[Newsclips] IETF SYN-ACK Newspack 2021-01-18

David Goldstein <david@goldsteinreport.com> Mon, 18 January 2021 11:28 UTC

Return-Path: <david@goldsteinreport.com>
X-Original-To: newsclips@ietfa.amsl.com
Delivered-To: newsclips@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E6823A127E for <newsclips@ietfa.amsl.com>; Mon, 18 Jan 2021 03:28:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.888
X-Spam-Level:
X-Spam-Status: No, score=-1.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BSSxoP0wiGnh for <newsclips@ietfa.amsl.com>; Mon, 18 Jan 2021 03:28:38 -0800 (PST)
Received: from karkinos.atomiclayer.com (karkinos.atomiclayer.com [96.125.178.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F4B43A127C for <newsclips@ietf.org>; Mon, 18 Jan 2021 03:28:37 -0800 (PST)
Received: from DavidDesktop2019 (unknown [144.136.15.194]) by karkinos.atomiclayer.com (Postfix) with ESMTPSA id 9CA1F280712 for <newsclips@ietf.org>; Mon, 18 Jan 2021 06:28:34 -0500 (EST)
Authentication-Results: karkinos.atomiclayer.com; spf=pass (sender IP is 144.136.15.194) smtp.mailfrom=david@goldsteinreport.com smtp.helo=DavidDesktop2019
Received-SPF: pass (karkinos.atomiclayer.com: connection is authenticated)
From: "David Goldstein" <david@goldsteinreport.com>
To: <newsclips@ietf.org>
Date: Mon, 18 Jan 2021 22:28:33 +1100
Organization: Goldstein Report
Message-ID: <017401d6ed8d$1035a0d0$30a0e270$@goldsteinreport.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0175_01D6EDE9.43A68E00"
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-au
Thread-Index: AdbtjQuyA9GrTOjDTfyhBl/vi4uzCQ==
X-PPP-Message-ID: <20210118112835.2557730.2380@karkinos.atomiclayer.com>
X-PPP-Vhost: goldsteinreport.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/newsclips/nwA5n8GiYfnABGKWm7MY6jrZZJg>
Subject: [Newsclips] IETF SYN-ACK Newspack 2021-01-18
X-BeenThere: newsclips@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF News Clips <newsclips.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/newsclips>, <mailto:newsclips-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/newsclips/>
List-Post: <mailto:newsclips@ietf.org>
List-Help: <mailto:newsclips-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/newsclips>, <mailto:newsclips-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jan 2021 11:28:43 -0000

The IETF SYNACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

A Look Back at the World of IP Addressing in 2020: What Changed and What It Means By Geoff Huston Author & Chief Scientist at APNIC

Time for another annual roundup from the world of IP addresses. Let's see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. Back around 1992, the IETF gazed into their crystal ball and tried to understand how the Internet was going to evolve and what demands would be placed on the addressing system as part of the "IP Next Generation" study.

< <https://www.potaroo.net/ispcol/2021-01/addr2020.html> https://www.potaroo.net/ispcol/2021-01/addr2020.html>

< <https://blog.apnic.net/2021/01/15/addressing-2020/> https://blog.apnic.net/2021/01/15/addressing-2020/>

< <http://www.circleid.com/posts/20210117-a-look-back-at-the-world-of-ip-addressing-in-2020/> http://www.circleid.com/posts/20210117-a-look-back-at-the-world-of-ip-addressing-in-2020/>

 

Verisign Outreach Program Remediates Billions of Name Collision Queries

... While we partially rely on direct communication channel contact information, the key enabler of our outreach efforts has been Verisign’s relationships with the broader collective DNS community. Verisign’s active participation in various industry organizations within the ICANN and DNS communities, such as M3AAWG, FIRST, DNS-OARC, APWG, NANOG, RIPE NCC, APNIC, and IETF, enables us to identify and communicate with a broad and diverse set of constituents. In many cases, participants operate infrastructure involved in name collisions. In others, they are able to put us in direct contact with the appropriate parties.

