[Newsclips] IETF SYN-ACK Newspack 2023-07-24

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

An important step towards secure and interoperable messaging

Most modern consumer messaging platforms (including Google Messages) support end-to-end encryption, but users today are limited to communicating with contacts who use the same platform. This is why Google is strongly supportive of regulatory efforts that require interoperability for large end-to-end messaging platforms. ... With the recent publication of the IETF’s Message Layer Security (MLS) specification RFC 9420, messaging users can look forward to this reality. For the first time, MLS enables practical interoperability across services and platforms, scaling to groups of thousands of multi-device users. It is also flexible enough to allow providers to address emerging threats to user privacy and security, such as quantum computing.

< <https://security.googleblog.com/2023/07/an-important-step-towards-secure-and.html> https://security.googleblog.com/2023/07/an-important-step-towards-secure-and.html>

 

Messaging Layer Security is now an internet standard

Today, the IETF is releasing the standard for Messaging Layer Security (MLS) protocol, a novel standard of communication protocol for group messaging.

< <https://blog.mozilla.org/en/mozilla/messaging-layer-security-is-now-an-internet-standard/> https://blog.mozilla.org/en/mozilla/messaging-layer-security-is-now-an-internet-standard/>

 

Google Messages to Adopt Cross-Platform Security Standard

Google announced that it will adopt the IETF’s Message Layer Security (MLS) standard in its Messages app on Android, a move that could lead to dramatic security and interoperability benefits.

< <https://www.thurrott.com/mobile/android/286029/google-messages-to-adopt-cross-platform-security-standard> https://www.thurrott.com/mobile/android/286029/google-messages-to-adopt-cross-platform-security-standard>

 

Google throws its weight behind yet another messaging standard

... Google has announced its support for the RFC 9420 specifications of the IETF's new Messaging Layer Security (MLS) standard. According to Google, the latest specification allows for interoperability across messaging services (WhatsApp, Messenger, Google Messages, etc.) and operating systems at scale. The company also promises to make its implementation open source, and available to app developers through the Android code base.

< <https://www.androidpolice.com/google-backs-mls-standard-e2ee-everywhere/> https://www.androidpolice.com/google-backs-mls-standard-e2ee-everywhere/>

 

Google Messages could be getting cross platform end-to-end encryption

... If you’re not familiar with MLS, it’s a protocol developed by the IETF. The IETF recently approved the publication of MLS specification RFC 9420. Google states with the new specification, MLS now enables “practical interoperability across services and platforms, scaling to groups of thousands of multi-device users.”

< <https://www.androidauthority.com/google-messages-mls-3346918/> https://www.androidauthority.com/google-messages-mls-3346918/>

 

Google Messages is taking a big step towards interoperable messaging with MLS standard

... A significant development has taken place with the recent publication of the IETF's Message Layer Security (MLS) specification RFC 9420, however, that gives us a needed win in achieving true interoperability across services and platforms.

< <https://chromeunboxed.com/google-messages-message-layer-security-mls/> https://chromeunboxed.com/google-messages-message-layer-security-mls/>

 

Google Messages signs onto cross-platform encrypted group chat standard

... The MLS protocol is developed by a standards organization called the IETF. The body just approved publication of MLS specification (RFC 9420) in March and has previously tested draft versions in Webex and RingCentral chats.

< <https://www.theverge.com/2023/7/20/23801536/google-messages-app-mls-support-announce> https://www.theverge.com/2023/7/20/23801536/google-messages-app-mls-support-announce>

< <https://www.msn.com/en-us/news/technology/google-messages-signs-onto-cross-platform-encrypted-group-chat-standard/ar-AA1e7Z9m> https://www.msn.com/en-us/news/technology/google-messages-signs-onto-cross-platform-encrypted-group-chat-standard/ar-AA1e7Z9m>

 

Google wants to better secure your messages by standardizing encryption

End-to-end encryption is pretty important in the world of messaging, because there’s no telling who might be out there trying to read your communications. The problem is that those services tend to operate on their own, with their own encryption and restricting your messaging to others on the same platform. Google thinks it's about time that changed.

< <https://www.tomsguide.com/news/google-wants-to-better-secure-your-messages-by-standardizing-encryption> https://www.tomsguide.com/news/google-wants-to-better-secure-your-messages-by-standardizing-encryption>

< <https://www.yahoo.com/lifestyle/google-wants-better-secure-messages-122919820.html> https://www.yahoo.com/lifestyle/google-wants-better-secure-messages-122919820.html>

 

New Messaging Layer Security standard improves group chat security and privacy

... The IETF has released the standard for Messaging Layer Security protocol this week. It claims that MLS "provides unsurpassed security and privacy for users of group communications applications".

