[Newsclips] IETF SYN-ACK Newspack 2023-02-20

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Charles Eckel selected as new IETF liaison manager to 3GPP

Back in December, the IAB sent out a call for volunteers for a new IETF liaison manager to 3GPP. The IAB is pleased to announce that Charles Eckel has been selected as the new liaison manager to 3GPP.

< <https://www.iab.org/2023/02/16/charles-eckel-selected-as-new-ietf-liaison-manager-to-3gpp/> https://www.iab.org/2023/02/16/charles-eckel-selected-as-new-ietf-liaison-manager-to-3gpp/>

 

János Farkas selected as new IETF liaison manager to IEEE 802.1

Back in December, the IAB sent out a call for volunteers for a new IETF liaison manager to IEEE 802.1. The IAB is pleased to announce that János Farkas has been selected as the new liaison manager to IEEE 802.1.

< <https://www.iab.org/2023/02/16/janos-farkas-selected-as-new-ietf-liaison-manager-to-ieee-802-1/> https://www.iab.org/2023/02/16/janos-farkas-selected-as-new-ietf-liaison-manager-to-ieee-802-1/>

 

Sibyl: A framework for evaluating the implementation of routing protocols in fat-trees

Data centres are a critical part of the Internet infrastructure as they host a wide range of services, guaranteeing efficient deployment and low latencies. These features come with the cost of more complexity in the network, which typically translates to higher levels of node density and in a wide variety of heterogeneous technologies, protocols and implementations. ... Before starting we need to clarify some points: For describing a fat-tree, we adopt the terminology of the Routing In Fat-Trees (RIFT) protocol, currently under standardization at the IETF. You can find the most important definitions in Figure 1.

< <https://blog.apnic.net/2023/02/17/sibyl-a-framework-for-evaluating-the-implementation-of-routing-protocols-in-fat-trees/> https://blog.apnic.net/2023/02/17/sibyl-a-framework-for-evaluating-the-implementation-of-routing-protocols-in-fat-trees/>

 

Privacy standards in the metaverse: An end to the wild west days of innovation?

Over the past decade, a veritable flood of new developments in eXtended Reality (XR) technologies has created a new “Wild Wild West” of innovation. As the capabilities of emerging technologies far outstripped the ability of governments and key ecosystem players to impose rules in a timely manner, one might have reasonably wondered: when will the music stop? When will the well-dressed, slickly coiffed regulators and standards bodies push through the doors of the virtual saloon to bring regulatory order and standardization to the metaverse? ... From a standardization perspective, positioning capabilities of cellular networks have been a topic of study since at least 3GPP Release 9, with positioning and localization standards emerging as key features with the development and release of LTE and 5G technologies in Release 13 and onwards. In addition, ITU, IETF, and ISO have a series of standards related to spatial processes in the Internet of Things that affect the development of localization and mapping technologies in XR.

< <https://www.ericsson.com/en/blog/2023/2/privacy-standards-in-the-metaverse> https://www.ericsson.com/en/blog/2023/2/privacy-standards-in-the-metaverse>

 

New Standard To Bring Blockchain-Based Internet Closer

Quant, the blockchain for finance pioneer, is among the participants of the recently approved working group developing a new internet protocol which will make the transfer of digital assets more secure and DLT networks more interoperable. ​Alongside colleagues from MIT, IBM, EY and others, Quant put forward a charter that has led the IETF to form the Secure Asset Transfer Protocol (SATP) Working Group. The Working Group will develop the SATP, a new technical standard for the Internet.

< <https://mondovisione.com/media-and-resources/news/new-standard-to-bring-blockchain-based-internet-closer/> https://mondovisione.com/media-and-resources/news/new-standard-to-bring-blockchain-based-internet-closer/>

 

AT&T, Verizon, Lumen propose 'strike force' for Internet security

Three of the largest telecom network operators in the US – AT&T, Verizon and Lumen Technologies – teamed up to urge federal regulators to create a "strike force" that would focus on Internet protocol (IP) security. ... Finally, the companies also cautioned against security protocols that run against international telecommunications standards developed by standards bodies such as the IETF or the ITU.

< <https://www.lightreading.com/security/atandt-verizon-lumen-propose-strike-force-for-internet-security/d/d-id/783268> https://www.lightreading.com/security/atandt-verizon-lumen-propose-strike-force-for-internet-security/d/d-id/783268>

 

Are We Running Out Of IP Addresses?

