[Newsclips] IETF SYN-ACK Newspack 2023-11-27

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Call the Routing Police!

There was a somewhat unfortunate outage for a major communications service provider in Australia, Optus, in mid-November. It appears that one of their peer Border Gateway Protocol (BGP) networks mistakenly advertised a very large route collection to the Optus BGP network, which caused the routers to malfunction in some manner. ... The IETF? If the RIRs are not the Routing Police, then maybe the IETF is undertaking that role. After all the IETF was the venue where the technical standards for the distributed routing protocols were developed and where they are maintained. The intent of these technical standards is to increase the level of assurance that an implementation of the technology (in this case the BGP routing protocol) that adhered to the technical specification would interoperate with any other standards-conforming implementation.

< <https://www.potaroo.net/ispcol/2023-11/routingpolice.html> https://www.potaroo.net/ispcol/2023-11/routingpolice.html>

< <https://circleid.com/posts/20231122-call-the-routing-police> https://circleid.com/posts/20231122-call-the-routing-police>

< <https://blog.apnic.net/2023/11/23/call-the-routing-police/> https://blog.apnic.net/2023/11/23/call-the-routing-police/>

 

UK cyber agency signs its first IETF RFC

England’s National Cyber Security Centre has taken an unusual step out of the spotlight, authoring an IETF Request for Comment (IETF RFC) discussing indicators of compromise (IoCs) – symptoms that indicate a corporate system has suffered a data breach.

< <https://www.itnews.com.au/news/uk-cyber-agency-signs-its-first-ietf-rfc-602575> https://www.itnews.com.au/news/uk-cyber-agency-signs-its-first-ietf-rfc-602575>

 

NCSC Announces New Standard For Indicators of Compromise

The UK’s National Cyber Security Centre (NCSC) has revealed details of its first RFC for standards body the IETF – covering indicators of compromise (IoCs).

< <https://www.infosecurity-magazine.com/news/ncsc-standard-indicators-of/> https://www.infosecurity-magazine.com/news/ncsc-standard-indicators-of/>

 

RIPE Chair Team Reports - Looking Forward to RIPE 87

With our next RIPE Meeting one week from now in Rome and various other industry events taking place, this is a busy time for the community. The RIPE Chair team reports ahead of RIPE 87. ... IETF 118 Meeting: Being at the IETF 118 meeting in Prague, Czechia, was a great opportunity for have inspiring and constructive conversations and to continue to build relationships between the IETF and the operators community. In addition to that, I was invited to participate in the outreach programme the Internet Society organises for public policy makers. In my session, I described the Internet Registry System, the status of the IPv6 deployment and the role of the RIPE community in coordinating network operations.

< <https://labs.ripe.net/author/mirjam_kuhne/ripe-chair-team-reports-looking-forward-to-ripe-87/> https://labs.ripe.net/author/mirjam_kuhne/ripe-chair-team-reports-looking-forward-to-ripe-87/>

 

DNS at 40 keeps improving with better security

... In November 2023, 40 years after the DNS was first proposed, a series of new standards bringing enhanced capabilities to DNS resolution was published by the IETF. The IETF is the organization responsible for internet standards including the DNS. Among the new standards that have been finalized are:

< <https://www.sdxcentral.com/articles/feature/dns-at-40-keeps-improving-with-better-security/2023/11/> https://www.sdxcentral.com/articles/feature/dns-at-40-keeps-improving-with-better-security/2023/11/>

 

The SSO tax is killing trust in the security industry

... What we need fixes for single sign-on: Application providers must do better at adhering to the guidance provided by SSO providers on authentication token content. Here are some ideas for addressing this issue: ... Collaborate with browser makers: Browser developers should play a bigger role than they do now. Browser-based approaches reduce the burden on application developers, bring more consistency to bear on technical approaches and open opportunities for novel approaches. For example, there has been much discussion around whether browsers can ensure session tokens are bound to specific browser instances. Earlier efforts such as Token Binding, which was implemented by Microsoft Edge on Windows 10, were not very popular. Google abandoned efforts to build Token Binding in Chrome. The new IETF mechanisms of DPoP to sender-constraint tokens are a good starting point. They need to translate to actual solutions that applications and browsers can incorporate. There is an interesting proposal for Microsoft Edge based on DPoP, called BPoP. Something like this should be implemented in all browsers.

