[Newsclips] IETF SYN-ACK Newspack 2021-02-01

[David Goldstein <david@goldsteinreport.com>]

The IETF SYNACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

New Chair hopes to bring more implementers to the IETF

With Cisco engineer Alissa Cooper having decided not to run for another term as IETF Chair, the NomCom just has announced that Lars Eggert will be her successor. Eggert is a German living in Finland, working for US-based storage solution provider NetApp. But what will he bring to the table?

< <https://www.centr.org/news/news/new-ietf-chair.html> https://www.centr.org/news/news/new-ietf-chair.html>

 

IETF Year in Review for 2020 by ICANN Office of the Chief Technology Officer, Paul Hoffman

< <https://www.icann.org/en/system/files/files/octo-022-21jan21-en.pdf> https://www.icann.org/en/system/files/files/octo-022-21jan21-en.pdf>

 

Get ready for the death of the global internet. It won’t be pretty

The technologies and standards that underpin communication around the world are, for the most part, global and interoperable. From the microprocessor architectures that power everything we do, to the standards set by bodies such as the Internet Engineering Task Force, which oversees the way the internet works, and 3GPP, which has a similar role for mobile communications, we have developed an inexorable tendency to commonality.

< <https://www.wired.co.uk/article/internet-balkanisation-ian-levy> https://www.wired.co.uk/article/internet-balkanisation-ian-levy>

 

Open Internet, open standards and why they matter by Patrik Fältström

... Unfortunately we are still going in the wrong direction. We see more and more silos being created. One interesting example here is calendaring and calendar objects. In the IETF we ultimately decided on a common syntax for the calendar object that could then be transported by email. This is why we can invite each other to meetings. But, in these discussions, there were many companies working with calendar software that didn’t want a common standard because of the commercial lure of selling both the server and the client side. They were hoping they could create a silo of calendar servers and clients they could sell. So from a market economy perspective silos are still attractive for companies and we see that today with all the systems moving into the cloud.

< <https://blog.apnic.net/2021/01/26/open-internet-open-standards-and-why-they-matter/> https://blog.apnic.net/2021/01/26/open-internet-open-standards-and-why-they-matter/>

 

Information Protection for the Domain Name System: Encryption and Minimization by Dr. Burt Kaliski Jr. Senior VP and Chief Technology Officer at Verisign

In previous posts in this series, I've discussed a number of applications of cryptography to the DNS, many of them related to the DNSSEC. ... In 2014, the Internet Engineering Task Force (IETF) chartered the DNS PRIVate Exchange (dprive) working group to start work on encrypting DNS queries and responses exchanged between clients and resolvers.

< <https://blog.verisign.com/security/information-protection-for-the-domain-name-system-encryption-and-minimization/> https://blog.verisign.com/security/information-protection-for-the-domain-name-system-encryption-and-minimization/>

< <http://www.circleid.com/posts/20210127-information-protection-for-the-dns-encryption-and-minimization/> http://www.circleid.com/posts/20210127-information-protection-for-the-dns-encryption-and-minimization/>

 

Andy Malis co-authors two RFCs on Deterministic Networking

Interisle partner Andy Malis participates in IETF's Deterministic Networking (DetNet) project, which focuses on deterministic data paths providing bounds on latency, loss, jitter, and high reliability. DetNet is publishing a set of RFCs on this topic, with Andy as co-author on some. Recently published include RFC 8938: Deterministic Networking (DetNet) Data Plane Framework and RFC 8964: Deterministic Networking (DetNet) Data Plane: MPLS.

< <https://www.rfc-editor.org/rfc/rfc8938.html> https://www.rfc-editor.org/rfc/rfc8938.html>

< <https://www.rfc-editor.org/rfc/rfc8964.html> https://www.rfc-editor.org/rfc/rfc8964.html>

 

Interisle welcomes new Partner Andy Malis

Andy Malis, a well-known and widely respected contributor to the development of telecommunications technology and the Internet for over 40 years, joins Interisle as a Partner. He brings to Interisle extensive experience in networking protocol architecture and evolution, product architecture and strategic planning, service provider network planning, and technology transfer, and a strong reputation for leadership in international standardization bodies (including the IETF, Broadband Forum, ITU-T,and Open Networking Foundation), standards authorship, and chairing and speaking roles at conferences and other industry events. Andy is the author or co-author of more than 40 IETF RFCs and Internet drafts, and currently co-chairs the IETF's Pseudowire And LDP-enabled Services (PALS) working group. Andrew Malis has been active in networking and telecommunications since the 1970s, including working on the ARPANET, the predecessor to today's Internet. He currently specializes in network and telecom product architecture, implementation, and future evolution; Internet, networking, and telecom standards development; and SDN, NFV, IP, MPLS, Ethernet, and many other telecom and data networking protocols. He has written and contributed to many telecom standards, including over forty IETF RFCs, has spoken and chaired at numerous industry conferences, holds multiple patents, published articles in industry journals, and is an ongoing member of the technical program committee for several telecommunications-related conferences. 

