[Newsclips] IETF SYN-ACK Newspack 2022-11-28

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

The RIPE Chair Team Reports - November 2022

With RIPE 85, IETF 115, an ISOC members meeting, an ICANN webinar on Internet legislation, and many other events, November has been a busy time for the Internet community. As the RIPE Chair Team, one of our tasks is it to keep an eye on developments that are relevant to the RIPE community and to report back to you. So let's jump right in!

< <https://labs.ripe.net/author/mirjam_kuhne/the-ripe-chair-team-reports-november-2022/> https://labs.ripe.net/author/mirjam_kuhne/the-ripe-chair-team-reports-november-2022/>

 

IBM To Stop Unencrypted Fix Downloads In February

... “Many leaders of the internet industry – such as World Wide Web Consortium (W3C), IETF, and Internet Architecture Board (IAB) – state that universal use of encryption is the way forward for the Internet traffic,” the announcement reads.

< <https://www.itjungle.com/2022/11/28/ibm-to-stop-unencrypted-fix-downloads-in-february/> https://www.itjungle.com/2022/11/28/ibm-to-stop-unencrypted-fix-downloads-in-february/>

 

Three networking initiatives that will unleash the future of digital productivity

... Agile O&M: IFIT is cool. It’s an IETF-proposed standard network measurement protocol which embeds tracking and diagnostic packets into network traffic. Those packets provide better visibility into network behaviour.

< <https://mg.co.za/special-reports/2022-11-22-three-networking-initiatives-that-will-unleash-the-future-of-digital-productivity/> https://mg.co.za/special-reports/2022-11-22-three-networking-initiatives-that-will-unleash-the-future-of-digital-productivity/>

 

A tool for creating an “unbreakable” internet under oppressive, censoring regimes

... Lucas: So an unbreakable internet would be an internet that is free of points of control whenever possible. So, the internet at this moment has all sorts of layers on which it is really breakable, whether or not that’s a power switch at a data center that any country could flip to block access to millions of people. So it goes very deep in terms of protocols at the IETF that are designed to make traffic more private and more resilient. And it also goes to levels of laws that countries pass to ensure that the internet is more private and more resilient to these points of control.

< <https://www.marketplace.org/shows/marketplace-tech/a-tool-for-creating-an-unbreakable-internet-under-oppressive-censoring-regimes/> https://www.marketplace.org/shows/marketplace-tech/a-tool-for-creating-an-unbreakable-internet-under-oppressive-censoring-regimes/>

 

SCITT: Supply chain integrity, transparency and trust

... The IETF SCITT Working Group: Finally, in March 2022, SCITT started as an IETF ‘birds of a feather’ (BoF) and recently became a fully-fledged Working Group to tackle this exact problem. In the exchange of artifacts across end-to-end supply chains, receiving entities often require evidence to verify the suitability of artifacts for an intended use.

< <https://www.business-reporter.co.uk/supply-chain/scitt-supply-chain-integrity-transparency-and-trust> https://www.business-reporter.co.uk/supply-chain/scitt-supply-chain-integrity-transparency-and-trust>

 

What are Public Key Cryptography Standards (PKCS)? Meaning, Specifications, and Importance

... Each PKCS standard deals with a specific aspect of the PKI. They are reviewed and maintained individually and updated as necessary. The 15 standards are: 1. PKCS #1 – RSA cryptography standard ... Is this standard still maintained? Yes. It was also republished as RFC 8017 in 2012. RFC is a formal document maintained by the IETF that contains specifications and notes for everything related to computing and networking.

< <https://www.spiceworks.com/it-security/network-security/articles/what-is-pkcs/> https://www.spiceworks.com/it-security/network-security/articles/what-is-pkcs/>

 

Analyzing Carbon Dioxide levels while attending IETF-115 in London, UK

1. Introduction: I went 2.5 years with no plane fights and minimal in-person contact to suddenly "everyone must get back to normal! get on those planes! let's have lots of face to face meetings!". I, like many others, wanted to continue minimizing my risk of getting sick from airborne viruses while acknowledging being successful in my career required a lot of social networking. So, I've been vaccinated, I wear N-95 masks, and I make judgments along the way about what activities are acceptable to participate in. But… until this trip to IETF-115 in London, UK, I haven't had numbers to back up my decisions.

< <https://www.isi.edu/~hardaker/news/20221106-ietf-c02-analysis/> https://www.isi.edu/~hardaker/news/20221106-ietf-c02-analysis/>

 

How to use QuickTime Player in macOS Ventura

... But when internet standard RFC 8216 (HTTP Live Streaming) was released by the IETF in 2009, Apple quickly adopted it and dropped support for QSS and Darwin Streaming Server.

