[Newsclips] IETF SYN-ACK Newspack 2021-01-25

David Goldstein <david@goldsteinreport.com> Mon, 25 January 2021 05:09 UTC

Return-Path: <david@goldsteinreport.com>
X-Original-To: newsclips@ietfa.amsl.com
Delivered-To: newsclips@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5296F3A0E34 for <newsclips@ietfa.amsl.com>; Sun, 24 Jan 2021 21:09:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.012
X-Spam-Status: No, score=0.012 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id c2RZZLkWfziQ for <newsclips@ietfa.amsl.com>; Sun, 24 Jan 2021 21:09:37 -0800 (PST)
Received: from karkinos.atomiclayer.com (karkinos.atomiclayer.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9399A3A0E37 for <newsclips@ietf.org>; Sun, 24 Jan 2021 21:09:37 -0800 (PST)
Received: from DavidDesktop2019 (unknown []) by karkinos.atomiclayer.com (Postfix) with ESMTPSA id 5E3E529901E for <newsclips@ietf.org>; Mon, 25 Jan 2021 00:09:29 -0500 (EST)
Authentication-Results: karkinos.atomiclayer.com; spf=pass (sender IP is smtp.mailfrom=david@goldsteinreport.com smtp.helo=DavidDesktop2019
Received-SPF: pass (karkinos.atomiclayer.com: connection is authenticated)
From: "David Goldstein" <david@goldsteinreport.com>
To: <newsclips@ietf.org>
Date: Mon, 25 Jan 2021 16:09:30 +1100
Organization: Goldstein Report
Message-ID: <00d501d6f2d8$46a31940$d3e94bc0$@goldsteinreport.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_00D6_01D6F334.7A13DF60"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: Adby1/xdVWCcviu+TDGsk2FX6yA3BA==
Content-Language: en-au
X-PPP-Message-ID: <20210125050935.1613555.88150@karkinos.atomiclayer.com>
X-PPP-Vhost: goldsteinreport.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/newsclips/4WYrLQU_sBEKDfDmGEkJ1a1niNA>
Subject: [Newsclips] IETF SYN-ACK Newspack 2021-01-25
X-BeenThere: newsclips@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF News Clips <newsclips.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/newsclips>, <mailto:newsclips-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/newsclips/>
List-Post: <mailto:newsclips@ietf.org>
List-Help: <mailto:newsclips-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/newsclips>, <mailto:newsclips-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2021 05:09:41 -0000

The IETF SYNACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.





End-to-end encryption must be easy to use

... The IETF defined E2EE with a message exchange format called RFC4880. It provides encryption, decryption, signing and key management functions. In 1999, free open source software, GNU Privacy Guard (GNUPG), was released to implement this format. It is available to run on Windows, Mac OS, Android and other operating systems.

< <https://www.innovationaus.com/end-to-end-encryption-must-be-easy-to-use/> https://www.innovationaus.com/end-to-end-encryption-must-be-easy-to-use/>


Securing the DNS in a Post-Quantum World: New DNSSEC Algorithms on the Horizon

... It will likely take several additional years for standards bodies such as the IETF to incorporate the new algorithms into security protocols. Broad deployments of the upgraded protocols will likely take several years more.

< <http://www.circleid.com/posts/20210119-securing-dns-in-a-post-quantum-world-new-dnssec-algorithms/> http://www.circleid.com/posts/20210119-securing-dns-in-a-post-quantum-world-new-dnssec-algorithms/>


Internet Governance and the Universal Declaration of Human Rights, Part 7: Articles 20-21

... It refers mainly to the work of groups like the IETF, the Internet Architectural Board (IAB) and ICANN in maintain the stability and security of the Internet backbone and its operational DNS.

< <http://www.circleid.com/posts/20210120-internet-governance-and-universal-declaration-human-rights-part-7/> http://www.circleid.com/posts/20210120-internet-governance-and-universal-declaration-human-rights-part-7/>


Tackling the Catch-22 of IPv6 enterprise uptake

... You might ask, 'Why didn't these organizations say something when IPv6 was being developed? Surely, it would have been obvious to them that they were going to have a hard time migrating their networks.' One of the persistent issues in Internet standards is the lack of involvement by large bricks-and-mortar industry companies. At IETF meetings, I can count on the fingers of one hand the traditional industries present from any economy.

