[Newsclips] IETF SYN-ACK Newspack 2025-12-22

[David Goldstein <david@goldsteinreport.com>]

Hi IETF Participants!

 

This is the final SYN-ACK Newspack for 2025 and I’ll resume normal service in the week of 12 January. But I’ll continue to monitor for news and updates so you don’t miss a thing when the SYN-ACK Newspack returns. In 2026 there will be a few changes to the layout and after some discussions have already introduced some additional topics to cover. A reminder too that if any participant has an IETF-related item to include, or any comments or suggestions, please send it through.

 

And the usual disclaimer that the IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

For those celebrating, merry Christmas and happy new year in a world that has been challenging for many in 2025. Enjoy your breaks.

 

Happy reading!

David

 

**********************

IETF IN THE NEWS

**********************

UN General Assembly: States must ensure that the protections afforded under IHL remain effective against the risks of ICT activities during armed conflict

The International Committee of the Red Cross (ICRC) is pleased to participate in this High-level Meeting of the General Assembly for the WSIS+20 review. ... In additional to technical work at both the IETF and the International Telecommunication Union, the ICRC appreciates that the WSIS+20 process has offered opportunities for States and technical communities to engage on this topic – including at the high-level WSIS event in Geneva last July. 

<https://www.icrc.org/en/statement/unga-states-must-ensure-that-the-protections-afforded-under-ihl>

 

Why New Standards Won’t Stop AI from Summarizing the Web: Efforts to create an “AI preference” protocol for web crawling won’t succeed — and shouldn’t.

... With the lawsuits likely failing, publishers are waging a battle on another front — one that has garnered less attention in mainstream media. Over the past year, content creators have been attempting to establish a new set of standards and protocols to be incorporated in the underlying code of websites. The theatre of this battle is the IETF, an international body that sets standards voluntarily adopted by sites and platforms large and small. The aim is to agree on a new protocol similar in nature to robots.txt, which, for many years, has allowed sites to opt out of snippet view in Google search results. The new protocol would signal a preference to bots crawling the web not to scrape a site for AI model training or use in AI search overviews.

<https://www.cigionline.org/articles/why-new-standards-wont-stop-ai-from-summarizing-the-web/>

 

Where are you? A look at GeoIP by Geoff Huston

... This work was informed by the IETF’s GEOPRIV Working Group, a group that was focused on defining IETF standards for handling geographic location information securely and privately within Internet protocols, creating frameworks for location-aware applications, and real-time communication while keeping the development of core location discovery technology out of scope. The Working Group published RFC 6280 (Architecture for Location/Privacy) and RFC 5870 (geo URI), establishing common formats, APIs, and protocols (like HELD) for location sharing, ensuring privacy was integral to location data management.

<https://www.potaroo.net/ispcol/2025-12/geoip.html>

<https://blog.apnic.net/2025/12/16/where-are-you-a-look-at-geoip/>

<https://labs.apnic.net/index.php/2025/12/15/where-are-you-a-look-at-ip-geolocation/>

 

ASPA in the RPKI Dashboard: A New Layer of Routing Security

... Over the past decade, RPKI and Route Origin Validation (ROV) have made it much harder to accidentally hijack prefixes, but they don’t say anything about who's allowed to sit upstream of whom on a BGP path. Autonomous System Provider Authorisation (ASPA) is an emerging IETF standard that fills exactly that gap, using RPKI objects to describe customer-to-provider AS relationships and to detect route leaks and implausible paths before they cause trouble on the global Internet.

<https://labs.ripe.net/author/tim_bruijnzeels/aspa-in-the-rpki-dashboard-a-new-layer-of-routing-security/>

 

NRO RPKI Program — 2025 in Review by Sofía Silva Berenguer

2025 is coming to an end, and we want to pause to reflect on our achievements this year as part of the NRO RPKI Program. A significant achievement was submitting the first draft specification to address concerns about RPKI Trust Anchors (TAs) claiming resources for which they are not authoritative (read more about this milestone). After presenting this draft to the SIDROPS IETF Working Group during the IETF 124 meeting, the RPKI Steering Group received input from the technical community and engaged with various stakeholders. The group is now discussing options for the next draft version. Look for updates in the new year and join the SIDROPS mailing list to participate in the discussions.

