[Newsclips] IETF SYN-ACK Newspack 2021-12-13

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

 

**********************

IETF IN THE NEWS

**********************

Open Cybersecurity Alliance Adds PACE Posture Assessment Project

The Open Cybersecurity Alliance (OCA), a global, ​standards-based initiative to simplify ​​integration across the threat lifecycle, announced today that it has accepted the Posture Attribute Collection and Evaluation (PACE) project contributed by the Center for Internet Security (CIS), the National Security Agency (NSA) and McAfee. PACE will focus on creating production-ready code that evaluates the posture assessment of computing resources using a communication fabric which will allow organizations to use this information in zero-trust architecture decisioning. Based on an implementation effort from the IETF Security Automation and Continuous Monitoring (SACM) architecture, PACE will deliver community-maintained code that will arm operators with an interoperable out-of-the-box solution that monitors risk and threat exposure, reducing integration costs and redundancy while increasing resiliency.

< <https://www.oasis-open.org/2021/12/09/open-cybersecurity-alliance-adds-pace-posture-assessment-project/> https://www.oasis-open.org/2021/12/09/open-cybersecurity-alliance-adds-pace-posture-assessment-project/>

 

Quantum technology and its impact on security in mobile networks

While today’s systems will remain secure against crypto-breaking quantum computers for many years to come, they do present a serious potential risk further into the future. To address this risk, new post-quantum algorithms that can easily be added to existing equipment and protocols are already in the final stages of standardization. ... Fortunately, an alternative is already available for very long-lived signature keys such as those used in firmware updates. Stateful hash-based signatures have well-understood security, and have already been standardized by the IETF and the US National Institute of Standards and Technology (NIST). There is a serious limitation to stateful hash-based signatures, however. Because they are stateful, they are only suitable for very specific applications.

< <https://www.ericsson.com/en/reports-and-papers/ericsson-technology-review/articles/ensuring-security-in-mobile-networks-post-quantum> https://www.ericsson.com/en/reports-and-papers/ericsson-technology-review/articles/ensuring-security-in-mobile-networks-post-quantum>

 

A third of you slackers out there still aren't using HTTPS by default

Almost a third of the world wide web's top million sites are still not using HTTPS by default, according to infosec researcher Scott Helme's analysis. ... Back in 2014 as public outrage over US dragnet internet surveillance was at its peak, the IETF briefly mulled deprecating RSA altogether from TLS v1.3.

< <https://www.theregister.com/2021/12/09/top_1_million_report_scott_helme/> https://www.theregister.com/2021/12/09/top_1_million_report_scott_helme/>

 

Setting the standard: Barbara Lange, SMPTE

At the end of the year, SMPTE executive director Barbara Lange will conclude her 12-year stewardship of the industry’s premier standards body to follow the two new career strands of helping young women find careers in STEM and exploring sustainability in the sector. ... “SMPTE covers broadcast, motion picture and streaming work as well. There are different groups we collaborate with like Movie Labs and ETC at USC. The HPA remains a good partner, and then too are AMWA, VSF, AES, EBU, DPP and the IABM. Think any three-letter acronym. Some of our newest partners are things like W3C and IETF, which are internet-based groups. Collaboration is crucial to SMPTE’s future” she adds.

< <https://www.ibc.org/interviews/setting-the-standard-barbara-lange-smpte/8183.article> https://www.ibc.org/interviews/setting-the-standard-barbara-lange-smpte/8183.article>

 

Ongoing Community Work to Mitigate Domain Name System Security Threats

... Verisign contributes to the anti-abuse, technical and policy communities: We continuously engage with ICANN and an array of other industry partners to help ensure the continued safe and secure operation of the DNS. For example, Verisign is actively engaged in anti-abuse, technical and policy communities such as the Anti-Phishing and Messaging, Malware and Mobile Anti-Abuse Working Groups, FIRST and the IETF.

