[Newsclips] IETF SYN-ACK Newspack 2021-04-19

David Goldstein <david@goldsteinreport.com> Mon, 19 April 2021 12:48 UTC

Return-Path: <david@goldsteinreport.com>
X-Original-To: newsclips@ietfa.amsl.com
Delivered-To: newsclips@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id B362A3A304C for <newsclips@ietfa.amsl.com>; Mon, 19 Apr 2021 05:48:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.012
X-Spam-Status: No, score=0.012 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id ObHT7zznG99z for <newsclips@ietfa.amsl.com>; Mon, 19 Apr 2021 05:48:45 -0700 (PDT)
Received: from karkinos.atomiclayer.com (karkinos.atomiclayer.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D39733A3049 for <newsclips@ietf.org>; Mon, 19 Apr 2021 05:48:44 -0700 (PDT)
Received: from DavidDesktop2019 (unknown []) by karkinos.atomiclayer.com (Postfix) with ESMTPSA id AD703280A83 for <newsclips@ietf.org>; Mon, 19 Apr 2021 08:48:40 -0400 (EDT)
Authentication-Results: karkinos.atomiclayer.com; spf=pass (sender IP is smtp.mailfrom=david@goldsteinreport.com smtp.helo=DavidDesktop2019
Received-SPF: pass (karkinos.atomiclayer.com: connection is authenticated)
From: "David Goldstein" <david@goldsteinreport.com>
To: <newsclips@ietf.org>
Date: Mon, 19 Apr 2021 22:48:40 +1000
Organization: Goldstein Report
Message-ID: <001301d7351a$54a28d80$fde7a880$@goldsteinreport.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0014_01D7356E.26521FF0"
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-au
Thread-Index: Adc1Gk46NfF472qnQvSknxM6+QEy1g==
X-PPP-Message-ID: <20210419124841.1037219.60006@karkinos.atomiclayer.com>
X-PPP-Vhost: goldsteinreport.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/newsclips/G4CJTkrlT7slLsFgbZehkAKZwFg>
Subject: [Newsclips] IETF SYN-ACK Newspack 2021-04-19
X-BeenThere: newsclips@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF News Clips <newsclips.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/newsclips>, <mailto:newsclips-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/newsclips/>
List-Post: <mailto:newsclips@ietf.org>
List-Help: <mailto:newsclips-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/newsclips>, <mailto:newsclips-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Apr 2021 12:48:51 -0000

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.





‘Master,’ ‘Slave’ and the Fight Over Offensive Terms in Computing

Anyone who joined a video call during the pandemic probably has a global volunteer organization called the Internet Engineering Task Force to thank for making the technology work. The group, which helped create the technical foundations of the internet, designed the language that allows most video to run smoothly online. It made it possible for someone with a Gmail account to communicate with a friend who uses Yahoo, and for shoppers to safely enter their credit card information on e-commerce sites. Now the organization is tackling an even thornier issue: getting rid of computer engineering terms that evoke racist history, like “master” and “slave” and “whitelist” and “blacklist.” But what started as an earnest proposal has stalled as members of the task force have debated the history of slavery and the prevalence of racism in tech.

< <https://www.nytimes.com/2021/04/13/technology/racist-computer-engineering-terms-ietf.html> https://www.nytimes.com/2021/04/13/technology/racist-computer-engineering-terms-ietf.html>

< <https://www.seattletimes.com/business/technology/master-slave-and-the-fight-over-offensive-terms-in-computing/> https://www.seattletimes.com/business/technology/master-slave-and-the-fight-over-offensive-terms-in-computing/>

< <https://www.deccanherald.com/business/technology/master-slave-and-the-fight-over-offensive-terms-in-computing-973822.html> https://www.deccanherald.com/business/technology/master-slave-and-the-fight-over-offensive-terms-in-computing-973822.html>

< <https://www.denverpost.com/2021/04/17/offensive-terms-computing-diversity/> https://www.denverpost.com/2021/04/17/offensive-terms-computing-diversity/>


Engineers still worried about masters and slaves

Nearly a year after the Internet Engineering Task Force took up a plan to replace words that could be considered racist, the debate is still raging and no one can agree.