< <https://blog.apnic.net/2021/01/25/tackling-the-catch-22-of-ipv6-enterprise-uptake/> https://blog.apnic.net/2021/01/25/tackling-the-catch-22-of-ipv6-enterprise-uptake/>


Role of Internet Technology in Future Mobile Data System

... What’s the solution? A common protocol that can handle inter-domain user mobility is the answer. c) A new IP perspective: In the future mobile data systems, IP will play a central role in the provision of faster and cost-effective interworking capability amid overlay networks. What is more, both telecom operators and ISPs should work closely with the authorized bodies such as IETF and 3rd generation partnership project (3GPP). The reason is simple and straightforward. These are standard organizations looking early for new possibilities to employ IP and maintain their mobility and security across different wireless networks.

< <https://www.dailygame.net/tech/role-of-internet-technology-in-future-mobile-data-system> https://www.dailygame.net/tech/role-of-internet-technology-in-future-mobile-data-system>


Hacker Pig Latin: A Base64 Primer for Security Analysts

... One facet of the SMTP protocol that makes this clear is the end of message indicator. In SMTP, the signal an email client uses to show the end of a message is for it to supply a single line that contains only a period. (SMTP Protocol implementation details, although long, are surprisingly easy to read: tools.ietf.org/html/rfc2821.

< <https://www.darkreading.com/edge/theedge/hacker-pig-latin-a-base64-primer-for-security-analysts/b/d-id/1339921> https://www.darkreading.com/edge/theedge/hacker-pig-latin-a-base64-primer-for-security-analysts/b/d-id/1339921>


Netz-Standardisierungsgremium IETF wählt erstmals deutschen Vorsitzenden [Network standardisation body IETF elects German chairman for the first time]

Lars Eggert wird neuer Vorsitzender der IETF. Damit bekommt die wichtigste Standardisierungsorganisation für die Weiterentwicklung und Pflege der Internet Protokolle erstmals einen deutschen Chef. Das kündigte das Nominierungskommittee der IETF (NomCom) am Abend des 15. Januar 2021 an.

< <https://www.heise.de/news/Netz-Standardisierungsgremium-IETF-waehlt-erstmals-deutschen-Vorsitzenden-5027239.html> https://www.heise.de/news/Netz-Standardisierungsgremium-IETF-waehlt-erstmals-deutschen-Vorsitzenden-5027239.html>


Digicert Fala sobre o CA/B Fórum e sua atuação como AC [Digicert Talks about the CA/B Forum and its performance as AC]

... O Server Certificate Ballot 33 adicionou um novo método de validação baseado no IETF RFC 8737, substituindo um método de validação IETF anterior que foi retirado devido a problemas de segurança. A cédula foi aprovada pela DigiCert.

< <https://cryptoid.com.br/banco-de-noticias/digicert-fala-sobre-o-ca-b-forum-e-sua-atuacao-como-ac/> https://cryptoid.com.br/banco-de-noticias/digicert-fala-sobre-o-ca-b-forum-e-sua-atuacao-como-ac/>


Ko je človeštvo vstopilo v digitalni oblak [When mankind entered the digital cloud]

... Na tej podlagi in na temelju svobode v raziskovanju, ki so si jo izborili znanstveniki, je nastal globalni internet. Svobodo raziskovalnega ustvarjanja so pokazali tudi z razvojem in imenovanjem internetnih standardov. Rešitve, ki so jih razvijali in ki so bile pozneje sprejete kot standardi internetnih tehnologij, so poimenovali request for comments (RFC) oziroma zahteva za pripombe. Rešitve, ki so nastajale v posameznih skupinah, so bile poslane vsem sodelujočim, ti pa so pripombe poslali nazaj v omrežje. Rešitev je bila sprejeta le na podlagi preizkusa, ki je pokazal, da deluje v nastajajočem globalnem omrežju, pod pogojem, da je bila izdelana na podlagi sprejete specifikacije in pri dveh različnih skupinah razvijalcev. Če sta implementaciji medsebojno delovali v omrežju, je bila rešitev sprejeta, kot javen, vsem dostopen internetni standard RFC. Organizacija, ki še vedno skrbi za stare in nove RFC, je IETF.

