[Newsclips] IETF SYN-ACK Newspack 2020-07-06

[David Goldstein <david@goldsteinreport.com>]

Just a reminder the IETF wants you to complete the SYN-ACK handshake and share your feedback through a 6-question survey that should take no more than 2 minutes to complete. It would mean a lot to help with how useful the newsletter is and how to improve it. Results go directly to IETF. To complete the brief survey, go to:

https://www.surveymonkey.com/r/2DYNMNC

 

Don’t forget, the IETF SYN-ACK Newspack aims to help track where, when, and how IETF-related issues are presented in a variety of news outlets and other online publications around the world.

 

**********************

IETF IN THE NEWS

**********************

Experts Predict More Digital Innovation by 2030 Aimed at Enhancing Democracy: 4. It’s all just history repeating itself

... A longtime participant in the IETF commented, “Society has been getting more divided into ideological camps over the last decade, and each of the camps has been using technology to try to disrupt the others. I do not see that changing, and such divisions will tend to stifle social progress.”

<https://www.pewresearch.org/internet/2020/06/30/its-all-just-history-repeating-itself/>

 

Mozilla Firefox und Comcast kooperieren für DNS over HTTPS [Mozilla Firefox and Comcast collaborate for DNS over HTTPS]

... DoH soll dabei helfen, das DNS gegen mithörende Dritte abzusichern, sowohl auf die Erstellung von Profilen erpichte Unternehmen, als auch auf Vollspeicherung getrimmte Geheimdienste. Das bei der IETF standardisierte Protokoll sorgte anders als sein kurz zuvor entwickelter Konkurrent, DNS über TLS (DoT), für hitzige politische Debatten, weil Mozilla dezentral abgewickelten DNS-Verkehr zunächst über einen einzigen zentralen Provider, den US-DNS-Anbieter Cloudflare, abwickeln wollte. So hoch schlugen die Wogen insbesondere in Europa, dass Mozilla die Implementierung zunächst auf US-Nutzer beschränkte.

<https://www.heise.de/news/Mozilla-Firefox-und-Comcast-kooperieren-fuer-DNS-over-HTTPS-4798297.html>

 

Internet holds the key to the post-coronavirus era

The coronavirus pandemic has taught us that the skillful and sensible use of the internet will allow us to navigate through this crisis with the minimum possible damage. ... A forum called the IETF promotes the technological standards of the internet. IETF brings together communities which have created organizations working on related plans and policies. The most cited phrase among these communities is “We reject kings, presidents, and voting. We believe in rough consensus and running code,” by David Clark, a professor at the Massachusetts Institute of Technology.

<https://www.japantimes.co.jp/opinion/2020/07/03/commentary/world-commentary/internet-coronavirus-era/>

 

What is an X.509 Certificate? | Keyfactor

... In 1993, X509 version 2 added two new fields: Issuer Unique Identifier and Subject Unique Identifier. These fields are now considered deprecated by the IETF, and should not be used in your certificates. The widespread use of the Internet inspired further development of the hierarchical naming system.

<https://securityboulevard.com/2020/07/what-is-an-x-509-certificate-keyfactor/>

 

HTTP / 3, the protocol that will change the internet tomorrow

... As for who or what institution is responsible for ensuring this protocol, its name is IETF ... . Created in the United States in 1986, it is a non-profit organization.

<https://www.explica.co/http-3-the-protocol-that-will-change-the-internet-tomorrow/>

 

ICANN Registrar Stakeholder Group Leadership Handover by Tobias Sattler 

... Tobias Sattler: We have implemented and achieved a lot together. If I have to highlight any of these, then it was the founding of the TechOps group. Imagine it like a think tank to address the technical and operational needs and challenges of registries and registrars. At TechOps, we had our share on ICANN's Temporary Specification, wrote IETF Internet-Drafts to solve operational issues, and did a whitepaper on a possible new future of domain transfers.