< <https://www.fudzilla.com/news/52691-engineers-still-worried-about-masters-and-slaves> https://www.fudzilla.com/news/52691-engineers-still-worried-about-masters-and-slaves>


More than words: Debate on expunging racist terms in computing is welcome. It should become more expansive

In July 2020, the Internet Engineering Task Force, a voluntary, international internet standards body, proposed getting rid of racist engineering terms such as “master”, “slave”, “blacklist” and “whitelist”.

< <https://indianexpress.com/article/opinion/editorials/more-than-words-4-master-slave-whitelist-allowlist-internet-engineering-7277010/> https://indianexpress.com/article/opinion/editorials/more-than-words-4-master-slave-whitelist-allowlist-internet-engineering-7277010/>


‘Master’, ‘Slave’ et la lutte contre les termes offensifs en informatique ['Master', 'Slave' and the fight against offensive terms in computer science]

Quiconque a rejoint un appel vidéo pendant la pandémie a probablement une organisation mondiale de volontaires appelée Internet Engineering Task Force à remercier pour avoir fait fonctionner la technologie.

< <https://news-24.fr/master-slave-et-la-lutte-contre-les-termes-offensifs-en-informatique/> https://news-24.fr/master-slave-et-la-lutte-contre-les-termes-offensifs-en-informatique/>


Mots d’ingénierie informatique raciste: «  maître  », «  esclave  » et la lutte contre les termes offensants [Racist computer engineering words: "master," "slave" and the fight against offensive terms]

Quiconque a rejoint un appel vidéo pendant la pandémie a probablement une organisation mondiale de volontaires appelée Internet Engineering Task Force à remercier pour avoir fait fonctionner la technologie.

< <https://news-24.fr/mots-dingenierie-informatique-raciste-maitre-esclave-et-la-lutte-contre-les-termes-offensants/> https://news-24.fr/mots-dingenierie-informatique-raciste-maitre-esclave-et-la-lutte-contre-les-termes-offensants/>


Maestro esclavo y la lucha en torno a los términos ofensivos en la computación [Slave master and fighting around offensive terms in computing]

Es probable que cualquiera que se haya unido a una videollamada durante la pandemia le deba agradecer la creación de la tecnología a una organización mundial de voluntarios llamada Grupo de Trabajo de Ingeniería de Internet (IETF, por su sigla en inglés).

< <https://www.infobae.com/america/the-new-york-times/2021/04/13/39maestro39-39esclavo39-y-la-lucha-en-torno-a-los-terminos-ofensivos-en-la-computacion/> https://www.infobae.com/america/the-new-york-times/2021/04/13/39maestro39-39esclavo39-y-la-lucha-en-torno-a-los-terminos-ofensivos-en-la-computacion/>


Kontroversielle it-termer skaber stor debat: Er det racistisk at sige blacklist eller master og slave? [Controversial IT terms create great debate: Is it racist to say blacklist or master and slave?]

... Brugen af gamle velkendte it-termer har skabt kontroverser i den kendte organisation Internet Engineering Task Force.

< <https://www.computerworld.dk/art/256136/kontroversielle-it-termer-skaber-stor-debat-er-det-racistisk-at-sige-blacklist-eller-master-og-slave> https://www.computerworld.dk/art/256136/kontroversielle-it-termer-skaber-stor-debat-er-det-racistisk-at-sige-blacklist-eller-master-og-slave>


Los ingenieros no se ponen de acuerdo sobre unos términos menos ofensivos para amo/esclavo [Engineers don't agree on less offensive terms for master/slave]

Casi un año después de que el Grupo de Trabajo de Ingeniería de Internet (IETF) se hiciera cargo de un plan para sustituir términos de tecnología que pudieran considerarse racistas, el debate sigue abierto y nadie se pone de acuerdo.

< <https://www.teknofilo.com/los-ingenieros-no-se-ponen-de-acuerdo-sobre-unos-terminos-menos-ofensivos-para-amo-esclavo/> https://www.teknofilo.com/los-ingenieros-no-se-ponen-de-acuerdo-sobre-unos-terminos-menos-ofensivos-para-amo-esclavo/>


Encryption unlocks the benefits of a thriving, trustworthy Internet

The Internet is a critical, global resource that brings incredible benefits, provided it is both accessible and trustworthy. In 2020, the Internet Society identified five critical properties that ‘make the Internet the Internet’. They represent the foundation of the Internet, which we call the Internet Way of Networking (IWN). Without them, the Internet’s benefits of global innovation and opportunity are in jeopardy. The path from critical properties to global benefits involves risk, however, and encryption is a vital tool for protecting ourselves along the way.

