[Newsclips] IETF SYN-ACK Newspack 2023-06-05

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Quant (QNT) Accelerates as Tokenization Opportunities Emerge Amidst Market Uncertainties

... Mid-February, this year, Quant became one of the participants of the IETF working group. The group is actively developing a new Internet Protocol to make the transfer of digital assets more secure and DLT networks more interoperable. Part of this mission will require standardizing communication between networks and securing transactions across networks.

< <https://www.securities.io/quant-qnt-accelerates-as-tokenization-opportunities-emerge-amidst-market-uncertainties/> https://www.securities.io/quant-qnt-accelerates-as-tokenization-opportunities-emerge-amidst-market-uncertainties/>

 

Health Check Response Format for HTTP APIs

... Conclusion: The Healthcheck IETF draft is a great initiative to standardize health checks across the industry. It would allow monitoring tools to rely on HTTP status and response body without ad-hoc configuration on each service.

< <https://hackernoon.com/health-check-response-format-for-http-apis> https://hackernoon.com/health-check-response-format-for-http-apis>

 

Developing An Unbreakable Cybersecurity System

... Winbond’s Tasher noted this cryptographic scheme includes a set of encryption/decryption and signing/authentication algorithms that are considered to be strong — almost to the same extent with or without the advent of quantum computers. “NIST strongly urges that designs intended for use in the next 20 years move from classical algorithms to their quantum-safe counterparts,” said Tasher. “We are seeing this trend starting to become widespread in recent IETF RFCs for next-generation internet protocols.”

< <https://semiengineering.com/developing-an-unbreakable-cybersecurity-system/> https://semiengineering.com/developing-an-unbreakable-cybersecurity-system/>

 

What AI Governance Can Learn From Crypto’s Decentralization Ethos

... There are, perhaps, lessons to take from the approach that governments, academic institutions, private companies and non-profit organizations took to regulating the internet. Through bodies such the ICANN and the IETF, we installed multistakeholder frameworks to enable the development of common standards and to allow for dispute resolution through arbitration rather than the courts.

< <https://www.coindesk.com/consensus-magazine/2023/06/02/what-ai-governance-can-learn-from-cryptos-decentralization-ethos/> https://www.coindesk.com/consensus-magazine/2023/06/02/what-ai-governance-can-learn-from-cryptos-decentralization-ethos/>

 

How can we cancel the quantum apocalypse?

... In the meantime, Callan said standards organisations like the IETF are working on how to implement cryptography like Kyber in modern systems.

 <https://www.siliconrepublic.com/enterprise/cancel-quantum-apocalypse-encryption-harvest-decrypt> https://www.siliconrepublic.com/enterprise/cancel-quantum-apocalypse-encryption-harvest-decrypt>

 

Google and Apple join forces for a greater good

... “The specification has been submitted as a draft to the IETF, a leading standards development organization. Various stakeholders are invited to review and provide input on the content in the next three months.

< <https://www.gearrice.com/update/google-and-apple-join-forces-for-a-greater-good/> https://www.gearrice.com/update/google-and-apple-join-forces-for-a-greater-good/>

 

JMAP : un protocole moderne et ouvert pour la gestion des emails conçu pour être un successeur potentiel d'IMAP [JMAP: a modern and open protocol for managing emails designed to be a potential successor to IMAP]

... Le protocole est rédigé par Neil Jenkins, directeur et architecte UX chez Fastmail et Chris Newman, ingénieur principal chez Oracle. Fastmail a commencé à travailler sur JMAP en 2014 en tant que projet de développement interne. Il s'agit d'un protocole Internet qui gère la soumission et la synchronisation des courriels, des contacts et des calendriers entre un client et un serveur, en fournissant une interface cohérente pour différents types de données. Il est conçu pour être un successeur possible d'IMAP et un remplaçant potentiel des normes CardDAV et CalDAV. L'IETF a également participé au développement de JMAP.