< <https://appleinsider.com/inside/macos-ventura/tips/how-to-use-quicktime-player-in-macos-ventura> https://appleinsider.com/inside/macos-ventura/tips/how-to-use-quicktime-player-in-macos-ventura>

 

Monitorování CO₂ a riziko přenosu virových onemocnění [CO₂ monitoring and risk of transmission of viral diseases]

Je tu opět období zvýšeného výskytu virových onemocnění a to jak chřipky, tak i COVID-19. Wes Hardaker z Kalifornie cestoval na konferenci IETF do Londýna a chtěl vědět, jak je to s rizikem přenosu infekce. Použil malý CO2 monitor Aranet 4 (u nás stojí asi 4 tisíce), který umožňuje posílat data po Bluetooth například do Androidu, pak můžete data exportovat do CSV. Pro vykreslení grafu použil vlastní malý program v Pythonu.

< <https://www.root.cz/zpravicky/monitorovani-co-a-riziko-prenosu-virovych-onemocneni/> https://www.root.cz/zpravicky/monitorovani-co-a-riziko-prenosu-virovych-onemocneni/>

 

Cos'è la crittografia a curva ellittica e quale servizio la integra [What is elliptic curve cryptography and which service complements it]

... Esiste qualche servizio che utilizza un sistema di crittografia a curva ellittica? NordLocker è tra questi. Si tratta del primo strumento di crittografia dei file end-to-end al mondo con un cloud privato, che ha fatto della privacy e sicurezza dell'utente il suo punto portante. Con NordLocker, la chiave segreta generata dall'ECC non viene mai mostrata ed è a sua volta crittografata con sistema XChaCha20-Poly1305-IETF direttamente dal dispositivo. Insomma: una doppia protezione per ottenere uno tra i più alti standard di sicurezza.

< <https://www.html.it/magazine/cose-la-crittografia-a-curva-ellittica-e-quale-servizio-la-integra/> https://www.html.it/magazine/cose-la-crittografia-a-curva-ellittica-e-quale-servizio-la-integra/>

 

한세실업 창립 40주년 등 [비즈니스 플라자] [40th anniversary of Hansae Corporation [Business Plaza]]

... HTTP/3는 애플리케이션(앱)·브라우저와 웹 간 데이터 교환을 위한 3세대 표준 프로토콜이다. 지난 6월 국제인터넷기술위원회(IETF)가 차세대 웹 통신 표준 프로토콜로 제정했다.

< <https://magazine.hankyung.com/business/article/202211163734b> https://magazine.hankyung.com/business/article/202211163734b>

 

“标准贡献奖”获奖人｜王爱俊：科研工作要甘于坐“冷板凳” [Wang Aijun, winner of the "Standard Contribution Award"| scientific research work should be willing to sit on the "cold bench"]

“十年磨一剑”是无数科研人员潜心研究的真实写照。中国电信研究院王爱俊深耕IETF标准研究工作十余年，他说得最多的一句话就是：“研究工作要有甘坐‘冷板凳’的决心，板凳冷心却不能冷。”

< <https://www.sohu.com/a/608863716_121307531> https://www.sohu.com/a/608863716_121307531>

 

**********************

SECURITY & PRIVACY

**********************

EU Council mulls broad national security carveouts in IoT cybersecurity law

The Czech presidency of the EU Council has circulated the first compromise on the Cyber Resilience Act, dated 18 November and obtained by EURACTIV, making hefty editing to the proposal’s scope and free movement clause.

< <https://www.euractiv.com/section/cybersecurity/news/eu-council-mulls-broad-national-security-carveouts-in-iot-cybersecurity-law/> https://www.euractiv.com/section/cybersecurity/news/eu-council-mulls-broad-national-security-carveouts-in-iot-cybersecurity-law/>

 

Cybersecurity Investments in the EU: Is the Money Enough to Meet the New Cybersecurity Standards?

The European Union Agency for Cybersecurity publishes the latest report on Network and Information Security Investments in the EU providing an insight on how the NIS Directive has impacted the cybersecurity budget of operators over the past year with deep-dives into the Energy and Health sectors.

< <https://www.enisa.europa.eu/news/cybersecurity-investments-in-the-eu-is-the-money-enough-to-meet-the-new-cybersecurity-standards> https://www.enisa.europa.eu/news/cybersecurity-investments-in-the-eu-is-the-money-enough-to-meet-the-new-cybersecurity-standards>

 

Nascent technologies focus of INTERPOL New Technologies Forum

Law enforcement agencies need to speed up in understanding new forms of crimes emerging from nascent technologies. For example, decentralized metaverses with new ways of communicating and accessing data that law enforcement may not be able to deal with. Non-fungible tokens or NFTs are increasingly permeating financial crimes such as money laundering schemes.