< <https://www.ghacks.net/2023/07/24/new-messaging-layer-security-standard-improves-group-chat-security-and-privacy/> https://www.ghacks.net/2023/07/24/new-messaging-layer-security-standard-improves-group-chat-security-and-privacy/>

 

Google wants to make cross-platform messaging more secure: Why it matters

... MLS is an end-to-end encryption system that was recently given a go-ahead by IETF, an organisation that is responsible for the technical standards that make up the Internet protocol suite.

< <https://www.gadgetsnow.com/apps/google-wants-to-make-cross-platform-messaging-more-secure-why-it-matters/articleshow/101996159.cms> https://www.gadgetsnow.com/apps/google-wants-to-make-cross-platform-messaging-more-secure-why-it-matters/articleshow/101996159.cms>

 

Google Messages could soon feature end-to-end encryption for cross-platform messaging

... As a result, Google announced that it is supporting Messaging Layer Security (MLS) which would allow end-to-end encryption to remain in effect between two large messaging platforms like iMessage and RCS. MLS is a protocol developed by the IETF and now enables "practical interoperability across services and platforms, scaling to groups of thousands of multi-device users."

< <https://www.phonearena.com/news/cross-platform-end-to-end-encryption-google-messages_id149085> https://www.phonearena.com/news/cross-platform-end-to-end-encryption-google-messages_id149085>

 

Google officially supports the Message Layer Security (MLS) protocol

... The IETF recently released the MLS protocol. Under the premise of supporting end – to – end encryption, it can not only achieve cross-platform and cross – service interoperability but also have enough flexibility to help providers solve user privacy and security threats.

< <https://www.gizchina.com/2023/07/22/google-supports-message-layer-security-protocol-for-messages-app/> https://www.gizchina.com/2023/07/22/google-supports-message-layer-security-protocol-for-messages-app/>

 

Google Messages to Boost Security with New Standard

Google is set to add the recently published Message Layer Security (MLS) specification RFC 9420 from the IETF into its own Google Messages. This step aims to improve safe and flexible messaging between different platforms.

< <https://www.iphoneincanada.ca/2023/07/21/google-messages-security-standard/> https://www.iphoneincanada.ca/2023/07/21/google-messages-security-standard/>

 

Google Messages to Soon Support Interoperable End-to-End Encryption

... In its latest security blog post, Google announced the integration of IETF's Message Layer Security (MLS) specification RFC 9420 with its Google Messages Platform. This new security protocol will work alongside Google RCS but will be responsible to enable interoperability between devices irrespective of the OS they operate on. MLS will also use end-to-end encryption to enhance your messaging security and privacy.

< <https://beebom.com/google-messages-mls-end-to-end-encryption/> https://beebom.com/google-messages-mls-end-to-end-encryption/>

 

Next Steps in Preparing for Post-Quantum DNSSEC

In 2021, we discussed a potential future shift from established public-key algorithms to so-called “post-quantum” algorithms, which may help protect sensitive information after the advent of quantum computers. We also shared some of our initial research on how to apply these algorithms to the Domain Name System Security Extensions, or DNSSEC. In the time since that blog post, we’ve continued to explore ways to address the potential operational impact of post-quantum algorithms on DNSSEC, while also closely tracking industry research and advances in this area. ... In July 2022, the National Institute of Standards and Technology (NIST) selected one post-quantum encryption algorithm and three post-quantum signature algorithms for standardization, with standards for these algorithms arriving as early as 2024. In line with this work, the IETF has also started standards development activities on applying post-quantum algorithms to internet protocols in various working groups, including the newly formed Post-Quantum Use in Protocols (PQUIP) working group. And finally, the National Security Agency (NSA) recently announced that National Security Systems are expected to transition to post-quantum algorithms by 2035.

< <https://blog.verisign.com/security/post-quantum-dnssec-preparation/> https://blog.verisign.com/security/post-quantum-dnssec-preparation/>

< <https://circleid.com/posts/20230720-next-steps-in-preparing-for-post-quantum-dnssec> https://circleid.com/posts/20230720-next-steps-in-preparing-for-post-quantum-dnssec>

 

How to Take a Proactive Approach to DNS Health

... 4. NOERROR NODATA Necessitates IPv6: Support In order to address the possibility of running out of IP addresses, the IETF introduced IPv6 in 2012, which boasted an address format four times longer than those associated with the older IPv4 protocol. A decade on, many companies still exclusively focus on the older IPv4, balking at the logistical complexity of supporting IPv# 6. Yet failing to update is now causing its own set of problems.

< <https://circleid.com/posts/20230717-how-to-take-a-proactive-approach-to-dns-health> https://circleid.com/posts/20230717-how-to-take-a-proactive-approach-to-dns-health>

 

'::ffff' only...Tips for identifying unusual network activity

Every now and then, a security team uncovers something only the IETF can fully explain. During a review of network activity, our team noted unusual outbound web traffic from our network. Our investigation took us from checking a simple IPv6 address to researching the IETF’s Request for Comments. What we found along the way demonstrates why monitoring for anomalous IP addresses is important for every organization.

