[Newsclips] IETF SYN-ACK Newspack 2023-10-16

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Advancements in IETF SAVNET WG: Recent Achievements and Future Endeavors

Many attack methods, such as redirection, amplification, and anonymity, exploit source IP address spoofing, making it a significant threat to Internet security. In response network operators use source address validation (SAV) mechanisms to filter packets with spoofed source IP addresses. However, these mechanisms still grapple with validation accuracy and operational efficiency.

< <https://www.manrs.org/2023/10/advancements-in-ietf-savnet-wg-recent-achievements-and-future-endeavors/> https://www.manrs.org/2023/10/advancements-in-ietf-savnet-wg-recent-achievements-and-future-endeavors/>

 

11 notable post-quantum cryptography initiatives launched in 2023

... IETF launches working group to coordinate quantum-resistant cryptographic protocols: In January, the IETF launched the Post-Quantum Use In Protocols (PQUIP) working group to coordinate the use of cryptographic protocols that are not susceptible to large quantum computers. "The idea of the working group is to be a standing venue to discuss PQC from an operational and engineering side," said Sofia Celi, co-chair of PQUI. "It is also a venue of last resort to discuss PQC-related issues in IETF protocols that have no associated maintenance on other working groups that the IETF has."

< <https://www.csoonline.com/article/654887/11-notable-post-quantum-cryptography-initiatives-launched-in-2023.html> https://www.csoonline.com/article/654887/11-notable-post-quantum-cryptography-initiatives-launched-in-2023.html>

 

HTTP/2 rapid reset flaw exposes web traffic to potential attacks

... The flaw isn’t specific to any software but exists within the HTTP/2 network protocol specification. The IETF introduced HTTP/2 as an upgrade to the traditional HTTP protocol. Its improved mobile performance and reduced bandwidth use have made it popular. Now, the IETF is developing HTTP/3.

< <https://readwrite.com/http-2-rapid-reset-flaw-exposes-web-traffic-to-potential-attacks/> https://readwrite.com/http-2-rapid-reset-flaw-exposes-web-traffic-to-potential-attacks/>

< <https://www.msn.com/en-us/news/technology/http2-rapid-reset-flaw-exposes-web-traffic-to-potential-attacks/ar-AA1idQm7> https://www.msn.com/en-us/news/technology/http2-rapid-reset-flaw-exposes-web-traffic-to-potential-attacks/ar-AA1idQm7>

 

Huawei Plans to Launch Complete Net5.5G Solutions in 2024, Bringing Net5.5G to Reality [news release]

... Huawei has joined WBBA's network technology working group and is currently working with industry partners to carry out Net5.5G research. It is also participating in Net5.5G-relevant technical standardization work being conducted by IEEE and IETF, covering key areas such as Wi-Fi 7, 800GE, SRv6, and Network Digital Map. Huawei plans to officially release Net5.5G-oriented series products and solutions in 2024.

< <https://www.huawei.com/au/news/2023/10/bringing5dot5g-toreality> https://www.huawei.com/au/news/2023/10/bringing5dot5g-toreality>

< <https://www.huawei.com/en/news/2023/10/bringing5dot5g-toreality> https://www.huawei.com/en/news/2023/10/bringing5dot5g-toreality>

 

Leon Wang, President of Huawei Data Communication Product Line, Discusses the Future of 5.5G at UBBF 2023

... Huawei is actively involved in Net5.5G research and is working with industry partners to develop solutions. The company is also participating in relevant technical standardization work conductedorganizations such as IEEE and IETF. Huawei plans to release Net5.5G-oriented series products and solutions in 2024.

< <https://www.opp.today/5g/bring-net5-5g-to-reality-inspire-new-growth/132260/> https://www.opp.today/5g/bring-net5-5g-to-reality-inspire-new-growth/132260/>

 

New WBA Report Showcases Techniques for Ensuring End-to-End Quality of Service in Wi-Fi for Public, Home & Enterprise [news release]

... The paper also discusses two key outcomes from the trials. The first is quantifying how they improve QoS application performance and reliability, and user experiences. The second is potentially identifying performance bottlenecks that may require enhancements to existing QoS mechanisms or totally new QoS mechanisms. With these discoveries WBA intends to work with standards organizations (IETF, IEEE802.1, IEEE802.11, Wi-Fi Alliance) to develop enhancements to existing or new, QoS mechanisms.

