[Newsclips] IETF SYN-ACK Newspack 2021-10-25

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

 

**********************

IETF IN THE NEWS

**********************

Autonomic Networking Gets Serious by Michael Behringer et al [Cisco Internet Protocol Journal - p2]

In May 2021, six Request For Comments (RFCs) about autonomic networking were published as a result of the work of the Autonomic Networking Integrated Model and Approach (ANIMA) working group of the IETF. These RFCs complete the initial charter of that working group, which was started in late 2014; however, the first documents to be discussed in the IETF and Internet Research Task Force (IRTF) were posted in 2012[13]). This foundation now allows the industry to build IETF-standardized network solutions for an Autonomic Networking Infrastructure (ANI) into every network device.

< <https://ipj.dreamhosters.com/wp-content/uploads/2021/10/243-ipj.pdf> https://ipj.dreamhosters.com/wp-content/uploads/2021/10/243-ipj.pdf>

 

A Survey on Securing Inter-Domain Routing: Part 1 – BGP: Design, Threats, and Security Requirements by Geoff Huston [Cisco Internet Protocol Journal - p19]

The Border Gateway Protocol (BGP) is the inter-domain routing protocol on the Internet, and after some 30 years of operation, BGP is now one of its more venerable core proto-cols. One of the major ongoing concerns related to BGP is its lack of effective security measures, and as a result the routing infrastructure of the Internet continues to be vulnerable to various forms of attack. In Part 1 of this study, we will look at the design of BGP, the threat model, and the requirements from a security framework for BGP. In Part 2 we will look at the various proposals to add security to the routing environment and also evaluate the current state of the effort in the IETF to provide a standard specification of the elements of a secure BGP framework.

< <https://ipj.dreamhosters.com/wp-content/uploads/2021/10/243-ipj.pdf> https://ipj.dreamhosters.com/wp-content/uploads/2021/10/243-ipj.pdf>

 

DNSSEC with RSA-4096 keys by Geoff Huston

Let’s look at the operation of DNSSEC and its use of public key cryptographic algorithms. ... There has been some recent review of this 2020 Flag Day recommendation, and an Internet draft in the DNSOP Working Group of the IETF recommends a EDNS UDP buffer size of 1,400 octets, which would certainly accommodate the larger responses of DNSKEY records when using RSA-4096 and corresponds with common current practice in DNS resolvers while still avoiding gratuitous truncation and re-query over TCP.

< <https://www.potaroo.net/ispcol/2021-10/rsa.html> https://www.potaroo.net/ispcol/2021-10/rsa.html>

< <https://blog.apnic.net/2021/10/18/dnssec-with-rsa-4096-keys/> https://blog.apnic.net/2021/10/18/dnssec-with-rsa-4096-keys/>

 

Overcoming the Challenges of IPv4 Exhaustion

... In a sense, IPv4 exhaustion results from the internet being too popular for its own good. When the IETF introduced the standard in 1981, the more than 4 billion addresses it encompassed seemed more than ample. Within a decade, though, it had become apparent that far more would be needed. IPv6, a successor specification introduced in 1998 and ratified as a standard in 2017, can accommodate virtually unlimited IP connectivity.

< <https://www.enterprisetimes.co.uk/2021/10/20/overcoming-the-challenges-of-ipv4-exhaustion/> https://www.enterprisetimes.co.uk/2021/10/20/overcoming-the-challenges-of-ipv4-exhaustion/>

 

High-performance networks allow us to reimagine the value of digital

High-performance 5G networks are bringing limitless connectivity, unlocking higher predictability and up to five-nines resilience across existing and new business, society, and mission-critical use cases. With such a powerful foundation, the new era of digital infrastructure is opening up the possibilities for innovation and business delivery that are beyond the imaginable. ... As industries and technologies begin to develop, scale and shift rapidly, this strong baseline will continue to be secured through common global mobile standards frameworks such as 3GPP, IETF, ETSI, GSMA, and NIST, as well as industry-specific fora such as 5GAA and AECC, and global cybersecurity consortia such as CONCORDIA.

< <https://www.ericsson.com/en/blog/2021/10/high-performance-networks-reimagine-value-digital> https://www.ericsson.com/en/blog/2021/10/high-performance-networks-reimagine-value-digital>

 

Microsoft 365 will get support for custom ARC configurations

... DMARC.org announced ARC in 2015, IETF's DMARC Working Group adopted it as an official work item in June 2016, and published the specification three years later, in July 2019.