... The fact of the matter is that we will not run out of IP addresses. Luckily for us, the IETF has been ahead of the curve and saw this shortage of IP addresses coming long ago. The IP addresses described earlier are known as IPv4 addresses. The IETF has developed a new system of addressing, also known as IPv6.

< <https://www.scienceabc.com/innovation/are-we-running-out-of-ip-addresses.html> https://www.scienceabc.com/innovation/are-we-running-out-of-ip-addresses.html>

 

ALEX OWITI: Will Blockchain be the “Messiah” Cyber security Saviour?

... Organizations need to be conscious that accessing their blockchain account from multiple devices puts them at a higher risk of losing control of their private keys. Considering this, its important entities follow suitable key management procedures (such as the IETF or RFC 4107 cryptographic key management guidelines)17 and develop secure key governance practices internally, since this will be fundamental to the security of the blockchain network.

< <https://techtrendske.co.ke/2023/02/17/will-blockchain-be-the-messiah-cyber-security-saviour/> https://techtrendske.co.ke/2023/02/17/will-blockchain-be-the-messiah-cyber-security-saviour/>

 

Web Push und Badging in iOS 16.4 Beta 1: Mega-Update für Progressive Web Apps [Web Push and Badging in iOS 16.4 Beta 1: Mega Update for Progressive Web Apps]

... Das Web-Push-Verfahren ist eine Kombination verschiedener Spezifikationen von W3C und IETF (Push API, Notifications API und HTTP Web Push), die es Entwicklern ermöglichen, Benachrichtigungen proaktiv an ihre Benutzer zu schicken. Die Information, etwa eine Instant Message oder ein Preisalarm, wird auf dem Endgerät in Form eines Notification-Banners dargestellt. Das API-Tandem wird seit vielen Jahren von Microsoft Edge, Google Chrome und Mozilla Firefox unterstützt.

< <https://www.heise.de/blog/Web-Push-und-Badging-in-iOS-16-4-Beta-1-Mega-Update-fuer-Progressive-Web-Apps-7518359.html> https://www.heise.de/blog/Web-Push-und-Badging-in-iOS-16-4-Beta-1-Mega-Update-fuer-Progressive-Web-Apps-7518359.html>

 

It’s all about domains… mit Keith Mitchell (DNS-OARC)

Das DNS ist ein fundamentaler Bestandteil des Internets. Und ein zentrales Element für die Verbindung zum Internet und der Bereitstellung von Daten. Informationsaustausch, operative Charakterisierung, Workshops, Analysen, Tools und Services sind nur einige der wichtigen Funktionen, die DNS-OARC bietet – ein Projekt von und für die DNS-Community. Keith Mitchell, unser heutiger Interviewgast, ist derzeit Leiter der Organisation DNS-OARC. ... ir veranstalten in der Regel zwei bis drei Workshops pro Jahr, und alle Folien und Videos sind auf einer extra dafür angelegten Online-Seite und auf unserem YouTube-Kanal verfügbar. Die OARC-Community möchte, dass wir bei großen Veranstaltungen der Internet-Branche wie RIPE, NANOG, IETF und ICANN mitwirken. Im Oktober 2022 haben wir zum Beispiel den OARC39-Workshop in Belgrad, Serbien, veranstaltet. Zu unseren Partnern gehörten RNIDS, die .rs ccTLD-Registry, der örtliche IXP SOX, der unser Meeting gehostet hat, und CENTR, die sich alle im Rahmen der RIPE85-Sitzung zusammenfanden. Wir hatten über 30 Präsentationen mit 120 Teilnehmer:innen.

< <https://www.internetx.com/news/its-all-about-domains-mit-keith-mitchell-dns-oarc/> https://www.internetx.com/news/its-all-about-domains-mit-keith-mitchell-dns-oarc/>

 

La Chine et la Russie préparent une nouvelle poussée pour un Internet contrôlé par l’État [China, Russia prepare new push for state-controlled internet]

... Le choix du lieu est essentiel, car jusqu’à présent, les protocoles Internet ont été décidés dans le cadre de l’IETF, un organisme piloté par l’industrie.