< <https://www.developpez.com/actu/345123/JMAP-un-protocole-moderne-et-ouvert-pour-la-gestion-des-emails-concu-pour-etre-un-successeur-potentiel-d-IMAP-et-un-remplacant-possible-de-la-norme-CalDAV-pour-la-synchronisation-des-calendriers/> https://www.developpez.com/actu/345123/JMAP-un-protocole-moderne-et-ouvert-pour-la-gestion-des-emails-concu-pour-etre-un-successeur-potentiel-d-IMAP-et-un-remplacant-possible-de-la-norme-CalDAV-pour-la-synchronisation-des-calendriers/>

 

Zo was het web niet bedoeld [The web was not meant to]

... Een korte tijd woedde er een bescheiden strijd tussen het WorldWideWeb en Gopher. Welke van de twee zou de standaard worden? Het internet werkt namelijk alleen maar als alle apparatuur dezelfde taal spreekt. De internetgemeenschap, verenigd in de Internet Engineering Taskforce (IETF), bepaalde welke taal dat werd. De IETF was in eerste instantie wel gecharmeerd van Gopher, en wilde daar hét standaardprotocol voor informatie-ontsluiting van maken.

< <https://www.nemokennislink.nl/publicaties/zo-was-het-web-niet-bedoeld/> https://www.nemokennislink.nl/publicaties/zo-was-het-web-niet-bedoeld/>

 

Google y Apple trabajan (juntos) para dificultar la vida a los Stalkers que usan Location Trackers (Como los Apple AirTag) [Google and Apple work (together) to make life difficult for Stalkers using Location Trackers (like Apple AirTags)]

... Esto, que acabó en los tribunales, ha llevado a Google y Apple a ponerse a trabajar conjuntamente en un estándar para definir cómo deben funcionar los Location Trackers y cuáles son las capacidades que deben llevar estos para evitar lo que han denominado "Unwanted Location Trackers". El draft del IETF, titulado "Detecting Unwanted Location Trackers" está firmado por cuatro ingenieros, dos de Apple y dos de Google.

< <https://www.elladodelmal.com/2023/05/google-y-apple-trabajan-juntos-para.html> https://www.elladodelmal.com/2023/05/google-y-apple-trabajan-juntos-para.html>

 

História, ktorá sa v škole neučí: Večný September [History That Is Not Taught in School: Eternal September]

... Ďalej: IETF, organizácia založená za ranného Internetu a dodnes pracujúca na jeho anarchistických princípoch sa zase stará o to, aby jednotlivé časti Internetu vedeli navzájom spolupracovať a aby sa Internet nerozpadol na oddelené kusy vlastnené či už národnými štátmi, alebo veľkými firmami.

< <https://blog.sme.sk/sustrik/historia/historia-ktora-sa-v-skole-neuci-vecny-september> https://blog.sme.sk/sustrik/historia/historia-ktora-sa-v-skole-neuci-vecny-september>

 

Google y Apple unen fuerzas para un bien mayor [Google and Apple join forces for a greater good]

... «La especificación se ha propuesto a modo de borrador a la IETF, una organización líder en el desarrollo de estándares.

< <https://lamanzanamordida.net/noticias/apple/google-apple-unen-fuerzas-bien-mayor/> https://lamanzanamordida.net/noticias/apple/google-apple-unen-fuerzas-bien-mayor/>

 

Hal-Hal yang Diatur dalam Netiket [Things Regulated in Netiquette]

... Etika dalam berkomunikasi melalui internet disebut juga netiket (nettiquette), yang mengacu pada standar netiket yang ditetapkan oleh IETF (Engineering Task Force).

< <https://www.kompas.com/skola/read/2023/05/30/060000869/hal-hal-yang-diatur-dalam-netiket-> https://www.kompas.com/skola/read/2023/05/30/060000869/hal-hal-yang-diatur-dalam-netiket->

 

Jak na digitální kontinuitu (12): Proč mají elektronické podpisy různé profily, formáty a úrovně? [How to Digital Continuity (12): Why do electronic signatures have different profiles, formats and levels?]

... Starší (nereferenční) formáty přitom vychází ze standardu jménem PKCS#7, který původně připravila ještě společnost RSA a který pod názvem CMS (Cryptographic Message Syntax) následně upravila organizace IETF pečující o internetové standardy. Proto jsou tyto formáty často označovány jako CMS/PKCS#7. Setkat se lze i s jejich označením PAdES Basic, podle standardu ETSI řady TS 102 778, část 2. z roku 2009.