<http://www.circleid.com/posts/20200630-icann-registrar-stakeholder-group-leadership-handover/>

 

Este es el rendimiento de TLS 1.3 y SSH con algoritmos post-cuánticos [This is the performance of TLS 1.3 and SSH with post-quantum algorithms]

... Actualmente el NIST se está encargando de estandarizar diferentes algoritmos post-cuánticos, es decir, que sean capaces de resistir la potencia de los futuros ordenadores cuánticos, y que nos proporcionen una seguridad similar a la actual donde no tenemos este tipo de ordenadores. La IETF tiene múltiples borradores, y los «grandes» de Internet como Cisco, Microsoft, Cloudflare, Google o Amazon Web Services ya los están probando, concretamente los de intercambio de clave y autenticación en TLS.

<https://www.redeszone.net/noticias/seguridad/rendimiento-tls-1-3-ssh-algoritmos-post-cuanticos/>

 

¿Qué es HTTP/3 y cómo afectará a internet? [What is HTTP/3 and how will it affect the internet?]

... En cuanto a quién o qué institución se encarga de velar por este procolo, su nombre es IETF, acrónimo de IETF o Grupo de Trabajo de Ingeniería de Internet. Creada en Estados Unidos en 1986, es una organización sin ánimo de lucro.

<https://hipertextual.com/2020/06/http-3-protocolo-internet>

 

Google Cloud rafforza la sicurezza delle connessioni con TLS 1.3 [Google Cloud strengthens connection security with TLS 1.3]

... Lo standard è definito da IETF: il suo predecessore, noto come SSL, è ormai “deprecated” e TLS è attualmente il metodo principale per proteggere le connessioni Internet tra i server e i client.

<https://www.01net.it/google-cloud-rafforza-la-sicurezza-delle-connessioni-con-tls-1-3/>

 

HTTP / 3, le protocole qui va changer Internet demain [HTTP / 3, the protocol that will change the Internet tomorrow]

... Quant à savoir qui ou quelle institution est chargée d’assurer ce protocole, son nom est IETF, un acronyme pour IETF ou Internet Engineering Task Force. Créée aux États-Unis en 1986, c’est une organisation à but non lucratif.

<https://www.breakingnews.fr/technologie/http-3-le-protocole-qui-va-changer-internet-demain-532360.html>

 

JP Morgan annonce le retrait de termes comme blacklist, master et slave de sa base de code et de sa documentation [JP Morgan announces the removal of terms such as blacklist, master and Slavic from its code base and documentation]

... Au niveau de l'IETF, le consortium international qui discute et édite les standards de l'informatique, une série de suggestions est en cours d’examen : "blocklist" (liste de refus) et "allowlist" (liste d'autorisation) ou encore "primaire-secondaire", pour la combinaison "master-slave". Seulement, le fait est que les expressions ne trouvent pas de remplaçantes qui fassent consensus.

<https://www.developpez.com/actu/306855/JP-Morgan-annonce-le-retrait-de-termes-comme-blacklist-master-et-slave-de-sa-base-de-code-et-de-sa-documentation-pour-lutter-contre-le-racisme-au-sein-de-l-entreprise/>

 

Apple invita gli sviluppatori ad usare IPv6 perché più veloce di IPv4 [Apple urges developers to use IPv6 because it's faster than IPv4]

... La Casa di Cupertino guarda già avanti e in macOS 11 Big Sur e iOS 14 ha già integrato il supporto sperimentale per HTTP/3, nuova versione del protocollo Hypertext Transfer Protocol usato per il World Wide Web nonché il successore di HTTP/2, attualmente in fase di standardizzazione presso l’IETF. Il supporto TLS 1.3 – riferisce ZDNet – è per default disabilitato ed è incluso sui dispositivi Apple solo per scopi sperimentali e tocca all’utente/sviluppatore abilitarlo. 

<https://www.macitynet.it/apple-invita-gli-sviluppatori-ad-usare-ipv6-perche-piu-veloce-di-ipv4/>

 

Wie sichere Tools dabei helfen, Fehler zu vermeiden [How secure tools help to avoid errors]

... Die Corona-Pandemie wird sicher nicht die letzte Krise gewesen sein. Allerdings braucht es nicht unbedingt einen globalen Ausnahmezustand, um durch unzureichende Sicherheit Geld in Millionenhöhe zu verlieren. Die Arbeitsgruppe der IETF hat sich deshalb näher mit der Fragestellung auseinandergesetzt, wie die Kommunikation und der damit verbundene Datentransfer dauerhaft abgesichert werden können. Aus diesen Erkenntnissen heraus wurde die Technologie der Messaging Layer Security (MLS) entwickelt. Sie könnte ein bedeutender Schritt nach vorne sein und verspricht eine verschlüsselte, flexible und sichere Kommunikation über verschiedene Endgeräte. 

