[Newsclips] IETF SYN-ACK Newspack 2023-09-11

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Post Quantum Cryptography Is on the Way: U.S. NIST Announces First Draft Standards

... From a commercial implementation perspective, the world is far from quantum-ready. While attack-capable quantum computers are expected by 2030 (at the earliest), the transition to post-quantum is likely to take at least a decade. For this reason, standardization efforts (and, in particular, those by NIST) are key in driving industry adoption. But NIST is only the first step in that transitional effort. The role of other Standards Development Organizations (SDOs), such as the IETF, ETSI (European Telecommunications Standards Institute), and the ITU (International Telecommunication Union), is equally important in defining protocols and recommended implementations for various applications.

< <https://www.spiceworks.com/it-security/security-general/guest-article/post-quantum-cryptography-first-draft-standards-by-nist/> https://www.spiceworks.com/it-security/security-general/guest-article/post-quantum-cryptography-first-draft-standards-by-nist/>

 

What CISOs Need to Know About Residential Proxy Networks

... Many security teams are reluctant to block residential proxy addresses because of the potential consequences, especially if the IP address is a carrier-grade network address translation (CGNAT) address. CGNAT came into existence in 2009 with the help of the IETF to allow ISPs to preserve their own public IPv4 addresses, process subscriber traffic through the ISP’s private IPv4 network, as well as support business subscribers that also have their own private IPv4 networks with multiple devices across multiple locations. Blocking a CGNAT IP address could mean thousands of users are suddenly blocked.

< <https://securityboulevard.com/2023/09/what-cisos-need-to-know-about-residential-proxy-networks/> https://securityboulevard.com/2023/09/what-cisos-need-to-know-about-residential-proxy-networks/>

 

OpenSSL 3.2 Alpha Released With Client-Side QUIC, Raw Public Key, SM4-XTS

OpenSSL 3.2 is bringing the initial client side work around QUIC, the general purpose transport layer network protocol that was developed by Google and since adopted by the IETF. For OpenSSL 3.3 and then OpenSSL 3.4 over the next year they aim to further complete this implementation.

< <https://www.phoronix.com/news/OpenSSL-3.2-Alpha> https://www.phoronix.com/news/OpenSSL-3.2-Alpha>

 

DNSSEC – A Foundation For Trust, PKI 2.0 Transformation And Preparation For Post Quantum Cryptography

... DNS Security Extensions (DNSSEC) was introduced by the IETF to implement better authentication, encryption and validation of DNS responses. DNSSEC uses digital signatures based on Public Key Cryptography to sign the responses by the owner of the domain. There are two main functions of DNSSEC,

< <https://www.appviewx.com/blogs/dnssec-a-foundation-for-trust-pki-2-0-transformation-and-preparation-for-post-quantum-cryptography/> https://www.appviewx.com/blogs/dnssec-a-foundation-for-trust-pki-2-0-transformation-and-preparation-for-post-quantum-cryptography/>

< <https://securityboulevard.com/2023/09/dnssec-a-foundation-for-trust-pki-2-0-transformation-and-preparation-for-post-quantum-cryptography/> https://securityboulevard.com/2023/09/dnssec-a-foundation-for-trust-pki-2-0-transformation-and-preparation-for-post-quantum-cryptography/>

 

What Is Request For Comments (RFC)?

... While the term “Request for Comments” may sound like a formal process, it actually has its roots in the early days of the internet when it was still being developed and standardized. RFC documents were initially used by the IETF and other organizations to document proposals, discuss technical issues, and establish standards for the growing network.

< <https://cellularnews.com/definitions/what-is-request-for-comments-rfc/> https://cellularnews.com/definitions/what-is-request-for-comments-rfc/>

 

Windows users warned this important security tool is being removed soon

Microsoft has warned users that TLS 1.0 and TLS 1.1 will be disabled in future Windows operating systems (OS). TLS, or Transport Layer Security, is a two-decade-old internet protocol that encrypts communications between servers and clients. The protocol, marred with various issues, was updated in 2018 when the IETF approved the next major iteration - TLS 1.3.