< <https://www.lupa.cz/clanky/jak-na-digitalni-kontinuitu-12-proc-maji-elektronicke-podpisy-ruzne-profily-formaty-a-urovne/> https://www.lupa.cz/clanky/jak-na-digitalni-kontinuitu-12-proc-maji-elektronicke-podpisy-ruzne-profily-formaty-a-urovne/>

 

每日简讯：IPv6是什么 IPv6有什么作用 [Daily Newsletter: What is IPv6 What does IPv6 do]

IPv6是Internet Protocol Version 6的缩写，其中Internet Protocol译为“互联网协议”。IPv6是IETF(互联网工程任务组)设计的用于替代现行版本IP协议(IPv4)的下一代IP协议。目前IP协议的版本号是4(简称为IPv4)，它的下一个版本就是IPv6。

< <http://news.eeju.com/shangye/2023/0531/38975.html> http://news.eeju.com/shangye/2023/0531/38975.html>

 

Google雲端用戶可使用免費ACME API，自動獲取和更新公開受信任的TLS憑證 [Google Cloud users can use the free ACME API to automatically obtain and update publicly trusted TLS credentials]

... ACME是一種通訊協定，由網際網路工程任務組（IETF）制定，目的是要自動化數位憑證的管理過程，包括憑證的申請、驗證、發行，以及之後的更新。由於數位憑證可以確保網站身份，並保護網站和用戶間的資訊交換，是網路安全非常重要的一環。傳統憑證申請和管理過程複雜且費時，ACME解決了這些麻煩，並使過程能夠自動化，因此也減少了管理成本，以及因憑證過期所產生的安全風險。

< <https://ithome.com.tw/news/157104> https://ithome.com.tw/news/157104>

 

新華三曾富貴：AI時代的極致算力釋放，高品質網絡聯接至關重要 [New H3C Zeng Fugui: In the AI era, high-quality network connection is crucial]

... 在積極布局確定性網絡的過程中，新華三集團提交了IETF DetNet、CCSA TC3等多項標准，擁有多項核心技術專利，並在業內提出了基於抖動壓縮的方案，拓展了確定性網絡的技術規格和應用邊界。在實踐方面，新華三攜手江蘇省未來網絡創新研究院打造了確定性網絡，將各場景確定性流的時延抖動均控制在15微秒以內，在業界率先突破了確定性流和非確定性流並存的問題。

< <http://finance.people.com.cn/BIG5/n1/2023/0602/c1004-40004955.html> http://finance.people.com.cn/BIG5/n1/2023/0602/c1004-40004955.html>

 

**********************

SECURITY & PRIVACY

**********************

Can quantum computing protect AI from cyber attacks?

AI algorithms are everywhere. They underpin nearly all autonomous and robotic systems deployed in security applications. This includes facial recognition, biometrics, drones and autonomous vehicles used in combat surveillance and military targeting applications.

< <https://www.csiro.au/en/news/All/Articles/2023/May/quantum-cyberattacks> https://www.csiro.au/en/news/All/Articles/2023/May/quantum-cyberattacks>

 

BSI aktualisiert den Mindeststandard zur Verwendung von Transport Layer Security (TLS) [BSI updates the minimum standard for using transport layer security (TLS)]

Das Bundesamt für Sicherheit in der Informationstechnik (BSI) hat den Mindeststandard zur Verwendung von Transport Layer Security (TLS) aktualisiert und macht hiermit klare Vorgaben zum Einsatz sicherer TLS-Versionen und einer sicheren Konfiguration für die IT der Bundesverwaltung.

< <https://www.bsi.bund.de/DE/Service-Navi/Presse/Alle-Meldungen-News/Meldungen/MST_TLS_230531.html> https://www.bsi.bund.de/DE/Service-Navi/Presse/Alle-Meldungen-News/Meldungen/MST_TLS_230531.html>

 

Can quantum computing protect AI from cyber attacks?

AI algorithms are everywhere. They underpin nearly all autonomous and robotic systems deployed in security applications. This includes facial recognition, biometrics, drones and autonomous vehicles used in combat surveillance and military targeting applications.

< <https://www.csiro.au/en/news/All/Articles/2023/May/quantum-cyberattacks> https://www.csiro.au/en/news/All/Articles/2023/May/quantum-cyberattacks>

 

Cybersecurity sector braces for tug-of-war over AI

The continued development of AI brings both challenges and opportunities to the cybersecurity sector, a series of experts told EURACTIV, who highlighted that while risks will increase, avenues for defence will too.