< <https://blog.verisign.com/domain-names/ongoing-community-work-to-mitigate-domain-name-system-security-threats/> https://blog.verisign.com/domain-names/ongoing-community-work-to-mitigate-domain-name-system-security-threats/>

< <https://circleid.com/posts/20211206-ongoing-community-work-to-mitigate-domain-name-system-security-threats> https://circleid.com/posts/20211206-ongoing-community-work-to-mitigate-domain-name-system-security-threats>

 

Microsoft, Google OAuth flaws can be abused in phishing attacks

... The IETF provides additional security recommendations for those who implement authentication OAuth servers.

< <https://www.bleepingcomputer.com/news/security/microsoft-google-oauth-flaws-can-be-abused-in-phishing-attacks/> https://www.bleepingcomputer.com/news/security/microsoft-google-oauth-flaws-can-be-abused-in-phishing-attacks/>

 

A Penny For Your Bytes: Ditching Ethics. Embracing Rights

... Technologists have been having a field day with ethics. All relevant organizations have been issuing their own Code of Ethics (IEEE, ITU, ISO, ISOC, IETF, you name it). Some have also issued recommendations in the form of actual “standards”, such as RFC 1087. The term has also impressively spiked in the past 5 years.

< <https://www.digitalnewsasia.com/insights/penny-your-bytes-ditching-ethics-embracing-rights> https://www.digitalnewsasia.com/insights/penny-your-bytes-ditching-ethics-embracing-rights>

 

Accesso con account Google e Microsoft: attenzione agli attacchi phishing [Sign in with Google and Microsoft accounts: Beware of phishing attacks]

... IETF fornisce importanti raccomandazioni destinate a coloro che implementano server OAuth in modo da poter fidare sul massimo livello di sicurezza possibile.

< <https://www.ilsoftware.it/articoli.asp?tag=Accesso-con-account-Google-e-Microsoft-attenzione-agli-attacchi-phishing_23889> https://www.ilsoftware.it/articoli.asp?tag=Accesso-con-account-Google-e-Microsoft-attenzione-agli-attacchi-phishing_23889>

 

DNS over HTTPS in Windows 11: cos’è, a cosa serve e vantaggi in termini di security e privacy [DNS over HTTPS in Windows 11: what it is, what it is for and advantages in terms of security and privacy]

... A questo punto è chiaro cos’è il protocollo DNS over HTTPS. Per molti è una novità, ma Google e Mozilla Foundation hanno iniziato a testare DNS over HTTPS nelle versioni dei loro browser già nel 2018 e nello stesso anno è stato proposto come standard dalla IETF.

< <https://www.cybersecurity360.it/soluzioni-aziendali/dns-over-https-in-windows-11-cose-a-cosa-serve-e-vantaggi-in-termini-di-security-e-privacy/> https://www.cybersecurity360.it/soluzioni-aziendali/dns-over-https-in-windows-11-cose-a-cosa-serve-e-vantaggi-in-termini-di-security-e-privacy/>

 

Ein Metaverse, wie Zuckerberg es sich vorstellt, kann niemand wollen [No one can want a metaverse, as Zuckerberg imagines it]

... Neal Stephensons Science-Fiction-Klassiker „Snow Crash“ aus dem Jahr 1992 gilt als Geburtsstunde des Metaverse-Begriffs. Im Roman flüchten sich Menschen vor einer von Armut und Gewalt geprägten Realität in einen dreidimensionalen, virtuellen Raum, in dem sie als Avatare existieren. Klingt nicht nach einer erstrebenswerten Zukunftsvision. Das sieht auch James Arlen so. Allerdings gebe es einen wesentlichen Unterschied zu Mark Zuckerbergs Vorstellung: „In Stephensons Roman wird das Metaverse von einem fiktionalen IETF-Äquivalent verwaltet. Es ist Gemeingut, keine von einzelnen Großunternehmen umgesetzte Wirtschaftsvision. Insofern könnte man fast sagen, dass die Dystopie in ‚Snow Crash‘ sogar besser ist als das, was Facebook vorschwebt“, sagt Arlen und lacht.