<https://www.arin.net/blog/2025/12/16/nro-rpki-program-2025-review/>

 

VeritasChain Advances Verifiable AI Governance With IEEE, IETF, and EU AI Act Research Milestones [news release]

VeritasChain ... announced a series of research, standards, and tooling milestones aimed at strengthening third-party verifiability and auditability of AI systems. ... As part of its academic and standards engagement, VeritasChain has submitted new research to IEEE venues addressing cryptographic audit trails for algorithmic and AI-driven decision systems. In parallel, the organization has submitted an Internet-Draft to the IETF, positioning verifiable event logging as a reusable transparency mechanism aligned with emerging supply chain and AI integrity discussions.

<https://www.einnews.com/pr_news/876858139/veritaschain-advances-verifiable-ai-governance-with-ieee-ietf-and-eu-ai-act-research-milestones>

 

European Commission Launches Consultations on the EU AI Act’s Copyright Provisions and AI Regulatory Sandboxes

The European Commission (“Commission”) recently launched two stakeholder consultations under the EU AI Act. The first (see here), closing on 9 January 2026, relates to the copyright-related obligations for General Purpose AI (“GPAI”) providers under the AI Act and GPAI Code of Practice. The second (see here), closing on 6 January 2026, seeks feedback on a draft implementing act to establish AI regulatory sandboxes under the AI Act. We summarise key points below. ... On 1 December 2025, the Commission launched a stakeholder consultation on technical protocols for expressing reservations of rights against text and data mining (“TDM”). The consultation is intended to support the AI Act’s obligation for providers of general-purpose AI models to put in place a policy to comply with EU law, including to identify and comply with reservations of rights expressed pursuant to Article 4(3) of Directive (EU) 2019/790. This is in line with the GPAI Code of Practice, which commits signatories to follow appropriate machine-readable protocols for expressing such reservations, as well as robots.txt and subsequent IETF standards.

<https://www.insideglobaltech.com/2025/12/18/european-commission-launches-consultations-on-the-eu-ai-acts-copyright-provisions-and-ai-regulatory-sandboxes/>

 

Want to boost your career? This power move will future-proof you - here's how

Every device, system, or application we touch at work and home is designed and enabled around standards. Who comes up with these standards? They are formulated by technology or domain specialists, many either working on a volunteer basis or through their companies, committed to advancing the capabilities of their chosen technology areas in an ever-changing economy. ... "My work with standards bodies has had a noticeable impact on my career," said Nik Kale, principal engineer and product architect with Cisco Systems, who has been involved with a number of security standards organizations. "It broadens your perspective, exposes you to approaches that other organizations are testing, and keeps you ahead of the curve rather than reacting to it. It also builds trust because people see that you are contributing to something larger than your own role." Kale works with the Coalition for Secure AI (CoSAI), Institute of Electrical and Electronics Engineers (IEEE), Association of Computing Machinery (ACM), and the IETF.

<https://www.zdnet.com/article/boost-career-join-standards-organization/>

 

Microsoft Sweeps RC4 Remnants from Kerberos

... RC4 encryption has been considered cracked for a very long time. As early as 2013, Microsoft recommended disabling RC4 for web encryption. In 2015, the IETF practically banned the use of RC4 with RFC 7465 for TLS encryption, not even as an optional or fallback solution. Turning off RC4 in Windows domain authentication now is actually overdue in this context.

<https://www.heise.de/en/news/Microsoft-Sweeps-RC4-Remnants-from-Kerberos-11118258.html>

<https://www.heise.de/news/Microsoft-fegt-RC4-Reste-in-Kerberos-aus-11117992.html> [German original]

 

The coming AI agent crisis: Why Okta's new security standard is a must-have for your business

... Identity and access management (IAM) systems, such as Okta's Identity Platform and Microsoft's Entra, serve as central control planes for managing which humans have access to which corporate resources. However, those same systems were frequently out of the loop when it comes to how other applications were granted similar resource access on behalf of those users. Instead, those decisions were (and in many cases, continue to be) left to end users in a way that resulted in IAM blind spots and avoidable security risks. Since then, Okta has been working with the IETF on a draft open standard designed to close the loophole.