< <https://www.delo.si/novice/znanoteh/ko-je-clovestvo-vstopilo-v-digitalni-oblak/> https://www.delo.si/novice/znanoteh/ko-je-clovestvo-vstopilo-v-digitalni-oblak/>


저장된 비밀번호를 보호하는 최선의 방법, 해싱의 정의와 작동 방식 [The best way to protect your stored passwords, what hashing is and how it works]

... 비밀번호 해싱과 보관의 경우, 최근 IETF 초안에서 아르곤2(Argon2, 2015년 비밀번호 해싱 대회 우승작), 비크립트(Bcrypt), S크립트(Scrypt), PBKDF2를 사용하도록 권고했다. 

< <https://www.itworld.co.kr/howto/179554> https://www.itworld.co.kr/howto/179554>


Bezpłatna usługa HTTP/3 (QUIC) – turbodoładowanie dla twojej strony www [Free HTTP/3 (QUIC) service – turbocharging for your website]

HTTP/3 (QUIC) umożliwiający szybkie ładowanie stron www wprowadzony został w 2018 roku, jednak ciągle stanowi innowację na rynku usług internetowych. home.pl prędko doceniło potencjał nowego protokołu, dlatego zaoferowało klientom bezpłatne korzystanie z tego nowatorskiego i pożytecznego narzędzia.

< <https://whatnext.pl/bezplatna-usluga-http-3-quic-home-pl/> https://whatnext.pl/bezplatna-usluga-http-3-quic-home-pl/>





Whac-A-Mole: Six years of DNS spoofing

DNS is important in nearly all interactions on the Internet but DNS is easy to spoof; third parties intercept and respond to queries for benign or malicious purposes. As nearly all large DNS providers use IP anycast to provide service from many physical locations, spoofing can often look like ‘just another site’.

< <https://blog.apnic.net/2021/01/22/whac-a-mole-six-years-of-dns-spoofing/> https://blog.apnic.net/2021/01/22/whac-a-mole-six-years-of-dns-spoofing/>


DNS Security, A Never-Ending Story

The DNS is the essential Internet phone book, mapping human-readable host names into machine-readable IP addresses. Without DNS, the Internet cannot function. When their DNS service is degraded or stopped, online businesses are disrupted, they lose revenue, and their reputation is on the line.

< <https://securityboulevard.com/2021/01/dns-security-a-never-ending-story/> https://securityboulevard.com/2021/01/dns-security-a-never-ending-story/>


Securing the DNS in a Post-Quantum World: Hash-Based Signatures and Synthesized Zone Signing Keys

In my last article, I described efforts underway to standardize new cryptographic algorithms that are designed to be less vulnerable to potential future advances in quantum computing. I also reviewed operational challenges to be considered when adding new algorithms to the DNSSEC.

< <https://blog.verisign.com/security/securing-the-dns-in-a-post-quantum-world-hash-based-signatures-and-synthesized-zone-signing-keys/> https://blog.verisign.com/security/securing-the-dns-in-a-post-quantum-world-hash-based-signatures-and-synthesized-zone-signing-keys/>


Securing the DNS in a Post-Quantum World: New DNSSEC Algorithms on the Horizon

One of the “key” questions cryptographers have been asking for the past decade or more is what to do about the potential future development of a large-scale quantum computer. If theory holds, a quantum computer could break established public-key algorithms including RSA and elliptic curve cryptography (ECC), building on Peter Shor’s groundbreaking result from 1994.