< <http://www.interisle.net/sub/andy_malis.html> http://www.interisle.net/sub/andy_malis.html>

 

Discussing the future of RPKI

A recent discussion hosted by the RIPE NCC highlighted a number of key trends affecting the future of Resource Public Key Infrastructure (RPKI). The event, which drew around 90 participants worldwide, is worth watching as it reveals progress on Border Gateway Protocol (BGP) origination, convergence in routing systems, and difficulties in securing the BGP. ... A final note, discussed in the web session, is the applicability of the APNIC Resource Tagged Attestation (RTA) initiative, which is re-entering the IETF standards process, after APNIC helped NLNet with funding for an implementation inside the 'Krill' system.

< <https://blog.apnic.net/2021/01/29/discussing-the-future-of-rpki/> https://blog.apnic.net/2021/01/29/discussing-the-future-of-rpki/>

< <https://www.publicnow.com/view/7DDDB78F6C7B4BA8645F652012E6A231D9A5CCAA> https://www.publicnow.com/view/7DDDB78F6C7B4BA8645F652012E6A231D9A5CCAA>

 

Ministry drafts National Cyber Security Policy 2021

The Ministry of Information Technology and Telecommunication has drafted National Cyber Security Policy 2021, with guiding principle regard a cyber-attack on Pakistan as an act of aggression against national sovereignty and will defend itself with appropriate response measures and will act in accordance with national and international laws and expect reciprocal respect of our national digital sovereignty. ... The Central Entity will also undertake specific actions which including but not limited to the following: working with ISPs and telecom operators to block malware attacks, by restricting access to specific domains or websites that are known sources of malware (known as DNS blocking/filtering), preventing email phishing and spoofing activity on public networks, promoting security best practice through internet governance organisations; such as ICANN, the IETF, RIPE and UN IGF etc; Work with international law enforcement channels to protect Pakistan citizens from cyber-attacks from unprotected infrastructure overseas; Work towards implementation of controls to secure the routing of internet traffic for government departments to avoid illegitimately re-routed by malicious actors; Investing in capabilities enhancement programs of law enforcement agencies (LEAs) and concerned ministries/divisions to enable them for response against state-sponsored and criminal cyber activities targeting Pakistan networks and systems.

< <https://www.brecorder.com/news/40057558/ministry-drafts-national-cyber-security-policy-2021> https://www.brecorder.com/news/40057558/ministry-drafts-national-cyber-security-policy-2021>

< <https://propakistani.pk/2021/01/28/it-ministry-issues-draft-of-national-cyber-security-policy-2021/> https://propakistani.pk/2021/01/28/it-ministry-issues-draft-of-national-cyber-security-policy-2021/>

 

The W3C and IETF make WebRTC an official standard

Web Real-Time Communications (WebRTC) is now an official World Wide Web Consortium (W3C) and Internet Engineering Task Force (IETF) standard. WebRTC is a platform that provides real-time communication and collaboration services such as audio and video calling to browsers, mobile apps, and desktop apps. According to the organizations, this is especially important as the COVID-19 pandemic continues and businesses remain remote.

< <https://sdtimes.com/softwaredev/the-w3c-and-ietf-make-webrtc-an-official-standard/> https://sdtimes.com/softwaredev/the-w3c-and-ietf-make-webrtc-an-official-standard/>

 

WebRTC becomes an official W3C and IETF standard

The World Wide Web Consortium (W3C) and the Internet Engineering Task Force (IETF) have announced that Web Real-Time Communications (WebRTC) is now an official web standard enabling audio and video communication anywhere on the web. While it has only just become a standard, it has been supported by popular web browsers for years.

< <https://www.neowin.net/news/webrtc-becomes-an-official-w3c-and-ietf-standard/> https://www.neowin.net/news/webrtc-becomes-an-official-w3c-and-ietf-standard/>

 

Knowing The Importance of IPv4 Address Leasing

... In 1994, the Internet Engineering Task Force (IETF), knowing there was a looming IPv4 tending to issue, started the advancement of another Internet Protocol rendition, IPv6. While the 32-cycle tending to IPv4 accommodates ~4.3 B addresses, IPv6’s 128-bits gives ~340 undecillion (for example 340 trillion, trillion, trillion or 3.4 x 1038) exceptional locations. The sheer size of this number is practically unimaginable. 