< <https://www.ironnet.com/blog/ffff-only...tips-for-identifying-unusual-network-activity> https://www.ironnet.com/blog/ffff-only...tips-for-identifying-unusual-network-activity>

< <https://securityboulevard.com/2023/07/ffff-only-tips-for-identifying-unusual-network-activity/> https://securityboulevard.com/2023/07/ffff-only-tips-for-identifying-unusual-network-activity/>

 

Xfinity Internet is Now Even Better for Gaming

... How LLD Improves Latency: Low latency DOCSIS is a new 10G technology from CableLabs that’s based on the Low Latency Low Loss Scalable Throughput (L4S) from IETF. It works by marking certain data packets as “latency-sensitive” and then allowing those data packets to be transmitted on priority.

< <https://www.explosion.com/144119/xfinity-internet-is-now-even-better-for-gaming/> https://www.explosion.com/144119/xfinity-internet-is-now-even-better-for-gaming/>

 

U.S. preparing Cyber Trust Mark for more secure smart devices

... Efforts define baseline security in IoT devices have existed for more than five years, with proposals and for a standard firmware update mechanism being among the first recommendations from cybersecurity experts and published by the IETF.

< <https://www.bleepingcomputer.com/news/security/us-preparing-cyber-trust-mark-for-more-secure-smart-devices/> https://www.bleepingcomputer.com/news/security/us-preparing-cyber-trust-mark-for-more-secure-smart-devices/>

 

Sigfox owner UnaBiz declares peace with LoRa Alliance

... Acklio’s Static Context Header Compression (SCHC) technology compresses IP headers, which significantly reduces the amount of data that needs to be transmitted over the network. In 2020, the IETF standardised SCHC as RFC 8724. It was designed to break the remaining barriers that prevented IP applications from running on LPWANs such as LoRaWAN, NB-IoT, and Sigfox.

< <https://www.mobileeurope.co.uk/sigfox-owner-unabiz-declares-peace-with-lora-alliance/> https://www.mobileeurope.co.uk/sigfox-owner-unabiz-declares-peace-with-lora-alliance/>

 

Google aprueba el protocolo MLS que pretende unificar todas las apps de mensajería [Google approves MLS protocol that aims to unify all messaging apps]

... En días pasados, la IETF aprobó el MLS para unificar los sistemas de cifrado de extremo a extremo entre las apps de mensajería instantánea.

< <https://es.wired.com/articulos/mls-protocolo-que-unificara-las-apps-de-mensajeria-aprobado-por-google> https://es.wired.com/articulos/mls-protocolo-que-unificara-las-apps-de-mensajeria-aprobado-por-google>

 

Messaging Layer Security: Ende-zu-Ende-Sicherheit für große Gruppen [Messaging Layer Security: End-to-end security for large groups]

20 Entwürfe haben die Entwickler bei der IETF gebraucht. Jetzt ist die neue Spezifikation für Ende-zu-Ende verschlüsselte Gruppenchats fertig. Das Messaging-Layer-Security-Protokoll (MLS) erscheint heute als Request for Comment (RFC) 9420.

< <https://www.heise.de/news/Messaging-Layer-Security-Ende-zu-Ende-Sicherheit-fuer-grosse-Gruppen-9219887.html> https://www.heise.de/news/Messaging-Layer-Security-Ende-zu-Ende-Sicherheit-fuer-grosse-Gruppen-9219887.html>

 

Messenger-Apps: Bauanleitung für plattformübergreifende Chats [Messenger Apps : Building Instructions for cross-platform chats]

... Diese Woche hat die Standardisierungsorganisation IETF das Protokoll in seiner endgültigen Fassung veröffentlicht. Gut fünf Jahre lang arbeiteten Expert:innen aus Unternehmen wie Cisco und Meta mit Forscher:innen aus Oxford oder dem französischen INRIA-Institut daran. Beteiligt waren auch Mitarbeiter:innen von Mozilla, Google, Amazon und Apple.

< <https://netzpolitik.org/2023/messenger-apps-bauanleitung-fuer-plattformuebergreifende-chats/> https://netzpolitik.org/2023/messenger-apps-bauanleitung-fuer-plattformuebergreifende-chats/>

 

Gruppenchat mit Messaging Layer Security: Mitinitiator Raphael Robert interviewt [Group chat with messaging Layer Security: Co-initiator Raphael Robert interviews]

... Wer steckt hinter MLS? In der Runde waren unter anderem Mozilla, Cisco, Facebook, Twitter, Wire, wir (Phoenix R&D) und Universitäten wie die Oxford University, die das Projekt akademisch begleitet haben und gesagt haben: "Okay, wir brauchen eigentlich einen Standard für die Zukunft. Das, was Signal gemacht hat, ist sehr gut, aber es reicht nicht ganz aus, und wir würden es wirklich gerne in einem öffentlich zugänglichen Dokument spezifiziert haben, so dass jeder das dann für sich nachimplementieren kann". Das Ganze wurde dann zu einer Standardisierungsorganisation, der IETF, gebracht. Der Prozess hat fünf Jahre gedauert und das Endergebnis ist das sogenannte MLS-Protokoll, das von der IETF, die zum Beispiel auch für die E-Mail-Protokolle, TLS und andere verantwortlich ist, verabschiedet und veröffentlicht wurde.