< <https://www.bleepingcomputer.com/news/microsoft/microsoft-365-will-get-support-for-custom-arc-configurations/> https://www.bleepingcomputer.com/news/microsoft/microsoft-365-will-get-support-for-custom-arc-configurations/>

 

Das 112. Treffen der IETF im November findet nur online statt [The 112th meeting of the IETF in November will only take place online]

Das 112. Treffen der IETF findet im November 2021 leider nicht als Präsenzveranstaltung statt. Seit ihrem 108. Treffen im Juli 2020 waren alle Treffen nur online.

< <https://domain-recht.de/domain-events/sonstige-events/ietf-das-112-treffen-der-internet-engineering-task-force-im-november-findet-nur-online-statt-68121.html> https://domain-recht.de/domain-events/sonstige-events/ietf-das-112-treffen-der-internet-engineering-task-force-im-november-findet-nur-online-statt-68121.html>

 

Schutz vor Ransomware: Backups absichern [Ransomware Protection: Securing Backups]

... TOTP ist ein weithin akzeptierter und weitgehend integrierter Algorithmus mit MFA, der auf RFC-6238 der IETF basiert. Aufgrund der verbesserten Sicherheitsmerkmale, wie etwa dem verkürzten Ablauf des Passcodes, der typischerweise zwischen 30 und 90 Sekunden beträgt, wird TOTP häufig eingesetzt.

< <https://www.it-administrator.de/themen/sicherheit/365175.html> https://www.it-administrator.de/themen/sicherheit/365175.html>

 

DT und Ericsson testen erfolgreich neue 5G Low-Latency-Funktion für zeitkritische Anwendungen [DT and Ericsson successfully test new 5G low-latency function for time-critical applications] [news release]

... L4S ist eine neue Technologie, die auf einer Standardisierung der IETF basiert und einen hohen Durchsatz und eine niedrige Latenz für den IP-Verkehr bietet, was zu einem verbesserten, schnellen Management der Ratenanpassung und einer Verringerung von Netzwerkstaus, Warteschlangen und Paketverlusten führt.

< <https://www.presseportal.de/pm/13502/5052734> https://www.presseportal.de/pm/13502/5052734>

 

La UPF y DE-CIX crean una cátedra para promover el conocimiento sobre la interconexión del tráfico en Internet [UPF and DE-CIX create a chair to promote knowledge about the interconnection of Internet traffic]

... Con más de 25 años en el negocio, DE-CIX gestiona cerca de 30 intercambios de Internet en todo el mundo y alberga el ecosistema de interconexión neutral más grande del mundo. DE-CIX ha sido parte de la comunidad global de Internet desde su establecimiento y se ve a sí mismo como un pionero independiente de la digitalización. Desde el principio, DE-CIX ha tenido una influencia decisiva en la configuración de Internet, en una serie de organismos mundiales líderes como el Grupo de trabajo de ingeniería de Internet (IETF), al definir conjuntamente las condiciones marco para Internet del presente y del futuro, y también invirtiendo fuertemente en sus propios enfoques de Investigación y Desarrollo para el futuro de Internet y el tráfico de datos.

< <https://www.eleconomista.es/ecoaula/noticias/11441344/10/21/La-UPF-y-DECIX-crean-una-catedra-para-promover-el-conocimiento-sobre-la-interconexion-del-trafico-en-Internet.html> https://www.eleconomista.es/ecoaula/noticias/11441344/10/21/La-UPF-y-DECIX-crean-una-catedra-para-promover-el-conocimiento-sobre-la-interconexion-del-trafico-en-Internet.html>

 

Il piano della Cina per governare l’Internet del futuro [China's plan to govern the Internet of the future]

... Dal 2014, Houlin Zhao, detiene la carica di segretario-generale. Secondo Politico, sotto il suo lungo mandato Houlin avrebbe usato la sua posizione per favorire Huawei come vendor di tecnologia 5G in tutto il mondo, spingendo la discussione in direzione dello sviluppo delle reti di prossima generazione guidate dall’Intelligenza Artificiale (AI) sottraendo inoltre potere ad altri forum istituzionali internazionali deputati, come l’IETF, IETF o l’ICANN, rappresentativi della più ampia la società civile.

