[Newsclips] IETF SYN-ACK Newspack 2022-06-06

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

 

**********************

IETF IN THE NEWS

**********************

Tweaks to IPv4 could free up 'hundreds of millions of addresses'

... These are also outlined in four Internet Drafts filed with the Internet Engineering Task Force (IETF), which call for four categories of "special" addresses that are currently unavailable for standard addressing purposes to be redefined as ordinary unicast addresses, meaning they should no longer be regarded as reserved, invalid, or loopback addresses.

< <https://www.theregister.com/2022/06/01/ipv4_proposed_changes/> https://www.theregister.com/2022/06/01/ipv4_proposed_changes/>

 

Revitalising Global Internet Governance by Kieren McCarthy

... Most organisations are still run by internet engineers and much of the work remains highly technical, with participation largely self-limiting to other engineers. These bodies include: IETF, the internet’s main standards board, where any “technically competent” participant can contribute

< <https://institute.global/policy/revitalising-global-internet-governance> https://institute.global/policy/revitalising-global-internet-governance>

 

Relying on relays: The future of secure communication

... Simple VPN services only add one level of encryption to  the link between the client and the VPN server:  the VPN server can still see which services are being accessed, and by whom. In the Internet Engineering Task Force (IETF), the leading standardization body for Internet technologies, most of the activities related to these  goals of separating information are indicated by using the term Oblivious, but there’s also MASQUE (Multiplexed Application Substrate over QUIC Encryption) and a new to-be-chartered group called PPM (Privacy Preserving Measurements) that apply this communication pattern to different use cases.

< <https://www.ericsson.com/en/blog/2022/6/relays-and-online-user-privacy> https://www.ericsson.com/en/blog/2022/6/relays-and-online-user-privacy>

 

Financial regulators want organizations to modernize their business networks

... As an example, they say many member companies still rely on older versions of Transport Layer Security protocols that are out of step with more recent guidance developed for federal agencies by the National Institute for Standards and Technology. According to the non-profit Internet Engineering Task Force, upgrading from TLS version 1.1 to versions 1.2 and 1.3 and removing support for older versions “reduces the attack surface, reduces opportunity for misconfiguration, and streamlines library and product maintenance.”

< <https://www.scmagazine.com/analysis/critical-infrastructure/financial-regulators-to-organizations-obsolete-technology-putting-systems-at-risk> https://www.scmagazine.com/analysis/critical-infrastructure/financial-regulators-to-organizations-obsolete-technology-putting-systems-at-risk>

 

Transport network transformation : A critical component of the CSP to DSP journey

... To drive interoperability and minimise vendor differences, most optical networking vendors are moving away from vendor specific data models and embracing common ones, as defined collaboratively with organisations like OpenConfig, Open ROADM MSA, and the IETF.

< <https://www.vanillaplus.com/2022/06/02/70029-transport-network-transformation-a-critical-component-of-the-csp-to-dsp-journey/> https://www.vanillaplus.com/2022/06/02/70029-transport-network-transformation-a-critical-component-of-the-csp-to-dsp-journey/>

 

Call for Comment: (Report from the IAB Workshop on Analyzing IETF Data (AID), 2021)

This is an announcement of an IETF-wide Call for Comment on draft-iab-aid-workshop-01.

< <https://www.iab.org/2022/05/31/call-for-comment-report-from-the-iab-workshop-on-analyzing-ietf-data-aid-2021/> https://www.iab.org/2022/05/31/call-for-comment-report-from-the-iab-workshop-on-analyzing-ietf-data-aid-2021/>

 

Call for Feedback on Community Coordination Group Appointment

On behalf of the IETF, the IAB appoints three representatives to the Community Coordination Group (CCG), which provides advice and guidance to the IETF Trust in matters related to the IANA trademarks and the IANA domain names. The process for appointing these representatives is outlined in RFC 8090.

< <https://www.iab.org/2022/06/02/call-for-feedback-on-community-coordination-group-appointment/> https://www.iab.org/2022/06/02/call-for-feedback-on-community-coordination-group-appointment/>

 

Interoperabilität der Messenger: EU und IETF gegen babylonische Verwirrung [Messenger interoperability: EU and IETF against Babylonian confusion]

Es kommt selten vor, dass sich Gremien der Normungsinstitute und der Politik so günstig ergänzen, dass die Vorteile ihres gemeinsamen Ziels unmittelbar einleuchten.