< <https://www.techradar.com/pro/windows-users-warned-this-important-security-tool-is-being-removed-soon> https://www.techradar.com/pro/windows-users-warned-this-important-security-tool-is-being-removed-soon>

< <https://sports.yahoo.com/windows-users-warned-important-security-171113088.html> https://sports.yahoo.com/windows-users-warned-important-security-171113088.html>

 

Microsoft reminds users Windows will disable insecure TLS soon

... Following extensive discussions and the development of 28 protocol drafts, the IETF approved in March 2018 the next major version of the TLS protocol, TLS 1.3.

< <https://www.bleepingcomputer.com/news/microsoft/microsoft-reminds-users-windows-will-disable-insecure-tls-soon/> https://www.bleepingcomputer.com/news/microsoft/microsoft-reminds-users-windows-will-disable-insecure-tls-soon/>

 

Airties and Domos Form Strategic Alliance to Provide Enhanced Latency Management to Broadband Service Providers [news release]

... Domos is a long-standing contributor to key industry standardization efforts in Broadband Forum, IETF and IEEE

< <https://airties.com/2023/09/07/airties-and-domos-form-strategic-alliance-to-provide-enhanced-latency-management-to-broadband-service-providers/> https://airties.com/2023/09/07/airties-and-domos-form-strategic-alliance-to-provide-enhanced-latency-management-to-broadband-service-providers/>

 

Huawei and Ericsson sign long-term patent cross-licencing agreement

Huawei and Ericsson have signed a long-term global patent cross-licencing agreement that covers patents essential to a wide range of standards such as 3GPP, ITU, IEEE, and IETF standards for 3G, 4G, and 5G cellular technologies.

< <https://www.ft.lk/it-telecom-tech/Huawei-and-Ericsson-sign-long-term-patent-cross-licencing-agreement/50-752650> https://www.ft.lk/it-telecom-tech/Huawei-and-Ericsson-sign-long-term-patent-cross-licencing-agreement/50-752650>

< <http://bizenglish.adaderana.lk/huawei-and-ericsson-sign-long-term-patent-cross-licensing-agreement/> http://bizenglish.adaderana.lk/huawei-and-ericsson-sign-long-term-patent-cross-licensing-agreement/>

 

Huawei’s Cross-Licensing with Ericsson and Kirin Chip Resurrection

... Simply put, a cross-licensing agreement allows both Huawei and Ericsson to access each other’s patents and technologies, fostering a spirit of cooperation rather than competition. The agreement covers the sharing of technologies between the two giants that covers standards such as 3GPP, ITU, IEEE, and IETF for 3G, 4G, and 5G cellular technologies.

< <https://techent.tv/2023/09/05/huaweis-cross-licensing-with-ericsson-and-kirin-chip-resurrection/> https://techent.tv/2023/09/05/huaweis-cross-licensing-with-ericsson-and-kirin-chip-resurrection/>

 

Google Mensajes adoptará la especificación MLS para avanzar hacia la mensajería interoperable y segura [Google Messages to adopt MLS specification to move towards interoperable and secure messaging]

... En este contexto, ha anunciado que planea incorporar a su aplicación Mensajes la especificación RFC 9420 MLS, del Grupo de Trabajo de Ingeniería de Internet (IETF).

< <https://www.ciudad.com.ar/tecno/google-mensajes-adoptara-especificacion-mls-avanzar-hacia-mensajeria_226467/> https://www.ciudad.com.ar/tecno/google-mensajes-adoptara-especificacion-mls-avanzar-hacia-mensajeria_226467/>

 

Microsoft Alerta: Windows desativará o TLS inseguro em breve! [Microsoft Alert: Windows will disable insecure TLS soon!]

... Após extensas discussões e o desenvolvimento de 28 rascunhos de protocolo, a Força-Tarefa de Engenharia da Internet (IETF) aprovou em março de 2018 a próxima versão principal do protocolo TLS, o TLS 1.3.