< <https://www.internetsociety.org/resources/doc/2021/encryption-unlocks-the-benefits-of-a-thriving-trustworthy-internet/> https://www.internetsociety.org/resources/doc/2021/encryption-unlocks-the-benefits-of-a-thriving-trustworthy-internet/>


The state of FHE: Don't believe the hype—but it is hopeful

... I quickly learned that there’s an effort underway to write a standard that specifies forms of FHE. This is the Homomorphic Encryption Standardization project. This isn’t run through an established standards organization such as the IETF, the IEEE, OASIS, etc. Instead, it’s run by a group of vendors that have an interest in getting their technology accepted. The group is having meetings, running workshops, and creating a draft standard. It’s not clear how useful the standard that they’ll eventually produce is going to be.

< <https://techbeacon.com/security/state-fhe-dont-believe-hype-it-hopeful> https://techbeacon.com/security/state-fhe-dont-believe-hype-it-hopeful>


When Certificate Management Becomes Daunting, Automate It

... Yes, there are various third-party tools and IETF protocols that can help modernize this onerous task, but many organizations have holes in the process, making efficient certificate management elusive.

< <https://www.cpomagazine.com/cyber-security/when-certificate-management-becomes-daunting-automate-it/> https://www.cpomagazine.com/cyber-security/when-certificate-management-becomes-daunting-automate-it/>


What is the ACME protocol and how does it work? | Keyfactor

... In 2019, the IETF standardized the ACME protocol in RFC8555, and many clients have since developed support for the protocol. ACME v2 is not backwards compatible with v1, which will be deprecated entirely in June 2021.

< <https://securityboulevard.com/2021/04/what-is-the-acme-protocol-and-how-does-it-work-keyfactor/> https://securityboulevard.com/2021/04/what-is-the-acme-protocol-and-how-does-it-work-keyfactor/>


The Cost of Cloud LDAP

... “So, LDAP came out of my desire to do something a little lighter weight to accommodate the Macs and PCs that were on everybody’s desktop. Some colleagues and I created a similar protocol called DIXIE, which people liked. Soon after that, I was approached by some people in the IETF community to create a standardized version of DIXIE, and, with the help of a couple of colleagues, that’s how LDAP was born.”

< <https://securityboulevard.com/2021/04/the-cost-of-cloud-ldap/> https://securityboulevard.com/2021/04/the-cost-of-cloud-ldap/>


Forescout and JSOF Disclose New DNS Vulnerabilities, Impacting Millions of Enterprise and Consumer Devices

... We realized that many vulnerabilities exist because RFC documents are either unclear, ambiguous or too complex. To help prevent such issues from reappearing in the future, we have submitted to the IETF an informational RFC draft where we list the anti-patterns we identified and how to avoid them while implementing a DNS client or server.

< <https://securityboulevard.com/2021/04/forescout-and-jsof-disclose-new-dns-vulnerabilities-impacting-millions-of-enterprise-and-consumer-devices/> https://securityboulevard.com/2021/04/forescout-and-jsof-disclose-new-dns-vulnerabilities-impacting-millions-of-enterprise-and-consumer-devices/>


La Chine aurait un plan dystopique pour la « propriété intellectuelle » sur Internet [China would have a dystopian plan for "intellectual property" on the Internet]

... « L'endroit approprié pour une révision du concept de la New IP serait l'Internet Engineering Task Force (IETF). L'IETF et d'autres organismes de normalisation examinent la plupart des changements techniques apportés à l'infrastructure de l'internet qui constituent la proposition de la New IP, et ces organismes ont déclaré qu'il était prématuré d'apporter un changement radical sans plus d'informations et de consensus », ont-ils ajouté.

< <https://reseau.developpez.com/actu/314359/La-Chine-aurait-un-plan-dystopique-pour-la-propriete-intellectuelle-sur-Internet-selon-un-rapport-de-Just-Security/> https://reseau.developpez.com/actu/314359/La-Chine-aurait-un-plan-dystopique-pour-la-propriete-intellectuelle-sur-Internet-selon-un-rapport-de-Just-Security/>


Meinels Web-Tutorial: Wer regiert das Internet? [My web tutorial: Who governs the Internet?]