< <https://t3n.de/news/metaverse-sicherheitsexperte-warnt-zuckerbergs-plaene-1434009/> https://t3n.de/news/metaverse-sicherheitsexperte-warnt-zuckerbergs-plaene-1434009/>

 

ETRI '실시간 스트리밍 기술', IETF 공식 표준문서로 등록 [ETRI 'Live Streaming Technology' Registered as IETF Official Standard Document]

한국전자통신연구원(이하 ETRI)의 '실시간 비디오 스트리밍을 위한 정보중심네트워킹(ICN) 기술 표준 문서'가 인터넷 기술 관련 국제 사실 표준화 기구인 'IETF'의 공식 표준 문서로 등록되었다.

< <https://www.hellot.net/news/article.html?no=64166> https://www.hellot.net/news/article.html?no=64166>

< <https://www.dongascience.com/news.php?idx=51000> https://www.dongascience.com/news.php?idx=51000>

 

이동에도 끊김없는 '생방송 기술'···국제표준 선정 ["Live broadcast technology" that is seamless in movement· International Standards]

ETRI가 개발한 기술이 사실 표준화 기구에서 국제표준으로 선정됐다. 해당 기술은 이동하면서 끊김없는 생방송을 가능케하는 실시간 비디오 스트리밍 서비스 핵심 표준이다.ETRI(한국전자통신연구원·원장 김명준)는 인터넷 기술 관련 국제 사실 표준화 기구인 'IETF'를 통해 기고한 실시간 비디오 스트리밍을 위한 정보중심네트워킹(ICN) 기술 표준 문서가 지난달 말 공식 표준 문서로 등록됐다고 12일 밝혔다.

< <https://www.hellodd.com/news/articleView.html?idxno=95202> https://www.hellodd.com/news/articleView.html?idxno=95202>

 

전자통신연 ‘실시간 스트리밍 기술’ 국제표준 등록 [Registered as an international standard for electronic communications 'live streaming technology']

한국전자통신연구원(ETRI)은 실시간 비디오 스트리밍을 위한 정보중심네트워킹(ICN) 기술이 국제인터넷표준화기구(IETF)의 국제표준으로 등록됐다고 10일 밝혔다.

< <https://www.sciencetimes.co.kr/news/전자통신연-실시간-스트리밍-기술-국제표준-등록/> https://www.sciencetimes.co.kr/news/전자통신연-실시간-스트리밍-기술-국제표준-등록/>

< <https://www.yna.co.kr/view/AKR20211209142500063> https://www.yna.co.kr/view/AKR20211209142500063>

 

W3C／HTML5からWHATWG／Living Standardへ、Web発展史をひもとく [From W3C/HTML5 to WHATWG/Living Standard, we will draw on the history of web development]

... HTMLは1989年にティム・バーナーズ・リー氏が発明して以降、仕様策定の場をIETFやW3Cといった標準化団体に移しました。これまでバージョン番号を重ね、現在の最新仕様であるWHATWGのHTML Living Standardではバージョン番号が無くなりました。HTML Living Standardという名前の通り、仕様は都度アップデート、公開されていくことになります。

< <https://active.nikkeibp.co.jp/atcl/act/19/00333/112500006/> https://active.nikkeibp.co.jp/atcl/act/19/00333/112500006/>

 

企業5G專網選項多元　依機敏性考量成本效益 [Enterprise 5G private network options are diverse and cost-effective according to agility]