< <https://www.startmag.it/mondo/cina-internet-futuro/> https://www.startmag.it/mondo/cina-internet-futuro/>

 

Au fait, pourquoi Internet s’appelle Internet ? [By the fact, why is the Internet called the Internet?]

Internet est un réseau informatique mondial sur lequel circulent des informations de toutes sortes. C'est même un réseau de réseaux. Et c'est ce qui explique pourquoi il s'appelle ainsi. ... Et c’est cette spécificité qui a donné à Internet le nom d’Internet. On trouve dans les archives de l’IETF, une structure qui a pour mission de normaliser les protocoles sur le net, un document de 1974 signé par Vinton Cerf, Yogan Dalal et Carl Sunshine sur la première spécification du protocole TCP (Transmission Control Protocol), mentionnant Internet.

< <https://www.numerama.com/tech/748669-au-fait-pourquoi-internet-sappelle-internet.html> https://www.numerama.com/tech/748669-au-fait-pourquoi-internet-sappelle-internet.html>

 

2021全球IPv6下一代互联网峰会在广州开幕 [The 2021 Global IPv6 Next Generation Internet Summit opened in Guangzhou]

中新社广州10月21日电 (记者 王坚)由全球IPv6论坛(IPv6 Forum)、下一代互联网国家工程中心主办的“2021全球IPv6下一代互联网峰会”21日在广州南沙开幕。峰会现场，粤港澳下一代互联网产业创新中心、下一代互联网新技术联合实验室揭牌，并启动澳门科技大学大湾区科研专网。据了解，IPv6是互联网工程任务组(IETF)设计的用于替代IPv4的下一代IP协议。其不仅能解决网络地址资源数量的问题，还能解决多种接入设备连入互联网的障碍。

< <http://www.chinanews.com/cj/2021/10-21/9592023.shtml> http://www.chinanews.com/cj/2021/10-21/9592023.shtml>

< <https://news.sina.com.tw/article/20211021/40300966.html> https://news.sina.com.tw/article/20211021/40300966.html>

 

工信部：中国IPv6“高速公路”已全面建成 进入全新时代 [Ministry of Industry and Information Technology: China's IPv6 "highway" has been fully completed into a new era]

... IPv6是互联网协议第6版的缩写，是互联网工程任务组(IETF)设计的用于替代IPv4的下一代IP协议。早在2017年11月，中共中央办公厅、国务院办公厅印发《推进互联网协议第六版（IPv6）规模部署行动计划》，明确推进全国IPv6规模部署。

< <https://www.eet-china.com/mp/a84484.html> https://www.eet-china.com/mp/a84484.html>

< <http://5g.dizo.com.cn/yj/20211020/2032412.html> http://5g.dizo.com.cn/yj/20211020/2032412.html>

< <http://news.dizo.com.cn/yj/20211020/2032412.html> http://news.dizo.com.cn/yj/20211020/2032412.html>

 

拓宽IPv6应用领域 六家新行业产品获IPv6 Ready先锋奖 [Broaden IPv6 application fields, six new industry products won IPv6 Ready Pioneer Award]

... 是由全球IPv6论坛发起的，面向全球网络路由交换、终端以及网络安全产品等实施的一项国际测试认证，通过评测产品IPv6协议实现是否符合IETF标准，确保多厂商产品之间的互操作性性，推动全球IPv6规模部署。

< <https://www.sohu.com/a/496596258_104421> https://www.sohu.com/a/496596258_104421>

 

**********************

SECURITY & PRIVACY

**********************

Want to Help Guide the Future of the MANRS Routing Security Initiative? by Dan York

Would you like to help guide the future of the Mutually Agreed Norms for Routing Security (MANRS) initiative? As the MANRS community continues to develop new efforts to make the routing layer of the Internet more secure (ex. the equipment vendor program), would you like to help lead the work? The MANRS community is seeking volunteers for its new Steering Committee. The committee will lead the community as it evolves its governance model.

< <https://circleid.com/posts/20211019-want-to-help-guide-the-future-of-the-manrs-routing-security-initiative> https://circleid.com/posts/20211019-want-to-help-guide-the-future-of-the-manrs-routing-security-initiative>

 

EU countries to ‘explore the potential’ of a joint cyber unit

EU member states have opened to the Commission’s proposal for a Joint Cyber Unit while remaining cautious to avoid overlapping existing initiatives.