<https://www.industry-of-things.de/wie-sichere-tools-dabei-helfen-fehler-zu-vermeiden-a-943537/>

 

Apple призвала разработчиков использовать IPv6, HTTP/2 и TLS 1.3 [Apple urged developers to use IPv6, HTTP/2 and TLS 1.3]

... Помимо прочего, Apple тестирует в macOS 11 и iOS 14, релиз которых должен состоятся уже этой осенью, поддержку HTTP/3. Данный протокол является следующей версией HTTP, в настоящее время проходящей стандартизацию в Инженерном совете интернета (IETF). 

<https://www.securitylab.ru/news/509629.php>

 

牟承晋：坚定互联网底线思维 打造网信科技创新体系 [Mu Chengjin: firm Internet bottom-line thinking to build a net letter science and technology innovation system]

... IPv6与IPv4互不操作(俗称相互不兼容),迫使只能在因特网框架内重建与IPv4并行、相对独立的IPv6网络系统。在因特网骨干网络上爆发的IPv6资源管理之间相互冲突,导致严重的网络拥堵,表明IPv6在实际应用中还不具备与IPv4并存的网络生存环境。美国近20年的探索认为,部署IPv6至少面临转发表项容量快速下降、IPv4与IPv6互通困难、两张网共存难以运维等很多安全系数极不稳定的现实问题,IPv6过渡计划是费钱、费力又得不到更多好处的事情。2017年7月14日,美国因特网工程任务组(IETF)发布RFC8200号文件,声明废弃(废止)1998年12月的RFC2460号文件“IPv6规范草案”以及IPv6“下一代互联网协议IPng”过渡计划。

<http://www.shbear.com/2/lib/202007/01/20200701037.htm>

<http://www.cet.com.cn/xwsd/2593263.shtml>

 

加入Wi-SUN联盟董事会以推动此广泛普及的网状网络标准 [Join the Wi-SUN Alliance Board to promote this widely available mesh network standard]

... Wi-SUN FAN （Field Area Networks） 是一种开放的标准，它以IEEE 802.15.4g规范及其他IEEE 802和IETF标准为基础。Wi-SUN联盟旨在开发和推广该规范，以及管理认证过程，以确保每个供应商的设备符合该规范以及互操作性的要求。

<https://tech.sina.com.cn/roll/2020-07-01/doc-iirczymk9960552.shtml>

 

실리콘랩스, 와이선 산업 협회 가입 [Silicon Labs joins the Wi-Sun Industry Association]

... 협회에 합류한 이유는 와이선(Wireless Smart Utility Network) 지원 강화 차원이다. 와이선은 미국 전기전자기술자협회(IEEE)가 정한 IEEE 802.15.4 규격이 기반이다. 국제표준기구(IEEE802)와 국제인터넷표준화기구(IETF)의 표준도 따른다. 협회는 이러한 규격을 개발하고 홍보하는 역할을 한다. 

<http://www.thelec.kr/news/articleView.html?idxno=6619>

 

5G承载网络切片管控技术研究 [Research on 5G Bearer Network Slicing Management and Control Technology]

... 当前，在承载网北向接口中采用信息模型对网络资源及操作进行建模，由于北向接口面向上层应用，可以屏蔽底层网络技术的细节，使得网络模型和具体的网络实现方案无关，仅需标识网络的能力信息。在北向接口的建模方面，ONF的OIMT工作组定义了传送应用编程接口(TAPI)信息模型[3]，TAPI模型是一种抽象的网络模型，天然具备网络虚拟化的能力，可以用于VN网络资源的描述，但是具体的VN网络操作需要进一步扩展。IETF提出的ACTN架构[4]定义了客户管控接口(CMI)的接口模型[5]，用于客户网络和多域协调控制器的交互；ACTN模型定义了VN的相关对象，如VN拓扑、接入点、VN业务(VNS)等，同时扩展了网络的能力信息，例如层1连接业务模型(L1CSM)、层2业务模型(L2SM)等；IETF、ONF提出的VN管控模型，对5G承载网络的多层网络能力信息的描述，以及对VN网络的操作等定义仍需进一步完善。