< <https://irnpost.com/knowing-the-importance-of-ipv4-address-leasing/> https://irnpost.com/knowing-the-importance-of-ipv4-address-leasing/>

 

Distinguishing Among DNS Services Part 3: Investment and Innovation

... Another is multi-provider DNS, an area for which Akamai recently contributed an innovation to the industry that promises to make the use of multiple DNS providers more efficient, as well as more secure, particularly with regard to managing CNAMEs at the zone apex. A new IETF standard called “Service binding and parameter specification via the DNS (DNS SVCB and HTTPS RRs),” which was co-authored by engineers from Akamai and Google, is designed to help customers optimize multi-provider DNS workflows. Our blog on that topic offers further detail, as well as other ways the service binding standard promises to benefit customers.

< <https://securityboulevard.com/2021/01/distinguishing-among-dns-services-part-3-investment-and-innovation/> https://securityboulevard.com/2021/01/distinguishing-among-dns-services-part-3-investment-and-innovation/>

 

BGP: What is border gateway protocol, and how does it work?

... The definition of BGP from the IETF states that its primary function “is to exchange network reachability information with other BGP systems.” When it’s working smoothly, BGP makes these separate systems work in harmony to create the internet.

< <https://www.networkworld.com/article/3605109/bgp-what-is-border-gateway-protocol-and-how-does-it-work.html> https://www.networkworld.com/article/3605109/bgp-what-is-border-gateway-protocol-and-how-does-it-work.html>

 

New Momentum for IPv6 Deployment

... IPv6 was created in 1998 by the Internet Engineering Task Force (IETF) in response to the exhaustion of IP addresses available under IPv4. IPv4 was introduced in 1982 and employs a 32-bit address system to produce 4.29 billion unique IP addresses in the familiar 192.168.17.15 format.

< <https://www.enterprisenetworkingplanet.com/netsp/new-momentum-for-ipv6-deployment.html> https://www.enterprisenetworkingplanet.com/netsp/new-momentum-for-ipv6-deployment.html>

 

Sectigo Digital Identity Management Innovations Earn Acclaim from Frost & Sullivan

Sectigo Award LogoBased on its recent analysis of the global transport layer security (TLS) certificates market, Frost & Sullivan recognizes Sectigo®, a leading provider of automated digital identity management and web security solutions, with the 2020 Global Competitive Strategy Leadership Award for its public key infrastructure (PKI) portfolio. Sectigo offers a frictionless TLS management experience with its easy-to-use management platform, enabling enterprise IT teams to discover, issue, manage, and install certificates seamlessly. The platform leverages automation using IETF standards and open source to provide a single platform to manage PKI for public and private TLS certificates.

< <https://ww2.frost.com/news/press-releases/sectigo-digital-identity-management-innovations-earn-acclaim-from-frost-sullivan/> https://ww2.frost.com/news/press-releases/sectigo-digital-identity-management-innovations-earn-acclaim-from-frost-sullivan/>

 

iX-Workshop: E-Mail mit DANE und DNSSEC absichern [iX Workshop: Secure e-mail with DANE and DNSSEC]

In dem interaktiven iX-Onlinekurs DNSSEC in der Praxis vermitteln die Unix-, Mail- und DNS-Experten Patrick Ben Koetter und Carsten Strotmann kompakt an einem Tag die Grundlagen von DNSSEC, TLS/SSL-Transportverschlüsselung und DANE. In praktischen Übungen lernen Admins und Sicherheitsbeauftragte, wie man DNSSEC und DANE mit dem Nameserver bind9 und dem Mailserver postfix implementiert. DANE (DNS-based Authentication of Named Entities) ist ein von der IETF standardisiertes Protokoll, das über die DNS-Sicherheitserweiterung DNSSEC die Identität von Mailservern sicherstellt.

< <https://www.heise.de/news/iX-Workshop-E-Mail-mit-DANE-und-DNSSEC-absichern-5027880.html> https://www.heise.de/news/iX-Workshop-E-Mail-mit-DANE-und-DNSSEC-absichern-5027880.html>

 

Reporte sobre IETF 109 [Report on IETF 109]

< <https://lactld.org/wp-content/uploads/2021/01/202011-Informe-IETF-109-ES.pdf> https://lactld.org/wp-content/uploads/2021/01/202011-Informe-IETF-109-ES.pdf>

 

WebDav: Qué es, para qué sirve y cómo configurarlo [WebDav: What it is, what it's for and how to set it up]

El protocolo WebDAV (Web-based Distributed Authoring and Versioning) está desarrollado por la IETF, es un protocolo que se encarga de permitirnos de forma sencilla guardar, editar, copiar, mover y compartir archivos desde servidores web.