< <https://www.heise.de/hintergrund/EU-und-IETF-gegen-babylonische-Messenger-Verwirrung-7096423.html> https://www.heise.de/hintergrund/EU-und-IETF-gegen-babylonische-Messenger-Verwirrung-7096423.html>

 

Frankreis Endung .fr bleibt in AFNICs Hand [France's extension .fr remains in AFNIC's hands]

... Für nicht näher benannte Entscheidungsträger soll ein vierteljährlicher Newsletter gestartet werden, der aktuelle Nachrichten von Internetverwaltungsträgern wie IETF, ICANN, CENTR oder RIPE enthält. Wer mehr wissen will: die Vereinbarung zwischen Frankreich und AFNIC steht ab sofort für jedermann in französischer Sprache zum Abruf bereit.

< <https://domain-recht.de/domain-registrierung/laender-endungen-cctld/cctlds-frankreis-endung-fr-bleibt-in-afnics-hand-68430.html> https://domain-recht.de/domain-registrierung/laender-endungen-cctld/cctlds-frankreis-endung-fr-bleibt-in-afnics-hand-68430.html>

 

Les modifications apportées à l'IPv4 pourraient libérer des millions d'adresses [Changes to IPv4 could free up millions of addresses]

... Celles-ci sont également exposées dans quatre projets Internet déposés auprès de l'Internet Engineering Task Force (IETF), qui demandent que quatre catégories d'adresses "spéciales", actuellement indisponibles à des fins d'adressage standard, soient redéfinies comme des adresses unicast ordinaires, ce qui signifie qu'elles ne devraient plus être considérées comme des adresses réservées, invalides ou de bouclage.

< <https://reseau.developpez.com/actu/334041/Les-modifications-apportees-a-l-IPv4-pourraient-liberer-des-millions-d-adresses-des-appels-a-definir-les-adresses-reservees-invalides-ou-de-bouclage-comme-des-adresses-de-monodiffusion-ordinaires/> https://reseau.developpez.com/actu/334041/Les-modifications-apportees-a-l-IPv4-pourraient-liberer-des-millions-d-adresses-des-appels-a-definir-les-adresses-reservees-invalides-ou-de-bouclage-comme-des-adresses-de-monodiffusion-ordinaires/>

 

Ajustes no IPv4 podem liberar milhões de endereços [Adjustments to IPv4 can release millions of addresses]

... Eles também são descritos em quatro rascunhos da Internet arquivados na Internet Engineering Task Force (IETF), que exigem que quatro categorias de endereços “especiais” que estão atualmente indisponíveis para fins de endereçamento padrão sejam redefinidos como endereços unicast comuns, o que significa que eles não devem mais ser considerados como endereços reservados, inválidos ou de loopback.

< <https://sempreupdate.com.br/ajustes-no-ipv4-podem-liberar-milhoes-de-enderecos/> https://sempreupdate.com.br/ajustes-no-ipv4-podem-liberar-milhoes-de-enderecos/>

 

EFF e Let’s Encnrypt Enthusiast propõem “liberar” 300 milhões de endereços IPv4 reservados [EFF and Let's Encnrypt Enthusiast propose to "release" 300 million reserved IPv4 addresses]

... O bloco 0.0.0.0/8 poderá fornecer outros 16 milhões de endereços, com exceção do único usado na prática 0.0.0.0. Você pode obter um pouco menos reduzindo o intervalo de endereços de loopback de 127.0.0.0/8 para /16. Todas essas mudanças são propostas como rascunhos para o IETF.

< <https://avalanchenoticias.com.br/mercado-de-tecnologia-e-ti-noticia/eff-e-lets-encnrypt-enthusiast-propoem-liberar-300-milhoes-de-enderecos-ipv4-reservados/> https://avalanchenoticias.com.br/mercado-de-tecnologia-e-ti-noticia/eff-e-lets-encnrypt-enthusiast-propoem-liberar-300-milhoes-de-enderecos-ipv4-reservados/>

 

IPv4’e uyarlamalar milyonlarca adresi serbest bırakabilir [Adaptations to IPv4 could free up millions of addresses]

... Bunlar ayrıca, standart adresleme amaçları için şu anda mevcut olmayan dört “özel” adres kategorisinin sıradan tek noktaya yayın adresleri olarak yeniden tanımlanmasını isteyen İnternet Mühendisliği Görev Gücü’ne (IETF) gönderilen dört İnternet taslağında da ana hatlarıyla belirtilmiştir. ayrılmış, geçersiz veya geri döngü adresleri olarak kabul edilir.