<http://finance.eastmoney.com/a/202007061544459988.html>

 

แอปเปิลรองรับ DNS เข้ารหัสแบบ DoH/DoT บน iOS 14 และ macOS 11 [Apple supports DoH/DoT encryption DNS on iOS 14 and macOS 11]

... นอกจากการรองรับ DoH/DoT แล้วแอปเปิลยังระบุว่ากำลังร่วมมือกับ IETF ในการออกแบบมาตรฐาน ESNI ที่จะทำให้ผู้ที่เห็นทราฟิกไม่สามารถบอกได้อีกว่าทราฟิกนี้เป็นของโดเมนใด โดยแอปเปิลไม่ได้ระบุว่าจะเริ่มทดสอบในเวอร์ชั่นนี้เลยหรือไม่

<https://www.blognone.com/node/117192>

 

**********************

AUTOMATED NETWORK MANAGEMENT

**********************

Full network automation isn’t ready, but current tools can still help

As enterprises try to accelerate their digital transformation efforts, network agility is more important than ever, and network automation can help by ensuring quick access to data, maintaining network performance and improving security.

<https://www.networkworld.com/article/3564981/full-network-automation-isn-t-ready-but-current-tools-can-still-help.html>

 

**********************

SECURITY & PRIVACY

**********************

Internet2 Ramps up MANRS Support for U.S. Research and Education Community

The research and education community in the U.S. relies on a critical infrastructure to meet our education and research missions: the global Internet. This has been especially true during the COVID-19 pandemic, when it has enabled the rapid transition from on-campus to at-home learning.

<https://www.internetsociety.org/blog/2020/07/internet2-ramps-up-manrs-support-for-u-s-research-and-education-community/>

 

One year of BGP (in)security

The Border Gateway Protocol (BGP) has played a key role in sustaining Internet growth since its commercialization in the early 90s. Despite turning 30 years old last June, its current version (RFC 4271) is still recognized as the de facto standard inter-domain routing protocol used by Autonomous Systems (ASes) to exchange routing information with each other.

<https://blog.apnic.net/2020/07/03/one-year-of-bgp-insecurity/>

 

6 ways HTTP/3 benefits security (and 7 serious concerns)

HTTP3, the third official version of hypertext transfer protocol (HTTP), will not use the transmission control protocol (TCP) as did its predecessors. Instead, it uses the quick UDP internet connections (QUIC) protocol developed by Google in 2012.

<https://www.csoonline.com/article/3564253/6-ways-http-3-benefits-security-and-7-serious-concerns.html>

 

Email Sender Identity is Key to Solving the Phishing Crisis

Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.

<https://threatpost.com/valimail-email-sender-identity-is-key-to-solving-the-phishing-crisis/157020/>

 

**********************

TLS

**********************

Apple tells app devs to use IPv6 as it's 1.4 times faster than IPv4

Company also urges app devs to start using newer web tech like HTTP/2 and TLS 1.3, citing similar performance and speed improvements.

<https://www.zdnet.com/article/apple-tells-app-devs-to-use-ipv6-as-its-1-4-times-faster-than-ipv4/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Cerf's 2020 vision with the benefit of 20/20 hindsight

"There are some things that I wish I could have done, but I'm not sure that I would have gotten away with it." So says Vint Cerf, VP and Chief Internet Evangelist at Google. Along with TCP/IP co-developer Bob Kahn, Vinton Gray Cerf is traditionally referred to as one of the fathers and architects of the Internet, for the pair’s 1974 paper on ARPANET, work on which began in the previous year.

<https://diginomica.com/confessions-internet-pioneer-vint-cerfs-2020-vision-benefit-2020-hindsight>

 

How to test HTTP/3 and QUIC with Firefox Nightly

HTTP/3 is the third major version of the Hypertext Transfer Protocol, which takes the bold step of moving away from TCP to the new transport protocol QUIC in order to provide performance and security improvements.