< <https://www.redeszone.net/tutoriales/internet/webdav-que-es-configuracion/> https://www.redeszone.net/tutoriales/internet/webdav-que-es-configuracion/>

 

Messagerie instantanée : ce n’est pas une question d’applications [Instant messaging: it's not about apps]

Article publié par Edward Maurer sur le blog de la « XMPP Standards Foundation » (XSF), la fondation qui fait évoluer le protocole de messagerie instantanée de l’IETF.

< <https://linuxfr.org/news/messagerie-instantanee-ce-n-est-pas-une-question-d-applications> https://linuxfr.org/news/messagerie-instantanee-ce-n-est-pas-une-question-d-applications>

 

QUIC : le protocole de Google rend-il le web moins sûr ? [QUIC: Does Google's protocol make the web less secure?]

... Le premier de ces protocoles est désormais bien implanté. La majorité des sites web l’ont adopté (environ 70 % selon W3Techs, 80 % selon Let’s Encrypt…). Le second commence à peine à s’installer (5 %). Il faut dire qu’il est plus jeune. Son développement avait débuté en 2012 sous l’impulsion de Google. Le groupe américain en pousse actuellement la standardisation auprès de l’IETF. Il a franchi un cap l’an dernier en l’activant par défaut – à la place de HTTPS – dans son navigateur Chrome.

< <https://www.silicon.fr/quic-protocole-google-web-moins-sur-360448.html> https://www.silicon.fr/quic-protocole-google-web-moins-sur-360448.html>

 

Configura OpenPGP en Thunberbird y envía emails cifrados [Set up OpenPGP on Thunberbird and send encrypted emails]

El protocolo PGP (Pretty Good Privacy) es un programa desarrollado por Phil Zimmermann para proteger la información distribuida a través de Internet, haciendo uso de la criptografía de clave pública, ya sea usando RSA o EC, para facilitar el cifrado de datos y también la autenticación de la información gracias a las firmas digitales. OpenPGP es el estándar de cifrado de correo más utilizado en todo el mundo, está definido por le IETF como un estándar, OpenPGP es una derivación del PGP original.

< <https://www.redeszone.net/tutoriales/seguridad/configurar-openpgp-thunberbird-emails-cifrados/> https://www.redeszone.net/tutoriales/seguridad/configurar-openpgp-thunberbird-emails-cifrados/>

 

Firefox 85 llega diciendo adiós a Flash y con diversas mejoras [Firefox 85 arrives saying goodbye to Flash and with various improvements]

... En lugar del mecanismo ESNI (Indicación de nombre de servidor cifrado) para cifrar información sobre los parámetros de las sesiones TLS, como el nombre de dominio solicitado, se ha implementado el soporte para la especificación ECH (Cliente cifrado Hello), que continúa el desarrollo de ESNI y es en la etapa de borrador afirmando ser un estándar IETF.

< <https://blog.desdelinux.net/firefox-85-llega-diciendo-adios-a-flash-y-con-diversas-mejoras/> https://blog.desdelinux.net/firefox-85-llega-diciendo-adios-a-flash-y-con-diversas-mejoras/>

 

Echtzeitkommunikation: WebRTC ist offizieller Standard bei W3C und IETF [Real-time communication: WebRTC is the official standard for W3C and IETF]

Das Word Wide Web Consortium (W3C) und die Internet Engineering Task Force (IETF) haben in einer gemeinsamen Erklärung WebRTC zum Standard erhoben. Das Kürzel steht für Web Real-Time Communications, und die Umsetzung besteht aus JavaScript-APIs und einer Reihe von Kommunikationsprotokollen. Die Technik ermöglicht die Echtzeitommunikation zwischen Clients im Web.

< <https://www.heise.de/news/Echtzeitkommunikation-WebRTC-ist-offizieller-Standard-bei-W3C-und-IETF-5037419.html> https://www.heise.de/news/Echtzeitkommunikation-WebRTC-ist-offizieller-Standard-bei-W3C-und-IETF-5037419.html>

 

W3C erklärt WebRTC zum offiziellen Web-Standard [W3C declares WebRTC the official web standard]

WebRTC ist eine Technologie, die typischerweise für die Videotelefonie zum Einsatz kommt. Das World Wid Web Consortium und die Internet Engineering Task Force haben die Plattform jetzt zum offiziellen Standard erklärt. Vor allem in Zeiten von Homeoffice und Social Distancing zunehmend wichtig, haben das W3C und die IETF die Kommunikationstechnologie hinter Jitsi, Google, Facebook, Ring Central oder Cisco jetzt zum Standard erklärt. Die Abkürzung WebRTC steht für Web Realtime Communication und ist eine Vereinbarung über die technischen Eckdaten von zum Beispiel Sprach- und Videotelefonie über das Internet. Auch Google Stadia oder Nvidia Geforce Now nutzen WebRTC – um Spiele ohne wahrnehmbare Verzögerung aus der Cloud in den Browser zu bringen.