< <https://blog.verisign.com/security/securing-the-dns-in-a-post-quantum-world-new-dnssec-algorithms-on-the-horizon/> https://blog.verisign.com/security/securing-the-dns-in-a-post-quantum-world-new-dnssec-algorithms-on-the-horizon/>


Network-layer DDoS attack trends for Q4 2020

DDoS attack trends in the final quarter of 2020 defied norms in many ways. For the first time in 2020, Cloudflare observed an increase in the number of large DDoS attacks. Specifically, the number of attacks over 500Mbps and 50K pps saw a massive uptick.

< <https://blog.cloudflare.com/network-layer-ddos-attack-trends-for-q4-2020/> https://blog.cloudflare.com/network-layer-ddos-attack-trends-for-q4-2020/>


These are the top cybersecurity challenges of 2021

The far-reaching cybersecurity breaches of 2020, culminating in the widespread Solarwinds supply chain attack, were a reminder to decision-makers around the world of the heightened importance of cybersecurity. Cybersecurity is a board-level issue now for many firms.

< <https://www.weforum.org/agenda/2021/01/top-cybersecurity-challenges-of-2021/> https://www.weforum.org/agenda/2021/01/top-cybersecurity-challenges-of-2021/>


INTERPOL report charts top cyberthreats in Southeast Asia

An INTERPOL report has highlighted the key cybercrime trends and threats confronting the Association of Southeast Asian Nations (ASEAN) region. INTERPOL’s ASEAN Cyberthreat Assessment 2021 report outlines how cybercrime’s upward trend is set to rise exponentially, with highly organized cybercriminals sharing resources and expertise to their advantage.

< <https://www.interpol.int/News-and-Events/News/2021/INTERPOL-report-charts-top-cyberthreats-in-Southeast-Asia> https://www.interpol.int/News-and-Events/News/2021/INTERPOL-report-charts-top-cyberthreats-in-Southeast-Asia>


CISA Launches Campaign to Reduce the Risk of Ransomware

The Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign today, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat.

< <https://www.cisa.gov/news/2021/01/21/cisa-launches-campaign-reduce-risk-ransomware> https://www.cisa.gov/news/2021/01/21/cisa-launches-campaign-reduce-risk-ransomware>


Ransomware is now the biggest cybersecurity concern for CISOs

Phishing, account compromise and business email compromise attacks are all worries for organisations - but it's fear of ransomware attacks that is causing the biggest concern.

< <https://www.zdnet.com/article/ransomware-is-now-the-biggest-cybersecurity-concern-for-cisos/> https://www.zdnet.com/article/ransomware-is-now-the-biggest-cybersecurity-concern-for-cisos/>


2021 Trends in Cybersecurity

The highly sophisticated Russian hack that hit the Pentagon, multiple U.S. agencies, nuclear labs and Fortune 500 companies in December has brought cybersecurity back into the daily discussion. President-elect Joe Biden said he intends to make cybersecurity “a top priority at every level of government” from the moment he takes office.

< <https://www.cpomagazine.com/cyber-security/2021-trends-in-cybersecurity/> https://www.cpomagazine.com/cyber-security/2021-trends-in-cybersecurity/>


Biden Prodded to Take Muscular Approach to Cybersecurity

Officials and analysts are urging the Biden administration to be more aggressive than its predecessors in dealing with cyber threats from adversaries such as Russia and China as well as non-state actors.

< <https://www.nationaldefensemagazine.org/articles/2021/1/22/biden-prodded-to-take-muscular-approach-to-cybersecurity> https://www.nationaldefensemagazine.org/articles/2021/1/22/biden-prodded-to-take-muscular-approach-to-cybersecurity>


The Cybersecurity 202: Here's what lawmakers want Biden to do on cybersecurity in his first 100 days

The brand-new Biden administration is already thinking about how to counter a sweeping Russian-led hacking campaign that breached several federal agencies.