< <https://blog.verisign.com/domain-names/verisign-outreach-program-remediates-billions-of-name-collision-queries/> https://blog.verisign.com/domain-names/verisign-outreach-program-remediates-billions-of-name-collision-queries/>

< <http://www.circleid.com/posts/20210115-verisign-program-remediates-billions-of-name-collision-queries/> http://www.circleid.com/posts/20210115-verisign-program-remediates-billions-of-name-collision-queries/>

 

Looking Back at 2020

... Over the past couple of years, delegated credentials for TLS has been developed by Cloudflare, Facebook, and Mozilla. This is also being documented as a proposed delegated credential IETF RFC.

< <https://securityboulevard.com/2021/01/looking-back-at-2020/> https://securityboulevard.com/2021/01/looking-back-at-2020/>

 

Hashing explained: Why it's your best bet to protect stored passwords

... For password hashing and storage a recent IETF draft recommends using Argon2 (the winner of the 2015 Password Hashing Competition), Bcrypt, Scrypt or PBKDF2. However, there is more to hashing than just the algorithm used. For example, a minimum password length of eight characters is also important because it makes brute-force attacks that rely on dictionary attacks—lists of common passwords from other data breaches—much harder.

< <https://www.csoonline.com/article/3602698/hashing-explained-why-its-your-best-bet-to-protect-stored-passwords.html> https://www.csoonline.com/article/3602698/hashing-explained-why-its-your-best-bet-to-protect-stored-passwords.html>

 

Open Services Alliances for Media (OSA) Creates IMF Registration API

... SMPTE ST 2126 took a similar path from the OSA through SMPTE. The project focused on the fundamental challenge of implementing multivendor, multicloud, microservice-based solutions, which lacked a standardized, common means of reporting back the success (or failure) of their execution. The OSA used input from the IETF and EBU to design a flexible yet standardized framework for status reporting and logging, and contributed the resulting draft to SMPTE, which created the public CD.

< <https://www.sportsvideo.org/2021/01/15/open-services-alliances-for-media-osa-creates-imf-registration-api/> https://www.sportsvideo.org/2021/01/15/open-services-alliances-for-media-osa-creates-imf-registration-api/>

 

Enea: 8 Trends Will Shape 5G Mobile Data in 2021

... Blinding encryption: Operators could be blinded by new OTT encryption protocols being introduced in 2021 - even before standards are agreed. Currently over 85% of traffic on mobile networks is encrypted and operators have relied on traditional optimization technology to manage this so far. This will change dramatically during 2021. The Internet Engineering Task Force (IETF) will introduce new protocols in the shape of DoH (DNS over HTTPS), DoT (DNS over TLS) and eSNI (encrypted Server Name Indication). Some countries such as China and Russia have banned these protocols, yet DoH could go mainstream around the middle of 2021 as OTTs increasingly look to centralize and control the internet via encryption.

< <https://www.enea.com/company/newsroom/press-releases/press-release?slug=enea-8-trends-will-shape-5g-mobile-data-in-2021> https://www.enea.com/company/newsroom/press-releases/press-release?slug=enea-8-trends-will-shape-5g-mobile-data-in-2021>

 

Revolution in den Tiefen des Internets [Revolution in the depths of the internet]

Schneller soll alles werden im Netz, und das nicht nur dort, wo dicke Leitungen ein ineffizientes Verkehrsmanagement auf der Datenautobahn ausgleichen können, sondern überall. Insbesondere die großen Plattformen haben Heerscharen von Entwicklern darauf angesetzt, an der Beschleunigung des Verkehrs zu arbeiten, damit die immer neuen Apps und deren Inhalte ruckelfrei beim Nutzer ankommen. Mit dem von Google eingebrachten Protokoll Quic glaubt die Internet Engineering Task Force (IETF), wichtigste Standardisierungsorganisation für die Basisprotokolle des Internet, jetzt einen aussichtsreichen Nachfolger für das gute alte Transport Control Protocol (TCP) gefunden zu haben.