... Besondere Bedeutung bei der Unterstützung des IAB kommen der Internet Engineering Task Force (IETF) und der Internet Research Task Force (IRTF) zu. Die IETF ist damit befasst, neue Kommunikationsstandards wie IP, TCP http umzusetzen und in die Breite der Anwendung zu bringen, und wird dazu von der Internet Engineering Steering Group (IESG) unterstützt. Das IRTF ist ein Gremium, das sich speziell den Forschungsfragen widmet, die zur Entwicklung neuer Funktionalitäten und Internetkommunikationsprotokolle führen. Forschungsgruppen des IRTF beschäftigen sich zum Beispiel mit Fragen des Routing, der Ende-zu-Ende-Verschlüsselung, dem Schutz der Privatsphäre und Fragen der Sicherheit und des Servicemanagements.

< <https://www.spektrum.de/kolumne/meinels-web-tutorial-wer-regiert-das-internet/1856863> https://www.spektrum.de/kolumne/meinels-web-tutorial-wer-regiert-das-internet/1856863>


「Chrome 90」の安定版公開 HTTPS接続強化や低帯域幅での動画改善など [Chrome 90 releases stable https connectivity enhancements, low-bandwidth video improvements, and more]

WebRTCでAV1エンコーダーが利用可能に: WebRTCは、Webブラウザでのリアルタイムコミュニケーション(RTC)を可能にすることを目的としたオープンプロジェクトで、この1月にW3CとIETFの標準になった。AV1はGoogleも参加するAlliance for Open

< <https://www.excite.co.jp/news/article/Itmedia_news_20210415061/> https://www.excite.co.jp/news/article/Itmedia_news_20210415061/>


发明互联网技术的美国,在IPv6上,被中国反超了? [The United States, which invented Internet technology, was overtaken by China on IPv6?]

... IPv6是什么?我们知道每一台设备接入互联网,都需要一个IP地址,之前是使用IPv4,不过IPv4最大的问题在于网络地址资源不足,制约了互联网的应用和发展,于是互联网工程任务组(IETF)设计出了IPv6,用于替代IPv4的下一代IP协议。

< <https://t.cj.sina.com.cn/articles/view/1874424022/6fb970d60010128z8> https://t.cj.sina.com.cn/articles/view/1874424022/6fb970d60010128z8>


全球6G研究发展综述 [A summary of global 6G research and development]

... 3.3.2   确定性网络: 确定性网络(DetNet——Deterministic Networking)原本是一项帮助实现IP网络从“尽力而为(best-effort)”到“准时、准确、快速”,控制并降低端到端时延的技术,最初主要针对工业、能源、车联网等对网络低时延、可靠性和稳定性要求极高的垂直行业。目前IEEE制定的TSN标准提供了以太网的确定性,IETF成立的确定性网络工作组则致力于将TSN中开发的技术扩展到路由器,扩展网络规模。

< <https://finance.sina.com.cn/tech/2021-04-18/doc-ikmxzfmk7562820.shtml> https://finance.sina.com.cn/tech/2021-04-18/doc-ikmxzfmk7562820.shtml>





Measuring DNS over TLS from the edge

DNS over TLS (DoT) is an extension to the DNS over UDP/53 (Do53) protocol, which provides additional confidentiality to the DNS messages between the client and server. Since its standardization in RFC 7858 in 2016, DoT has gained increasing support by various DNS services as well as operating systems.

< <https://blog.apnic.net/2021/04/13/measuring-dns-over-tls-from-the-edge/> https://blog.apnic.net/2021/04/13/measuring-dns-over-tls-from-the-edge/>


Use of Outdated Encryption Breaches GDPR, Danish Regulator Warns [subscription]

Organizations processing sensitive personal information must ensure that it is encrypted using Transport Layer Security version 1.2 or higher, Denmark’s data regulator said Wednesday. The Danish Data Protection Agency’s statement follows its April 7 ruling criticizing the National Police for using version 1.0 of the protocol on an online gun permit application platform, which processed personal data such as names, addresses, and social security numbers.

< <https://news.bloomberglaw.com/privacy-and-data-security/use-of-outdated-encryption-breaches-gdpr-danish-regulator-warns> https://news.bloomberglaw.com/privacy-and-data-security/use-of-outdated-encryption-breaches-gdpr-danish-regulator-warns>


Hvilken krypteringsgrad er tilstrækkelig? [What level of encryption is sufficient?]