< <https://sempreupdate.com.br/microsoft-alerta-windows-desativara-o-tls-inseguro-em-breve/> https://sempreupdate.com.br/microsoft-alerta-windows-desativara-o-tls-inseguro-em-breve/>

 

Microsoft deaktiviert TLS 1.0 und 1.1 in künftigen Windows-Versionen [Microsoft disables TLS 1.0 and 1.1 in future Windows versions]

... Im Windows Message Center hat Microsoft die Änderung angekündigt. Etwa die IETF habe bereits 2021 die Protokolle als veraltet eingestuft, da sie nur schwache Kryptografie, dafür jedoch reichlich Sicherheitslücken lieferten. Daher kommen künftige Windows-Versionen mit deaktivierten TLS-Versionen 1.0 und 1.1 daher. Die Änderung betreffe sowohl Clients als auch Server. Bereits veröffentlichte Betriebssysteme rührt das Unternehmen in dieser Hinsicht aber nicht an.

< <https://www.heise.de/news/Microsoft-deaktiviert-TLS-1-0-und-1-1-in-kuenftigen-Windows-Versionen-9293694.html> https://www.heise.de/news/Microsoft-deaktiviert-TLS-1-0-und-1-1-in-kuenftigen-Windows-Versionen-9293694.html>

 

Nur noch sicher verschlüsseln [Only secure encryption]

... Die IETF hat bereits 2021 TLS 1.0 und 1.1 für unsicher erklärt. Sie böten nur schwache Kryptografie und wiesen zahlreiche Sicherheitslücken auf. Daher setzt Microsoft nunmehr seine Ankündigung um und in künftigen Windows-Versionen sind die beiden Protokolle deaktiviert – sowohl bei Clients als auch in Servern. Bereits veröffentlichte Betriebssysteme rührt das Unternehmen in dieser Hinsicht aber nicht an.

< <https://www.it-administrator.de/TLS_in_Windows_abgeschaltet> https://www.it-administrator.de/TLS_in_Windows_abgeschaltet>

 

TSN/A Conference 2023: Auf dem Weg in die Praxis

... Die Standards sind die Basis von allem – dementsprechend groß wird auch dieses Mal wieder das Interesse an den Updates zur fortschreitenden Standardisierung sein. Es gibt hierbei aber nicht nur einen Überblick über Updates der IEEE 802.1 TSN-Arbeitsgruppe, es werden auch verwandte Standardisierungsgruppen wie die IETF (DetNet), 3GPP (5G) und IEEE 802.11 (Wireless) berichten.

< <https://www.computer-automation.de/feldebene/vernetzung/auf-dem-weg-in-die-praxis.209288.html> https://www.computer-automation.de/feldebene/vernetzung/auf-dem-weg-in-die-praxis.209288.html>

 

Windows 11: Microsoft disattiva TLS 1.0 e 1.1 [Windows 11: Microsoft Deactivates TLS 1.0 and 1.1]

... TLS 1.0 e 1.1 sono stati deprecati dall’IETF nel 2021, in quanto sono state individuate diverse vulnerabilità. Microsoft ha quindi deciso di disattivare le due vecchie versioni a partire dalle build preliminari di Windows 11 che verranno rilasciate agli Insider nel mese di settembre. Gli utenti consumer e aziendali potranno tuttavia attivare manualmente i protocolli in Windows 11 23H2 per mantenere la compatibilità (ma è sconsigliato).

< <https://www.punto-informatico.it/windows-11-microsoft-disattiva-tls-1-0-1-1/> https://www.punto-informatico.it/windows-11-microsoft-disattiva-tls-1-0-1-1/>

 

Η Microsoft υπενθυμίζει στους χρήστες τα Windows θα απενεργοποιήσουν το μη ασφαλές TLS σύντομα [Microsoft reminds users Windows will disable insecure TLS soon]

... Μετά από εκτενείς συζητήσεις και την ανάπτυξη 28 σχεδίων πρωτοκόλλων, η Ομάδα Εργασίας Μηχανικής Διαδικτύου (IETF) ενέκρινε τον Μάρτιο του 2018 την επόμενη σημαντική έκδοση του πρωτοκόλλου TLS, TLS 1.3.