< <https://www.washingtonpost.com/politics/2021/01/21/cybersecurity-202-here-what-congress-wants-biden-do-cybersecurity-his-first-100-days/> https://www.washingtonpost.com/politics/2021/01/21/cybersecurity-202-here-what-congress-wants-biden-do-cybersecurity-his-first-100-days/>





Internet of Things-connected devices are inherently insecure, so to speak Tech Experts

Internet of Things-connected devices are inherently insecure, said Scott Poretsky, director of security at Ericsson, speaking at a Federal Communications Bar Association event Thursday.

< <https://www.compsmag.com/news/technology/internet-of-things-connected-devices-are-inherently-insecure-so-to-speak-tech-experts/> https://www.compsmag.com/news/technology/internet-of-things-connected-devices-are-inherently-insecure-so-to-speak-tech-experts/>

< <http://broadbandbreakfast.com/2021/01/internet-of-things-connected-devices-are-inherently-insecure-say-tech-experts/> http://broadbandbreakfast.com/2021/01/internet-of-things-connected-devices-are-inherently-insecure-say-tech-experts/>


Ars Technicast special edition, part 1: The Internet of Things goes to war

Welcome to a special edition of the Ars Technicast! Ars has partnered with Northrop Grumman to produce a two-part series looking at the evolution of connectivity on the modern battlefield—how the growing ubiquity of sensors and instrumentation at all levels of the military is changing the way we think about fighting.

< <https://arstechnica.com/information-technology/2021/01/ars-technicast-special-edition-part-1-the-internet-of-things-goes-to-war/> https://arstechnica.com/information-technology/2021/01/ars-technicast-special-edition-part-1-the-internet-of-things-goes-to-war/>





The Internet is Getting Old: The Common Thread in Recent Cloud Outages

What do Amazon, Google, Apple, Slack, Netflix and Telegram all have in common? First, in many ways, these companies have revolutionized the way we live, work, consume and communicate. Secondly, based in the cloud, each has become an essential tool in the everyday lives of billions of people. But there is also, they would admit, definitely room for improvement. In particular, in recent months, every one of these vaunted companies has experienced major outages -- with crippling effects on the people who have come to rely on them for completing everyday tasks.

< <https://www.nasdaq.com/articles/the-internet-is-getting-old%3A-the-common-thread-in-recent-cloud-outages-2021-01-22> https://www.nasdaq.com/articles/the-internet-is-getting-old%3A-the-common-thread-in-recent-cloud-outages-2021-01-22>


Mongolia hits 100% ROA coverage

Never underestimate the power of community. This has been the biggest lesson that we, in Mongolia, have learnt in our journey to become the second economy in the world to reach 100% Route Origin Authorization (ROA) coverage.

< <https://blog.apnic.net/2021/01/21/mongolia-hits-100-roa-coverage/> https://blog.apnic.net/2021/01/21/mongolia-hits-100-roa-coverage/>


Looking Back and Planning Ahead for Supporting a Diverse and Global Internet Universal Acceptance (UA) Readiness

2020 was a year unlike any other. Since the start of the COVID-19 pandemic, the Internet has provided people a way to connect with friends and families, conduct business, and stay up-to-date with the latest information. At a time when we’ve been more physically distant than ever, it is important to ensure that the Internet becomes more inclusive, diverse, and multilingual to unite all users around the world.

< <https://uasg.tech/2021/01/looking-back-and-planning-ahead-for-supporting-a-diverse-and-global-internet-universal-acceptance-ua-readiness/> https://uasg.tech/2021/01/looking-back-and-planning-ahead-for-supporting-a-diverse-and-global-internet-universal-acceptance-ua-readiness/>


UASG Finds Promising Results for Internationalized Email Support Among Global Systems

Since its invention in 1971, sending and receiving emails has become cornerstone for many daily activities – from conducting business to connecting socially. However, even in our modern world, not every email system can support email addresses that use non-Latin languages, such as Arabic, Chinese, Russian, Thai, Hindi, and more.

< <https://uasg.tech/2021/01/uasg-finds-promising-results-for-internationalized-email-support-among-global-systems/> https://uasg.tech/2021/01/uasg-finds-promising-results-for-internationalized-email-support-among-global-systems/>


David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home