< <https://www.csoonline.com/article/1248700/the-sso-tax-is-killing-trust-in-the-security-industry.html> https://www.csoonline.com/article/1248700/the-sso-tax-is-killing-trust-in-the-security-industry.html>

 

OpenSSL 3.2 Released With Client-Side QUIC, SSL/TLS Security Level 2 Default

... OpenSSL 3.2 introduces many new features and improvements for this very important library. Among the OpenSSL 3.2 release highlights are: ... Support for client-side QUIC. including multi-stream support. QUIC is the general purpose transport layer network protocol that was developed by Google and since adopted by the IETF. With OpenSSL 3.2 is only the client-side QUIC support while for OpenSSL 3.3~3.4 over the next year they aim to further complete this QUIC implementation.

< <https://www.phoronix.com/news/OpenSSL-3.2-Released> https://www.phoronix.com/news/OpenSSL-3.2-Released>

 

Gouvernance d’Internet : la Chine promeut sa propre norme pour gagner en « maîtrise » [Internet governance: China promotes its own standard for winning “control”]

... Mis au point depuis trente ans par l’IETF, le groupe de travail de l’ingénierie d’Internet au sein de l’Internet Architecture Board (IAB), l’IPv6 doit évoluer pour faire face aux défis technologiques que posent les milliards de connexions mobiles (4G-5G et, bientôt, 6G), le très haut débit, l’intelligence artificielle, les objets connectés ou encore les cyberattaques. L’UIT travaille étroitement avec l’IETF.

< <https://www.lemonde.fr/economie/article/2023/11/24/gouvernance-d-internet-la-chine-promeut-sa-propre-norme-pour-gagner-en-maitrise_6202165_3234.html> https://www.lemonde.fr/economie/article/2023/11/24/gouvernance-d-internet-la-chine-promeut-sa-propre-norme-pour-gagner-en-maitrise_6202165_3234.html>

 

Rashid Ismailov, ancien ministre des télécoms en Russie : « Le modèle actuel de la gouvernance d’Internet est désuet » [Rashid Ismailov, former telecoms minister in Russia: “The current model of Internet governance is outdated”] [registration]

Dans un entretien au « Monde », le candidat malheureux au poste de secrétaire général de l’agence onusienne Union internationale des télécoms estime qu’une nouvelle approche est nécessaire pour relever les défis de la révolution numérique et défend, dans le même temps, la censure russe.

< <https://www.lemonde.fr/economie/article/2023/11/26/rashid-ismailov-ancien-ministre-des-telecoms-en-russie-le-modele-actuel-de-la-gouvernance-d-internet-est-desuet_6202485_3234.html> https://www.lemonde.fr/economie/article/2023/11/26/rashid-ismailov-ancien-ministre-des-telecoms-en-russie-le-modele-actuel-de-la-gouvernance-d-internet-est-desuet_6202485_3234.html>

 

OpenSSL 3.2 erschienen mit QUIC-Unterstützung [OpenSSL 3.2 released with QUIC support]

... Wichtigste Merkmale von OpenSSL 3.2: ... Client-seitige QUIC-Unterstützung: Mit OpenSSL 3.2 wird die Unterstützung für Client-seitiges QUIC eingeführt, ein vielseitiges Transportschicht-Netzwerkprotokoll, das ursprünglich von Google entwickelt und jetzt von der IETF übernommen wurde. In dieser Version ist die Unterstützung von Multistreams enthalten, und es ist geplant, die QUIC-Implementierung in den kommenden Versionen (OpenSSL 3.3~3.4) weiter zu vervollständigen.

< <https://www.pcmasters.de/security/133712644-openssl-3-2-erschienen-mit-quic-unterstuetzung.html> https://www.pcmasters.de/security/133712644-openssl-3-2-erschienen-mit-quic-unterstuetzung.html>

 

Britse overheid publiceert RFC over gebruik van Indicators of Compromise

... Volgens het Britse National Cyber Security Centre (NCSC) maken 'cyber defenders' vaak gebruik van IoC's om malafide activiteiten op hun netwerken te identificeren, traceren en blokkeren. Om organisaties te wijzen op het belang van IoC's en hiermee bekend te maken heeft het Britse NCSC een RFC (Request for Comments) gepubliceerd. Via een RFC documenteert de IETF internetstandaarden.