< <https://wballiance.com/new-wba-report-showcases-techniques-for-ensuring-end-to-end-quality-of-service-in-wi-fi-for-public-home-enterprise/> https://wballiance.com/new-wba-report-showcases-techniques-for-ensuring-end-to-end-quality-of-service-in-wi-fi-for-public-home-enterprise/>

 

How SASE shows that the industry needs standardization for innovation and growth

... SD-WAN stands out as the first enterprise network service that gained mainstream prominence without the firm guidance of industry bodies such as IETF or IEEE.

< <https://www.sdxcentral.com/articles/opinion-editorial/how-sase-shows-that-the-industry-needs-standardization-for-innovation-and-growth/2023/10/> https://www.sdxcentral.com/articles/opinion-editorial/how-sase-shows-that-the-industry-needs-standardization-for-innovation-and-growth/2023/10/>

 

More than three dozen victims join a class-action lawsuit against Apple over ‘AirTags stalking’

... The specification has been submitted as an Internet-Draft via the IETF, a leading standards development organization. Interested parties are invited and encouraged to review and comment over the next three months. Following the comment period, Apple and Google will partner to address feedback, and will release a production implementation of the specification for unwanted tracking alerts by the end of 2023 that will then be supported in future versions of iOS and Android.

< <https://www.mactech.com/2023/10/13/more-than-three-dozen-victims-join-a-class-action-lawsuit-against-apple-over-airtags-stalking/> https://www.mactech.com/2023/10/13/more-than-three-dozen-victims-join-a-class-action-lawsuit-against-apple-over-airtags-stalking/>

 

Le chiffrement post-quantique se standardise [Post-quantum encryption standardizes]

... Les experts qui auront testé ces différents brouillons se réuniront à Prague lors d’un meeting de l’IETF en novembre pour vérifier qu’ils ont bien interprété les spécifications de ces futurs standards et qu’ils sont interopérables. Les chercheurs ont jusqu’au 22 novembre pour apporter leurs commentaires.

< <https://www.lemagit.fr/actualites/366555098/Le-chiffrement-post-quantique-se-standardise> https://www.lemagit.fr/actualites/366555098/Le-chiffrement-post-quantique-se-standardise>

 

Kommunikation ohne (Organisations-)Grenzen MIMI-Standard für die Interoperabilität von Messengern [Communication without (organisational) boundaries MIMI standard for the interoperability of messengers]

... MIMI – kurz für More Instant Messaging Interoperability – ist ein neuer Standard, initiiert und entwickelt von der IETF, einer internationalen Organisation zur technischen Weiterentwicklung des Internets, der Einführung von Standards und Best Practices. MIMI zielt darauf ab, weltweit die Interoperabilität verschiedener Instant Messaging-, Chat- und Kollaborationsdienste zu ermöglichen. Dabei soll er eine sichere, private und zuverlässige Verbindung zwischen verschiedenen Messaging-Apps und Kommunikationsdiensten herstellen.

< <https://www.ip-insider.de/mimi-standard-fuer-die-interoperabilitaet-von-messengern-a-129379fbd992a2102de20f65987be1fc/> https://www.ip-insider.de/mimi-standard-fuer-die-interoperabilitaet-von-messengern-a-129379fbd992a2102de20f65987be1fc/>

 

Големите облачни компании признаха за безпрецедентни DDoS атаки [Big Cloud Companies Acknowledge Unprecedented DDoS Attacks]

... Друг аспект на ситуацията е откъде идва уязвимостта. Rapid Reset не е в конкретен софтуер, а в спецификацията на мрежовия протокол HTTP/2, използван за зареждане на уеб страници. Разработен от IETF, HTTP/2 съществува от около осем години и е по-бързият и по-ефективен наследник на класическия HTTP. Новият протокол HTTP/2 работи по-добре на мобилни устройства и използва по-малко честотна лента, така че е изключително широко възприет. В момента IETF дори разработва HTTP/3.

< <https://www.economic.bg/bg/a/view/golemite-oblachni-kompanii-priznaha-za-bezprecedentni-d-do-s-ataki> https://www.economic.bg/bg/a/view/golemite-oblachni-kompanii-priznaha-za-bezprecedentni-d-do-s-ataki>



**********************

SECURITY & PRIVACY

**********************

Security standards and their role in 5G and 6G

Standardization forms the base for mobile network security, ensuring interoperability and openness. Building on this base, many other aspects come into play: it’s when all the pieces come together in an orchestrated manner that we get adequate security throughout the mobile network.