< <https://www.euractiv.com/section/cybersecurity/news/cybersecurity-sector-braces-for-tug-of-war-over-ai/> https://www.euractiv.com/section/cybersecurity/news/cybersecurity-sector-braces-for-tug-of-war-over-ai/>

 

[Survey] Is Your Connectivity Provider Your Weakest Security Link?

Enterprises increasingly rely on the Internet, from online services and customer support to storing digital assets and information in the cloud. All that data must move across the Internet without being intercepted, changed, redirected, or blocked.

< <https://www.manrs.org/2023/05/survey-is-your-connectivity-provider-your-weakest-security-link/> https://www.manrs.org/2023/05/survey-is-your-connectivity-provider-your-weakest-security-link/>

 

Data security via quantum computing

THE Philippines is gearing up to advance its digital transformation. Bills such as the E-Governance Act, the Internet Transactions Act and tax reforms are being reviewed to accommodate digital service providers and foster an environment that would ease the adoption of emerging technologies. ... To prepare for the security threats of quantum computing, organizations could start by thinking about post-quantum cryptography (PQC) algorithms and replacing current algorithms with new quantum-resistant algorithms. While PQC solutions are still in development, organizations should evaluate the security of post-quantum candidates and transition to using these algorithms to ensure their data remains secure.

< <https://www.manilatimes.net/2023/06/04/business/sunday-business-it/data-security-via-quantum-computing/1894374> https://www.manilatimes.net/2023/06/04/business/sunday-business-it/data-security-via-quantum-computing/1894374>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

Using 3GPP technology for satellite communication

Most satellite communication today is based on proprietary solutions, but that may soon change. Non-terrestrial networks became part of the 3rd Generation Partnership Project standard in Release 17, establishing a strong foundation for direct communication between satellites, smartphones and other types of mass-market user equipment.

< <https://www.ericsson.com/en/reports-and-papers/ericsson-technology-review/articles/3gpp-satellite-communication> https://www.ericsson.com/en/reports-and-papers/ericsson-technology-review/articles/3gpp-satellite-communication>

 

Researchers devise a low-cost method to secure long-distance communication by overcoming distortions

... In order to counter possible data breaches by miscreants and secure communication for both personal and strategic purposes like defence and national security, scientists at the Quantum Information and Computing (QuIC) lab at the Raman Research Institute (RRI) have come up with a solution. They have tried to solve the problem arising due to distortion of photon-polarization posed by the constant movement of satellites as well as scrambling of polarization in optical fibres, over large distances.

< <https://dst.gov.in/researchers-devise-low-cost-method-secure-long-distance-communication-overcoming-distortions> https://dst.gov.in/researchers-devise-low-cost-method-secure-long-distance-communication-overcoming-distortions>

 

UDPベースで高速化した汎用プロトコル、最新HTTPに採用された「QUIC」とは [What is "QUIC" adopted in the latest HTTP, a general-purpose protocol that is UDP based on speedup?]

QUICとはUDPをベースとした汎用通信プロトコルである。IETFが2021年に「RFC 9000」として勧告し、新たなインターネット標準技術となった。2022年に「RFC 9114」にて勧告されたHTTP／3は、トランスポート層プロトコルとしてQUICを採用した。 

< <https://active.nikkeibp.co.jp/atcl/act/19/00146/041000113/> https://active.nikkeibp.co.jp/atcl/act/19/00146/041000113/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

ICANN and Contract Negotiations Update: Improved DNS Abuse Requirements by Sally Costerton

On behalf of the ICANN organization, I would like to thank the negotiating team members of the Registrars Stakeholder Group (RrSG) and the gTLD Registries Stakeholder Group (RySG) for their collaboration with our negotiating team. As a result, we have successfully negotiated targeted amendments to the Registrar Accreditation Agreement (RAA) and Registry Agreement (RA) concerning DNS abuse. The proposed amendments make specific and meaningful new obligations that will require contracted parties to stop or disrupt a domain name from being used for DNS abuse. This is a major accomplishment, and I would like to congratulate everyone involved for their time and hard work to get us to this point in less than six months.

< <https://www.icann.org/en/blogs/details/icann-and-contract-negotiations-update-improved-dns-abuse-requirements-30-05-2023-en> https://www.icann.org/en/blogs/details/icann-and-contract-negotiations-update-improved-dns-abuse-requirements-30-05-2023-en>

 

ICANN Experts Explain the Latest DNS Troubleshooting Tools by Roy Arends and Matt Larson

The DNS serves as a fundamental pillar of Internet infrastructure, enabling the translation of domain names into Internet Protocol (IP) addresses. This allows users to access websites, send and receive emails, and use various Internet resources.

