
we
can
pursue
the
technical
teams,
we
can
train
them.
We
can
spread
the
knowledge
and
we
can
make
them
understand.
We
can
make
the
examples
visible
to
them
and
in
this
way
I
guess
that
would
be
a
better
way
to
approach
the
network
operators
or
the
entities
to
implement
manners
into
their
network,
so
we're
into
the
last
minute
of
this
stream
on
urban
last
one.
A
D
Follow
all
the
pillars
of
manners,
you
should
follow
all
the
pillars
of
manners
and
I
hope
we
can
cover
at
least
a
99
percent
problem
of
your
network,
the
basic
problems
we
which
we
are
creating
nowadays
for
the
global
table.
Every
day
we
are
doing
route
clicks
every
day
we
are
doing
prefix
hijacking.
A
Thanks
a
lot
on
on
even
very
nice
answer
as
an
event
said.
On
a
closing
note,
I
would
like
to
request
all
the
network
operators
to
join
manners
and
adopt
all
the
actions.
Thank
you.
Everybody
take
care,
have
a
good
day,
looking
forward
to
next
comedy
week
in
future
bye.
Thank
you.
Thank
you.
Bye-Bye
thank.