< <https://www.actusduweb.com/la-chine-et-la-russie-preparent-une-nouvelle-poussee-pour-un-internet-controle-par-letat-2/> https://www.actusduweb.com/la-chine-et-la-russie-preparent-une-nouvelle-poussee-pour-un-internet-controle-par-letat-2/>

 

Crittografia avanzata delle e-mail, i protocolli SSL e TLS: cosa sono, come funzionano e come usarli [Advanced email encryption, SSL and TLS protocols: what they are, how they work and how to use them]

... TLS o Transport Layer Security è il successore di SSL (Secure Sockets Layer). È un protocollo IETF che aiuta ad autenticare mittenti e destinatari di e-mail. Inoltre, consente anche di migliorare la privacy e l’integrità dei dati delle e-mail. TLS è uno dei protocolli più popolari utilizzati in diversi tipi di connessioni come:

< <https://www.cybersecurity360.it/soluzioni-aziendali/crittografia-avanzata-delle-e-mail-i-protocolli-ssl-e-tls-cosa-sono-come-funzionano-e-come-usarli/> https://www.cybersecurity360.it/soluzioni-aziendali/crittografia-avanzata-delle-e-mail-i-protocolli-ssl-e-tls-cosa-sono-come-funzionano-e-come-usarli/>

 

IPv6 – Что это такое интернет-протокол версии 6 и для чего нужен [IPv6 – What is Internet Protocol Version 6 and what is it for?]

... IPv6 – это шестая и актуальная версия интернет-протокола, созданная Инженерным Советом Интернета (IETF). Необходим для того, чтобы осуществлять идентификацию и локализовывать системы в компьютерной сети.

< <https://tehnobzor.ru/stati/ipv6-chto-eto-takoe/> https://tehnobzor.ru/stati/ipv6-chto-eto-takoe/>

 

Телеметрия становится основой эффективности корпоративных сетей [Telemetry becomes the basis for the efficiency of corporate networks]

... Организация IETF подготовила документ RFC 9232, в котором определяется структура сетевой телеметрии. С его помощью организации могут получить более полное представление о сети, что поможет повысить эффективность управления ею.

< <https://www.osp.ru/articles/2023/0213/13056817> https://www.osp.ru/articles/2023/0213/13056817>

 

**********************

SECURITY & PRIVACY

**********************

us: NIST's New Crypto Standard a Step Forward in IoT Security

A new encryption standard for Internet of Things (IoT) should help advance security for these connected devices in businesses, manufacturers, critical infrastructure, and other sectors running this equipment.

< <https://www.darkreading.com/ics-ot/nists-new-crypto-standard-a-step-forward-in-iot-security> https://www.darkreading.com/ics-ot/nists-new-crypto-standard-a-step-forward-in-iot-security>

 

Coordinated Vulnerability Disclosure: Towards a Common EU Approach

The new report of the European Union Agency for Cybersecurity (ENISA) explores how to develop harmonised national vulnerability programmes and initiatives in the EU.

< <https://www.enisa.europa.eu/news/coordinated-vulnerability-disclosure-towards-a-common-eu-approach> https://www.enisa.europa.eu/news/coordinated-vulnerability-disclosure-towards-a-common-eu-approach>

 

eu: Sustained Activity by Threat Actors

The European Union Agency for Cybersecurity (ENISA) and the CERT of the EU institutions, bodies and agencies (CERT-EU) jointly published a report to alert on sustained activity by particular threat actors. The malicious cyber activities of the presented threat actors pose a significant and ongoing threat to the European Union.

< <https://www.enisa.europa.eu/news/sustained-activity-by-threat-actors> https://www.enisa.europa.eu/news/sustained-activity-by-threat-actors>

 

Studying the conformance of MANRS members

The Mutually Agreed Norms on Routing Security (MANRS) initiative is an industry-led effort to improve Internet routing security. MANRS encourages participating networks to implement a series of routing security practices.

< <https://blog.apnic.net/2023/02/14/studying-the-conformance-of-manrs-members/> https://blog.apnic.net/2023/02/14/studying-the-conformance-of-manrs-members/>

 

To DNSSEC or Not?

The early days of the Internet were marked by a constant churn of technology. For example, routing protocols came and went in rapid succession, transmission technologies were in a state of constant flux, the devices we used to interact with the emerging digital environment were changing, and the applications we used also changed. It’s therefore somewhat of a surprise to note that at least one protocol has remained relatively constant across the more than forty years of the Internet, and that's the Domain Name System (DNS) and the associated DNS name resolution protocol.

< <https://www.potaroo.net/ispcol/2023-02/dnssec.html> https://www.potaroo.net/ispcol/2023-02/dnssec.html>

 

RoVISTA — measuring the current deployment rate status of ROV

RoVISTA is a new measurement platform developed by me and my colleagues at Virginia Tech, IIJ, RIPE NCC, and MANRS to measure the current deployment rate status of ROV.