< <https://t3n.de/news/w3c-erklaert-webrtc-offiziellen-1352633/> https://t3n.de/news/w3c-erklaert-webrtc-offiziellen-1352633/>

 

WebRTC est désormais un standard du W3C et de l’IETF [WebRTC is now a standard for W3C and IETF]

« WebRTC, composé d'une API JavaScript pour les communications Web en temps réel et d'une suite de protocoles de communication, permet à tout appareil connecté, sur n'importe quel réseau, d'être un terminal de communication potentiel sur le Web », explique le World Wide Web Consortium (W3C).

< <https://www.nextinpact.com/lebrief/45770/webrtc-est-desormais-standard-w3c-et-lietf> https://www.nextinpact.com/lebrief/45770/webrtc-est-desormais-standard-w3c-et-lietf>

 

W3C le dio a WebRTC el estado de estándar [W3C gave WebRTC the standard status ]

... Al mismo tiempo, el comité IETF, que se dedica al desarrollo de protocolos y arquitectura de Internet, publicó 11 RFC (8825-8835, 8854) que describen la arquitectura, los elementos del protocolo, los modos de transporte y los mecanismos de corrección de erroresutilizado en WebRTC. Estos RFC ahora tienen el estado de «Estándar propuesto».

< <https://blog.desdelinux.net/w3c-le-dio-a-webrtc-el-estado-de-estandar/> https://blog.desdelinux.net/w3c-le-dio-a-webrtc-el-estado-de-estandar/>

 

İnternet İçin Tarihi Karar: WebRTC Resmi W3C ve IETF Standardı Oldu [Historic Decision for the Internet: WebRTC Official W3C and IETF Standard]

World Wide Web Konsorsiyumu (W3C) ve İnternet Mühendisliği Görev Gücü (IETF), Web Gerçek Zamanlı İletişimin (WebRTC) artık web üzerinde herhangi bir yerde sesli ve görüntülü iletişim sağlayan resmi bir web standardı olduğunu duyurdu. Böylece internet için tarihi bir karar daha imza atılmış oluyor.

< <https://www.chip.com.tr/haber/internet-icin-tarihi-karar-webrtc-resmi-w3c-ve-ietf-standardi-oldu_92874.html> https://www.chip.com.tr/haber/internet-icin-tarihi-karar-webrtc-resmi-w3c-ve-ietf-standardi-oldu_92874.html>

 

WebRTC έγινε ένα επίσημο web πρότυπο [WebRTC became an official web template]

Η World Wide Web Consortium (W3C) και η Internet Engineering Task Force (IETF) ανακοίνωσαν ότι το Web Real-Time Communications (WebRTC) είναι πλέον ένα επίσημο web πρότυπο που επιτρέπει την επικοινωνία ήχου και βίντεο.

< <https://iguru.gr/2021/01/28/webrtc-egine-ena-episimo-web-protypo/> https://iguru.gr/2021/01/28/webrtc-egine-ena-episimo-web-protypo/>

 

WebRTCの標準規格入りを標準化団体のW3CとIETFが宣言 [Standardization bodies W3C and IETF declare WebRTC standards]

標準化団体大手のWorld Wide Web Consortium(W3C)とInternet Engineering Task Force(IETF)が、ブラウザやアプリケーションにシンプルなAPI経由でリアルタイム通信を提供するオープンソーステクノロジー「WebRTC」が標準規格になったと発表しました。

< <https://gigazine.net/news/20210128-webrtc-w3c-ietf-standard/> https://gigazine.net/news/20210128-webrtc-w3c-ietf-standard/>

 

W3C与IETF宣布WebRTC已正式成为一项Web通讯技术标准 [W3C and IETF announce that WebRTC has officially become a Web communication technology standard]

经过多年发展，WebRTC 已获得诸多流行 Web 浏览器的支持。最细消息是，万维网联盟（W3C）和互联网工程任务组（IETF）刚刚宣布：基于 Web 的实时通讯技术（简称 WebRTC），已经正式成为 Web 领域的一项音视频传输标准。从技术层面上来说，该框架允许开发者轻松地将音视频聊天功能添加到各自的项目中。

< <https://www.cnbeta.com/articles/tech/1083183.htm> https://www.cnbeta.com/articles/tech/1083183.htm>

 

WebRTC現在已經成為W3C和IETF的標準 [WebRTC is now the standard for W3C and IETF]

W3C和IETF兩大標準制定組織，宣布WebRTC（Web Real-Time Communications，WebRTC）已經成為官方標準，可在網頁平臺良好地支援聲音及影像通訊。