Man skal passe på folks oplysninger - også når man udveksler dem over nettet. Det betyder bl.a., at man ved kryptering på transportlaget (TLS) skal bruge version 1.2 eller højere. I en ny afgørelse udtaler Datatilsynet kritik af Rigspolitiet for brug af TLS version 1.0.

< <https://www.datatilsynet.dk/presse-og-nyheder/nyhedsarkiv/2021/apr/hvilken-krypteringsgrad-er-tilstraekkelig-> https://www.datatilsynet.dk/presse-og-nyheder/nyhedsarkiv/2021/apr/hvilken-krypteringsgrad-er-tilstraekkelig->


Understanding the European Resolver Policy

The emergence of new protocols such as DNS-over HTTPS (DoH) has resulted in some browsers changing security critical behaviour without explaining the implications to users.

< <https://blog.apnic.net/2021/04/12/understanding-the-european-resolver-policy/> https://blog.apnic.net/2021/04/12/understanding-the-european-resolver-policy/>


RPKI Route Origin Validation on RIPE NCC Network

On Monday, 19 April 2021, we will enable Resource Public Key Infrastructure (RPKI) Route Origin Validation (ROV) on our own network, AS3333, and reject RPKI invalid Border Gateway Protocol (BGP) announcements.

< <https://www.ripe.net/publications/news/announcements/rpki-route-origin-validation-on-ripe-ncc-network> https://www.ripe.net/publications/news/announcements/rpki-route-origin-validation-on-ripe-ncc-network>


The Camel’s Back: Recursive to Authoritative DNS with Encryption

With the mushrooming deployment of encrypted DNS transport protocols like DNS over HTTPS (DoH) and DNS over TLS (DoT), one might be seduced into thinking that in-flight confidentiality of DNS queries is a problem done and dusted. A comprehensive modeling of the security threats, however, reveals otherwise.

< <https://www.centr.org/news/blog/ietf110-camel-back.html> https://www.centr.org/news/blog/ietf110-camel-back.html>


How the NAME:WRECK Bugs Impact Consumers, Businesses

Researchers estimate more than 100 million internet-connected devices are vulnerable to a class of flaws dubbed NAME:WRECK. Devices ranging from smartphones, aircraft navigation systems and industrial internet of things (IIoT) endpoints are vulnerable to either a denial-of-service (DoS) or remote code-execution (RCE) attack, according to a joint report by Forescout Research Labs and JSOF Research Labs. Patches are available for some affected vendors.

< <https://threatpost.com/namewreck-bugs-businesses/165385/> https://threatpost.com/namewreck-bugs-businesses/165385/>


DNS Vulnerabilities Expose Millions of Internet-Connected Devices to Attack

Tens of millions of Internet connected devices — including medical equipment, storage systems, servers, firewalls, commercial network equipment, and consumer Internet of Things (IoT) products — are open to potential remote code execution and denial-of-service attacks because of vulnerable DNS implementations.

< <https://www.darkreading.com/vulnerabilities---threats/dns-vulnerabilities-expose-millions-of-internet-connected-devices-to-attack/d/d-id/1340664> https://www.darkreading.com/vulnerabilities---threats/dns-vulnerabilities-expose-millions-of-internet-connected-devices-to-attack/d/d-id/1340664>


NAME:WRECK DNS vulnerabilities affect over 100 million devices

Security researchers today disclosed nine vulnerabilities affecting implementations of the DNS protocol in popular TCP/IP network communication stacks running on at least 100 million devices.

< <https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/> https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/>


These new vulnerabilities put millions of IoT devices at risk, so patch now

Security vulnerabilities in millions of Internet of Things devices could allow cyber criminals to knock devices offline or take control of them remotely, in attacks that could be exploited to gain wider access to affected networks.

< <https://www.zdnet.com/article/these-new-vulnerabilities-millions-of-iot-devives-at-risk-so-patch-now/> https://www.zdnet.com/article/these-new-vulnerabilities-millions-of-iot-devives-at-risk-so-patch-now/>


Forescout and JSOF Disclose New DNS Vulnerabilities, Impacting Millions of Enterprise and Consumer Devices

Today, Forescout Research Labs, partnering with JSOF Research, disclose NAME:WRECK, a set of nine vulnerabilities affecting four popular TCP/IP stacks (FreeBSD, Nucleus NET, IPnet and NetX). These vulnerabilities relate to Domain Name System (DNS) implementations, causing either Denial of Service (DoS) or Remote Code Execution (RCE), allowing attackers to take target devices offline or to take control over them.