... 此外，Wi-Fi使用頻率為免執照頻段（Unlicensed Band），例如2.4GHz為各國通行的ISM頻段（Industrial Scientific Medical Band），IEEE 802.11、藍牙、ZigBee等無線網路皆可使用，意味著無法完全避免相互干擾。畢竟網際網路工程任務組（IETF）初始定義Wi-Fi規格時，本就定位為單機運作，之後增補讓兩台無線基地台可Handover，直到Wi-Fi 6依據IEEE 802.11ax規格才實作出網狀（Mash）架構，容量設計遠遠落後於行動網路。

< <https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/3D7E7D28C5E04182B52B689E0A092C3E> https://www.netadmin.com.tw/netadmin/zh-tw/viewpoint/3D7E7D28C5E04182B52B689E0A092C3E>

 

**********************

NEWS FROM IETF PARTICIPANTS

**********************

IETF 112: Antoin Verschuren Discusses the Work of the REGEXT Working Group and Why ccTLDs Should Be More Involved in the IETF

The recent IETF 112 saw several discussions among participants pertaining to the domain name world. One of those was the Registration Protocols Extensions (REGEXT) session on 10 November, and here Antoin Verschuren from Liberty Global explains what was discussed, why more of our European ccTLD registries should get involved in the work of the IETF as well as his background and what led him to becoming interested in the work of the IETF.

< <https://www.centr.org/news/blog/ietf112-regext.html> https://www.centr.org/news/blog/ietf112-regext.html>

 

**********************

SECURITY & PRIVACY

**********************

Recently uncovered software flaw ‘most critical vulnerability of the last decade’

A critical vulnerability in a widely used software tool – one quickly exploited in the online game Minecraft – is rapidly emerging as a major threat to organizations around the world.

< <https://www.theguardian.com/technology/2021/dec/10/software-flaw-most-critical-vulnerability-log-4-shell> https://www.theguardian.com/technology/2021/dec/10/software-flaw-most-critical-vulnerability-log-4-shell>

 

How Decryption of Network Traffic Can Improve Security

Most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today. Jeff Costlow, CISO at ExtraHop, explains why this might not be a good thing.

< <https://threatpost.com/decryption-improve-security/176613/> https://threatpost.com/decryption-improve-security/176613/>

 

Ongoing Community Work to Mitigate Domain Name System Security Threats by Keith Drazek

For over a decade, ICANN and its multi-stakeholder community have engaged in an extended dialogue on the topic of DNS abuse, and the need to define, measure and mitigate DNS-related security threats. With increasing global reliance on the internet and DNS for communication, connectivity and commerce, the members of this community have important parts to play in identifying, reporting and mitigating illegal or harmful behavior, within their respective roles and capabilities.

< <https://circleid.com/posts/20211206-ongoing-community-work-to-mitigate-domain-name-system-security-threats> https://circleid.com/posts/20211206-ongoing-community-work-to-mitigate-domain-name-system-security-threats>

 

Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators

Google’s Threat Analysis Group (TAG) has disrupted the blockchain-enabled botnet known as Glupteba, which is made up of around 1 million compromised Windows and internet of things (IoT) devices. In tandem, Google also filed a lawsuit against the botnet’s operators.

< <https://threatpost.com/google-glupteba-botnet-lawsuit/176826/> https://threatpost.com/google-glupteba-botnet-lawsuit/176826/>

 

Security's Role in Internet Resilience

One aspect of resilience on the internet is that things — notably servers and resources — move around. Sometimes moves are legitimate, such as when a popular site evolves from hosting their own website to moving to a cloud provider to using a CDN to handle the ever-increasing traffic. Sometimes the moves are not legitimate, such as when an attacker pretends to be an ecommerce or banking site and steals a user’s credentials upon login. How can the end user tell the difference between legitimate and not-so-legitimate moves?

< <https://www.akamai.com/blog/security/securitys-role-in-internet-resilience> https://www.akamai.com/blog/security/securitys-role-in-internet-resilience>

 

us: NIST Releases Version 1.1 of its Popular Cybersecurity Framework

The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) has released version 1.1 of its popular Framework for Improving Critical Infrastructure Cybersecurity, more widely known as the Cybersecurity Framework.