< <https://www.ithome.com.tw/news/142505> https://www.ithome.com.tw/news/142505>

 

WebRTC 成为 W3C 与 IETF 正式标准 [WebRTC becomes the official standard for W3C and IETF]

2021年1月26日消息：万维网联盟（W3C）和互联网工程任务组（IETF）同时宣布赋能无数服务的 Web 实时通信（Web Real-Time Communications，简称 WebRTC）现发布为正式标准，将音视频通信带到 Web 上任何地方。

< <http://www.ctiforum.com/news/guonei/582869.html> http://www.ctiforum.com/news/guonei/582869.html>

 

驳牟承晋的“TCP/IP是互联网安全危害根源说”丨兼论互联网安全问题解决之道 ["TCP/IP is the root cause of Internet security hazards" and discuss the solution to Internet security problems]

... "We reject kings, presidents and voting. We believe in rough consensus and running code. （我们拒绝国王、主席和投票。我们相信共识和运行的代码。）"是互联网国际标准组织IETF（国际互联网工程任务组The Internet Engineering Task Force）的工作原则。

< <https://www.edu.cn/xxh/zt/tj/202101/t20210128_2073159.shtml> https://www.edu.cn/xxh/zt/tj/202101/t20210128_2073159.shtml>

 

資安一周第130期：廣泛運用的開源軟體Dnsmasq修補7項漏洞，國內焦點是數位身分證eID確定暫停換發 [The 130th issue of the week: widely used open source software Dnsmasq patched 7 vulnerabilities, the domestic focus is the digital ID eID to determine the suspension of the exchange]

... 其實，自2018年IETF發布TLS 1.3版，並公布TLS 1.0與1.1的退場草案，現在（2021年）僅有較低比例還沒升級支援TLS 1.2與1.3。而NSA之所以發出安全指引，是因為他們觀察到，有惡意掃描舊版TLS協定的情況，也有情報顯示，有國家級駭客組織已具備攻擊舊版TLS加密連線的能力，特別是在NSA內部分析中，他們發現仍有政府單位使用舊版TLS。更多內容

< <https://www.ithome.com.tw/news/142443> https://www.ithome.com.tw/news/142443>

 

为什么要编制国家文化大数据标准体系？ [Why prepare a national cultural big data standard system?]

... 在文化方面，《标准体系》主要完成了与文物保护（WW）、新闻出版（CY）、广播电影电视（GY+DY）、文化（WH）、档案（DA）、旅游（LB）等领域标准及其标准体系的衔接；在IT和数据技术方面，主要完成了与通信（YD）、电子信息（SJ）等领域标准及其标准体系的衔接；在文化体验设施方面，主要完成了与建筑行业（JG、JC、CJ）领域标准及其标准体系的衔接。在国际标准化方面，主要与ISO/IEC JTC1、ITU-T、IETF等相关组织的信息技术、数据资源编码等标准及其体系实现了有机衔接。

< <http://www.ce.cn/culture/gd/202101/27/t20210127_36263982.shtml> http://www.ce.cn/culture/gd/202101/27/t20210127_36263982.shtml>

 

寻找互联网初心——全球互联网先驱同话“互联网50年” [Looking for the First Heart of the Internet - 50 Years of the Internet for Global Internet Pioneers]

... 1995年时我们可以跟欧洲相连了，是三个连接，刚好赶得上IETF的年会，非常成功的一个网络连接项目。澳联邦是非常有趣的例子，苏联解体之后，俄罗斯当时很穷，为了防止他们叛逃到黑暗世界，就开始资助这些科学家，通过科学基金资助俄罗斯的科学家，其中一个要求就是要连接互联网，让他们连到NSF上，后来NSF成为一个全球的网络。这跟NSF的项目一起完成的，大概1992年开始。蒙古是另外一件有趣的事情，美国驻蒙古大使当时想建立一些互联网连接，帮助经济的发展，同时美国的科学家也希望把互联网推广到蒙古，做地震分析、医学分析。当时它是一个在地震台所提供的连接。当时非常便宜的连接方案，就连上了蒙古，现在蒙古依然联结在NSF上。

< <http://www.edu.cn/xxh/zt/tj/202101/t20210129_2073672.shtml> http://www.edu.cn/xxh/zt/tj/202101/t20210129_2073672.shtml>

 

“끊임없이 새로운 것을 배우는 과학자” ["Scientists constantly learning new things"]

... 프라운호퍼 HHI는 모바일 광대역 통신, 광통신망 기술, 멀티미디어 분야에서 세계 최고의 기술력을 자랑하는 연구소이며, 특히 비디오 코딩 분야에서 MPEG, ITU-T VCEG, DVB 및 IETF 등의 국제표준화를 선도하고 있다. 따라서 지금 모바일 장치에서 비디오 코덱을 사용하는 대부분의 회사는 프라운호퍼 HHI에 라이선스 비용을 지불하고 있다고 생각하면 된다. 삼성, LG, 샤오미와 같은 회사들이 가장 큰 고객사 중 하나다.