< <https://www.sueddeutsche.de/digital/internet-schneller-google-tcp-protokoll-verschluesselung-1.5171790> https://www.sueddeutsche.de/digital/internet-schneller-google-tcp-protokoll-verschluesselung-1.5171790>

< <https://www.derbund.ch/so-soll-das-internet-schneller-und-sicherer-werden-622970018870> https://www.derbund.ch/so-soll-das-internet-schneller-und-sicherer-werden-622970018870>

 

Hashing: Der beste Schutz für gespeicherte Kennwörter [Hashing: The best protection for stored passwords]

... Für das Hashing und die Speicherung von Passwörtern empfiehlt ein aktueller IETF-Entwurf die Verwendung von Argon2 (dem Gewinner der 2015 Password Hashing Competition), Bcrypt, Scrypt oder PBKDF2. Zum Hashing gehört jedoch mehr als nur der verwendete Algorithmus. Zum Beispiel ist eine minimale Passwortlänge von acht Zeichen auch wichtig, weil es Brute-Force-Angriffe, die auf Wörterbuchangriffen beruhen – Listen von häufigen Passwörtern aus anderen Datenverletzungen – viel schwieriger macht.

< <https://computerwelt.at/knowhow/hashing-der-beste-schutz-fuer-gespeicherte-kennwoerter/> https://computerwelt.at/knowhow/hashing-der-beste-schutz-fuer-gespeicherte-kennwoerter/>

 

Huawei elige a la UCLM para poner en marcha su primera unidad de investigación en España [Huawei chooses UCLM to launch its first research unit in Spain]

La Universidad de Castilla-La Mancha (UCLM), la Universitat Politècnica de València (UPV) y la empresa Huawei Technologies han puesto en marcha la primera unidad de investigación e innovación conjunta (Joint Innovation Lab) que la multinacional china ha impulsado en España. Hasta el momento, se ha publicado el desarrollo de dos variantes de un nuevo mecanismo de control de congestión para la red Ethernet, se han tramitado dos patentes conjuntas y está cerca de completarse el proceso de su estandarización en IEEE e IETF.

< <https://www.eldigitalcastillalamancha.es/actualidad/763169400/Huawei-elige-a-la-UCLM-para-poner-en-marcha-su-primera-unidad-de-investigacion-en-Espana.html> https://www.eldigitalcastillalamancha.es/actualidad/763169400/Huawei-elige-a-la-UCLM-para-poner-en-marcha-su-primera-unidad-de-investigacion-en-Espana.html>

 

Internet, información y ciberderechos [Internet, information and cyber-right]

... Pero, ¿quién manda en el ciberespacio? ¿Gobierna la anarquía? ¿Qué autoridad debe proteger los datos personales del usurario? ¿Cómo debería de ser regulado? ¿En Sinaloa estamos preparados para enfrentar la ciberdelincuencia? ¿Y el ciberderecho? Es de conocimiento universal que existen cuatro organismos esenciales a nivel mundial y votados universalmente —IETF, Icann, ISOC, WWWC— que son los encargados de la operatividad, desarrollo, impulso y protección de la red del internet.Aunque pareciera que el internet tradicional o Clearnet —el que usamos comúnmente— es inmenso, sólo representa poco más del 10 por ciento de la red, el resto del contenido se encuentra en la Deep Web —Internet Profundo—, como mencionaba anteriormente, muchas veces asociado con un internet peligroso, por no ser el comercial.Actualmente, el internet debe de ser considerado como una necesidad primordial, prácticamente la mayoría de la población de los países desarrollados tiene acceso —en México el 70.1 por ciento de la población—, sin embargo, no todos tienen la facilidad económica para pagarlo. Si queremos educar en igualdad de circunstancias, que nuestros niños y jóvenes sinaloenses puedan tener las capacidades y herramientas para estar en el futuro a la altura de los que habitan en otros países, tendríamos que priorizar y establecer en la agenda gubernamental que el uso del internet en nuestros estudiantes sea universal y gratuito, cuidando la calidad de la información, respetando siempre la libertad de expresión y su contenido.