< <https://www.icann.org/en/blogs/details/icann-experts-explain-the-latest-dns-troubleshooting-tools-31-05-2023-en> https://www.icann.org/en/blogs/details/icann-experts-explain-the-latest-dns-troubleshooting-tools-31-05-2023-en>

 

RIPE 86 bites — what’s the time?

A little-appreciated aspect of our digital infrastructure is just how dependent we are on access to the time. Disrupting the time base can not only lead to disruption in communications but can also result in various forms of compromise of the integrity of communications.

< <https://www.potaroo.net/ispcol/2023-06/ripe86-time.html> https://www.potaroo.net/ispcol/2023-06/ripe86-time.html>

< <https://blog.apnic.net/2023/06/02/ripe-86-bites-whats-the-time/> https://blog.apnic.net/2023/06/02/ripe-86-bites-whats-the-time/>

 

RIPE 86 bites — gigabits for EU

At RIPE 86, Rudolf van der Berg talked about the latest updates from the ongoing tensions in the Internet industry between carriage infrastructure providers and content providers, with a European perspective.

< <https://www.potaroo.net/ispcol/2023-06/ripe86-gig4eu.html> https://www.potaroo.net/ispcol/2023-06/ripe86-gig4eu.html>

< <https://blog.apnic.net/2023/06/01/ripe-86-bites-gigabits-for-eu/> https://blog.apnic.net/2023/06/01/ripe-86-bites-gigabits-for-eu/>

 

RIPE 86 Bites – Encryption and Active Network Management

Change is hard, and the larger the system the slower the pace of change. There are just so many systems that need to change their behaviours and the motivations of users, vendors, service providers, content generators and many others all vary. Getting all of us to change some aspect of our technology, platform or application set is hard, if not impossible, to orchestrate such that it happens at the same time. We’ve become comfortable to an Internet which is the opposite of the Internet of the early 1990’s. Change is now resisted.

< <https://www.potaroo.net/ispcol/2023-06/ripe86-quic.html> https://www.potaroo.net/ispcol/2023-06/ripe86-quic.html>

 

IEEE President’s Note: Connecting the Unconnected: The organization is partnering with the U.N. to bridge the digital divide

At IEEE, we know that the advancement of science and technology is the engine that drives the improvement of the quality of life for every person on this planet. Unfortunately, as we are all aware, today’s world faces significant challenges, including escalating conflicts, a climate crisis, food insecurity, gender inequality, and the approximately 2.7 billion people who cannot access the Internet.

< <https://spectrum.ieee.org/ieee-presidents-note-june-2023> https://spectrum.ieee.org/ieee-presidents-note-june-2023>

 

Connecting the World Through Digital Cooperation

In 1991, the world was on the verge of a digital revolution. Technologies previously accessible only to governments and research institutions, such as personal computers, mobile networks, and, of course, the Internet, were about to end up in everyone’s homes. Fast forward to 2023, what started as a communication revolution to empower people with access to information is now a data, technological, and surveillance revolution.

< <https://sdg.iisd.org/commentary/policy-briefs/connecting-the-world-through-digital-cooperation/> https://sdg.iisd.org/commentary/policy-briefs/connecting-the-world-through-digital-cooperation/>

 

Technology deep dives: Immersive technologies

Immersive technologies aim to create digital experiences that are more interactive, engaging and realistic, with a greater degree of sensory immersion and spatial interaction, compared with other online experiences. A hallmark of some immersive technologies is that they integrate with and blur the boundaries between digital and physical experiences.

< <https://www.oecd.org/digital/global-forum-on-technology/immersive-technologies-brief.pdf> https://www.oecd.org/digital/global-forum-on-technology/immersive-technologies-brief.pdf>

 

The tech industry was deflating. Then came ChatGPT.

A year ago, the mood in Silicon Valley was dour. Big Tech stocks were falling, the cryptocurrency bubble had popped, and a wave of layoffs was beginning to sweep through the industry. Then the artificial intelligence boom hit.

< <https://www.washingtonpost.com/technology/2023/06/04/ai-bubble-tech-industry-outlook/> https://www.washingtonpost.com/technology/2023/06/04/ai-bubble-tech-industry-outlook/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home