[Newsclips] IETF SYN-ACK Newspack 2022-09-12

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Digital great game: The West’s standoff against China and Russia

The wonky world of global tech standards is usually far from a "Game of Thrones" melodrama. But ahead of a critical election at a key United Nations agency later this month, the world's top telecommunications and government officials have all embraced their inner Khaleesi. ... "China is taking some of the proposals that would normally be raising in the ITU to the IETF," said Mallory Knodel, chief technology officer at Centre for Democracy & Technology, a Washington-based nonprofit organization, and member of the U.S. delegation to the upcoming ITU meeting, in reference to another standards body.

< <https://www.politico.eu/article/itu-global-standard-china-russia-tech/> https://www.politico.eu/article/itu-global-standard-china-russia-tech/>

 

US seeks standards dominance, lets Huawei access previously forbidden crypto tech

... China and Huawei argue that their proposed networking standards are needed to ready the internet for future applications. Critics point out that China's standards are being advanced through the International Telecommunications Union (ITU), rather than the usual standards-setting bodies: the IETF or Institute of Electrical and Electronics Engineers (IEEE).

< <https://www.theregister.com/2022/09/09/bis_eases_tech_export_restrictions/> https://www.theregister.com/2022/09/09/bis_eases_tech_export_restrictions/>

 

Disney & Lumen: Partnering on CDN configuration standards

IBC2022: The interchange of content delivery configuration metadata, capacity limits, and logs between the various entities in the delivery ecosystem is essential for efficient interoperability. Standardization of these data models and interfaces becomes particularly important as content providers such as Disney employ multi-CDN and open caching strategies and want to avoid bespoke configurations and integrations with each vendor. This talk discusses the collaborative work that Disney and Lumen have been leading through the Streaming Video Technology Alliance (SVTA) and the IETF CDNI Working Group to create and promote these emerging standards.

< <https://www.ibc.org/video/disney-and-lumen-partnering-on-cdn-configuration-standards/8955.article> https://www.ibc.org/video/disney-and-lumen-partnering-on-cdn-configuration-standards/8955.article>

 

Assure next-generation networks by exploiting data intelligence

... Nevertheless, given the dynamicity of next-generation networks, the inventory too must evolve to become dynamic, so it can receive live updates from the network to enrich the data it stores. Here, due to the need to integrate with multiple data sources, alignment with standard bodies such as 3GPP, ETSI and IETF will be key.

< <https://www.lightreading.com/assure-next-generation-networks-by-exploiting-data-intelligence/a/d-id/780044> https://www.lightreading.com/assure-next-generation-networks-by-exploiting-data-intelligence/a/d-id/780044>

 

IETF Standardization Director: Nozay, France, France

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world. We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work. IETF protocols will play a strategic role on various levels to enable the vision of an 6G era world, enabling strong critical business and consumer applications.

< <https://careers.nokia.com/jobs/ietf-standardization-director-83440> https://careers.nokia.com/jobs/ietf-standardization-director-83440>

 

What is Sender Policy Framework (SPF)? – A Bit of History

... Multiple proposals were sent to the IETF Anti-Spam Research Group, including the Reverse MX (RMX) by Hadmut Danisch and ‘Designated Mailer Protocol’ (DMP) by Gordon Fecyk.

< <https://easydmarc.com/blog/what-is-sender-policy-framework-spf-a-bit-of-history/> https://easydmarc.com/blog/what-is-sender-policy-framework-spf-a-bit-of-history/>

< <https://securityboulevard.com/2022/09/what-is-sender-policy-framework-spf-a-bit-of-history/> https://securityboulevard.com/2022/09/what-is-sender-policy-framework-spf-a-bit-of-history/>

 

What is DHCP (Dynamic Host Configuration Protocol)? Meaning, Working, and Features

... Dynamic Host Configuration Protocol (DHCP) is a protocol used by devices linked to the internet to guide the distribution and use of IP addresses. The internet exists heavily regulated by a series of guidelines, principles, and standards generally called protocols. All these protocols are standardized by the IETF. These public standards are critical because they ensure that devices and programs, irrespective of who created them, are compatible with others worldwide.

< <https://www.spiceworks.com/tech/networking/articles/what-is-dhcp/> https://www.spiceworks.com/tech/networking/articles/what-is-dhcp/>

 

What Is EST (Enrollment Over Secure Transport)?