< <https://www.security.nl/posting/818950/Britse+overheid+publiceert+RFC+over+gebruik+van+Indicators+of+Compromise> https://www.security.nl/posting/818950/Britse+overheid+publiceert+RFC+over+gebruik+van+Indicators+of+Compromise>

 

Відбувся реліз OpenSSL 3.2 зі стандартним SSL/TLS Security Level 2 та підтримкою QUIC на стороні клієнта [OpenSSL 3.2 with standard SSL/TLS Security Level 2 and client-side QUIC support]

... Серед основних нововведень версії OpenSSL 3.2 називають: ... Підтримка QUIC на стороні клієнта, включаючи підтримку кількох потоків. QUIC – це транспортний мережевий протокол загального призначення, розроблений Google та прийнятий IETF. В OpenSSL 3.2 передбачено лише підтримку QUIC на стороні клієнта, а в OpenSSL 3.3~3.4 наступного року планується доопрацювати реалізацію QUIC.

< <https://itc.ua/ua/novini/vidbuvsya-reliz-openssl-3-2-zi-standartnym-ssl-tls-security-level-2-ta-pidtrymkoyu-quic-na-storoni-kliyenta/> https://itc.ua/ua/novini/vidbuvsya-reliz-openssl-3-2-zi-standartnym-ssl-tls-security-level-2-ta-pidtrymkoyu-quic-na-storoni-kliyenta/>

 

**********************

SECURITY & PRIVACY

**********************

BCP 185 is a ‘must do’ 

The most impactful ‘should do’ in BCP 185 is requesting transit providers use Resource Public Key Infrastructure (RPKI) validation on all eBGP sessions. All sessions, meaning their upstream providers (if they have any), their peering sessions, and, of course, all customer BGP sessions.

< <https://www.manrs.org/2023/11/bcp-185-is-a-must-do/> https://www.manrs.org/2023/11/bcp-185-is-a-must-do/>

 

**********************

INTERNET OF THINGS

**********************

Breakthrough in tackling increasing demand by ‘internet of things’ on mobile networks

A novel technology to manage demands on mobile networks from multiple users using Terahertz frequencies has been developed by University of Leicester computer scientists.

< <https://le.ac.uk/news/2023/november/mobile-networks-demand> https://le.ac.uk/news/2023/november/mobile-networks-demand>

 

WIOTC 2023 highlights power of IoT for global development

The 2023 World Internet of Things Convention (WIOTC) convened in Beijing from Nov. 20-21, 2023, under the theme "New IoT, New Economy, New Era."

< <http://www.china.org.cn/business/2023-11/21/content_116829495.htm> http://www.china.org.cn/business/2023-11/21/content_116829495.htm>

 

**********************

QUANTUM NETWORKING

**********************

Ministers plough £2bn into making quantum technology ‘Britain’s ChatGPT’

Britain is investing £2.5 billion in quantum technologies in the hope it can provide a ChatGPT-style boost to the economy and protect against spies, the Science Minister has said.

< <https://www.telegraph.co.uk/news/2023/11/25/ministers-plough-2bn-quantum-technology-britains-chatgpt/> https://www.telegraph.co.uk/news/2023/11/25/ministers-plough-2bn-quantum-technology-britains-chatgpt/> [subscription]

< <https://www.msn.com/en-gb/money/technology/ministers-plough-2bn-into-making-quantum-technology-britain-s-chatgpt/ar-AA1kvD9c> https://www.msn.com/en-gb/money/technology/ministers-plough-2bn-into-making-quantum-technology-britain-s-chatgpt/ar-AA1kvD9c>

 

National Quantum Strategy Missions

In March 2023, the government published the National Quantum Strategy, where it committed to publishing long-term quantum missions to galvanise technology development towards ambitious outcomes.

< <https://www.gov.uk/government/publications/national-quantum-strategy/national-quantum-strategy-missions> https://www.gov.uk/government/publications/national-quantum-strategy/national-quantum-strategy-missions>

 

QIA concludes Quantum Internet Application Challenge 2023, names best submission

Quantum Internet Alliance (QIA) has concluded the Quantum Internet Application Challenge 2023 and selected “qperf” as the most impressive submission for this round.