<https://www.zdnet.com/article/okta-improved-oauth-standard-network-security-ai-agents/>

 

yvan ngoudjou

I had the honor of speaking with Tim Panton, web veteran, member of the IETF and the WebRTC working group at W3C, and co-founder of |pipe|.

<https://www.linkedin.com/feed/update/urn:li:activity:7408461579526230016>

<https://www.linkedin.com/posts/yvan-ngoudjou-54a800168_ietf-webrtc-java-activity-7408461579526230016-6n2j> [French original]

 

**********************

IETF COMMUNITY NOTES

**********************

Cut-off for BOF proposal requests 16 January

Cut-off date for BOF proposal requests. To request a BoF session use the IETF BoF Request Tool.

<https://datatracker.ietf.org/doc/bof-requests>

 

IETF Administration LLC 2026 Draft Budget

The IETF Administration LLC has prepared its draft budget for 2026 and now seeks community feedback.

<https://www.ietf.org/blog/ietf-administration-llc-2026-draft-budget/>

 

Net zero update for 2025

As 2025 comes to a close, we want to provide an update on the IETF’s carbon footprint for this year and share information about further steps we took to increase IETF operations’ sustainability.

<https://www.ietf.org/blog/net-zero-update-2025/>

 

Internet Architecture Board (IAB) Comments on the Proposal for a Revision of Regulation (EU) No 1025/2012, also called the ‘EU Standardisation Regulation’

On 2025-12-17, the IAB responded to the Public Consultation on the proposal for a revision of Regulation (EU) No 1025/2012, also called the ‘EU Standardisation Regulation.’

<https://www.iab.org/announcements/-iab-comments-on-the-proposal-for-a-revision-of-regulation-eu-no-10252012/>

 

Bron Gondwana Appointed as IETF Liaison Manager to the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)

The IAB acts as representative of the interests of the IETF in technical liaison relationships with other organizations concerned with standards and other technical and organizational issues relevant to the world-wide Internet. 

<https://www.iab.org/announcements/bron-gondwana-appointed-as-ietf-liaison-manager-to-m3aawg/>

 

**********************

QUANTUM NETWORKING

**********************

>From AI to Quantum: How the European Defence Fund shapes the future of EU Defence Technologies

Emerging technologies, including artificial intelligence, advanced cloud architectures, quantum technologies, and next-generation digital and sensing systems, are rapidly transforming the nature of modern warfare. To enhance defence readiness and remain competitive, the European defence industry must design, develop, and deliver these technologies faster and at scale.

<https://defence-industry-space.ec.europa.eu/ai-quantum-how-european-defence-fund-shapes-future-eu-defence-technologies-2025-12-15_en>

 

Quantum internet takes a leap with a new fiber breakthrough [Morning Overview]

The race to build a quantum internet has shifted from theory to engineering, as researchers learn how to send fragile quantum signals through the same glass fibers that already carry Netflix streams and Zoom calls. A new generation of chips, cables, and repeaters is turning existing infrastructure into a testbed for ultra secure communication, with recent experiments showing that quantum data can travel long distances, coexist with classical traffic, and even teleport across real networks.

<https://www.msn.com/en-us/money/other/quantum-internet-takes-a-leap-with-a-new-fiber-breakthrough/ar-AA1SFqSt>

 

Looking Back, Leaping Forward: QIA’s 2025 Highlights

2025 has been a year of strong momentum for QIA, marked by scientific breakthroughs, growing engagement with industry and policymakers, and continued investment in talent and community building. From cutting-edge research to real-world outreach, here is a snapshot of what QIA achieved across the year.