<https://blog.cloudflare.com/how-to-test-http-3-and-quic-with-firefox-nightly/>

 

How to enable HTTP/3 support in Firefox

HTTP/3 is the next major version of the Hypertext Transfer Protocol and one of the main changes that will go along with it is that the new transport protocol QUIC will be used instead of TCP. QUIC is designed to improve the performance and security of Internet connections.

<https://www.ghacks.net/2020/07/01/how-to-enable-http-3-support-in-firefox/>

 

What is HTTP / 3 and how can you test it in Mozilla Firefox

... As promised by the experts and the IETF that develops it, HTTP / 3 offers much shorter load times thanks to its abandonment of the complementary TCP protocol in favor of the new QUIC (Quick UDP Internet Connections), an open source project based on the old UDP protocol.

<https://www.explica.co/what-is-http-3-and-how-can-you-test-it-in-mozilla-firefox/>

 

Case study: How GDS improved GOV.UK’s frontend performance with HTTP/2

Objectives: The aim was to improve the performance of GOV.UK for users, regardless of the type of device they use or their connection by enabling HTTP/2. During testing, the team identified a number of issues they needed to fix before they could fully enable HTTP/2.

<https://www.gov.uk/government/case-studies/how-gds-improved-govuks-frontend-performance-with-http2>

 

World's first complete 5G standard unveils future potential

Third Generation Partnership Project (3GPP), the entity in charge of establishing mobile telephony standards, announced the completion of 5G's second, but the first complete, standard on Friday after an online meeting among its global members.

<https://news.cgtn.com/news/2020-07-04/World-s-first-complete-5G-standard-unveils-future-potential-RR7ElgdOsU/index.html>

 

George Floyd: Twitter drops 'master', 'slave' and 'blacklist'

Social media platform Twitter is dropping the terms "master", "slave" and "blacklist" in favour of more inclusive language.

<https://www.bbc.com/news/business-53273923>

 

Where is the DNS Headed?

I was on a panel at the recent Registration Operations Workshop on the topic of DNS Privacy and Encryption. The question I found myself asking was: “What has DNS privacy to do with registration operations?”

<https://www.potaroo.net/ispcol/2020-06/row.html>

 

Measuring Route Origin Validation

How well are we doing with the adoption of Route Origin Validation in the Inter-Domain routing space? How many users can no longer reach a destination if the only available ROAs mark the destination announcement as invalid?

<https://www.potaroo.net/ispcol/2020-06/rov.html>

 

Will the Tech Workplace Ever Be the Same Again?

As the COVID-19 pandemic began its explosive spread through the United States, tech workers were among the first to switch to working at home in mass numbers. By early March, before regional stay-at-home orders came into play, most tech professionals at Microsoft and Amazon had switched to working at home, others would soon follow. Since then, Twitter announced that it would offer work-at-home as a permanent option to many of its employees, and Facebook also began planning for a large work-from-anywhere staff, but indicated that salaries would be adjusted to account for regional costs of living. On the other end of the spectrum, Apple developed a plan to bring employees back to the office in phases, starting this month.

<https://spectrum.ieee.org/view-from-the-valley/at-work/tech-careers/will-the-tech-workplace-ever-be-the-same-again>

 

The Emergent Third Act Of The Internet: It's Time To Invest

Cutting through the hype of edge computing means seeing the edge as more than a new take on an old thing but seeing it as the next step in the evolution of the internet itself. One of the best ways to see the full opportunity is to view the evolution of the internet as a three-act play. The third act is happening now, and it's time to invest.

<https://www.forbes.com/sites/forbestechcouncil/2020/07/03/the-emergent-third-act-of-the-internet-its-time-to-invest/#163ff5b79802>

 

A Brief History of Computing and the Web: From 17th Century Computers to Today's Digital Empires

Today, most of us depend heavily on the Internet, for everything from work, to managing our finances, answering correspondences, or our social lives. The applications of the web are both endless and vital to modern life.

<https://interestingengineering.com/a-brief-history-of-computing-and-the-web-from-17th-century-computers-to-todays-digital-empires>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home