< <https://www.ericsson.com/en/blog/2023/10/security-standards-role-in-5g> https://www.ericsson.com/en/blog/2023/10/security-standards-role-in-5g>

 

DNSSEC and Zone Transfers: What You Need to Know

Everyone knows that signing your DNS zones is a good idea. However, DNSSEC can cause problems when combined with a widely used method for synchronising secondary DNS servers with their primaries, Incremental Zone Transfer (IXFR). Find out why IXFRs are useful and what you need to know to use them together with DNSSEC.

< <https://labs.ripe.net/author/liman/dnssec-and-zone-transfers-what-you-need-to-know/> https://labs.ripe.net/author/liman/dnssec-and-zone-transfers-what-you-need-to-know/>

 

Cybersecurity Awareness Month and Beyond: How We’re Safeguarding Network Integrity

In the digital age, cybersecurity is the first line of defense against an ever-expanding and continually evolving array of threats. The increasing sophistication of cyber threats and a deepening dependence on interconnectivity have elevated cybersecurity technologies from a peripheral consideration to a critical priority.

< <https://www.cablelabs.com/blog/cybersecurity-awareness-month-and-beyond> https://www.cablelabs.com/blog/cybersecurity-awareness-month-and-beyond>

 

A New Protocol Vulnerability Will Haunt the Web for Years

Google, Amazon, Microsoft, and Cloudflare revealed this week that they battled massive, record-setting distributed denial of service attacks against their cloud infrastructure in August and September. DDoS attacks, in which attackers attempt to overwhelm a service with junk traffic to bring it down, are a classic internet menace, and hackers are always developing new strategies to make them bigger or more effective. The recent attacks were particularly noteworthy, though, because hackers generated them by exploiting a vulnerability in a foundational web protocol. This means that while patching efforts are well underway, fixes will need to essentially reach every web server globally before these attacks can be fully stamped out.

< <https://www.wired.com/story/http-2-rapid-reset-flaw/> https://www.wired.com/story/http-2-rapid-reset-flaw/>

 

Built-in weakness in HTTP/2 protocol exploited for massive DDoS attacks

Over the past two months attackers have been abusing a feature of the HTTP/2 web communication protocol that makes web application servers, load balancers, and web proxies vulnerable to distributed denial-of-service (DDoS) attacks of unprecedented scale. Google, AWS, Cloudflare, and other major cloud infrastructure providers, as well as web server vendors have been working on mitigation strategies and patches in private groups until the weakness was disclosed today.

< <https://www.csoonline.com/article/655106/built-in-weakness-in-http-2-protocol-exploited-for-massive-ddos-attacks.html> https://www.csoonline.com/article/655106/built-in-weakness-in-http-2-protocol-exploited-for-massive-ddos-attacks.html>

 

**********************

INTERNET OF THINGS

**********************

Internet of Things sensor network to boost pupils’ data skills in Scotland

Next month, when all schools in West Lothian come on board, the ‘Internet of Everything Schools Network’ will double in size, becoming operational in 86 schools.

< <https://airqualitynews.com/health/internet-of-things-sensor-network-to-boost-pupils-data-skills-in-scotland/> https://airqualitynews.com/health/internet-of-things-sensor-network-to-boost-pupils-data-skills-in-scotland/>

 

**********************

QUANTUM NETWORKING

**********************

EPB Offers Commercial Quantum Network for Quantum Developers

We hear a lot about quantum computers – sometimes too much – but not as much about quantum networking which will also be a critical component in making widespread use of quantum information technology a reality. There are many important use cases including, for example, scaling up of quantum computers by linking them, providing quantum-secured secure communications, and networking together quantum sensors. There’s even a DoE-spearheaded Quantum Internet development project and most big cloud providers are also exploring the idea.

< <https://www.hpcwire.com/2023/10/10/epb-offers-commercial-quantum-network-for-quantum-developers/> https://www.hpcwire.com/2023/10/10/epb-offers-commercial-quantum-network-for-quantum-developers/>

 

QIA launches Quantum Internet Application Challenge

The Quantum Internet Alliance (QIA) has announced the launch of its first ever Quantum Internet Application Challenge, an initiative encouraging quantum enthusiasts to take part in shaping the future of the quantum internet.