< <https://www.euractiv.com/section/cybersecurity/news/eu-countries-to-explore-the-potential-of-a-joint-cyber-unit/> https://www.euractiv.com/section/cybersecurity/news/eu-countries-to-explore-the-potential-of-a-joint-cyber-unit/>

 

DNSSEC with RSA-4096 keys by Geoff Huston, João Damas 

Let’s look at the operation of DNSSEC and its use of public key cryptographic algorithms. The DNSSEC specification does not define in advance which algorithm you should use to generate the digital signature records for a DNSSEC-signed zone. And that's a very good thing. The issue here is that cryptographic algorithms do not generate computationally impossible problems. Instead, they generate computationally infeasible problems.

< <https://www.potaroo.net/ispcol/2021-10/rsa.html> https://www.potaroo.net/ispcol/2021-10/rsa.html>

 

EU National Telecom Authorities analyse Security Supervision and Latest Security Threats

The EU National Telecom Authorities met in Athens, Greece for the 35th meeting of the ECASEC group. The European Union Agency for Cybersecurity also hosted the 1st Telecom Security Forum on this occasion.

< <https://www.enisa.europa.eu/news/enisa-news/eu-national-telecom-authorities-analyse-security-supervision-latest-security-threats> https://www.enisa.europa.eu/news/enisa-news/eu-national-telecom-authorities-analyse-security-supervision-latest-security-threats>

 

European Union’s Network and Information Security Directive Threatens Internet with Fragmentation and Creates Security Risks

The second iteration of the European Union’s Network and Information Security Directive, NIS 2, was written with good intentions. But many worry the cybersecurity rules could splinter the Internet and undermine security. Among those concerned are Internet Society chapters and members in Europe.

< <https://www.internetsociety.org/blog/2021/10/european-unions-network-and-information-security-directive-threatens-internet-fragmentation-and-creates-security-risks/> https://www.internetsociety.org/blog/2021/10/european-unions-network-and-information-security-directive-threatens-internet-fragmentation-and-creates-security-risks/>

 

Why Is the Client-Side Scanning a Concern for Encryption? by Nathalia Sautchuk-Patrício

As today is the Global Encryption Day, I decided to make my first post here on this topic. About two months ago, Apple caused a controversy by announcing the adoption of a measure to combat the spread of Child Sexual Abuse Materials (CSAM). The controversy was so huge that, a month after its announcement, Apple decided to postpone its plans for the new features to have more time to gather information from the various stakeholders and implement improvements before releasing the measures originally announced.

< <https://circleid.com/posts/20211021-why-is-the-client-side-scanning-a-concern-for-encryption> https://circleid.com/posts/20211021-why-is-the-client-side-scanning-a-concern-for-encryption>

 

Global Encryption Day – Help us Champion Strong Encryption

The first ever Global Encryption Day takes place on 21 October, 2021. An initiative from the Global Encryption Coalition (GEC), Global Encryption Day is an opportunity for businesses, civil society organizations, technologists, and millions of Internet users worldwide to show their communities why encryption matters to all of us.

< <https://www.internetsociety.org/blog/2021/10/global-encryption-day-help-us-champion-strong-encryption/> https://www.internetsociety.org/blog/2021/10/global-encryption-day-help-us-champion-strong-encryption/>

 

W3C co-signs the Global Encryption Day Statement

Today marks the inaugural Global Encryption Day. We are proud to be among the signatories of the Global Encryption Day Statement in support of strong encryption, organized by the Global Encryption Coalition (of which we are members).

< <https://www.w3.org/blog/2021/10/w3c-co-signs-the-global-encryption-day-statement/> https://www.w3.org/blog/2021/10/w3c-co-signs-the-global-encryption-day-statement/>

 

Protecting critical infrastructure from a cyber pandemic

We are in the midst of a “cyber pandemic”. In 2020, COVID-19 accelerated a transition towards remote working and the software being used for these attacks has become easier to execute, ransomware attacks have risen rapidly and continue to accelerate in 2021:

< <https://europeansting.com/2021/10/21/protecting-critical-infrastructure-from-a-cyber-pandemic/> https://europeansting.com/2021/10/21/protecting-critical-infrastructure-from-a-cyber-pandemic/>

< <https://theprint.in/opinion/we-are-in-the-middle-of-a-cyber-pandemic-digital-security-standards-need-reinforcing/755465/> https://theprint.in/opinion/we-are-in-the-middle-of-a-cyber-pandemic-digital-security-standards-need-reinforcing/755465/>

 

Modern wide area network architectures demand a new approach to security [Optus/Cisco paid content]

Today however, corporate networks are incredibly complicated. The data centre is now usually off-premises, corporate-owned applications have made their way into the public cloud, and staff are using multiple Software as a Service (SaaS) applications.