< <https://www.forescout.com/company/blog/forescout-and-jsof-disclose-new-dns-vulnerabilities-impacting-millions-of-enterprise-and-consumer-devices/> https://www.forescout.com/company/blog/forescout-and-jsof-disclose-new-dns-vulnerabilities-impacting-millions-of-enterprise-and-consumer-devices/>


DNS-over-HTTPS Is The Wrong Partial Solution

Openness has been one of the defining characteristics of the Internet for as long as it has existed, with much of the traffic today still passed without any form of encryption. Most requests for HTML pages and associated content are in plain text, and the responses are returned in the same way, even though HTTPS has been around since 1994.

< <https://hackaday.com/2019/10/21/dns-over-https-is-the-wrong-partial-solution/> https://hackaday.com/2019/10/21/dns-over-https-is-the-wrong-partial-solution/>


ETSI NFV and MEC API 2021 testing event Report now available

The ETSI NFV&MEC API Plugtests 2021 event, which ran remotely during the whole month of February, allowed participants to self-evaluate the conformance of their API server implementations with network function virtualization and multi-access edge computing API specifications. The event allowed also to validate and gather feedback on ETSI NFV and MEC API and Conformance Testing Specifications, and associated Robot test suites.

< <https://www.etsi.org/newsroom/news/1909-etsi-nfv-and-mec-api-2021-testing-event-report-now-available> https://www.etsi.org/newsroom/news/1909-etsi-nfv-and-mec-api-2021-testing-event-report-now-available>


us: CISA Celebrates NPSTW 2021

It is our honor to celebrate National Public Safety Telecommunicators Week (NPSTW) with you. We thank you for your commitment, service, and sacrifice to public safety. In honor of NPSTW, we would like to share CISA initiatives supporting the 911 community.

< <https://www.cisa.gov/blog/2021/04/14/cisa-celebrates-npstw-2021> https://www.cisa.gov/blog/2021/04/14/cisa-celebrates-npstw-2021>


Where does zero trust begin and why is it important?

Zero trust is an important information security architectural shift. It brings us away from the perimeter defence-in-depth models of the past, to layers of control closer to what is valued most — the data.

< <https://blog.apnic.net/2021/04/16/where-does-zero-trust-begin-and-why-is-it-important/> https://blog.apnic.net/2021/04/16/where-does-zero-trust-begin-and-why-is-it-important/>


6 Key Success Factors to run Effective National Cybersecurity Competitions

The new report identifies the success factors of cybersecurity competitions and provides preliminary insights and a discussion platform for a common European Cybersecurity Challenge (ECSC) Roadmap.

< <https://www.enisa.europa.eu/news/enisa-news/6-key-success-factors-to-run-effective-national-cybersecurity-competitions> https://www.enisa.europa.eu/news/enisa-news/6-key-success-factors-to-run-effective-national-cybersecurity-competitions>





How AI will shape smart cities

Cities worldwide are not just growing, but also trying to reconfigure themselves for a sustainable future, with higher quality of life for every citizen. That means capitalizing on renewable power sources, maximizing energy efficiency and scaling up electrified transport on an unprecedented scale.

< <https://www.itu.int/en/myitu/News/2021/04/12/13/23/AI-machine-learning-smart-cities> https://www.itu.int/en/myitu/News/2021/04/12/13/23/AI-machine-learning-smart-cities>


How the Internet of Things will integrate data into everyday life like never before

>From connected vehicles to environmental monitoring, Ami Pasricha sees game-changing potential in the Internet of Things.

< <https://createdigital.org.au/internet-of-things-integrate-data-into-everyday-life/> https://createdigital.org.au/internet-of-things-integrate-data-into-everyday-life/>


Internet protocol suite stack vulnerabilities threaten IoT devices

A set of vulnerabilities in Internet protocol suite (TCP/IP) stacks used by FreeBSD and three popular real-time operating systems designed for the Internet of Things (IoT) has been revealed by security vendor Forescout and JSOF Research. The nine vulnerabilities could potentially affect 100 million devices in the wild.