< <https://www.techwar.gr/123731/i-microsoft-ypenthymizei-stous-christes-ta-windows-tha-apenergopoiisoun-to-mi-asfales-tls-syntoma/> https://www.techwar.gr/123731/i-microsoft-ypenthymizei-stous-christes-ta-windows-tha-apenergopoiisoun-to-mi-asfales-tls-syntoma/>

 

Microsoft напоминает о прекращении поддержки TLS 1.0 и 1.1

... В марте 2018 года, после долгих обсуждений и разработки 28 проектов протоколов, специалисты IETF утвердили следующую основную версию TLS — TLS 1.3.

< <https://xakep.ru/2023/09/05/microsoft-tls/> https://xakep.ru/2023/09/05/microsoft-tls/>

 

微軟即將關閉Windows對TLS 1.0/1.1的預設支援 [Microsoft is about to close Windows' default support for TLS 1.0/1.1]

TLS的全名為Transport Layer Security，是電腦網路的加密協定，可於客戶端及伺服器端建立加密的通訊通道，亦是由網際網路工程任務組（IETF）所認可的標準。然而，1999年定義的TLS 1.0與2006年定義的TLS 1.1，其所仰賴的MD5及SHA-1加密演算法不但都已被破解，而且也含有其它漏洞，使得各大瀏覽器業者在2020年陸續終止對TLS 1.0/1.1的支援，IETF更在2021年正式棄用TLS 1.0/1.1。

< <https://www.ithome.com.tw/news/158562> https://www.ithome.com.tw/news/158562>

 

万亿级别的全球云产业,却流传四个“传说”,一戳就破? [ The trillion-level global cloud industry, but there are four "legends" circulating, one poke and broken?]

... 谷歌甚至提出了自己的新互联网协议，用于其云计算网络，其首个路由协议取名为Firepath，用于管理谷歌互联网规模的数据中心内的数据流。此后第二个协议是2011 年开发的QUIC，它是通用的传输协议 TCP 的替代品，用于谷歌的网络，并通过Chrome浏览器等核心产品进行互联网通信。尽管互联网的核心技术标准机构——互联网工程任务组（IETF）——仍未全面正式采用QUIC道路上，但QUIC已是超过10%的互联网流量的标准协议。

< <https://www.eet-china.com/mp/a249287.html> https://www.eet-china.com/mp/a249287.html>

 

От TLS 1.0 и 1.1 к новым стандартам безопасности — планы Microsoft [From TLS 1.0 and 1.1 to new security standards - Microsoft plans]

... TLS – криптографический протокол для защищенной передачи данных через интернет. Оригинальная спецификация TLS 1.0 и ее преемник TLS 1.1 использовались более 20 лет (TLS 1.0 была впервые представлена в 1999 году, а TLS 1.1 – в 2006 году). Инженерный совет интернета (IETF) из-за проблем безопасности официально признал данные версии TLS устаревшими в марте 2021 года. Следующая крупная версия протокола TLS 1.3 была одобрена IETF в марте 2018 года.

< <https://www.securitylab.ru/news/541646.php> https://www.securitylab.ru/news/541646.php>

 

Internet: जिस इंटरनेट से आप अपना टास्क चंद सेकेंड में कर लेते हैं कंप्लीट, जानें वह कैसे करता है काम [Internet: The internet from which you complete your task in a few seconds, learn how it works]

... कोई इंटरनेट नहीं चलाता. इसे डिसेंट्रलाइज नेटवर्क के रूप में तैयार किया गया है. हजारों कंपनियां, सरकारें और अन्य संस्थाएं अपने स्वयं के नेटवर्क संचालित करती हैं. इंटरनेट के मैनेजमेंट की जिम्मेदारी इंटरनेट इंजीनियरिंग टास्क फोर्स (IETF) नामक संगठन की होती है. इंटरनेट कॉर्पोरेशन फॉर असाइन्ड नेम्स एंड नंबर्स (आईसीएएनएन) को कभी-कभी इंटरनेट प्रशासन के लिए जिम्मेदार बताया जाता है, लेकिन आईसीएएनएन यह नियंत्रित नहीं करता कि इंटरनेट से कौन जुड़ सकता है या इस पर किस प्रकार की जानकारी भेजी जा सकती है.