... EST is recognized for its ease of use and its security features, including the use of HTTPS for secure transport and transport layer security (TLS) for client and server security. It also supports additional cryptographic algorithms such as elliptic curve cryptography (ECC) and elliptic curve digital signature algorithm (ECDSA), unlike other widely used certificate management protocols like Simple Certificate Enrollment Protocol (SCEP), which was sponsored by Cisco and developed in the 1990s. As a result, EST has been put forward as a replacement for SCEP by the IETF working group.

< <https://sectigo.com/resource-library/what-is-enrollment-over-secure-transport> https://sectigo.com/resource-library/what-is-enrollment-over-secure-transport>

< <https://securityboulevard.com/2022/09/what-is-est-enrollment-over-secure-transport/> https://securityboulevard.com/2022/09/what-is-est-enrollment-over-secure-transport/>

 

What Is MPLS (Multi-Protocol Label Switching)? Definition, Working, and Architecture

... Multi-Protocol Label Switching was initially released in 2001 by the IETF. It released both the architecture of the technology and its label stack encoding. MPLS performed similarly to the ATM switch as a faster routing technique than the conventional method. MPLS, however, did not have the setbacks ATM had. MPLS also has the advantage of out-of-band control and maintenance of traffic engineering.

< <https://www.spiceworks.com/tech/networking/articles/what-is-mpls/> https://www.spiceworks.com/tech/networking/articles/what-is-mpls/>

 

O que é um RFC? | Request for Comments [What is an RFC?]

RFC é a sigla designada para Request for Comments (pedido para comentários, em português). Trata-se de documentos técnicos desenvolvidos e mantidos pela IETF (Internet Enginnering Task Force), instituição que especifica os padrões que serão implementados e utilizados em toda a internet.

< <https://www.terra.com.br/byte/o-que-e-um-rfc-request-for-comments,78879c9cfdc351cbf5c8e9aaac23aac2woftb9ob.html> https://www.terra.com.br/byte/o-que-e-um-rfc-request-for-comments,78879c9cfdc351cbf5c8e9aaac23aac2woftb9ob.html>

 

DID行业研究报告 [DID Industry Research Report]

... 1.4 IETF: 作为互联网的主要技术组织，在DID方面的参与主要在于结合DID和DNS。

< <https://www.36kr.com/p/1906057140749184> https://www.36kr.com/p/1906057140749184>

 

巴西专家：联合国“管不了”互联网，因为美国把它当作“自留地” [Brazilian expert: The United Nations "can't control" the Internet because the United States treats it as "reserved land"]

... 这些机构包括：互联网工程任务组(IETF)，负责研发和制定互联网技术标准和协议（如IPv4和IPv6），还有互联网名称与数字地址分配机构(ICANN)，负责保障全球互联网域名的互用性，对接互联网行业的利益相关方，如政府、公司、科学家和国际组织等。2016年，ICANN接管了美国商务部下属的互联网地址编码分配机构(IANA) 的互联网域名管理职能，这至少在理论上标志着美国政府直接管控互联网时代的结束。

< <https://wap.xinmin.cn/content/32228073.html> https://wap.xinmin.cn/content/32228073.html>

< <https://www.xhby.net/tuijian/202209/t20220907_7688809.shtml> https://www.xhby.net/tuijian/202209/t20220907_7688809.shtml>

 

构建开放服务互联网络 把脉IP网络演进 [Build an open service interconnection network and evolve the pulse IP network]

... 2021年，中兴通讯曾与合作伙伴一起发布了《IP网络未来演进技术白皮书1.0》，提出了IP网络演进的一系列新的理念。其后，中兴通讯与合作伙伴密切协作，将理念落实为技术标准，包括十多个国内标准，以及在IETF、ITU-T等国际标准组织框架内提出的二十多个草案。史伟强表示，中兴通讯围绕未来IP网络的三大关键技术都研发出了样机，联合中国信通院进行了确定性网络方向的联合探索，在CENI网上验证了网络内生安全能力，与运营商合作验证了算力路由技术，获得了有益的实践经验。

< <https://www.sohu.com/a/582524011_265192> https://www.sohu.com/a/582524011_265192>

 

采用以太网AVB技术的时间敏感型车载网络 [Time-sensitive in-vehicle network with Ethernet AVB technology]

... RTP和RTCP（IETF RFC 3550）均为基于IP的网络协议，适用于通过以太网传输音频和视频数据。这些协议多年来已广泛用于各种工业级和消费类设备，包括视频监控摄像头和对讲设备。IEEE 1733是RTP/RTCP的改编版本，适用于通过AVB进行同步传输，因此可作为基于IP的解决方案替代IEEE 1722。

< <https://www.eet-china.com/news/202209061156.html> https://www.eet-china.com/news/202209061156.html>

 