<https://quantuminternetalliance.org/2025/12/17/looking-back-leaping-forward-qias-2025-highlights/>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

What Thunderbird users can expect in 2026: database overhaul and iOS app

The Thunderbird team has published a comprehensive annual review, summarizing the most important developments of 2025. At the same time, the team provides an outlook on planned changes for 2026. A key innovation in 2025 was the switch to monthly updates – new features and bug fixes now reach users significantly faster than with the previous annual rhythm. ... Thundermail relies on established protocols such as IMAP, SMTP, and the more modern JMAP. The latter promises more efficient synchronization than classic IMAP and will also play an important role for smartphone apps. The encrypted file sharing service Send has already undergone an external security audit, the report for which is still in the correction phase.

<https://www.heise.de/en/news/What-Thunderbird-users-can-expect-in-2026-database-overhaul-and-iOS-app-11120751.html>

<https://www.heise.de/news/Was-Thunderbird-Nutzer-2026-erwartet-Datenbank-Umbau-und-iOS-App-11120644.html> [German original]

 

**********************

OTHERWISE NOTEWORTHY

**********************

IPv6’s Quiet Revolution: Overcoming IPv4 Limits for AI and IoT Growth

In 2025, a UK IPv6 Council meeting at BT Tower highlighted the protocol's quiet revolution, addressing IPv4 exhaustion amid AI, IoT, and 5G growth. Despite benefits like vast addresses and enhanced security, uneven global adoption persists due to costs and compatibility issues. IPv6 is essential for scalable, resilient connectivity.

<https://www.webpronews.com/ipv6s-quiet-revolution-overcoming-ipv4-limits-for-ai-and-iot-growth/>

 

Is it really always the DNS? by George Michaelson

In a beautifully typeset post, Paul Tagliamonte critiqued the meme that almost any failure in a software service can be attributed to the DNS. He coined a new, unnamed rule: If you can replace ‘DNS’ with ‘key value store mapping a name to an ip’ and it still makes sense, it was not, in fact, DNS.

<https://blog.apnic.net/2025/12/19/is-it-really-always-the-dns/>

 

Strengthening regional cooperation for an open and interoperable Internet by Lu Zhang

In October 2025, APNIC Director General Jia Rong Low and I visited Beijing to participate in the 6th China Internet Infrastructure Resource Conference (CNIRC 2025) and meet with several APNIC Members. Across all meetings, one theme stood out: A shared commitment to a secure, interoperable, and resilient Internet across China, the Asia Pacific, and globally.

<https://blog.apnic.net/2025/12/16/strengthening-regional-cooperation-for-an-open-and-interoperable-internet/>

 

In Memory of Dr. Carolyn Taylor

We are deeply saddened to share the news of Dr. Carolyn Taylor’s passing. Carolyn was a valued member of ETSI’s Mobile Competence Centre (MCC), where she supported 3GPP RAN4 for years with dedication and expertise. Last summer, she embraced a new challenge by taking on 3GPP RAN1 — a role she was truly excited about. Her enthusiasm for this opportunity reflected her passion for our work and her commitment to excellence.

<https://www.3gpp.org/news-events/3gpp-news/carolyn-taylor>

 

6G discussions: How things have changed

The moment that 3GPP published the first 5G standard (Release 15), discussions started about what 6G should do. Nobody at the time knew how 5G would unfold. We’ve now seen how 5G has changed — or not changed — wireless communications. 6G conferences started in 2020, and since then, the discussions have changed as 5G issues have emerged.

<https://www.5gtechnologyworld.com/6g-discussions-how-things-have-changed/>

 

Why New Standards Won’t Stop AI from Summarizing the Web

In recent months, surveys have confirmed that for a rapidly expanding user base around the world, artificial intelligence (AI) summaries of web content — in Google’s AI Overviews or Perplexity — have emerged as AI’s primary use case, its killer app.

<https://www.cigionline.org/articles/why-new-standards-wont-stop-ai-from-summarizing-the-web/>

 

Policy Brief: Interconnection and Regulated Traffic Obligations

Executive Summary: The Internet’s success is built on voluntary interconnection. However, recent proposals to mandate payments between online services and network operators threaten this foundation. This policy brief examines the growing pressure to regulate the relationships between online services and telecommunications operators. Such interventions have been proposed under different names, like “sender pays”, “fair-share”, “cost-sharing”, or lately through a “dispute settlement mechanism”, but share common characteristics in their attempts to regulate interconnection arrangements.