< <https://www.zdnet.com/paid-content/article/modern-wide-area-network-architectures-demand-a-new-approach-to-security/> https://www.zdnet.com/paid-content/article/modern-wide-area-network-architectures-demand-a-new-approach-to-security/>

 

How to: Threat hunting and threat intelligence

This APNIC network security series on threat hunting has so far covered a range of great and necessary tools/rules to help you with your threat hunt — it is hard to consider a hunt complete without using at least one of these techniques.

< <https://blog.apnic.net/2021/10/21/how-to-threat-hunting-and-threat-intelligence/> https://blog.apnic.net/2021/10/21/how-to-threat-hunting-and-threat-intelligence/>

 

Intel Owl v3.0.0 speeds up threat intelligence retrieval

Intel Owl is an Open Source Intelligence (OSINT) solution to get threat intelligence data about a specific file or observable from a single API at scale.

< <https://blog.apnic.net/2021/10/22/intel-owl-v3-0-0-speeds-up-threat-intelligence-retrieval/> https://blog.apnic.net/2021/10/22/intel-owl-v3-0-0-speeds-up-threat-intelligence-retrieval/>

 

**********************

INTERNET OF THINGS

**********************

Singapore and Shenzhen commit to further smart city collaborations

Singapore’s Ministry of Communications and Information (MCI) and Infocomm Media Development Authority (IMDA) have announced four new memorandum of understandings (MoUs) and detailed the early achievements of the first phase of the Singapore-China (Shenzhen) Smart City Initiative (SCI).

< <https://www.smartcitiesworld.net/news/singapore-and-shenzhen-commit-to-further-smart-city-collaborations-7038> https://www.smartcitiesworld.net/news/singapore-and-shenzhen-commit-to-further-smart-city-collaborations-7038>

 

ITU Journal: New special issues on Internet of Everything and machine learning for 5G

New special issues of the ITU Journal share research on the new concepts to enable the evolution of the Internet of Things into an Internet of Everything encompassing all possible information sources and destinations, as well as innovations in artificial intelligence (AI) and machine learning (ML) to optimize 5G and future networks.

< <https://www.itu.int/en/myitu/News/2021/10/19/15/33/ITU-journal-new-special-issues-on-internet-of-everything-and-machine-learning-for-5G> https://www.itu.int/en/myitu/News/2021/10/19/15/33/ITU-journal-new-special-issues-on-internet-of-everything-and-machine-learning-for-5G>

 

Ministerial Roundtables at ITU Digital World: Top five takeaways

Following the brutal impact of the COVID-19 pandemic, what is the role of government in accelerating the digital transformation of economies, societies, and lives around the world?

< <https://www.itu.int/en/myitu/News/2021/10/21/12/40/ITU-Digital-World-2021-Ministerial-Roundtables-top-5-takeaways> https://www.itu.int/en/myitu/News/2021/10/21/12/40/ITU-Digital-World-2021-Ministerial-Roundtables-top-5-takeaways>

 

Designing the Internet of Things: role for enterprise architects, IoT architects, or both?

We have the still-emerging Internet of Things, a mishmash of dispersed devices, sensors, kiosks, and systems that everyone promises will make our lives such much cooler. Refrigerators will not only talk to grocery stores, but also to their manufacturers to let them know if any performance issues are cropping up. Cars are already starting to talk to their original manufacturers. Aircraft engines are also in direct contact their manufacturers to let them know what's up -- or what may not be going up.

< <http://www.chinadaily.com.cn/a/202110/25/WS6175ee4da310cdd39bc70e4a.html> http://www.chinadaily.com.cn/a/202110/25/WS6175ee4da310cdd39bc70e4a.html>

 

Evaluating Technology Support For The Internet of Things

As manufacturers digitally transform their operations, finding the right technologies can be an overwhelming process. Don’t overlook your supplier’s ability to provide the right level of support when assessing technological capabilities.