通信のお約束「プロトコル [Promises of communication "Protocol"]

... TCP/IPプロトコルスイート（以下TCP/IP）は、インターネットで通信するために標準化されたプロトコルを総称した呼び方です。IETFという標準化団体によって定められています。

< <https://news.mynavi.jp/techplus/article/networksyosinsya-3/> https://news.mynavi.jp/techplus/article/networksyosinsya-3/>

< <https://news.biglobe.ne.jp/it/0906/mnn_220906_1819013177.html> https://news.biglobe.ne.jp/it/0906/mnn_220906_1819013177.html>

 

واشنطن تخشى “الإنترنت البديل” .. “الصين-أميركا-أوروبا”: من يتحكم غدًا بالشبكة العنكبوتية ؟ [Washington fears "alternative internet" .. "China-America-Europe": Who will control the web tomorrow?]

... وتُعد “مجموعة مهندسي شبكة الإنترنت”؛ (IETF)، مثالاً على ذلك، فهي هيئة دولية رائدة تأسست عام 1986، وتضم عددًا من الباحثين والأكاديميين والمهندسين في مجال تطوير بنية شبكة الإنترنت، وبذلك تتبع هذه المجموعة نموذج أصحاب المصلحة، إذ تعمل على تطوير وتعزيز معايير “الإنترنت” الطوعية، مثل تلك التي تُشكل (TCP/IP)، كما لعبت المجموعة دورًا أساسيًا في تشكيل غالبية بروتوكولات الشبكات الرئيسة لـ”الإنترنت”.

< <https://kitabat.com/news/واشنطن-تخشى-الإنترنت-البديل-الصين-أم/> https://kitabat.com/news/واشنطن-تخشى-الإنترنت-البديل-الصين-أم/>

 

**********************

SECURITY & PRIVACY

**********************

Under the hood of DANE mismanagement in SMTP

DNS-based Authentication of Named Entities (DANE) was introduced in 2012 to support the authentication of a communication peer (for example, a TLS connection) without relying on Certificate Authorities (CAs).

< <https://blog.apnic.net/2022/09/09/under-the-hood-of-dane-mismanagement-in-smtp/> https://blog.apnic.net/2022/09/09/under-the-hood-of-dane-mismanagement-in-smtp/>

 

European Cybersecurity Challenge 2022: Final Countdown Before Kick-off in Vienna

The 2022 edition of the European Cybersecurity Challenge will start on Tuesday, 13th September. The event is organised by the European Union Agency for Cybersecurity (ENISA) with the support of the European Commission, and of EU Member States.

< <https://www.enisa.europa.eu/news/enisa-news/european-cybersecurity-challenge-2022-final-countdown-before-kick-off-in-vienna> https://www.enisa.europa.eu/news/enisa-news/european-cybersecurity-challenge-2022-final-countdown-before-kick-off-in-vienna>

 

us: CISA Welcomes Input on New Cyber Incident Reporting Requirements

Today, the Cybersecurity and Infrastructure Security Agency (CISA) announced their plans to issue a Request for Information (RFI) soliciting public input on approaches to implementing the cyber incident reporting requirements, pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which President Biden signed into law in March 2022. The RFI will publish in the Federal Register on Monday, September 12 and provide the public with 60 days to provide their written submissions.

< <https://www.cisa.gov/news/2022/09/09/cisa-welcomes-input-new-cyber-incident-reporting-requirements> https://www.cisa.gov/news/2022/09/09/cisa-welcomes-input-new-cyber-incident-reporting-requirements>

 

**********************

INTERNET OF THINGS

**********************

LEAK: Commission to introduce cyber requirements for Internet of Things products

The proposal for a Cyber Resilience Act that will be presented next week will mandate baseline cybersecurity standards for all connected devices and stricter conformity assessment procedures for critical products, according to a draft seen by EURACTIV.

< <https://www.euractiv.com/section/cybersecurity/news/leak-commission-to-introduce-cyber-requirements-for-internet-of-things-products/> https://www.euractiv.com/section/cybersecurity/news/leak-commission-to-introduce-cyber-requirements-for-internet-of-things-products/>

 

Draft EU rules target smart devices with cybersecurity risks

Smart devices connected to the internet such as fridges and TVs will have to comply with tough European Union cybersecurity rules or risk being fined or banned from the bloc, according to a European Commission document seen by Reuters on Thursday.