< <https://www.nist.gov/news-events/news/2018/04/nist-releases-version-11-its-popular-cybersecurity-framework> https://www.nist.gov/news-events/news/2018/04/nist-releases-version-11-its-popular-cybersecurity-framework>

 

Recently uncovered software flaw ‘most critical vulnerability of the last decade’

A critical vulnerability in a widely used software tool – one quickly exploited in the online game Minecraft – is rapidly emerging as a major threat to organizations around the world.

< <https://www.theguardian.com/technology/2021/dec/10/software-flaw-most-critical-vulnerability-log-4-shell> https://www.theguardian.com/technology/2021/dec/10/software-flaw-most-critical-vulnerability-log-4-shell>

 

Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack

The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.”

< <https://threatpost.com/zero-day-in-ubiquitous-apache-log4j-tool-under-active-attack/176937/> https://threatpost.com/zero-day-in-ubiquitous-apache-log4j-tool-under-active-attack/176937/>

 

The Internet’s biggest players are all affected by critical Log4Shell 0-day

The list of services with Internet-facing infrastructure that is vulnerable to a critical zero-day vulnerability in the open source Log4j logging utility is immense and reads like a who’s who of the biggest names on the Internet, including Apple, Amazon, Cloudflare, Steam, Tesla, Twitter, and Baidu.

< <https://arstechnica.com/information-technology/2021/12/the-critical-log4shell-zero-day-affects-a-whos-who-of-big-cloud-services/> https://arstechnica.com/information-technology/2021/12/the-critical-log4shell-zero-day-affects-a-whos-who-of-big-cloud-services/>

 

German cybersecurity watchdog issues red alert warning on software

Germany's federal cybersecurity watchdog, the BSI, on Saturday issued a red alert warning, its highest, on a flawed piece of widely-used software, saying it posed an "extremely critical threat" to web servers.

< <https://www.reuters.com/technology/german-cybersecurity-watchdog-issues-red-alert-warning-software-2021-12-12/> https://www.reuters.com/technology/german-cybersecurity-watchdog-issues-red-alert-warning-software-2021-12-12/>

 

us: Cybersecurity Speaker Series: The Value of Vulnerability Disclosure

The NSA Cybersecurity Collaboration Center released the 3rd video in its Cybersecurity Speaker Series today, focusing on the value of disclosing NSA-discovered vulnerabilities, and the decision making process behind these disclosures. The Cybersecurity Speaker Series highlights NSA experts that share their insights, lessons, and contributions of their work in cybersecurity.

< <https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/2862583/cybersecurity-speaker-series-the-value-of-vulnerability-disclosure/> https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/2862583/cybersecurity-speaker-series-the-value-of-vulnerability-disclosure/>

 

us: Welcome to our Cybersecurity Advisory Committee

Today I was thrilled to host the first meeting of CISA’s Cybersecurity Advisory Committee. It was a powerful and productive day talking through how to tackle some of the most pressing issues we face as we evolve CISA into the cyber defense agency the nation needs and deserves.

< <https://www.cisa.gov/blog/2021/12/10/welcome-our-cybersecurity-advisory-committee> https://www.cisa.gov/blog/2021/12/10/welcome-our-cybersecurity-advisory-committee>

 

**********************

INTERNET OF THINGS

**********************

The Future That Our Connected World Will Create: A Vision From Marconi Fellow Andrea Goldsmith

“Now is the most exciting time for the future of wireless networks,” begins Andrea Goldsmith, 2020 Marconi Fellow and Dean of Engineering and Applied Science at Princeton University. Goldsmith, a wireless maven whose contributions to the field have shaped our connected world, gave the closing keynote address during the Marconi Society’s symposium, The Decade of Digital Inclusion. Registered participants can watch this and 20+ other sessions on demand, and $49 general admissions passes are available through December 15, 2021.