< <https://www.heise.de/hintergrund/Interview-Wofuer-Messaging-Layer-Security-relevant-ist-9214911.html> https://www.heise.de/hintergrund/Interview-Wofuer-Messaging-Layer-Security-relevant-ist-9214911.html>

 

Matrix-Gründer: "Es stellt auch keiner eine Kamera ins Schlafzimmer" [Matrix founder: "No one puts a camera in the bedroom"]

... Welche Verschlüsselungsmethoden bietet Matrix derzeit an? Wir verwenden derzeit das von Signal entwickelte Double Ratchet-Protokoll und sind außerdem dabei, Messaging Layer Security (MLS) zu implementieren. Dabei handelt es sich um einen neuen Verschlüsselungsstandard, der von der IETF definiert wurde, dem Standardisierungsgremium, das einen Großteil der Funktionsweise des Internets verwaltet.

< <https://www.heise.de/hintergrund/Sichere-Messenger-fuer-alle-Matrix-Gruender-im-Interview-9220484.html> https://www.heise.de/hintergrund/Sichere-Messenger-fuer-alle-Matrix-Gruender-im-Interview-9220484.html>

 

Erster Entwurf für das MLS Protokoll-veröffentlicht [First draft for the MLS protocol published]

Die IETF hat heute den Entwurf des Protokolls „Messaging Layer Security“ veröffentlicht. Das Protokoll dient der sicheren Kommunikation über mehrere Messenger und ermöglicht Interoperabilität.

< <https://stadt-bremerhaven.de/erster-entwurf-fuer-das-mls-protokoll-veroeffentlicht/> https://stadt-bremerhaven.de/erster-entwurf-fuer-das-mls-protokoll-veroeffentlicht/>

 

Android : Google va protéger votre privée grâce à un nouveau protocole de messagerie [Android: Google will protect your private from a new messaging protocol]

... Le MLS est un protocole développé par l’IETF. L’IETF a récemment approuvé la publication de la spécification MLS RFC 9420. Grâce à cette nouvelle spécification, Google affirme que le MLS permettra désormais “une interopérabilité pratique entre les services et les plates-formes, s’étendant à des groupes de milliers d’utilisateurs multi-appareils“.

< <https://www.tomsguide.fr/android-google-veut-proteger-votre-vie-privee-avec-un-systeme-de-chiffrement-de-bout-en-bout-multiplateforme/> https://www.tomsguide.fr/android-google-veut-proteger-votre-vie-privee-avec-un-systeme-de-chiffrement-de-bout-en-bout-multiplateforme/>

 

Google Messages : pourquoi se réjouir de l’arrivée du protocole MLS [Google Messages: Why Welcome to the arrival of the MLS protocol]

Pour la sécurité, mais pas que ! Fruit des dernières sorties de l’IETF, la nouvelle norme Messaging Layer Security (MLS) intègre désormais les appareils Android qui utilisent Google Messages et invite toutes les messageries instantanées à faire de même.

< <https://www.01net.com/actualites/google-messages-pourquoi-se-rejouir-de-larrivee-du-protocole-mls.html> https://www.01net.com/actualites/google-messages-pourquoi-se-rejouir-de-larrivee-du-protocole-mls.html>

 

Google Messages pourrait être doté d’un système de chiffrement de bout en bout multiplateforme [Google Messages could have a multi-platform end-to-end encryption system]

... Si vous ne connaissez pas MLS, sachez qu’il s’agit d’un protocole développé par l’IETF. L’IETF a récemment approuvé la publication de la spécification MLS RFC 9420. Google affirme qu’avec la nouvelle spécification, MLS permet désormais « une interopérabilité pratique entre les services et les plateformes, s’étendant à des groupes de milliers d’utilisateurs multi-appareils ».

< <https://www.blog-nouvelles-technologies.fr/266978/google-messages-pourrait-etre-dote-systeme-chiffrement-bout-en-bout-multiplateforme/> https://www.blog-nouvelles-technologies.fr/266978/google-messages-pourrait-etre-dote-systeme-chiffrement-bout-en-bout-multiplateforme/>

 

Google adopte une norme qui va vous changer la vie [Google adopts a standard that will change your life]

... Mis au point par l’IETF, un organisme qui élabore des standards Internet, le Messaging Layer Security est un système de cryptage qui permet aux utilisateurs de communiquer entre différentes plateformes avec un chiffrement de bout en bout.