< <https://www.automationworld.com/business-intelligence/article/21771801/evaluating-technology-support-for-the-internet-of-things> https://www.automationworld.com/business-intelligence/article/21771801/evaluating-technology-support-for-the-internet-of-things>

 

nl: A new release of SPIN: 1.0!

We're proud to announce that version 1.0 of our SPIN platform is released today. We've been working hard on a number of usability and security features of the platform itself, so that it can be safely used for your research and IoT device analysis.

< <https://www.sidnlabs.nl/en/news-and-blogs/a-new-release-of-spin-1-0> https://www.sidnlabs.nl/en/news-and-blogs/a-new-release-of-spin-1-0>

 

China's internet of things industry highly focused

Officials and experts are calling for greater efforts to build infrastructure for the internet of things industry and to accelerate its application in more sectors, as the IoT is widely seen as a pillar to bolster the development of China's digital economy.

< <http://www.chinadaily.com.cn/a/202110/25/WS6175ee4da310cdd39bc70e4a.html> http://www.chinadaily.com.cn/a/202110/25/WS6175ee4da310cdd39bc70e4a.html>

 

World Internet of Things Exposition opens in east China [Xinhua]

The 2021 World Internet of Things (IoT) Exposition, China's top IoT event, kicked off Saturday in the city of Wuxi, east China's Jiangsu Province.

< <http://www.china.org.cn/china/Off_the_Wire/2021-10/24/content_77829267.htm> http://www.china.org.cn/china/Off_the_Wire/2021-10/24/content_77829267.htm>

< <http://www.news.cn/english/2021-10/24/c_1310265930.htm> http://www.news.cn/english/2021-10/24/c_1310265930.htm>

 

Internet of things to put cloud in the shade for Industry 4.0

Research by global mobile satellite communications provider Inmarsat has revealed the increasing importance of internet of things (IoT) in industrial applications, predicting that investment in IoT is set to overtake cloud computing, next generation security, big data analytics and other digital transformation technologies in the near future.

< <https://www.computerweekly.com/news/252508226/Internet-of-things-to-put-cloud-in-the-shade-for-Industry-40> https://www.computerweekly.com/news/252508226/Internet-of-things-to-put-cloud-in-the-shade-for-Industry-40>

 

New cloud-enabled managed services launched for smart mobility

Smart mobility infrastructure company Iteris’ managed service offerings leverage its ClearMobility platform to help proactively oversee complex transportation operations.

< <https://www.smartcitiesworld.net/news/new-cloud-enabled-managed-services-launched-for-smart-mobility-7054> https://www.smartcitiesworld.net/news/new-cloud-enabled-managed-services-launched-for-smart-mobility-7054>

 

Smart road system prototype developed for Italian digital tourist city

The system, developed and tested by tech start-up T.net as part of the Taormina City Tech project, uses LoRa technology to send and receive information via a network of intelligent sensors.

< <https://www.smartcitiesworld.net/news/smart-road-system-prototype-developed-for-italian-digital-tourist-city-7052> https://www.smartcitiesworld.net/news/smart-road-system-prototype-developed-for-italian-digital-tourist-city-7052>

 

Sunderland progresses smart city ambitions with next-gen network

The UK city has announced a 20-year strategic partnership with BAI Communications to design, build and operate the digital infrastructure, which includes a private 5G small cell network.

< <https://www.smartcitiesworld.net/news/sunderland-progresses-smart-city-ambitions-with-next-gen-network-7048> https://www.smartcitiesworld.net/news/sunderland-progresses-smart-city-ambitions-with-next-gen-network-7048>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

You've heard of HTTPS. Now get a load of HTTPA: Web services in verified remote trusted environments?

Two Intel staffers believe web services can be made more secure by not only carrying out computations in remote trusted execution environments, or TEEs, but by also verifying for clients that this was done so.

< <https://www.theregister.com/2021/10/20/intel_sgx_httpa/> https://www.theregister.com/2021/10/20/intel_sgx_httpa/>

 

Many of the world's top websites still support older, deprecated security protocols

The top 100 websites routinely fail to follow Transport Layer Security (TLS) best practices and still support older, deprecated protocols, suggests a new report.