< <https://www.marconisociety.org/magazine/the-future-that-our-connected-world-will-create-a-vision-from-marconi-fellow-andrea-goldsmith/> https://www.marconisociety.org/magazine/the-future-that-our-connected-world-will-create-a-vision-from-marconi-fellow-andrea-goldsmith/>

 

Tiny machine learning design alleviates a bottleneck in memory usage on internet-of-things devices

New technique applied to small computer chips enables efficient vision and detection algorithms without internet connectivity.

< <https://news.mit.edu/2021/tiny-machine-learning-design-alleviates-bottleneck-memory-usage-iot-devices-1208> https://news.mit.edu/2021/tiny-machine-learning-design-alleviates-bottleneck-memory-usage-iot-devices-1208>

 

The 5 Biggest Internet Of Things (IoT) Trends In 2022

The Internet of Things (IoT) is a term that describes the increasingly sophisticated ecosystems of online, connected devices we share our world with. The slightly odd name refers to the fact that the first iteration of the internet was simply a network of connected computers. As the internet grew, phones, office equipment like printers and scanners, and industrial machinery were added to the internet. Today, just about any device we use in our homes, offices, factories, or simply wear on our bodies can be online and connected, hence the internet of "things."

< <https://www.forbes.com/sites/bernardmarr/2021/12/13/the-5-biggest-internet-of-things-iot-trends-in-2022/> https://www.forbes.com/sites/bernardmarr/2021/12/13/the-5-biggest-internet-of-things-iot-trends-in-2022/>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

Efficient multipath transport with QUIC in large-scale video services

Streaming videos has become commonplace in our daily lives. Unfortunately, when engineers are entrusted with the task of delivering smooth video streaming to our users, we face numerous challenges from ‘last-mile’ wireless connections. Poor wireless connectivity, either Wi-Fi or cellular, causes a variety of problems, ranging from slow video start, high video rebuffering rate, to complete connection loss.

< <https://blog.apnic.net/2021/12/08/efficient-multipath-transport-with-quic-video-services/> https://blog.apnic.net/2021/12/08/efficient-multipath-transport-with-quic-video-services/>

 

How Codavel, a CDN built specifically for mobile apps, is making breakthroughs in the global market

Faster applications lead to more active users and longer sessions. Faster apps also translate into higher conversion and retention, among other key business KPIs. ... Here, we have Diogo explaining the uniqueness of Codavel’s solution, and why it is essential in today’s scenario. “Most current solutions are still based on a 30-year-old protocol. HTTP/TCP are not suited for wireless links. Standard CDNs bring limited improvements, given the wireless last mile instability", attributes Diogo. Even the third and upcoming major version of the Hypertext Transfer Protocol used to exchange information on the World Wide Web, QUIC / HTTP3 falls short for mobile apps, he adds. This is where Codavel’s solution stands out.

< <https://yourstory.com/2021/12/codavel-mobile-apps-cdn-breakthrough-global-market/amp> https://yourstory.com/2021/12/codavel-mobile-apps-cdn-breakthrough-global-market/amp>

 

QUIC di Google al posto di TCP? [Google's QUIC instead of TCP?]

QUIC di Google sostituirà il TCP? Forse. Google ha dato vita ad un nuovo protocollo internet che possa dare il cambio agli arretrati standard.

< <https://sicurezza.net/software/quic-google-al-posto-tcp> https://sicurezza.net/software/quic-google-al-posto-tcp>

 

Soluciona los errores SSL al navegar [Fixes SSL errors when browsing]

... También podemos acceder a ese sitio web a través de HTTP, asegurarnos de tener los protocolos TLS 1.1, 1.2 y 1.3 activados en el navegador y, como opción adicional, desactivar QUIC o cualquier protocolo experimental.