< <https://www.cnetfrance.fr/non-classe/google-adopte-une-norme-qui-va-vous-changer-la-vie-368841.htm> https://www.cnetfrance.fr/non-classe/google-adopte-une-norme-qui-va-vous-changer-la-vie-368841.htm>

 

Google Messages : vos conversations seront bientôt chiffrées de bout en bout sur toutes les plateformes [Google Messages: Your conversations will soon be encrypted end-to-end on all platforms]

... Google a annoncé son soutien aux spécifications RFC 9420 de la nouvelle norme Messaging Layer Security (MLS) de l'IETF. Selon l’entreprise, la dernière spécification permet l'interopérabilité entre les différents services de messagerie disponibles sur le marché et les systèmes d'exploitation à grande échelle.

< <https://www.phonandroid.com/google-messages-vos-conversations-seront-bientot-chiffrees-de-bout-en-bout-sur-toutes-les-plateformes.html> https://www.phonandroid.com/google-messages-vos-conversations-seront-bientot-chiffrees-de-bout-en-bout-sur-toutes-les-plateformes.html>



Télécom SudParis lance une Task Force* internationale pour la standardisation d’un format de détection d’incidents cybers et physiques [Télécom SudParis launches an International Task Force for the standardisation of a format for detecting cyber and physical incidents]

... Ce format, intitulé IDMEFv2 (Incident Detection Message Exchange Format) étend la détection d’intrusions cyber de la version précédente à tous les incidents. Après deux ans d’expérimentation, il évolue depuis 6 mois sous forme de version préliminaire : « IDMEFv2 IETF Draft » déposé auprès de l’organisme de standardisation international IETF.

< <https://www.globalsecuritymag.fr/Telecom-SudParis-lance-une-Task-Force-internationale-pour-la-standardisation-d.html> https://www.globalsecuritymag.fr/Telecom-SudParis-lance-une-Task-Force-internationale-pour-la-standardisation-d.html>

 

Google Messaggi supporterà il protocollo MLS per messaggi criptati interoperabili [Google Messages will support MLS protocol for interoperable encrypted messages]

... Il protocollo MLS dell'IETF è la chiave per l'interoperabilità E2E criptata. Per raggiungere messaggi end-to-end criptati interoperabili, Google fa riferimento alla specifica Message Layer Security (MLS) dell'IETF RFC 9420.

< <https://www.hdblog.it/google/articoli/n572094/google-messaggi-mls-criptati-interoperabili/> https://www.hdblog.it/google/articoli/n572094/google-messaggi-mls-criptati-interoperabili/>

 

Google annuncia supporto per messaggistica crittografata interconnessa [Google Announces Support for Interconnected Encrypted Messaging]

... La chiave per realizzare questo obiettivo ambizioso è l’integrazione del protocollo Message Layer Security (MLS) dell’IETF RFC 9420.

< <https://news.fidelityhouse.eu/software-app/google-annuncia-supporto-per-messaggistica-crittografata-interconnessa-579926.html> https://news.fidelityhouse.eu/software-app/google-annuncia-supporto-per-messaggistica-crittografata-interconnessa-579926.html>

 

Google Messaggi supporterà il protocollo MLS per messaggi criptati interoperabili [Google Messages will support MLS protocol for interoperable encrypted messages]

... Il protocollo MLS dell'IETF è la chiave per l'interoperabilità E2E criptata. Per raggiungere messaggi end-to-end criptati interoperabili, Google fa riferimento alla specifica Message Layer Security (MLS) dell'IETF RFC 9420.

< <https://www.hdblog.it/google/articoli/n572094/google-messaggi-mls-criptati-interoperabili/> https://www.hdblog.it/google/articoli/n572094/google-messaggi-mls-criptati-interoperabili/>

 

Google punta forte su MLS, protocollo per lo scambio di messaggi E2EE fra diverse app di messaggistica [Google focuses strongly on MLS, protocol for the exchange of E2EE messages between different messaging apps]

... Per ottenere messaggi crittografati E2E interoperabili, Google fa riferimento alla specifica RFC 9420 della IETF Message Layer Security (MLS).

< <https://www.androidblog.it/223478/google-supporto-mls-messaggistica-aperta/> https://www.androidblog.it/223478/google-supporto-mls-messaggistica-aperta/>

 

IPv6, l'Italia cresce ma resta fanalino di coda in Europa

L'adozione di IPv6 nel mondo prosegue lentamente ma in modo inesorabile. Secondo i dati di Google, che monitora gli accessi effettuati ai suoi servizi con il "nuovo" protocollo, il 44,5% degli utenti nel mondo si connettono sfruttando il protocollo IPv6. Le virgolette sono d'obbligo considerando che la prima bozza del sostituto di IPv4 è stata approvata dalla IETF nell'ormai lontano 1998 ed è diventato ufficialmente standard nel 2017.