< <https://www.techradar.com/au/news/many-of-the-worlds-top-websites-still-support-older-deprecated-security-protocols> https://www.techradar.com/au/news/many-of-the-worlds-top-websites-still-support-older-deprecated-security-protocols>

< <https://www.msn.com/en-us/news/technology/many-of-the-worlds-top-websites-still-support-older-deprecated-security-protocols/ar-AAPQcv9> https://www.msn.com/en-us/news/technology/many-of-the-worlds-top-websites-still-support-older-deprecated-security-protocols/ar-AAPQcv9>

 

The 2021 TLS Telemetry Report

Creating an encrypted HTTPS website depends on a lot more than simply throwing a digital certificate at it and hoping for the best. As old protocols prove to be insecure and new standards emerge, it has never been more important to keep HTTPS configurations up to date. In fact, Transport Layer Security (TLS) and HTTPS misconfigurations are now so commonplace that in the 2021 OWASP Top 10, Cryptographic Failures now comes in second place.

< <https://www.f5.com/labs/articles/threat-intelligence/the-2021-tls-telemetry-report> https://www.f5.com/labs/articles/threat-intelligence/the-2021-tls-telemetry-report>

 

多窗口全视野 网易云信探索融合通信飞跃之路｜QCon2021 [Multi-window full-vision NetEase Cloud Letter explores the leap forward in converged communications| QCon2021]

... 当前，基于 Cronet 的统一网络库在网易云音乐已经实现了部分落地，比如 Android 端已经完整落地并在灰度放量中，iOS 端则还在接入中。据云音乐给出的线上数据，Cronet 在 HTTP/2 上有不错的性能优势，开启 QUIC 后优势进一步放大。后续，陈松茂和他们的团队，将继续挖掘 Cronet 的性能，并进行定制优化。另外，统一网络库也将逐步在网易云音乐，乃至整个网易内部实现更广泛的应用。

< <http://china.qianlong.com/2021/1023/6434948.shtml> http://china.qianlong.com/2021/1023/6434948.shtml>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Leonard Kleinrock Internet Pioneer by Dr. Morten Bay, USC Annenberg School of Communication

The emergence of the Internet has profoundly affected our existence and the world we live in. Rooted in the efforts of a small group of people who had a vision and performed the intense labor necessary to realize it, the Internet has grown into a technological movement born of the collaborations of its contributors. One of those essential early figures in the Internet’s history is Leonard Kleinrock. Morten Bay describes Kleinrock’s remarkable life and career as a co-creator of one of the greatest inventions in human history.

< <https://mbrjournal.com/2021/01/26/leonard-kleinrock-internet-pioneer/> https://mbrjournal.com/2021/01/26/leonard-kleinrock-internet-pioneer/>

 

Fifty Years On – What to Expect in the Next 50 Years of the Internet by Geoff Huston

When did the Internet begin? It all gets a bit hazy after so many years, but by the early 1970s, research work in packet-switched networks was well underway, and while it wasn't running TCP at the time (the flag day when the ARPANET switched over to use TCP was not until 1 January 1983) but there was the base datagram internet protocol running in the early research ARPA network in the US. Given that this is now around 50 years ago, and given that so much has happened in the last 50 years, what does the next 50 years have in store?

< <https://www.potaroo.net/ispcol/2021-10/fifty.html> https://www.potaroo.net/ispcol/2021-10/fifty.html>

< <https://blog.apnic.net/2021/10/22/opinion-the-internets-next-fifty-years/> https://blog.apnic.net/2021/10/22/opinion-the-internets-next-fifty-years/>

 

World’s first non-cellular 5G technology, ETSI DECT-2020, gets ITU-R approval, setting example of new era connectivity

ETSI DECT-2020 NR, the world’s first non-cellular 5G technology standard, has been recognized by the WP5D of the ITU’s Radiocommunication Sector (ITU-R) and included as part of the 5G standards in IMT-2020 technology recommendation.

< <https://www.etsi.org/newsroom/newspressrelease> https://www.etsi.org/newsroom/newspressrelease>

 

Natural Language Interface Accessibility User Requirements – call for review

Spoken interaction with mobile devices and consumer appliances such as smart speakers is now commonplace. Chatbots and similar text-based user interfaces can be included in Web applications. Telephone systems employing speech input and output are widely deployed. The common element in these scenarios is that the user interface operates via a textual, linguistic interaction; in this sense, it is a natural language interface.

< <https://www.w3.org/blog/2021/10/natural-language-interface-accessibility-user-requirements-call-for-review/> https://www.w3.org/blog/2021/10/natural-language-interface-accessibility-user-requirements-call-for-review/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home