< <https://www.redeszone.net/tutoriales/redes-cable/evitar-errores-ssl-navegador/> https://www.redeszone.net/tutoriales/redes-cable/evitar-errores-ssl-navegador/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Big Tech's private networks and protocols threaten the 'net, say internet registries

The internet remains resilient, and its underlying protocols and technologies dominate global networking – but its relevance may be challenged by the increasing amount of traffic carried on private networks run by Big Tech, or rules imposed by governments.

< <https://www.theregister.com/2021/12/09/study_on_the_internets_technical_success_factors/> https://www.theregister.com/2021/12/09/study_on_the_internets_technical_success_factors/>

 

Blockchain Underdogs Set Sight On Changing Internet Infrastructure

The internet is an essential commodity that is evolving and reshaping faster than anybody’s estimation. From desktop to desktop communication of the Web 1.0 era –when it was all about decentralized and community managed— the internet evolved into a more centralized infrastructure in the web 2.0 era, managed and controlled by big corporations like Google —Alphabet Inc — Meta Platforms Inc, Amazon Inc and Microsoft Corporation.

< <https://www.entrepreneur.com/article/401039> https://www.entrepreneur.com/article/401039>

 

Introducing the 2022 Action Plan: A Healthy Internet for Future Generations

With every passing year, the Internet evolves and grows, reaching farther corners of the world and helping communities connect with each other. But that growth is not to be taken for granted. This global technical infrastructure—which has transformed so many layers of society—cannot be sustained without a global community fighting to strengthen it, protect it, and make it accessible to all.

< <https://www.internetsociety.org/blog/2021/12/introducing-the-2022-action-plan-a-healthy-internet-for-future-generations/> https://www.internetsociety.org/blog/2021/12/introducing-the-2022-action-plan-a-healthy-internet-for-future-generations/>

 

Action Plan 2022: A Healthy Internet for Future Generations

Three decades ago, it was an ordinary object you’d find in a kitchen: a wok. But through ingenuity and the desire to make the world a better place, it was repurposed as a Wi-Fi antenna, making Internet access possible for those hardest to reach. There is no doubt about it: The Internet has unleashed human creativity, determination, and innovation—and since the Internet Society’s founding 30 years ago, people have applied these qualities to address the world’s biggest challenges. The Internet needs these people.

< <https://www.internetsociety.org/action-plan/2022/> https://www.internetsociety.org/action-plan/2022/>

 

Uniting the Internet at IGF 2021

The 16th annual Internet Governence Forum will be hosted this week by the Government of Poland in Katowice, from 6 to 10 December 2021, under the theme of ‘Internet United’.

< <https://www.internetsociety.org/blog/2021/12/uniting-the-internet-at-igf-2021/> https://www.internetsociety.org/blog/2021/12/uniting-the-internet-at-igf-2021/>

 

Why Chinese web addresses often use a string of numbers - non-Roman writing systems are still not widely accepted on the internet [AFP]

When website addresses using writing systems like Chinese and Arabic were introduced back in 2009, it was hailed as a step that would transform the internet.

< <https://www.scmp.com/lifestyle/arts-culture/article/3159222/why-chinese-web-addresses-often-use-string-numbers-non-roman> https://www.scmp.com/lifestyle/arts-culture/article/3159222/why-chinese-web-addresses-often-use-string-numbers-non-roman>

< <https://news.yahoo.com/internet-guardians-want-break-webs-023041876.html> https://news.yahoo.com/internet-guardians-want-break-webs-023041876.html>

 

The space between IPv6 allocations: part 1

IPv6 was mainly introduced as an alternative to IPv4 for one simple reason: IPv4 addresses were running out. But how large is the world of IPv6 when compared to IPv4? How big is the space to expand into? In today’s post, we’ll make some comparisons between the IPv4 and IPv6 spaces and look at how APNIC divides those address spaces to delegate them to Members.