< <https://www.reuters.com/technology/draft-eu-rules-target-smart-devices-with-cybersecurity-risks-2022-09-08/> https://www.reuters.com/technology/draft-eu-rules-target-smart-devices-with-cybersecurity-risks-2022-09-08/>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

A second look at QUIC use

A couple of months ago, in July 2022, I wrote about our work in measuring the level of use of QUIC in the Internet. Getting this measurement ‘right’ has been an interesting exercise, and it’s been a learning experience that I’d like to relate. We’ll start from the end of the previous article and carry on from there.

< <https://www.potaroo.net/ispcol/2022-09/quic2.html> https://www.potaroo.net/ispcol/2022-09/quic2.html>

< <https://blog.apnic.net/2022/09/07/a-second-look-at-quic-use/> https://blog.apnic.net/2022/09/07/a-second-look-at-quic-use/>

 

The packet number space debate in multipath QUIC

Abstract: With a standardization process that attracted much interest, QUIC can been seen as the next general-purpose transport protocol. Still, it does not provide true multipath support yet, missing some use cases that Multipath TCP addresses. To fill that gap, the IETF recently adopted a Multipath proposal merging several proposed designs. While it focuses on its core components, there still remains one major design issue: the amount of packet number spaces that should be used. This paper provides experimental results with two different Multipath QUIC implementations based on NS3 simulations to understand the impact of using one packet number space per path or a single packet number space for the whole connection. Our results show that using one packet number space per path makes Multipath QUIC more resilient to the receiver's heuristics to acknowledge packets and detect duplicates.

< <https://dl.acm.org/doi/abs/10.1145/3561954.3561956> https://dl.acm.org/doi/abs/10.1145/3561954.3561956>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Payment Request API and Payment Method Identifiers are W3C Recommendations

The Web Payments Working Group have published Recommendations of Payment Request API and Payment Method Identifiers.

< <https://www.w3.org/blog/news/archives/9672> https://www.w3.org/blog/news/archives/9672>

 

W3C Accessibility Maturity Model

Why Does Accessibility Need a Maturity Model? It’s not enough to get a product accessible. The entire product experience should be accessible, and organizations need to implement processes and systems that can objectively measure whether the correct steps have been taken to keep the product experience accessible.

< <https://www.w3.org/blog/2022/09/w3c-accessibility-maturity-model/> https://www.w3.org/blog/2022/09/w3c-accessibility-maturity-model/>

 

Metamaterials Could Solve One of 6G’s Big Problems: There’s plenty of bandwidth available if we use reconfigurable intelligent surfaces

For all the tumultuous revolution in wireless technology over the past several decades, there have been a couple of constants. One is the overcrowding of radio bands, and the other is the move to escape that congestion by exploiting higher and higher frequencies. And today, as engineers roll out 5G and plan for 6G wireless, they find themselves at a crossroads: After years of designing superefficient transmitters and receivers, and of compensating for the signal losses at the end points of a radio channel, they’re beginning to realize that they are approaching the practical limits of transmitter and receiver efficiency. >From now on, to get high performance as we go to higher frequencies, we will need to engineer the wireless channel itself. But how can we possibly engineer and control a wireless environment, which is determined by a host of factors, many of them random and therefore unpredictable?

< <https://spectrum.ieee.org/metamaterials-could-solve-one-of-6gs-big-problems> https://spectrum.ieee.org/metamaterials-could-solve-one-of-6gs-big-problems>

 

Sender pays

In September 2012, the European Telecommunications Networks Operators’ Association (ETNO), most notably Deutsche Telekom, France Telecom, and fellow legacy telcos in Europe published a contribution to the 2012 World Conference in International Telecommunications (WCIT-12) with a proposal for regulatory reform that, in ETNO’s words, would compel content providers to directly contribute to the costs on Internet communications infrastructure. Or, in their words, “… advocating for an adequate return on investment based, where appropriate, on the principle of sending party network pays.”

< <https://www.potaroo.net/ispcol/2022-09/senderpays.html> https://www.potaroo.net/ispcol/2022-09/senderpays.html>

< <https://blog.apnic.net/2022/09/09/sender-pays/> https://blog.apnic.net/2022/09/09/sender-pays/>

 

‘Future of cyberspace’ on the line as US, Russia square off

Later this month, diplomats from around the world will assemble in Bucharest, Romania. On September 29, the doors to one of the 1100 rooms within the enormous Palace of Parliament, built at the behest of the country’s former communist dictator, Nicolae Ceausescu, will close.

< <https://www.smh.com.au/technology/future-of-cyberspace-on-the-line-as-us-russia-square-off-20220910-p5bh27.html> https://www.smh.com.au/technology/future-of-cyberspace-on-the-line-as-us-russia-square-off-20220910-p5bh27.html>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home