< <https://blog.apnic.net/2023/02/15/rovista-measuring-the-current-deployment-rate-status-of-rov/> https://blog.apnic.net/2023/02/15/rovista-measuring-the-current-deployment-rate-status-of-rov/>

 

RPKI Deployment Case Study: NYSERNet

NYSERNet recently implemented peer-facing RPKI Route Origin Validation (ROV) to protect its members’ routing infrastructure. In this post, I want to share the progress we’ve made and the lessons we’ve learned thus far.

< <https://www.manrs.org/2023/02/rpki-deployment-case-study-nysernet/> https://www.manrs.org/2023/02/rpki-deployment-case-study-nysernet/>

 

Using chatter on the grapevine to ace cybersecurity report card

... However, UNSW cybersecurity experts Professor Sanjay Jha and Dr. Jiaojiao Jiang have developed new modelling to help businesses strengthen their cyber threat intelligence. The model is used to help funding partner, Avertro, toughen its own Cyber Management Decision System platform called CyberHQ. Aimed at supporting businesses with their cybersecurity capabilities, the platform can also identify, track, and manage cyber risks for executives at the business level, as well as cybersecurity teams at the technical level.

< <https://newsroom.unsw.edu.au/news/science-tech/using-chatter-grapevine-ace-cybersecurity-report-card> https://newsroom.unsw.edu.au/news/science-tech/using-chatter-grapevine-ace-cybersecurity-report-card>

 

The Five Important Moments In History That Shaped The Modern Cybersecurity Landscape

Cybersecurity, compliance and cyber threats have seen an evolution through modern times. But the core idea remains the same, people trying to find vulnerable spots in your system, then trying to exploit them. It also includes people who try to find vulnerable spots for themselves and try to build a better and secure system to secure their information.

< <https://www.forbes.com/sites/forbestechcouncil/2023/02/17/the-5-important-moments-in-history-that-shaped-the-modern-cybersecurity-landscape/> https://www.forbes.com/sites/forbestechcouncil/2023/02/17/the-5-important-moments-in-history-that-shaped-the-modern-cybersecurity-landscape/>

 

Finland launches cyber citizen project to teach essential cybersecurity skills to EU citizens

In today's increasingly digital world, cybersecurity is becoming an essential skill for citizens. With the rise of cyber threats, it is crucial for citizens to be equipped with the knowledge and skills necessary to protect themselves and their personal information. To address this need, Finland has launched the Cyber Citizen Project, in collaboration with Aalto University and the Ministry of Transport and Communications, to create a common model for teaching cybersecurity skills to citizens in the EU Member States.

< <https://www.helsinkitimes.fi/themes/themes/science-and-technology/22991-finland-launches-cyber-citizen-project-to-teach-essential-cybersecurity-skills-to-eu-citizens.html> https://www.helsinkitimes.fi/themes/themes/science-and-technology/22991-finland-launches-cyber-citizen-project-to-teach-essential-cybersecurity-skills-to-eu-citizens.html>

 

Cyber vulnerabilities found by internal research teams up 80%

Cyber-physical system vulnerabilities disclosed in the second half (2H) of 2022 have declined by 14% since hitting a peak during 2H 2021, while vulnerabilities found by internal research and product security teams have increased by 80% over the same time period, according to the State of XIoT Security Report: 2H 2022 released today by Claroty.

< <https://securitybrief.com.au/story/cyber-vulnerabilities-found-by-internal-research-teams-up-80> https://securitybrief.com.au/story/cyber-vulnerabilities-found-by-internal-research-teams-up-80>

 

State of XIoT Security: 2H 2022: Team82’s analysis of vulnerabilities impacting cyber-physical systems across the Extended Internet of Things—2H 2022

Team82 presents its sixth biannual State of XIoT Security Report, covering published vulnerabilities affecting cyber-physical systems in the 2H 2022. This report is an analysis of the XIoT vulnerability landscape for security leaders, analysts, and engineers looking to prioritize mitigation and response activities.

< <https://claroty.com/resources/reports/state-of-xiot-security-2h-2022> https://claroty.com/resources/reports/state-of-xiot-security-2h-2022>

 

**********************

INTERNET OF THINGS

**********************

Unlocking the potential of IoT for Brazil small and medium businesses

Small and medium-sized manufacturing companies in Brazil will benefit from the collaboration between the Forum’s Platform for Shaping the Future of Urban Transformation and the Centre for the Fourth Industrial Revolution (C4IR) Brazil, as the two organizations work to remove barriers to the adoption of the internet of things (IoT).