< <https://www.sciencetimes.co.kr/news/끊임없이-새로운-것을-배우는-과학자/> https://www.sciencetimes.co.kr/news/끊임없이-새로운-것을-배우는-과학자/>

 

**********************

SECURITY & PRIVACY

**********************

CERT/CC and CISA Report Multiple Vulnerabilities in Dnsmasq

CISA and the CERT Coordination Center (CERT/CC) are aware of multiple vulnerabilities affecting Dnsmasq version 2.82 and prior. Dnsmasq is a widely-used, open-source software that provides Domain Name Service forwarding and caching and is common in Internet-of-Things (IoT) and other embedded devices. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

< <https://www.hstoday.us/subject-matter-areas/cybersecurity/cert-cc-and-cisa-report-multiple-vulnerabilities-in-dnsmasq/> https://www.hstoday.us/subject-matter-areas/cybersecurity/cert-cc-and-cisa-report-multiple-vulnerabilities-in-dnsmasq/>

 

DNSpooq lets attackers poison DNS cache records

Security experts have disclosed today details about seven vulnerabilities impacting a popular DNS software package that is commonly deployed in networking equipment, such as routers and access points.

< <https://www.zdnet.com/article/dnspooq-lets-attackers-poison-dns-cache-records/> https://www.zdnet.com/article/dnspooq-lets-attackers-poison-dns-cache-records/>

< <https://cacm.acm.org/news/250096-dnspooq-lets-attackers-poison-dns-cache-records/fulltext> https://cacm.acm.org/news/250096-dnspooq-lets-attackers-poison-dns-cache-records/fulltext>

 

Second Security, Stability, and Resiliency (SSR2) Review Team Final Report

On 25 January 2021, the second Security, Stability, and Resiliency (SSR2) Review Team submitted its final report to the ICANN Board. This Public Comment proceeding aims to gather community input on the final report of the second Security, Stability, and Resiliency (SSR2) Review Team.

< <https://www.icann.org/public-comments/ssr2-final-report-2021-01-28-en> https://www.icann.org/public-comments/ssr2-final-report-2021-01-28-en>

 

**********************

AUTOMATED NETWORK MANAGEMENT

**********************

ETSI participates to IEEE Workshop on Autonomic/Autonomous Networking

The ETSI Working Group on the evolution of management toward Autonomic Future Internet (AFI) has been invited at the Systems Optimization Imperatives, Techniques, and Opportunities for Future Networks virtual workshop organized by IEEE on 21, 22 and 25 January.

< <https://www.etsi.org/newsroom/news/1873-2021-01-etsi-participates-to-ieee-workshop-on-autonomic-autonomous-networking> https://www.etsi.org/newsroom/news/1873-2021-01-etsi-participates-to-ieee-workshop-on-autonomic-autonomous-networking>

 

**********************

INTERNET OF THINGS

**********************

Renewed Hope for the Internet of Things

Jan 25, 2021It would be an understatement to say that the past four years in general, the past year in particular, and especially the two months since the United States' November 2020 elections have been a whirlwind. Many are looking to 2021 to usher in new hope for the morale-damaged country and, by extension, for the entire world. Given President Joe Biden's choices to head the Federal Communications Commission (FCC) and the National Telecommunications and Information Administration (NTIA), the outlook for the Internet of Things (IoT) sector may be looking a bit brighter.

< <https://www.rfidjournal.com/renewed-hope-for-the-internet-of-things> https://www.rfidjournal.com/renewed-hope-for-the-internet-of-things>

 

The Internet of Things – limited only by your imagination

The Internet of Things brings together many technologies: hardware, networking, security, system and application software. How all this interacts, and where the development is heading, will be the subject of discussion at the embedded world Conference 2021 DIGITAL.

< <https://www.elektroniknet.de/international/the-internet-of-things-limited-only-by-your-imagination.183033.html> https://www.elektroniknet.de/international/the-internet-of-things-limited-only-by-your-imagination.183033.html>

 

The Rising Tide of Security Threats in The Industrial Internet of Things

Throughout Cyber Security Awareness Month in October, many organizations shared their thoughts on the state of cybersecurity and reflected on the processes and steps that can improve it. However, the discussion largely focused on protecting end-users rather than building security into networks and devices from a systemic perspective. In addition, through its theme of “If You Connect It, Protect It,” however, Cybersecurity Awareness Month has also opened the door to conversations about IoT cybersecurity.