< <https://www.networkworld.com/article/3615198/tcp-ip-stack-vulnerabilities-threaten-iot-devices.html> https://www.networkworld.com/article/3615198/tcp-ip-stack-vulnerabilities-threaten-iot-devices.html>

< <https://www.arnnet.com.au/article/687708/internet-protocol-suite-stack-vulnerabilities-threaten-iot-devices/> https://www.arnnet.com.au/article/687708/internet-protocol-suite-stack-vulnerabilities-threaten-iot-devices/>


S'pore ISP offers 'clean pipes' to protect Web-connected devices

... On Monday (April 19), local Internet service provider (ISP) ViewQwest launched a new service that it said could secure a consumer's home broadband connection by scanning for and blocking threats at the network level, without the user having to install any software on his IoT devices.

< <https://www.straitstimes.com/tech/tech-news/spore-isp-offers-clean-pipes-to-protect-web-connected-devices> https://www.straitstimes.com/tech/tech-news/spore-isp-offers-clean-pipes-to-protect-web-connected-devices>





Introducing TCPLS: A game of transport protocols

Transmission Control Protocol (TCP) is the Internet’s dominant transport protocol, but TCP does have some flaws. There are other protocols that could help resolve these flaws, but deploying them is difficult, largely due to Internet ossification — a progressive but substantial reduction of the Internet’s flexibility to support new protocols above IP which has made new designs unreliable on the global network.

< <https://blog.apnic.net/2021/04/15/introducing-tcpls-a-game-of-transport-protocols/> https://blog.apnic.net/2021/04/15/introducing-tcpls-a-game-of-transport-protocols/>


QUIC and HTTP/3 Support now in Firefox Nightly and Beta

Support for QUIC and HTTP/3 is now enabled by default in Firefox Nightly and Firefox Beta and we are planning to start a rollout on the release in Firefox Stable Release 88. HTTP/3 will be available by default by the end of May.

< <https://hacks.mozilla.org/2021/04/quic-and-http-3-support-now-in-firefox-nightly-and-beta/> https://hacks.mozilla.org/2021/04/quic-and-http-3-support-now-in-firefox-nightly-and-beta/>


IETF-Vorsitzernder im Interview: Lars Eggert über das QUIC-Protokoll [Interview with IETF Chair: Lars Eggert on the QUIC protocol]

Im Internet bahnt sich eine Änderung an, die zu schnelleren Übertragungen führt: QUIC, ein Trägerprotokoll, schickt sich an, das etablierte TCP abzulösen. 

< <https://www.heise.de/news/IETF-Vorsitzernder-im-Interview-Lars-Eggert-ueber-das-QUIC-Protokoll-6003458.html> https://www.heise.de/news/IETF-Vorsitzernder-im-Interview-Lars-Eggert-ueber-das-QUIC-Protokoll-6003458.html>


Firefox bringt Quic und HTTP/3 [Firefox brings Quic and HTTP/3]

Die aktuellen Vorabversionen des Firefox-Browsers von Mozilla unterstützen in den Nightly- und Beta-Zweigen das neue HTTP/3 sowie das zugrundeliegende Quic-Protokoll.

< <https://www.golem.de/news/browser-firefox-bringt-quic-und-http-3-2104-155825.html> https://www.golem.de/news/browser-firefox-bringt-quic-und-http-3-2104-155825.html>


Mozilla Firefox 88: Browser unterstützt erstmals QUIC und HTTP/3 [Mozilla Firefox 88: Browser supports QUIC and HTTP/3 for the first time]

Mit dem zeitnah erwarteten Firefox 88 unterstützt der freie Browser von Mozilla erstmals das experimentelle Netzwerkprotokoll QUIC auf Basis von UDP und die dritte Version des Hypertext-Übertragungsprotokolls HTTP/3. Bis spätestens Ende Mai soll der Rollout abgeschlossen und die Funktionen für alle Nutzer freigeschaltet sein.

< <https://www.computerbase.de/2021-04/mozilla-firefox-88-browser-unterstuetzt-erstmals-quic-und-http-3/> https://www.computerbase.de/2021-04/mozilla-firefox-88-browser-unterstuetzt-erstmals-quic-und-http-3/>


Firefox 88 supporte QUIC et HTTP/3, le déploiement commence [Firefox 88 supports QUIC and HTTP/3, deployment begins]

Les versions Nightly et Beta de Firefox ont activé par défaut HTTP/3 et QUIC, avec en ligne de mire la mouture finale 88 prévue pour aujourd'hui. Le support du protocole y sera déployé par étapes, l'ensemble des utilisateurs devant être servis d'ici fin mai.