<https://www.internetsociety.org/resources/policybriefs/2025/interconnection-and-regulated-traffic-obligations/>

 

ITU Year in Review 2025: Secretary-General’s message by Doreen Bogdan-Martin, ITU Secretary-General

As ITU marked its 160th anniversary, we reflected on the principles that have guided us from the start – that technologies should work for people; that progress depends on connection; and that connection depends on collaboration.

<https://www.itu.int/hub/2025/12/itu-year-in-review-2025-secretary-generals-message/>

 

At UN, nations pledge people-first digital future, tighter AI safeguards

UN Member States on Wednesday pledged to narrow widening digital divides and put stronger safeguards around artificial intelligence (AI), as the General Assembly concluded a major review of how the world manages the Internet and fast-evolving digital technologies.

<https://news.un.org/en/story/2025/12/1166623>

 

United Nations agrees to persist with multi-stakeholder internet governance

The United Nations General Assembly on Wednesday reached consensus on a review of the world’s internet governance arrangements and preserved the current multi-stakeholder model that means governments are just one of many voices that debate the future of the internet.

<https://www.theregister.com/2025/12/18/wsis_20_plus_resolved/>

<https://www.msn.com/en-us/news/technology/united-nations-agrees-to-persist-with-multi-stakeholder-internet-governance/ar-AA1SzhHM>

 

Internet Governance: The IGF gets a permanent UN mandate

After twenty years, the United Nations General Assembly has declared the Internet Governance Forum (IGF) a permanent institution. On Wednesday afternoon, member states adopted the final declaration on the review of the implementation of the outcomes of the World Summit on the Information Society (WSIS) in a remarkably short session.

<https://www.heise.de/en/news/Internet-Governance-The-IGF-gets-a-permanent-UN-mandate-11120437.html>

<https://www.heise.de/news/Internet-Governance-Das-IGF-bekommt-ein-dauerhaftes-UN-Mandat-11120416.html> [German original]

 

TCCM welcomes WSIS+20 Internet Governance outcomes

A Technical Community Coalition for Multistakeholderism (TCCM) congratulates UN Member States on the adoption by consensus of the WSIS+20 Outcome Document at the High-Level Meeting of the General Assembly on the Overall Review of the Implementation of the Outcomes of the WSIS.

<https://www.tccm.global/tccm-welcomes-wsis20-internet-governance-outcomes/>

 

CableLabs Expands Engagement in the Connectivity Standards Alliance

CableLabs has strengthened its role in the Connectivity Standards Alliance (CSA), becoming a Promoter Member and joining the Board of Directors. As smart homes become smarter and fill with more connected devices, the need for secure, reliable and interoperable devices has never been greater. Our expanded role enables us to help shape the standards that make that possible — from Matter to Zigbee to emerging Internet of Things (IoT) security frameworks.

<https://www.cablelabs.com/blog/xgs-pon-interoperability-productive-year-of-testing>

 

CableLabs Releases First CPON Specifications, Defining Next-Generation PON Technology

CableLabs is excited to announce the first issued versions of the Coherent PON (CPON) Physical Media Dependent (PMD) Layer and Transmission Convergence (TC) Layer specifications defining the core of CPON technology. CPON is the next generation of PON technology that will enable unconstrained network capability in the Adaptive Era of broadband innovation.

<https://www.cablelabs.com/news/cablelabs-releases-first-cpon-specifications-defining-next-generation-pon-technology>

 

How Solana Beat a Historic 6 Tbps DDoS Attack Without Downtime While Sui Struggled

... This resilience is a direct result of critical, post-outage engineering enhancements implemented over the last two years. The two primary pillars of this defense are the QUIC protocol and Stake-Weighted Quality of Service (SWQoS).

<https://www.ccn.com/education/crypto/solana-6-tbps-ddos-attack-survived-sui-downtime/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

LinkedIn:  <https://www.linkedin.com/in/davidmgoldstein/> https://www.linkedin.com/in/davidmgoldstein/

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home