< <https://quantuminternetalliance.org/2023/11/21/qia-concludes-quantum-internet-application-challenge-2023-names-best-submission/> https://quantuminternetalliance.org/2023/11/21/qia-concludes-quantum-internet-application-challenge-2023-names-best-submission/>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

US hosts large scale 3GPP WG meetings

The North American 3GPP Organizational Partner, ATIS has welcomed over 1800 experts to Chicago, to attend 15 of the 3GPP Working Groups – spanning all three 3GPP Technical Specification areas: Service and System Aspects, Core Network and Terminals and Radio Access Networks.

< <https://www.3gpp.org/news-events/3gpp-news/atis-chicago-wgs> https://www.3gpp.org/news-events/3gpp-news/atis-chicago-wgs>

 

OpenSSL 3.2 implementiert TCP-Nachfolger QUIC [OpenSSL 3.2 implements TCP successor QUIC]

Die Entwickler hinter der beliebten Open-Source-Kryptobibliothek OpenSSL haben Version 3.2.0 freigegeben. Mit diesem Release gibt es nun auch erste Ansätze zur QUIC-Implementierung. Bei QUIC handelt es sich um ein Transportprotokoll, das bereits als TCP-Nachfolger gehandelt wird.

< <https://www.heise.de/news/QUIC-kommt-an-OpenSSL-3-2-bringt-erste-Implementierung-9538866.html> https://www.heise.de/news/QUIC-kommt-an-OpenSSL-3-2-bringt-erste-Implementierung-9538866.html>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Internet.nl available as 'ready-to-go' Docker package

Today Internet.nl launches a new version of its test tool in the form of a 'ready-to-go' package based on Docker. It makes deploying, developing, testing and scaling the code base much easier. In addition, in this new version, the Referrer-Policy test has been extended to evaluate found policies and several other improvements have been made. Happy testing!

< <https://internet.nl/article/release-1.8/> https://internet.nl/article/release-1.8/>

 

Stop shaming service providers for outages, argues APNIC chief scientist

The chief scientist of the Asia-Pacific Network Information Centre (APNIC), the region's internet registry, as called for operators of digital infrastructure to share more info about their outages.

< <https://www.theregister.com/2023/11/24/routing_police/> https://www.theregister.com/2023/11/24/routing_police/>

 

IAB Seeks Feedback on Independent Submissions Editor

As part of its oversight responsibility for the Independent Stream, the IAB is soliciting comments from the community on the performance of the Independent Submissions Editor, Eliot Lear. The IAB is interested in comments on the last two years of operation of the Independent Stream and Eliot’s activities as ISE.

< <https://www.iab.org/2023/11/22/iab-seeks-feedback-on-independent-submissions-editor-2/> https://www.iab.org/2023/11/22/iab-seeks-feedback-on-independent-submissions-editor-2/>

 

World Television Day: Enabling TV development for 75 years

Since 1948, the International Telecommunication Union (ITU) has worked closely with broadcasters to develop new standards and systems aligned with the latest broadcasting technologies.

< <https://www.itu.int/hub/2023/11/world-television-day-enabling-tv-development-for-75-years/> https://www.itu.int/hub/2023/11/world-television-day-enabling-tv-development-for-75-years/>

 

Go on a Psychedelic Journey of the Internet's Growth and Evolution

Security researcher Barrett Lyon, who makes visualizations of the internet's network infrastructure, is back with a new piece chronicling the rise of the IPv6 protocol.

< <https://www.wired.com/story/ipv6-data-visualization/> https://www.wired.com/story/ipv6-data-visualization/>

 

Charting the Future: 2023 China 5G + Industrial Internet Conference kicks off in Wuhan

The China 5G+ Industrial Internet Conference has kicked off in the central Chinese city of Wuhan. The event is jointly hosted by the Ministry of Industry and Information Technology and the People's Government of Hubei Province.

< <https://news.cgtn.com/news/2023-11-20/VHJhbnNjcmlwdDc2MDI3/index.html> https://news.cgtn.com/news/2023-11-20/VHJhbnNjcmlwdDc2MDI3/index.html>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home