< <https://quantuminternetalliance.org/2023/09/08/qia-launches-quantum-internet-application-challenge/> https://quantuminternetalliance.org/2023/09/08/qia-launches-quantum-internet-application-challenge/>

 

QIA meets in Delft to discuss progress after a year from kick off

Principal investigators, team leads and members involved in technical discussions from QIA partners all over Europe gathered from the 9th to 11th of October at the De Oude Bibliotheek Academy in Delft, the Netherlands for the QIA Autumn Meeting 2023.

< <https://quantuminternetalliance.org/2023/10/12/qia-meets-in-delft-to-discuss-progress-after-a-year-from-kick-off/> https://quantuminternetalliance.org/2023/10/12/qia-meets-in-delft-to-discuss-progress-after-a-year-from-kick-off/>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

Measuring HTTP/3 real-world performance

So far in this series, I’ve detailed how QUIC and HTTP/3 have overcome the security and privacy issues that plague the Transport Control Protocol (TCP) and HTTP/2 in a future-proof way. In this post, I’ll look at how they compare when it comes to perhaps the most important feature of any protocol — performance.

< <https://blog.apnic.net/2023/10/09/measuring-http-3-real-world-performance/> https://blog.apnic.net/2023/10/09/measuring-http-3-real-world-performance/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

A Roadmap for Regulating AI Programs: This IEEE standard outlines how to verify and validate any system

Globally, policymakers are debating governance approaches to regulate automated systems, especially in response to growing anxiety about unethical use of generative AI technologies such as ChatGPT and DALL-E. Legislators and regulators are understandably concerned with balancing the need to limit the most serious consequences of AI systems without stifling innovation with onerous government regulations. Fortunately, there is no need to start from scratch and reinvent the wheel.

< <https://spectrum.ieee.org/regulating-ai-programs-roadmap> https://spectrum.ieee.org/regulating-ai-programs-roadmap>

 

The RIPE Chair Team Reports - October 2023

RIPE 87 is getting closer and preparations are already in full swing. In this update, the RIPE Chair Team reports on the various activities happening this month in the RIPE community ahead of the meeting, ongoing NRO NC elections, recent industry events, and more.

< <https://labs.ripe.net/author/mirjam_kuhne/the-ripe-chair-team-reports-october-2023/> https://labs.ripe.net/author/mirjam_kuhne/the-ripe-chair-team-reports-october-2023/>

 

APNIC close to completing delegation of its final /8 IPv4 block

The Asia-Pacific Network Information Centre (APNIC) on Monday announced it is close to delegating the last IPv4 addresses in its final /8 block, bringing the regional internet registry a step closer to IPv4 exhaustion.

< <https://www.theregister.com/2023/10/11/apnic_ipv4_exhaustion_milestone/> https://www.theregister.com/2023/10/11/apnic_ipv4_exhaustion_milestone/>

 

Nearing the end of 103/8

It has been over 12 years since APNIC began delegating IPv4 addresses from its final /8 (103/8) on 18 April 2011. When the APNIC community discussed the final /8 policy (prop-062) in 2009, there was a widely held expectation that the 103/8 would last for around 10 years to help support the move to IPv6. That estimate was relatively accurate, as APNIC will likely make its final delegations from 103/8 this week. At the time of writing, there were only 121 /24s, or 30,976 addresses left to delegate from 103/8.

< <https://blog.apnic.net/2023/10/09/nearing-the-end-of-103-8/> https://blog.apnic.net/2023/10/09/nearing-the-end-of-103-8/>

 

Notes from OARC 41

OARC held a two-day meeting in September in Da Nang, Viet Nam, with a set of presentations on various Domain Name System (DNS) topics. Here’s some observations that I picked up from the presentations that were made in that meeting.

< <https://www.potaroo.net/ispcol/2023-09/oarc41.html> https://www.potaroo.net/ispcol/2023-09/oarc41.html>

 

Comcast to Deliver Multi-Gig Symmetrical Speeds in World-First DOCSIS 4.0 Deployment [news release]

Comcast announced that next week it will begin to introduce the first residential customers in the world to next-generation Internet powered by DOCSIS 4.0 technology.

< <https://corporate.comcast.com/press/releases/comcast-multi-gig-symmetrical-speeds-world-first-docsis-4-deployment> https://corporate.comcast.com/press/releases/comcast-multi-gig-symmetrical-speeds-world-first-docsis-4-deployment>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home