< <https://www.cyberdefensemagazine.com/the-rising-tide-of-security/> https://www.cyberdefensemagazine.com/the-rising-tide-of-security/>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

Effective routing design for remote entanglement generation on quantum networks

Abstract: Quantum network is a promising platform for many ground-breaking applications that lie beyond the capability of its classical counterparts. Efficient entanglement generation on quantum networks with relatively limited resources such as quantum memories is essential to fully realize the network’s capabilities, the solution to which calls for delicate network design and is currently at the primitive stage. In this study we propose an effective routing scheme to enable automatic responses for multiple requests of entanglement generation between source-terminal stations on a quantum lattice network with finite edge capacities.

< <https://www.nature.com/articles/s41534-020-00344-4> https://www.nature.com/articles/s41534-020-00344-4>

 

**********************

OTHERWISE NOTEWORTHY

**********************

ETSI launches new group on IPv6 Enhanced Innovation

In the 5G and cloud era, IPv6 will grow rapidly. Strengthening new generation IP network technologies based on IPv6 and its innovative technologies has become the common direction of the IP industry.

< <https://www.etsi.org/newsroom/news/1877-2021-01-etsi-launches-new-group-on-ipv6-enhanced-innovation> https://www.etsi.org/newsroom/news/1877-2021-01-etsi-launches-new-group-on-ipv6-enhanced-innovation>

 

ETSI Report Paves the Way for First World Standards in Securing Artificial Intelligence

The ETSI Securing Artificial Intelligence Industry Specification Group (SAI ISG) last month released its first Group Report, ETSI GR SAI 004, which gives an overview of the problem statement regarding the securing of AI. ETSI SAI is the first standardization initiative dedicated to securing AI.

< <https://www.etsi.org/newsroom/press-releases/1871-2021-01-etsi-report-paves-the-way-for-first-world-standards-in-securing-artificial-intelligence> https://www.etsi.org/newsroom/press-releases/1871-2021-01-etsi-report-paves-the-way-for-first-world-standards-in-securing-artificial-intelligence>

 

A Healthier Internet Is Possible

In a challenging year for the world, the internet helped us and harmed us like never before. With 2020 in the rearview, we combine research and stories about what can be done.

< <https://2020.internethealthreport.org/year-in-review/> https://2020.internethealthreport.org/year-in-review/>

 

Developing a common interface between transport and application layers

There is a better way to interface between the application and the transport layer that can be consistent across multiple transport protocols.

< <https://blog.apnic.net/2021/01/28/developing-a-common-interface-between-transport-and-application-layers/> https://blog.apnic.net/2021/01/28/developing-a-common-interface-between-transport-and-application-layers/>

 

Join our tech webinar on DNS over HTTPS: How to upgrade existing DNS Resolver

CENTR, the Council of European National Top-Level Domain Registries and eco, the Association of the Internet Industry are delighted to invite you to a joint public webinar on DNS over HTTPS.

< <https://www.centr.org/news/news/webinar-doh.html> https://www.centr.org/news/news/webinar-doh.html>

 

The Isolating Effects of Iran’s Proposed “National Internet”

While the United Nations has deemed government-orchestrated internet shutdowns to be a human rights violation, Iran continues to push the limits

< <https://www.cigionline.org/articles/isolating-effects-irans-proposed-national-internet> https://www.cigionline.org/articles/isolating-effects-irans-proposed-national-internet>

 

A Healthier Internet Is Possible

In a challenging year for the world, the internet helped us and harmed us like never before. With 2020 in the rearview, we combine research and stories about what can be done.

< <https://2020.internethealthreport.org/year-in-review/> https://2020.internethealthreport.org/year-in-review/>

 

Deglobalization, Inequality and Digital Concentration Among Key Trends Shaping the Global Economy in 2021, Say Leading Chief Economists

Accelerating inequality, remote work and greater tech market dominance are among the pandemic’s emerging trends that are likely here to stay for some years. Beyond managing the pandemic and vaccine rollout, these trends could shape a new era of fiscal, monetary and competition policy, as well as bigger government. Deglobalization is seen as the least likely of current trends to continue in the longer term; particularly as international coordination is key to resolving global challenges such as vaccine manufacturing and distribution. These are some of the findings of the World Economic Forum’s Chief Economists Outlook, published today.

< <https://www.weforum.org/press/2021/01/deglobalization-inequality-and-digital-concentration-among-key-trends-shaping-the-global-economy-in-2021-say-leading-chief-economists> https://www.weforum.org/press/2021/01/deglobalization-inequality-and-digital-concentration-among-key-trends-shaping-the-global-economy-in-2021-say-leading-chief-economists>

 

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home