< <https://www.weforum.org/impact/iot-for-brazil/> https://www.weforum.org/impact/iot-for-brazil/>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

Pixel 7 doesn’t support latest 5G standard, might with Android 14

The 3GPP is responsible for developing mobile broadband standards, with 5G being the recent focus. Standards are made available as “releases,” with the Pixel 7 on the older 3GPP Release 15 compared to other available phones today.

< <https://9to5google.com/2023/02/19/pixel-7-5g-standard/> https://9to5google.com/2023/02/19/pixel-7-5g-standard/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Marten van Dijk wins IEEE CS Edward J. McCluskey Technical Achievement Award

For his contributions to oblivious and encrypted computation Marten van Dijk won the 2023 IEEE CS Edward J. McCluskey Technical Achievement Award.

< <https://www.cwi.nl/en/news/marten-van-dijk-wins-ieee-edward-j-mccluskey-technical-achievement-award/> https://www.cwi.nl/en/news/marten-van-dijk-wins-ieee-edward-j-mccluskey-technical-achievement-award/>

 

IEEE Foundation Celebrates 50th Anniversary

The IEEE Foundation announces the celebration of its 50th anniversary, marking five decades of translating member and donor values into social impact by transforming lives through the power of technology and education. Established on February 16, 1973 as the philanthropic partner of IEEE, the world’s largest technical professional organization advancing technology for humanity, the IEEE Foundation’s 50-year milestone will be commemorated throughout 2023. It will include a celebration and reflection on five decades of accomplishments, bringing together philanthropists, IEEE members, and its partners to build a brighter future. IEEE Foundation’s anniversary will showcase the profound impact the organization has around the world and its plans for the future that look beyond our lifetime to shape the destiny of future generations.

< <https://www.ieee.org/about/news/2023/ieee-foundation-celebrates-50th-anniversary.html> https://www.ieee.org/about/news/2023/ieee-foundation-celebrates-50th-anniversary.html>

 

W3C sun-setting online unified validator; community may fork Unicorn

W3C plans to stop providing the on-line unified validator service Unicorn as of 31 March 2023, due to lack of resources to maintain the project. We encourage interested people in the community to fork Unicorn. We have many other developer tools such as the markup and CSS validators, and checkers like the Internationalization checker, link and feed checkers.

< <https://www.w3.org/blog/news/archives/9826> https://www.w3.org/blog/news/archives/9826>

 

uk: Sheffield to open national 6G research facility at university

A research facility aimed at helping the UK become a world leader in 6G mobile phone technology is to be set up at the University of Sheffield.

< <https://www.bbc.com/news/uk-england-south-yorkshire-64661539> https://www.bbc.com/news/uk-england-south-yorkshire-64661539>

 

What to expect from 6G: Here are nine important takeaways from early global research

Designing a new generation mobile system is a very complicated engineering task involving thousands of researchers and developers. Their creativity comes up with novel concepts and they work on designing, testing, agreeing upon and building a truly best-in-class end-to-end cellular system. There really is nothing like it.

< <https://www.ericsson.com/en/blog/2023/2/6g-early-research-global-takeaways> https://www.ericsson.com/en/blog/2023/2/6g-early-research-global-takeaways>

 

APNIC election sparks move for rapid rule changes to prevent council stacking

The imminent elections for executive council members at APNIC – the non-profit organization that distributes and manages IP addresses and AS numbers in 56 nations – has sparked calls for a rapid rewrite of the organization's bylaws to ensure no single entity can dominate its governance.

< <https://www.theregister.com/2023/02/15/apnic_election_controversy/> https://www.theregister.com/2023/02/15/apnic_election_controversy/>

 

Kyoto confirmed as APNIC 56 location

APNIC is pleased to announce that Kyoto, Japan, will be the location of APNIC 56 from 7 to 14 September 2023.

< <https://blog.apnic.net/2023/02/13/kyoto-confirmed-as-apnic-56-location/> https://blog.apnic.net/2023/02/13/kyoto-confirmed-as-apnic-56-location/>

 

[Podcast] What’s happening with growth in BGP?

In this episode of PING, Geoff Huston from APNIC Labs discusses the current situation in BGP across IPv4 and IPv6.

< <https://blog.apnic.net/2023/02/16/podcast-whats-happening-with-growth-in-bgp/> https://blog.apnic.net/2023/02/16/podcast-whats-happening-with-growth-in-bgp/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home