< <https://www.abplive.com/gk/internet-we-can-complete-our-task-in-a-few-seconds-know-how-it-works-and-operate-2488059> https://www.abplive.com/gk/internet-we-can-complete-our-task-in-a-few-seconds-know-how-it-works-and-operate-2488059>

 

**********************

SECURITY & PRIVACY

**********************

Route Origin Authorization: Enhancing Network Security and Unveiling Critical Insights

IPXO, the next-gen IP address management platform, has embraced Route Origin Authorization (ROA) since January 2023, gaining valuable insights about its benefits to the Internet ecosystem.

< <https://www.manrs.org/2023/09/route-origin-authorization-enhancing-network-security-and-unveiling-critical-insights/> https://www.manrs.org/2023/09/route-origin-authorization-enhancing-network-security-and-unveiling-critical-insights/>

 

**********************

INTERNET OF THINGS

**********************

Australia's IoT State of the Nation event to take place October 10

Thought leaders will lay out the state of Australian’s Internet of Things (IoT) industry at the IoT Alliance Australia’s annual State of the Nation event in Sydney on October 10, 2023.

< <https://www.iothub.com.au/news/australias-iot-state-of-the-nation-event-to-take-place-october-10-600018> https://www.iothub.com.au/news/australias-iot-state-of-the-nation-event-to-take-place-october-10-600018>

 

What’s the latest on 6G? Standards, features, use cases and timeline

Are you ready for 6G? Maybe not. It’s seven years away at least. Still, industry stakeholders are already discussing the possible protocols and their key ambitions for sixth-gen mobile networks.

< <https://www.thalesgroup.com/en/worldwide/digital-identity-and-security/magazine/whats-latest-6g-standards-features-use-cases-and> https://www.thalesgroup.com/en/worldwide/digital-identity-and-security/magazine/whats-latest-6g-standards-features-use-cases-and>

 

How 5G is Transforming the Internet of Things (IoT)

In the digital age, the world is becoming increasingly interconnected, and one of the driving forces behind this transformation is the advent of 5G technology. It’s not just about faster internet on your smartphone; 5G is poised to revolutionize the way we live and work, especially when it comes to the Internet of Things (IoT). In this blog, we’ll dive deep into the world of 5G and its profound impact on IoT.

< <https://medium.com/@abidaparveen0124/how-5g-is-transforming-the-internet-of-things-iot-f0cf6925ec62> https://medium.com/@abidaparveen0124/how-5g-is-transforming-the-internet-of-things-iot-f0cf6925ec62>

 

Is 5G mmWave Technology Paving the Way for Next-Level Connectivity?

In a digital age defined by rapid advancements, the horizon of connectivity expands like never. In the early stage of the 5G rollout, most countries tried to promote its deployment based on 5G Sub-6GHz.

< <https://www.iotforall.com/is-5g-mmwave-technology-paving-the-way-for-next-level-connectivity> https://www.iotforall.com/is-5g-mmwave-technology-paving-the-way-for-next-level-connectivity>

 

**********************

QUANTUM NETWORKING

**********************

Quantum Internet Alliance Launches Quantum Internet Application Challenge

The Quantum Internet Alliance (QIA) has announced the launch of its first ever Quantum Internet Application Challenge, an initiative encouraging quantum enthusiasts to take part in shaping the future of the quantum internet.