< <https://www.dday.it/redazione/46437/ipv6-litalia-cresce-ma-resta-fanalino-di-coda-in-europa> https://www.dday.it/redazione/46437/ipv6-litalia-cresce-ma-resta-fanalino-di-coda-in-europa>

 

Google wdraża nowy protokół w Wiadomościach. Będzie bezpieczniej, ale… [Google is implementing the new protocol in the Messages. It'll be safer, but...]

... Google ogłosił przyjęcie kompleksowego systemu szyfrowania znanego jako Messaging Layer Security lub MLS w specyfikacji RFC 9420 opracowanego przez organizację IETF. Pozwoli to w przyszłości Wiadomościom Google uzyskać szyfrowanie czatu na różnych platformach. Co jeszcze istotniejsze, wdrażając ten standard, aplikacja będzie w stanie łączyć się i wymieniać wiadomości z zewnętrznymi aplikacjami do przesyłania wiadomości, które również obsługują MLS.

< <https://www.focus.pl/artykul/google-wdraza-protokol-mls-w-wiadomosciach> https://www.focus.pl/artykul/google-wdraza-protokol-mls-w-wiadomosciach>

 

Google tar stort steg mot meddelandetjänster som kan kommunicera med varandra [Google takes big step towards messaging services that can communicate with each other]

... Utan standardisering skulle end-to-end-kryptering inte heller vara möjlig. Google puffar därför för nya specifikationen för ”message layer security” (MLS) från IETF som möjliggör interoperabilitet med bibehållen kryptering. Företaget kommer integrera stöd för MLS i Messages med förhoppningen att andra aktörer ska följa initiativet.

< <https://swedroid.se/google-tar-ett-stort-steg-mot-meddelandetjanster-som-kan-kommunicera-med-varandra/> https://swedroid.se/google-tar-ett-stort-steg-mot-meddelandetjanster-som-kan-kommunicera-med-varandra/>

 

Resposta a Incidentes de Segurança – Trazer Ordem a um Mundo de Caos [Response to Security Incidents – Bringing Order to a World of Chaos]

... Publicado em 1998, e disponível no site da organização IETF, este documento expressa as expectativas gerais da comunidade da Internet, relativamente às equipas de resposta a incidentes de segurança informática (CSIRT – Computer Security Incident Response Team), e ainda é utilizado por muitas instituições, hoje em dia.

< <https://www.securitymagazine.pt/2023/07/19/resposta-a-incidentes-de-seguranca-trazer-ordem-a-um-mundo-de-caos/> https://www.securitymagazine.pt/2023/07/19/resposta-a-incidentes-de-seguranca-trazer-ordem-a-um-mundo-de-caos/>

 

Google pleit voor verplichte interoperabiliteit tussen grote chatapps [Google calls for mandatory interoperability between major chat apps]

... Deze specificatie zou interoperabiliteit tussen verschillende diensten en platforms mogelijk moeten maken. "Een app die end-to-end encryptie aanbiedt heeft een extra encryptielaag nodig die voor de encryptiesleutels zorgt voor de apparaten die aan het gesprek deelnemen, zodat deze apparaten de data van gebruikers kunnen versleutelen op een manier dat clouddiensten die niet kunnen ontsleutelen. Voor het verschijnen van MLS was er geen open, interoperabele specificatie voor deze extra laag", aldus Nick Sullivan van de MLS Working Group van de IETF.

< <https://www.security.nl/posting/804150/> https://www.security.nl/posting/804150/>

 

Google mesajlaşma standardı için geliştirmeye gidiyor [Google goes to development for the messaging standard]

... Google, İnternet Mühendisliği Görev Gücü’nün (IETF) yeni Mesajlaşma Katmanı Güvenliği (MLS) standardının RFC 9420 belirtimlerini desteklediğini duyurdu.

< <https://www.techinside.com/google-mesajlasma-standardi-icin-gelistirmeye-gidiyor/> https://www.techinside.com/google-mesajlasma-standardi-icin-gelistirmeye-gidiyor/>

 

Το Google Messages θα μπορούσε να λάβει κρυπτογράφηση από άκρο σε άκρο μεταξύ πλατφόρμας [Google Messages could receive cross-platform end-to-end encryption]

... Εάν δεν είστε εξοικειωμένοι με το MLS, είναι ένα πρωτόκολλο που αναπτύχθηκε από την Ομάδα Εργασίας Μηχανικών Διαδικτύου (IETF).