< <https://blog.apnic.net/2021/12/10/the-space-between-ipv6-allocations-part-1/> https://blog.apnic.net/2021/12/10/the-space-between-ipv6-allocations-part-1/>

 

Akamai shows support is key to growing IPv6

The Internet is what it is today thanks largely to the support of millions of individuals and organizations; support that has often been provided altruistically to make the Internet better, and not for recognition.

< <https://blog.apnic.net/2021/12/10/akamai-shows-support-is-key-to-growing-ipv6/> https://blog.apnic.net/2021/12/10/akamai-shows-support-is-key-to-growing-ipv6/>

 

Improving the resiliency of RPKI Relying Party software

The Resource Public Key Infrastructure (RPKI) allows holders of Internet number resources (INRs) to make verifiable statements about their resources. In its current form, it allows the holder of a prefix to make Route Origin Authorizations (ROAs), that tells others which Autonomous System Number (ASN) is authorized to act as the origin for a prefix. The RPKI can be roughly divided into three parts:

< <https://blog.apnic.net/2021/12/09/improving-the-resiliency-of-rpki-relying-party-software/> https://blog.apnic.net/2021/12/09/improving-the-resiliency-of-rpki-relying-party-software/>

 

Internet’s technical success factors revealed

Earlier this year, APNIC partnered with LACNIC to produce a report about the Internet’s technical success factors. The study has been completed by Analysys Mason (after an evaluation process of 14 proposals) and is available here and here.

< <https://blog.apnic.net/2021/12/08/internets-technical-success-factors-revealed/> https://blog.apnic.net/2021/12/08/internets-technical-success-factors-revealed/>

 

Notes from DNS-OARC 36

It’s conference and workshop season right now, and November has been unusually busy this year. At the end of the month was the DNS Operations and Research meeting, DNS-OARC 36. These are my notes from those presentations at the meeting that I found to be of interest.

< <https://www.potaroo.net/ispcol/2021-12/oarc36.html> https://www.potaroo.net/ispcol/2021-12/oarc36.html>

< <https://blog.apnic.net/2021/12/07/notes-from-dns-oarc-36/> https://blog.apnic.net/2021/12/07/notes-from-dns-oarc-36/>

 

Event Wrap: RIPE 83

The event welcomed 1,126 registered participants, including 240 newcomers. The five-day RIPE 83 meeting included workshops, plenary, and working group (WG) sessions on topics relating to IPv6, routing, and the DNS.

< <https://blog.apnic.net/2021/12/07/event-wrap-ripe-83/> https://blog.apnic.net/2021/12/07/event-wrap-ripe-83/>

 

The Future of 5G: Not There Yet, But Getting Closer, Officials Say

For several years now, the telecommunications industry has been promoting 5G and its immense potential to turbocharge business and citizen activities. During the Nextgov 5G Futures virtual conference on Dec. 2, a couple of experts discussed where 5G technology is today and unresolved issues it raises in the national security arena.

< <https://www.nextgov.com/cio-briefing/2021/12/future-5g-not-there-yet-getting-closer-officials-say/187297/> https://www.nextgov.com/cio-briefing/2021/12/future-5g-not-there-yet-getting-closer-officials-say/187297/>

 

Crypto, MCX, Web3, 6G: 2022 Will Not Be Dull by Any Means Featured

Dusting off the crystal ball is not getting any easier for each coming year. On the contrary, getting a clear picture out of it is becoming more challenging every year. We live in times when distortion - err, trends - are abundant and persistent, some short-lived, such as SIP-based peer-to-peer networks, and some lasting a lifetime, fluctuating in and out of the background, such as the work on intelligent transportation systems. Many trends remain such for a long time, only increasing in intensity - can such "trends" be called "permanent?"

< <https://www.thefastmode.com/expert-opinion/21726-long-term-and-new-technology-trends-in-2022-will-not-be-dull> https://www.thefastmode.com/expert-opinion/21726-long-term-and-new-technology-trends-in-2022-will-not-be-dull>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home