< <https://www.interpol.int/News-and-Events/News/2022/Nascent-technologies-focus-of-INTERPOL-New-Technologies-Forum> https://www.interpol.int/News-and-Events/News/2022/Nascent-technologies-focus-of-INTERPOL-New-Technologies-Forum>

 

Call for Participation – ICANN DNSSEC and Security Workshop for ICANN76 Community Forum

Are you doing something interesting with DNS, DNSSEC, or routing security that you would like to share with the larger DNS community at the ICANN 76 meeting in March 2023? If so, please send a brief (1 -- 3 sentence) description of your proposed presentation to dnssec-security-workshop@icann.org <mailto:dnssec-security-workshop@icann.org>  by the close of business on Friday, 20 January 2023. Are you doing something interesting with DNS, DNSSEC, or routing security that you would like to share with the larger DNS community at the ICANN 76 meeting in March 2023?

< <https://circleid.com/posts/20221125-call-for-participation-icann-dnssec-and-security-workshop-for-icann76-community-forum> https://circleid.com/posts/20221125-call-for-participation-icann-dnssec-and-security-workshop-for-icann76-community-forum>

 

**********************

INTERNET OF THINGS

**********************

Building a New Economy: Data, AI, and Web3

During the last 30 years, digital data and artificial intelligence (AI) to exploit that data have emerged as central to management of our society. At the same time, the development of digital networks and big computing centers has promoted centralization of data and digital systems, leaving individuals and communities outside of this new digital ecosystem and without the ability to control local finance, health, or governance systems. New distributed technologies, loosely described as Web3 and employing technologies such as federated AI, blockchain, Internet of Things (IoT), and others, have the potential to give back control of data, AI, and its benefits to individuals and communities. In addition to the many private efforts now being launched, some national governments are aggressively pursuing this new suite of technologies, but with much stronger government oversight. Consequently, there is an urgent need to develop standards that guarantee a Web3 economy that remains truly distributed and yet provides global interoperability along with adequate protection for individuals and communities.

< <https://cacm.acm.org/magazines/2022/12/266920-building-a-new-economy/abstract> https://cacm.acm.org/magazines/2022/12/266920-building-a-new-economy/abstract>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Looking at Centrality in the DNS

Many aspects of the digital environment are dominated by a small clique of extremely large enterprises. Meta and Twitter may be teetering at the moment, but we have Google, Apple, Microsoft and Amazon who are still strongly dominant in their respective markets. Looking further afield, what about our common infrastructure services that everyone is forced to rely upon? How's the Domain Name System faring? Is the DNS also falling under the influence of these digital hypergiants? Or is the DNS still highly distributed and resisting the trends of centralization? Lets take a look at some DNS data to see if we can answer this question.

< <https://www.potaroo.net/ispcol/2022-11/dns-ctl.html> https://www.potaroo.net/ispcol/2022-11/dns-ctl.html>

 

Meta: Making Our Network Clocks More Precise for the Metaverse

Everything you do online relies on multiple servers, sometimes spread across multiple locations, all keeping accurate and precise time with one another. If these servers are out of sync, it can lead to delays and errors, or even network failures. Improving synchronization can not only significantly improve performance, but also open up opportunities to create new products and services.

< <https://about.fb.com/news/2022/11/introducing-precision-time-protocol-to-metas-networks/> https://about.fb.com/news/2022/11/introducing-precision-time-protocol-to-metas-networks/>

 

Testing Reveals Popular Web Hosting Tools are Not UA-Ready by Nabil Benamar, Chair, UA Measurement Working Group

Web hosting tools are critical to managing and maintaining a functional website. They are the building blocks required to keep a site accessible on the Internet and to provide essential services like email. For anyone who manages a website, whether for personal use, business, or entities like governments, web hosting tools are incredibly important. But are they operational for users who use internationalized email or have a new long TLD?

< <https://uasg.tech/2022/10/testing-reveals-popular-web-hosting-tools-are-not-ua-ready/> https://uasg.tech/2022/10/testing-reveals-popular-web-hosting-tools-are-not-ua-ready/>

 

The Internet Is Breaking Up — What Will Replace It?

Whatsapp? What’s that? In China, most people have never heard of it. Why? Simple. It’s banned. Instead, they have WeChat. That’s China’s superapp, where you can message your friends, order a taxi, and pay for food, all without switching apps. Over 1 billion Chinese use it. Yet, in the West, it barely exists.

< <https://medium.com/predict/the-internet-is-breaking-up-what-will-replace-it-713ca86ac258> https://medium.com/predict/the-internet-is-breaking-up-what-will-replace-it-713ca86ac258>

 

Indeed, Internet has changed drastrically over the last 10 years

In the last ten years everything has changed on the Internet: architecture, business models, companies’ positions. The data traffic has turned asymmetrical, the internet architecture has flattened and become highly centralized and dependent on a few players, the hyperscalers, who furthermore generate most of the traffic and hold bargaining power. However, the interconnection business model associated with the early Internet has not been able to evolve. The debate on the fair contribution of hyperscalers is also a debate on the need to revisit assumptions of the 90s, in the light of new competitive dynamics.