< <https://www.techwar.gr/76056/to-google-messages-tha-borouse-na-lavei-kryptografisi-apo-akro-se-akro-metaxy-platformas/> https://www.techwar.gr/76056/to-google-messages-tha-borouse-na-lavei-kryptografisi-apo-akro-se-akro-metaxy-platformas/>

 

Η Google ρίχνει το βάρος της πίσω από ένα ακόμη πρότυπο ανταλλαγής μηνυμάτων [Google is throwing its weight behind yet another messaging standard]

... Η Google έχει ανακοίνωσε την υποστήριξή του για το Προδιαγραφές RFC 9420 του IETF νέο Ασφάλεια επιπέδου μηνυμάτων (MLS) πρότυπο.

< <https://www.techwar.gr/76579/i-google-richnei-to-varos-tis-piso-apo-ena-akomi-protypo-antallagis-minymaton/> https://www.techwar.gr/76579/i-google-richnei-to-varos-tis-piso-apo-ena-akomi-protypo-antallagis-minymaton/>

 

Google、「メッセージ」でIETFの新E2EEプロトコル「MLS」サポートへ [Google to support IETF's new E2EE protocol "MLS" with Messages]

米Googleは7月19日（現地時間）、Android端末にプリインストールされているメッセージングアプリ「メッセージ」で、インターネット技術の標準化推進団体IETFが3月に承認（RFC 9420）したE2EEプロトコル「Message Layer Security」（MLS）をサポートすると発表した。

< <https://www.itmedia.co.jp/mobile/articles/2307/23/news059.html> https://www.itmedia.co.jp/mobile/articles/2307/23/news059.html>

 

谷歌官宣支持 MLS 协议：呼吁加强监管，让苹果放开 iMessage [Google officially announced its support for the MLS agreement: calling for greater regulation and letting Apple open iMessage]

... 互联网工程任务组（IETF）近日发布了 MLS 协议，在支持端到端加密的前提下，不仅可以实现跨平台、跨服务的实际互操作性，还具备足够的灵活性，帮助提供商解决用户隐私和安全威胁。

< <https://www.163.com/dy/article/IA7U21I50511B8LM.html> https://www.163.com/dy/article/IA7U21I50511B8LM.html>

 

關於「科技輔助犯罪」的文章: 非法跟蹤事件頻傳，蘋果、Google 合作防堵 Airtag 犯罪 [Article on "technology-assisted crime": Illegal tracking incidents are frequent, and Apple and Google cooperate to prevent Airtag crime]

蘋果和 Google 在今年五月初發表了一項聯合聲明，內容指出他們將帶領其他定位設備公司，共同開發跨平台技術，並已向國際網路標準制定機構「IETF」提交規範草案，接下來將歷經三個月的審查與反饋蒐集，預計在年底發布完整版協議，防止

< <https://www.inside.com.tw/tag/21487-科技輔助犯罪> https://www.inside.com.tw/tag/21487-科技輔助犯罪>

 

厦门海翼集团“基于IPv6+5G工业数采平台建设项目”获评A级 [Xiamen Haiyi Group's "IPv6+5G Industrial Data Acquisition Platform Construction Project" was rated A]

... IPv6是互联网协议第六版的缩写，是互联网工程任务组（IETF）设计的用于替代IPv4的下一代互联网协议，能够提供充足的网络地址和广阔的创新空间，网络环境更稳定、传输速度更快。

< <http://www.xinhuanet.com/fortunepro/20230719/a2603cda74f5418496dd4e133b740520/c.html> http://www.xinhuanet.com/fortunepro/20230719/a2603cda74f5418496dd4e133b740520/c.html>

< <http://big5.news.cn/gate/big5/www.xinhuanet.com/fortunepro/20230719/a2603cda74f5418496dd4e133b740520/c.html> http://big5.news.cn/gate/big5/www.xinhuanet.com/fortunepro/20230719/a2603cda74f5418496dd4e133b740520/c.html>

 

Google Messages освоит кроссплатформенное шифрование MLS [Google Messages will master cross-platform MLS encryption]

... Протокол MLS разрабатывается под эгидой Инженерного совета Интернета (IETF). Совет одобрил публикацию проекта в марте и провел испытания черновых версий MLS в чатах Webex и RingCentral.

< <https://www.securitylab.ru/news/540216.php> https://www.securitylab.ru/news/540216.php>

 

لمصلحة من “شيطنة” الصين [In the interest of "demonizing" China]

... تعد المشاركة في حوكمة الإنترنت أمرا مهما حيث لا يوجد شخص واحد أو منظمة أو شركة أو حكومة تتحكم وحدها بالإنترنت. ويتشكل تطور الإنترنت من قبل أصحاب المصلحة المتعددين من خلال المبادئ المشتركة وإجراءات عمليات صنع القرار. ونتج عن ذلك وضع معايير عالمية مثل تلك الموجودة لدى فريق عمل هندسة الإنترنت IETF بشأن معلمات البروتوكول أو عنوان IP في سجلات الإنترنت الإقليمية (APNIC في منطقتنا) أو سياسات اسم النطاق في ICANN.