< <https://insidehpc.com/2023/09/quantum-internet-alliance-launches-quantum-internet-application-challenge/> https://insidehpc.com/2023/09/quantum-internet-alliance-launches-quantum-internet-application-challenge/>

 

QIA launches Quantum Internet Application Challenge [news release]

The Quantum Internet Alliance (QIA) has announced the launch of its first ever Quantum Internet Application Challenge, an initiative encouraging quantum enthusiasts to take part in shaping the future of the quantum internet.

< <https://quantuminternetalliance.org/2023/09/08/qia-launches-quantum-internet-application-challenge/> https://quantuminternetalliance.org/2023/09/08/qia-launches-quantum-internet-application-challenge/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

I invented the internet – I worry my creation has given way to the likes of QAnon [Telegraph UK]

Most of us, if we had helped to invent something that made a decent amount of money – let alone changed the world – would expect to receive a decent proportion of the profits ourselves, if not the lion’s share. Vinton Cerf, though, is not most people. He is the man most frequently referred to as ‘the father of the internet’, though he will modestly and fastidiously correct anyone using the term in his presence. He is, in fact, the co-inventor of one of the key protocols on which the internet has relied for 50 years, and one of a handful of the pioneers who have worked on it from its earliest days.

< <https://www.telegraph.co.uk/technology/2023/09/04/who-is-vinton-cerf-google-25th-anniversary/> https://www.telegraph.co.uk/technology/2023/09/04/who-is-vinton-cerf-google-25th-anniversary/>

< <https://www.msn.com/en-gb/money/technology/i-invented-the-internet-i-worry-my-creation-has-given-way-to-the-likes-of-qanon/ar-AA1gcJi3> https://www.msn.com/en-gb/money/technology/i-invented-the-internet-i-worry-my-creation-has-given-way-to-the-likes-of-qanon/ar-AA1gcJi3>

 

Global IPv6 Development Report 2022

With the advent of new communication and information technologies, everything in the world is more closely connected, forming a huge network that bridges people and things. Future-shaping technologies such as AI, 5G, cloud, and IoT are like threads that connect us together.

< <https://www.rolandberger.com/en/Insights/Publications/Global-IPv6-Development-Report-2022.html> https://www.rolandberger.com/en/Insights/Publications/Global-IPv6-Development-Report-2022.html>

 

What’s the latest on 6G? Standards, features, use cases and timeline

Are you ready for 6G? Maybe not. It’s seven years away at least. Still, industry stakeholders are already discussing the possible protocols and their key ambitions for sixth-gen mobile networks.

< <https://www.thalesgroup.com/en/worldwide/digital-identity-and-security/magazine/whats-latest-6g-standards-features-use-cases-and> https://www.thalesgroup.com/en/worldwide/digital-identity-and-security/magazine/whats-latest-6g-standards-features-use-cases-and>

 

Collaboration Sparks Innovation in Our Broadband Labs

Innovation flourishes when collaboration meets experimentation and expertise. At CableLabs, this synergy is helping us blaze new trails into our digital future. Thanks to our culture of co-innovation, we’re redefining expectations and reshaping possibilities for tomorrow’s broadband technologies.

< <https://www.cablelabs.com/blog/collaboration-innovation-in-our-broadband-labs> https://www.cablelabs.com/blog/collaboration-innovation-in-our-broadband-labs>

 

Introducing Web Sustainability Guidelines

The Sustainable Web Design Community Group is excited to announce a draft Community Group Report on Sustainable Web Design. The Web Sustainability Guidelines (WSG) 1.0 explains how to design and implement digital products and services that put people and the planet first. The guidelines are best practices based on measurable, evidence-based research; aimed at end-users, web workers, stakeholders, tool authors, educators, and policymakers. The guidelines are in line with the Sustainable Web Manifesto and aligned with GRI Standards to help organizations incorporate digital products and services into broader sustainability reporting initiatives.

< <https://www.w3.org/blog/2023/introducing-web-sustainability-guidelines/> https://www.w3.org/blog/2023/introducing-web-sustainability-guidelines/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home