< <https://www.telefonica.com/en/communication-room/blog/indeed-internet-has-changed-drastrically-over-the-last-10-years/> https://www.telefonica.com/en/communication-room/blog/indeed-internet-has-changed-drastrically-over-the-last-10-years/>

 

What’s the Difference Between SPF DKIM and DMARC?

SPF, DKIM, and DMARC are the three most important email authentication protocols to prove to mail servers and ESPs that senders are authorized to send emails on behalf of a specific domain. Implementing these protocols is vital to:

< <https://easydmarc.com/blog/whats-the-difference-between-spf-dkim-and-dmarc/> https://easydmarc.com/blog/whats-the-difference-between-spf-dkim-and-dmarc/>

< <https://securityboulevard.com/2022/11/whats-the-difference-between-spf-dkim-and-dmarc/> https://securityboulevard.com/2022/11/whats-the-difference-between-spf-dkim-and-dmarc/>

 

How to Add DMARC Record in Namecheap

For any organization, its email infrastructure must be crucial. The first step to start protecting your domain for your clients, vendors, partners, and everybody you send emails to is time to look into email security protocols.

< <https://easydmarc.com/blog/how-to-add-dmarc-record-in-namecheap/> https://easydmarc.com/blog/how-to-add-dmarc-record-in-namecheap/>

< <https://securityboulevard.com/2022/11/how-to-add-dmarc-record-in-namecheap/> https://securityboulevard.com/2022/11/how-to-add-dmarc-record-in-namecheap/>

 

What is the difference between DMARC and EasyDMARC?

Are DMARC and/or EasyDMARC new to you, and are you feeling confused about it all? We are here to help you clear it up!

< <https://www.openprovider.com/blog/what-is-dmarc> https://www.openprovider.com/blog/what-is-dmarc>

 

EasyDMARC in practice – case study Procys

Email can quickly get out of hand. How can you keep track of your outgoing email, make sure they don’t end up as spam, and make sure no one is sending unauthorized emails from your domain?

< <https://www.openprovider.com/blog/easydmarc-in-practice-case-study-procys> https://www.openprovider.com/blog/easydmarc-in-practice-case-study-procys>

 

What are DMARC, SPF, DKIM and BIMI records?

Do you want to improve your email security and deliverability? Do you want to keep track of all emails that are sent from your domain and server? In that case, SPF, DKIM, DMARC and BIMI records are some terms you should know.

< <https://www.openprovider.com/blog/what-is-dmarc-spf-dkim-bimi> https://www.openprovider.com/blog/what-is-dmarc-spf-dkim-bimi>

 

The Transistor of 2047: Expert Predictions

The 100th anniversary of the invention of the transistor will happen in 2047. What will transistors be like then? Will they even be the critical computing element they are today? IEEE Spectrum asked experts from around the world for their predictions.

< <https://spectrum.ieee.org/the-transistor-of-2047-expert-predictions> https://spectrum.ieee.org/the-transistor-of-2047-expert-predictions>

 

First Public Working Draft: RDF Dataset Canonicalization

The RDF Dataset Canonicalization and Hash Working Group has published a First Public Working Draft of RDF Dataset Canonicalization.This document describes an algorithm for canonicalizing RDF datasets, based on a final CG report from the Credentials Community Group.

< <https://www.w3.org/blog/news/archives/9753> https://www.w3.org/blog/news/archives/9753>

 

CSS Snapshot 2022 Draft Note Published

The CSS Working Group has published a first public Draft Note of CSS Snapshot 2022. This document collects together into one definition all the specs that together form the current state of Cascading Style Sheets (CSS) as of 2022.

< <https://www.w3.org/blog/news/archives/9751> https://www.w3.org/blog/news/archives/9751>

 

FOR REVIEW: Collaboration Tools Accessibility User Requirements First Public Draft Note

The Accessible Platform Architectures (APA) Research Questions Task Force (RQTF) welcomes feedback on the first public Draft Note of the Collaboration Tools Accessibility User Requirements. The purpose of this document is to outline various accessibility-related user needs, requirements and scenarios for collaboration tools.

< <https://www.w3.org/blog/news/archives/9748> https://www.w3.org/blog/news/archives/9748>

 

W3C Invites Implementations of Core Accessibility API Mappings 1.2

The Accessible Rich Internet Applications Working Group invites implementations of the Candidate Recommendation Snapshot of Core Accessibility API Mappings 1.2. This document describes how user agents should expose semantics of web content languages to accessibility APIs.

< <https://www.w3.org/blog/news/archives/9745> https://www.w3.org/blog/news/archives/9745>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home