< <https://www.nextinpact.com/lebrief/46810/firefox-88-supporte-quic-et-http3-deploiement-commence> https://www.nextinpact.com/lebrief/46810/firefox-88-supporte-quic-et-http3-deploiement-commence>


Firefox introduce il supporto ad HTTP/3 e QUIC [Firefox introduces support for HTTP/3 and QUIC]

Il prossimo rilascio di Firefox, segnato dal numero di versione 88, porta con sé diverse novità, tra cui il supporto ad HTTP/3 e QUIC. Nell’attesa che la stable release venga resa disponibile (cosa che dovrebbe avvenire intorno a fine maggio), queste funzioni sono già state integrate sulle versioni Nightly e Beta del browser di Mozilla.

< <https://www.html.it/17/04/2021/firefox-http3-quic/> https://www.html.it/17/04/2021/firefox-http3-quic/>


... Firefox začíná podporovat QUIC a HTTP/3 [Firefox starts supporting QUIC and HTTP/3]

Roku 2012 vymyslel Dr. Jim Roskind v Googlu nový protokol QUIC (Quick UDP Internet Connections). O rok později jej představil světu, chopila se jej i IETF a postupně si získal pozornost jako protokol, na kterém staví budoucí verze HTTP, tedy HTTP/3, jinak též řečeno HTTP over QUIC.

< <https://www.root.cz/clanky/firefox-s-podporou-quic-a-http-3-kde-umozni-vypnout-offline-aktualizace/> https://www.root.cz/clanky/firefox-s-podporou-quic-a-http-3-kde-umozni-vypnout-offline-aktualizace/>


Názory k článku Firefox s podporou QUIC a HTTP/3, KDE umožní vypnout offline aktualizace [Opinions about Firefox with QUIC and HTTP/3 support, KDE allows you to turn off offline updates]

K tomu quic/http3, nepodařilo se mi vysledovat čím to je, ale pokud mám vysoký traffic po UDP, přestane mi doma chodit DNS (O2 VDSL). Takže po prvotním nadšení jsem k praktičnosti http3 mírně skeptický..

< <https://www.root.cz/clanky/firefox-s-podporou-quic-a-http-3-kde-umozni-vypnout-offline-aktualizace/nazory/> https://www.root.cz/clanky/firefox-s-podporou-quic-a-http-3-kde-umozni-vypnout-offline-aktualizace/nazory/>


Firefox ξεκινά υποστήριξη για QUIC + HTTP/3 [Firefox starts support for QUIC + HTTP/3]

Η υποστήριξη για QUIC και HTTP/3 ανακοινώθηκε επίσημα για τον Firefox Nightly και Beta build, και θα κυκλοφορήσει επίσημα με την επερχόμενη σταθερή έκδοση του Firefox 88.

< <https://iguru.gr/2021/04/17/firefox-ksekina-ypostiriksi-gia-quic-http-3/> https://iguru.gr/2021/04/17/firefox-ksekina-ypostiriksi-gia-quic-http-3/>


Firefox 88 Beta รองรับ HTTP/3 เป็นค่าดีฟอลต์ [Firefox 88 Beta supports HTTP/3 by default]

Firefox 88 Beta เริ่มเปิดใช้ HTTP/3 เป็นค่าดีฟอลต์ โดยจะเปิดให้ทุกคนใช้งานในช่วงปลายเดือนพฤษภาคม 2021

< <https://www.blognone.com/node/122227> https://www.blognone.com/node/122227>


Firefox Nightly/Beta已默认支持QUIC和HTTP/3 [Firefox Nightly/Beta has default support for QUIC and HTTP/3]

在 Firefox Nightly 和 Firefox Beta 中,已经默认启用了对 QUIC 和 HTTP/3 的支持。Mozilla 官方表示这些支持将在 Firefox Stable Release 88 版本中开始支持。HTTP/3 将会在 5 月底前默认支持。

< <https://www.cnbeta.com/articles/tech/1116169.htm> https://www.cnbeta.com/articles/tech/1116169.htm>


David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home