< <https://zamanbelcika.be/teknoloji/ipv4e-uyarlamalar-milyonlarca-adresi-serbest-birakabilir-kayit/55099/> https://zamanbelcika.be/teknoloji/ipv4e-uyarlamalar-milyonlarca-adresi-serbest-birakabilir-kayit/55099/>

 

啥都玫说之网络篇-9.2这个协议叫啥？ [What is the name of this protocol in the network chapter -9.2?]

... 为啥要发明SSL这个协议？因为原始的HTTP协议是明文的，存在很多缺点，比如传输内容会被偷窥（嗅探）和篡改。发明SSL协议，就是为了解决这些问题。到了1999年，SSL因为应用广泛，已经成为事实标准。IETF就在那年把SSL标准化。标准化之后的名称改为TLS是“Transport Layer Security”的缩写），中文叫做“传输层安全协议”。很多相关的文章都把这两者并列称呼，也就是SSL/TLS，因为这两者可以视作同一个东西的不同阶段，所以大多数文章也只写SSL。

< <https://www.sohu.com/a/553255551_121403434> https://www.sohu.com/a/553255551_121403434>

 

**********************

SECURITY & PRIVACY

**********************

Suspicious traffic alerts released to DASH

APNIC is pleased to announce the release of an ‘alerts’ feature in the Dashboard for Autonomous System Health (DASH). DASH can now offer APNIC Members who have an Autonomous System Number (ASN) triggered alerts as email messages.

< <https://blog.apnic.net/2022/06/02/suspicious-traffic-alerts-released-to-dash/> https://blog.apnic.net/2022/06/02/suspicious-traffic-alerts-released-to-dash/>

 

More mysterious DNS root query traffic from a large cloud/DNS operator

With so much traffic on the global Internet day after day, it’s not always easy to spot the occasional irregularity. After all, there are numerous layers of complexity that go into the serving of webpages, with multiple companies, agencies, and organizations each playing a role.

< <https://blog.apnic.net/2022/06/02/more-mysterious-dns-root-query-traffic-from-a-large-cloud-dns-operator/> https://blog.apnic.net/2022/06/02/more-mysterious-dns-root-query-traffic-from-a-large-cloud-dns-operator/>

 

us: Setting off on the Journey to the NIST Cybersecurity Framework (CSF) 2.0

Over the past few months, NIST has been seeking feedback on the use and improvements to its cybersecurity resources through the Request for Information (RFI) on “Evaluating and Improving NIST Cybersecurity Resources: The Cybersecurity Framework and Cybersecurity Supply Chain Risk Management.” In this RFI, NIST asked about evaluating and improving the NIST Cybersecurity Framework (CSF or Framework), use of the Framework in conjunction with other resources, and improving supply chain cybersecurity risk management.

< <https://www.nist.gov/blogs/cybersecurity-insights/setting-journey-nist-cybersecurity-framework-csf-20> https://www.nist.gov/blogs/cybersecurity-insights/setting-journey-nist-cybersecurity-framework-csf-20>

 

fr: Protect your emails thanks to the DNS (SPF, DKIM, DMARC)

Email is particularly targeted by scammers using phishing and identity theft. This can entail potentially significant costs for businesses affected. The DNS is an indispensable tool for organisations looking to protect themselves. As such, this article will present three authentication protocols using the DNS: DKIM, DMARC and SPF.

< <https://www.afnic.fr/en/observatory-and-resources/expert-papers/protect-your-emails-thanks-to-the-dns-spf-dkim-dmarc/> https://www.afnic.fr/en/observatory-and-resources/expert-papers/protect-your-emails-thanks-to-the-dns-spf-dkim-dmarc/>

 

se: Interview with Ulrich Wisser, outgoing chair of the Technical Working Group

CENTR’s longstanding co-chair of the Technical Working Group, Ulrich Wisser, recently left Internetstiftelsen to start a new chapter. We took the opportunity to look back at his time in the CENTR community and his invaluable contribution as a Working Group chair, and to ask him a few questions.

< <https://www.centr.org/news/news/interview-ulrich-wisser.html> https://www.centr.org/news/news/interview-ulrich-wisser.html>

 

Cybersecurity Takes Center Stage

Cybersecurity experts from every industry recently gathered at ServiceNow’s annual Knowledge conference in New York City. Through roundtables, panels, talks, and live demonstrations, they shared what they’re seeing on the front lines of cybersecurity—and what lies ahead. Here are the highlights.