< <https://www.raialyoum.com/لمصلحة-من-شيطنة-الصين/> https://www.raialyoum.com/لمصلحة-من-شيطنة-الصين/>

 

**********************

IETF COMMUNITY NOTES

**********************

IAB Report to the Community for IETF 117

The IAB has uploaded its report for the IETF-117 meeting to the proceedings in the datatracker. In addition, I would like to highlight some recent/on-going activities:

< <https://www.iab.org/2023/07/21/iab-report-to-the-community-for-ietf-117/> https://www.iab.org/2023/07/21/iab-report-to-the-community-for-ietf-117/>

 

**********************

SECURITY & PRIVACY

**********************

Europe’s missing plan on quantum cybersecurity threats

Europe must prepare for a future in which powerful quantum computers are commercially available, allowing hackers to decode previously-encrypted material, experts and industry practitioners have urged, while calling for an action plan.

< <https://www.euractiv.com/section/cybersecurity/news/europes-missing-plan-on-quantum-cybersecurity-threats/> https://www.euractiv.com/section/cybersecurity/news/europes-missing-plan-on-quantum-cybersecurity-threats/>

 

EU urged to prepare for quantum cyberattacks with coordinated action plan

European Policy Center calls for Europe to develop a quantum cybersecurity agenda, sharing information and best practices and reaching a common approach to the quantum transition.

< <https://www.csoonline.com/article/646432/eu-urged-to-prepare-for-quantum-cyberattacks-with-coordinated-action-plan.html> https://www.csoonline.com/article/646432/eu-urged-to-prepare-for-quantum-cyberattacks-with-coordinated-action-plan.html>

 

Next Steps in Preparing for Post-Quantum DNSSEC

In 2021, we discussed a potential future shift from established public-key algorithms to so-called "post-quantum" algorithms, which may help protect sensitive information after the advent of quantum computers. We also shared some of our initial research on how to apply these algorithms to the DNSSEC. In the time since that blog post, we've continued to explore ways to address the potential operational impact of post-quantum algorithms on DNSSEC, while also closely tracking industry research and advances in this area.

< <https://blog.verisign.com/security/post-quantum-dnssec-preparation/> https://blog.verisign.com/security/post-quantum-dnssec-preparation/>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

QUIC timers don’t work well

Recently, the QUIC Working Group was reviewing an errata for RFC 9002, the description of loss recovery and congestion control for QUIC. There was an error in the description of the algorithm used to compute the variable rttvar, which describes the expected variation of the round-trip time (RTT).

< <https://blog.apnic.net/2023/07/21/quic-timers-dont-work-well/> https://blog.apnic.net/2023/07/21/quic-timers-dont-work-well/>

 

Progress on Release 18 features continues at June 3GPP Plenary meetings; Release 19 remains on track

The 3GPP Plenary meetings took place June 12-16, 2023, in Taipei, Taiwan. The Technical Specification Group (TSG) reports below highlight solid progress on Release 18 (R18) features of interest for public safety, including the completion of the architecture (stage 2) and the steady development on the protocol work (stage 3).

< <https://urgentcomm.com/2023/07/20/progress-on-release-18-features-continues-at-june-3gpp-plenary-meetings-release-19-remains-on-track/> https://urgentcomm.com/2023/07/20/progress-on-release-18-features-continues-at-june-3gpp-plenary-meetings-release-19-remains-on-track/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

UAE and South African Hospitals Fail on DMARC Implementation

Around three-quarters of hospitals in the United Arab Emirates and South Africa have not adopted the strongest form of the Domain-based Message Authentication, Reporting and Conformance (DMARC) email validation protocol.

< <https://www.darkreading.com/dr-global/uae-and-south-african-hospitals-fail-on-dmarc-implementation> https://www.darkreading.com/dr-global/uae-and-south-african-hospitals-fail-on-dmarc-implementation>

 

Sunsetting ENOG

ENOG (Eurasian Network Operators' Group) was established in June 2011 as a means to bring RIPE and the RIPE NCC closer to the local communities in Eurasia and to support Internet development in the region.

< <https://www.ripe.net/publications/news/announcements/sunsetting-enog> https://www.ripe.net/publications/news/announcements/sunsetting-enog>

 

On Centrality and Fragmentation by Geoff Huston

I attended a workshop on the topic of Internet Fragmentation in July. The workshop was attended by a small collection of Australian public policy folk, some industry representatives, folk from various cyber-related bodies and those who have a background in Internet Governance matters. It was a short meeting, so the perils of fragmentation were not discussed at length, as they often can be, but the concerns about the breakup of the essential bonds that keep the Internet together was certainly palpable in that meeting.

< <https://www.potaroo.net/ispcol/2023-07/fandc.html> https://www.potaroo.net/ispcol/2023-07/fandc.html>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home