< <https://www.debate.com.mx/opinion/Jesus-Ibarra-Ramos-Internet-informacion-y-ciberderechos-20210115-0306.html> https://www.debate.com.mx/opinion/Jesus-Ibarra-Ramos-Internet-informacion-y-ciberderechos-20210115-0306.html>

 

ZTEがハイエンドルーターで中国初のBIERマルチキャストプロジェクトを独占的に獲得 [ZTE exclusively win China's first BIER multicast project with high-end routers]

... ZTEはBIERマルチキャスト技術の研究の重要な参加者として、IETF(Internet Engineering Task Force)に多数のBIER提案を提出し、初のIPV6ベースのBIERin6カプセル化を導入して業界で広く注目されています。

< <https://www.jiji.com/jc/article?k=000000007.000055011&g=prt> https://www.jiji.com/jc/article?k=000000007.000055011&g=prt>

 

**********************

SECURITY & PRIVACY

**********************

Digital Ocean Minds its MANRS Alongside Other Service Providers

Digital Ocean has become the latest service provider to join a Mutually Agreed Norms for Routing Security (MANRS) initiative, led by content delivery networks (CDNs) and cloud service providers, to reduce common routing security threats.

< <https://securityboulevard.com/2021/01/digital-ocean-minds-its-manrs-alongside-other-service-providers/> https://securityboulevard.com/2021/01/digital-ocean-minds-its-manrs-alongside-other-service-providers/>

 

AI set to replace humans in cybersecurity by 2030, says Trend Micro

In 2021 Trend Micro predicts that cybercriminals will look to home networks as a critical launch pad to compromising corporate IT and IoT networks.

< <https://www.zdnet.com/article/ai-set-to-replace-humans-in-cybersecurity-by-2030-says-trend-micro/> https://www.zdnet.com/article/ai-set-to-replace-humans-in-cybersecurity-by-2030-says-trend-micro/>

 

Cryptographic Tools for Non-Existence in the Domain Name System: NSEC and NSEC3: second in a multi-part blog series on cryptography and the DNS

In my previous post, I described the first broad scale deployment of cryptography in the DNS, known as the DNSSEC. I described how a name server can enable a requester to validate the correctness of a “positive” response to a query — when a queried domain name exists — by adding a digital signature to the DNS response returned.

< <https://blog.verisign.com/security/cryptographic-tools-for-non-existence-in-the-domain-name-system-nsec-and-nsec3/> https://blog.verisign.com/security/cryptographic-tools-for-non-existence-in-the-domain-name-system-nsec-and-nsec3/>

 

Newer Cryptographic Advances for the Domain Name System: NSEC5 and Tokenized Queries: third in a multi-part blog series on cryptography and the DNS

In my last post, I looked at what happens when a DNS query renders a “negative” response – i.e., when a domain name doesn’t exist. I then examined two cryptographic approaches to handling negative responses: NSEC and NSEC3. In this post, I will examine a third approach, NSEC5, and a related concept that protects client information, tokenized queries.

< <https://blog.verisign.com/security/newer-cryptographic-advances-for-the-domain-name-system-nsec5-and-tokenized-queries/> https://blog.verisign.com/security/newer-cryptographic-advances-for-the-domain-name-system-nsec5-and-tokenized-queries/>

 

BGP Attacks Pose A Substantial Operation Risk -- Are Enterprises Paying Attention?

When it comes to enterprise cyber risks, it is accepted wisdom that CISOs and internal security teams need to stay abreast of new risks and threats to their business. These days, those risks run the gamut from widespread and remotely exploitable software holes to new ransomware variants to nation-state hacking crews.