< <https://www.forbes.com/sites/servicenow/2022/06/03/cybersecurity-takes-center-stage/> https://www.forbes.com/sites/servicenow/2022/06/03/cybersecurity-takes-center-stage/>

 

**********************

INTERNET OF THINGS

**********************

The Critical Role of Internet of Things (IoT) in Fighting Climate Change and Decarbonizing Our Planet by Alistair Fulton , Vice President and General Manager, Wireless and Sensing Products Group, Semtech

We have a generational opportunity to use IoT solutions to curb the acceleration of human-caused climate change. Consider these critical numbers in the U.S.: More than 60% of the primary energy used to create electricity is wasted during the conversion. Household water leaks waste roughly 900 billion gallons of water annually. Between 30% and 40% of food produced for consumers is wasted.

< <https://www.newsweek.com/critical-role-internet-things-iot-fighting-climate-change-decarbonizing-our-planet-1712448> https://www.newsweek.com/critical-role-internet-things-iot-fighting-climate-change-decarbonizing-our-planet-1712448>

 

What if ransomware evolved to hit IoT in the enterprise?

Forescout researchers have demonstrated how ransomware could spread through an enterprise from vulnerable Internet-of-Things gear.

< <https://www.theregister.com/2022/06/01/ransomware_iot_devices/> https://www.theregister.com/2022/06/01/ransomware_iot_devices/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

CIDR in Networking: Improved IP Routing Efficiency

CIDR (Classless Inter-Domain Routing) is a routing system in which network engineers can distribute IP addresses based on the size of their specific network. This is more efficient than the previous system, which assigned IP addresses depending on whether the size of a network fits into one of only three sizes: Class A, Class B, and Class C.

< <https://circleid.com/posts/20220531-cidr-in-networking-improved-ip-routing-efficiency> https://circleid.com/posts/20220531-cidr-in-networking-improved-ip-routing-efficiency>

 

U.S. Retakes Top Spot in Supercomputer Race

The United States has regained a coveted speed crown in computing with a powerful new supercomputer in Tennessee, a milestone for the technology that plays a major role in science, medicine and other fields.

< <https://www.nytimes.com/2022/05/30/business/us-supercomputer-frontier.html> https://www.nytimes.com/2022/05/30/business/us-supercomputer-frontier.html>

 

Tweaks to IPv4 could free up 'hundreds of millions of addresses'

It may be nearly three years since the world officially exhausted all of the available IPv4 internet addresses, but now a new initiative has been proposed that could free up hundreds of millions of addresses that are currently unused – or are they?

< <https://www.theregister.com/2022/06/01/ipv4_proposed_changes/> https://www.theregister.com/2022/06/01/ipv4_proposed_changes/>

 

Cutting down on IP address waste

At the APRICOT 2022 APOPS session earlier this year, I had the chance to present on the IPv4 Unicast Extensions Project. This project responds to the continued acute scarcity of IPv4 addresses by proposing changes that would free up hundreds of millions of addresses, or about 6 to 7% of the IPv4 address space.

< <https://blog.apnic.net/2022/05/31/cutting-down-on-ip-address-waste/> https://blog.apnic.net/2022/05/31/cutting-down-on-ip-address-waste/>

 

Expanding Horizons of Long-Haul Quantum Communications: Teleportation—the stuff of future quantum internets—no longer demands directly connected qubits

Since quantum teleportation first became a reality 25 years ago, scientists have pushed its limits. Teleportation—outside the Star Trek universe—consists of transmitting a quantum state from one system to another via quantum entanglement. The two quantum systems (two atoms in a laser trap) can be right next to one another, or they can be separated by arbitrarily large distances. Strange as it sounds, quantum teleportation has been widely observed in the lab and even harnessed in emerging quantum technologies. To date, scientists have achieved quantum teleportation across distances as great as 1,400 kilometers. Yet there are other kinds of limitations than physical distance. Until now, quantum teleportation could only happen between, say, atoms that had been in direct contact with each other.

< <https://spectrum.ieee.org/quantum-teleportation> https://spectrum.ieee.org/quantum-teleportation>

 

W3C Advisory Committee Elects Advisory Board

The W3C Advisory Committee has elected the following people to fill five seats on the W3C Advisory Board starting 1 July 2022: Wei Ding (Huawei), Tatsuya Igarashi (Sony), Florian Rivoal (W3C Invited Expert), Tzviya Siegman (Wiley) and David Singer (Apple) will join continuing participants Heejin Chung (Samsung), Avneesh Singh (DAISY Consortium), Eric Siow (Intel), Léonie Watson (TetraLogical), Chris Wilson (Google) and Hongru (Judy) Zhu (Alibaba).

< <https://www.w3.org/blog/news/archives/9568> https://www.w3.org/blog/news/archives/9568>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home