< <https://www.forbes.com/sites/forbestechcouncil/2021/01/11/bgp-attacks-pose-a-substantial-operation-riskare-enterprises-paying-attention/> https://www.forbes.com/sites/forbestechcouncil/2021/01/11/bgp-attacks-pose-a-substantial-operation-riskare-enterprises-paying-attention/>

 

us: A Risk-based Approach to National Cybersecurity

Systemic Cyber Risk ReductionThe importance of cyber good practices and implementation of widely endorsed security controls to safeguard digital enterprises cannot be overstated. Whether it’s ransomware impacting schools and hospitals or data exfiltration compromising Americans’ sensitive information, the impact of cybersecurity – or cyber insecurity – on our daily lives is more visible than ever before. The events of the past few months with an advanced persistent threat (APT) actor compromising the SolarWinds Orion platform and engaging in widespread abuse of commonly used authentication mechanisms is only further testament to this reality.

< <https://www.cisa.gov/blog/2021/01/14/risk-based-approach-national-cybersecurity> https://www.cisa.gov/blog/2021/01/14/risk-based-approach-national-cybersecurity>

 

ICANN Org Launches Audit of Registrar Compliance with DNS Security Threat Obligations

ICANN today announced the launch of an audit program aimed at reviewing how registrars are fulfilling their contractual obligations related to addressing reports of potentially abusive domains.

< <https://www.icann.org/news/announcement-2021-01-15-en> https://www.icann.org/news/announcement-2021-01-15-en>

 

**********************

INTERNET OF THINGS

**********************

The threat and opportunity of the Internet of Things

CIOs should be readying their organizations for an era when 60 billion sensors dominate the Internet, says Dr Joseph Reger who heads up the Technology Office of Global Business at Fujitsu.

< <https://www.i-cio.com/big-thinkers/dr-joseph-reger/item/the-threat-and-opportunity-of-the-internet-of-things> https://www.i-cio.com/big-thinkers/dr-joseph-reger/item/the-threat-and-opportunity-of-the-internet-of-things>

 

The economic renaissance led by the Internet of Things

Innovation designer Vito Di Bari sees the addition of online intelligence to billions of everyday objects as the catalyst for the next industrial revolution.

< <https://www.i-cio.com/big-thinkers/vito-di-bari/item/how-the-internet-of-things-will-create-a-new-economic-renaissance> https://www.i-cio.com/big-thinkers/vito-di-bari/item/how-the-internet-of-things-will-create-a-new-economic-renaissance>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

Upcoming Streaming Trends of 2021

Little did the world know that a respiratory virus would accelerate the streaming industry in all aspects, be it quality, quantity, or pricing. With Covid-19 lockdowns, the world witnessed the greatest spike in demand for online video streaming. Not only has the world of streaming movies and shows witnessed this growth, in fact, even with the use of applications such as Skype and Zoom increased rapidly. ... With the need for a high speed internet to stream 4k and 8k videos and play graphically heavy games it is important for the internet to have lower latency so you can enjoy these services in full swing. It is expected that QUIC and HTTP/3: HTTP/3 will help to enhance the web globally for everyone. Continued progress would introduce HTTP/3 and QUIC from budding standards to commonly accepted web-enhancing technologies.

< <https://innov8tiv.com/upcoming-streaming-trends-of-2021-2/amp/> https://innov8tiv.com/upcoming-streaming-trends-of-2021-2/amp/>

 

.NET 5強化多項網路功能,並開始提供HTTP/3實驗性支援 [.NET 5 reinforces several network features and begins to provide HTTP/3 experimental support]

.NET 5在去年的時候正式發布,而直到現在微軟才詳細地揭露,他們對.NET 5網路堆疊所做的功能強化,獲得改善的網路功能範疇,包括HTTP、Sockets、網路相關安全性以及部分網路原語。

< <https://www.ithome.com.tw/news/142184> https://www.ithome.com.tw/news/142184>

 

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home